wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Dr. Stephen Henson d414a5a0f0 Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and 
DTLS to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
2012-05-10 15:10:15 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes [from HEAD]. 2012-04-16 17:43:15 +00:00
d1_both.c PR: 2755 2012-03-06 13:47:27 +00:00
d1_clnt.c PR: 2748 2012-03-06 13:24:16 +00:00
d1_enc.c Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and 2012-05-10 15:10:15 +00:00
d1_lib.c correct error code 2012-04-18 14:53:48 +00:00
d1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
d1_pkt.c PR: 2756 2012-03-09 15:52:20 +00:00
d1_srtp.c Submitted by: Eric Rescorla <ekr@rtfm.com> 2012-02-11 22:53:48 +00:00
d1_srvr.c PR: 2778(part) 2012-03-31 18:02:43 +00:00
dtls1.h PR: 2658 2011-12-31 23:00:36 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:22 +00:00
kssl.c make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl.h make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl_lcl.h Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
Makefile make update 2012-01-02 16:41:11 +00:00
s2_clnt.c Updatde from stable branch. 2009-01-07 23:44:27 +00:00
s2_enc.c Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
s2_lib.c Make no-ssl2 work including on Win32 builds. 2009-04-04 17:57:34 +00:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Use new common flags and fix resulting warnings. 2009-02-15 14:08:51 +00:00
s2_srvr.c Assorted bugfixes: 2011-02-03 12:03:57 +00:00
s3_both.c Add Next Protocol Negotiation. 2011-11-13 21:55:42 +00:00
s3_clnt.c Additional workaround for PR#2771 2012-04-17 14:41:23 +00:00
s3_enc.c Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 23:13:29 +00:00
s3_lib.c Disable SHA-2 ciphersuites in < TLS 1.2 connections. 2012-04-17 15:20:17 +00:00
s3_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s3_pkt.c Partial workaround for PR#2771. 2012-04-17 13:20:19 +00:00
s3_srvr.c s3_srvr.c: fix typo [from HEAD]. 2012-04-15 17:23:41 +00:00
s23_clnt.c s23_clnt.c: ensure interoperability by maitaining client "version capability" 2012-04-25 22:07:23 +00:00
s23_lib.c Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
s23_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c add FIPS support to ssl: doesn't do anything on this branch yet as there is no FIPS compilation support 2011-05-19 18:22:16 +00:00
srtp.h move internal functions to ssl_locl.h 2011-11-21 22:52:01 +00:00
ssl-lib.com PR: 2652 2012-01-05 14:30:08 +00:00
ssl.h Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and 2012-04-25 23:08:44 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN 2011-05-11 12:56:38 +00:00
ssl3.h ABI compliance fixes. 2012-02-22 14:01:44 +00:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c 1.0.1-specific OPNESSL vs. OPENSSL typo. 2012-01-15 13:42:50 +00:00
ssl_asn1.c Use correct tag for SRP username. 2011-10-25 12:52:47 +00:00
ssl_cert.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
ssl_ciph.c Don't try to use unvalidated composite ciphers in FIPS mode 2012-04-26 18:49:45 +00:00
ssl_err.c correct error code 2012-04-18 14:53:48 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Fix for builds without DTLS support. 2012-01-05 10:22:39 +00:00
ssl_locl.h PR: 2756 2012-03-09 15:52:20 +00:00
ssl_rsa.c PR: 1411 2009-09-12 23:09:26 +00:00
ssl_sess.c New ctrl values to clear or retrieve extra chain certs from an SSL_CTX. 2011-12-22 15:01:16 +00:00
ssl_stat.c PR: 1794 2011-11-25 00:18:10 +00:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
ssltest.c PR: 1794 2011-12-14 22:18:03 +00:00
t1_clnt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_enc.c Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and 2012-05-10 15:10:15 +00:00
t1_lib.c use client version when deciding whether to send supported signature algorithms extension 2012-03-21 21:32:57 +00:00
t1_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:59:09 +00:00
t1_srvr.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
tls1.h Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> 2012-03-09 18:37:41 +00:00
tls_srp.c PR: 1794 2011-12-14 22:18:03 +00:00