wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
David Benjamin e4a282fe03 Don't generate an unnecessary Diffie-Hellman key in TLS 1.3 clients. 
tls_parse_stoc_key_share was generating a new EVP_PKEY public/private
keypair and then overrides it with the server public key, so the
generation was a waste anyway. Instead, it should create a
parameters-only EVP_PKEY.

(This is a consequence of OpenSSL using the same type for empty key,
empty key with key type, empty key with key type + parameters, public
key, and private key. As a result, it's easy to mistakenly mix such
things up, as happened here.)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9445)

(cherry picked from commit 166c0b98fd)
2019-07-25 16:26:06 -04:00
..
record Defer sending a KeyUpdate until after pending writes are complete 2019-06-03 11:57:31 +01:00
statem Don't generate an unnecessary Diffie-Hellman key in TLS 1.3 clients. 2019-07-25 16:26:06 -04:00
bio_ssl.c
build.info
d1_lib.c Update copyright year 2018-11-20 13:27:36 +00:00
d1_msg.c issue-8998: Ensure that the alert is generated and reaches the remote 2019-05-30 11:37:42 +01:00
d1_srtp.c
methods.c
packet.c Update copyright year 2018-04-17 15:18:40 +02:00
packet_locl.h Update copyright year 2018-09-11 13:45:17 +01:00
pqueue.c Use void in all function definitions that do not take any arguments 2018-05-11 14:37:48 +02:00
s3_cbc.c Update copyright year 2018-11-20 13:27:36 +00:00
s3_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
s3_lib.c Fix the return value for SSL_get0_chain_certs() 2019-07-17 12:38:46 +01:00
s3_msg.c Update copyright year 2018-02-13 13:59:25 +00:00
ssl_asn1.c Don't use OPENSSL_strdup() for copying alpn_selected 2018-06-21 11:07:45 +01:00
ssl_cert.c Move 'shared_sigalgs' from cert_st to ssl_st 2019-06-26 13:00:27 -05:00
ssl_cert_table.h Update copyright year 2018-03-20 13:08:46 +00:00
ssl_ciph.c Update copyright year 2019-02-26 14:05:09 +00:00
ssl_conf.c Add the ability to configure anti-replay via SSL_CONF 2018-07-02 15:06:12 +01:00
ssl_err.c Don't interleave handshake and other record types in TLSv1.3 2019-02-19 09:37:29 +00:00
ssl_init.c Update copyright year 2019-02-26 14:05:09 +00:00
ssl_lib.c Fix SSL_CTX_set_session_id_context() docs 2019-07-16 13:58:18 +01:00
ssl_locl.h Remove DRBG from SSL structure. 2019-07-16 13:25:31 +10:00
ssl_mcnf.c Move the loading of the ssl_conf module to libcrypto 2018-04-05 15:30:12 +01:00
ssl_rsa.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_sess.c Following the previous 2 commits also move ecpointformats out of session 2019-06-18 14:26:16 +01:00
ssl_stat.c
ssl_txt.c Address coverity-reported NULL dereference in SSL_SESSION_print() 2018-07-01 18:20:11 -05:00
ssl_utst.c
t1_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
t1_lib.c Move 'shared_sigalgs' from cert_st to ssl_st 2019-06-26 13:00:27 -05:00
t1_trce.c Fix ssl/t1_trce.c to parse certificate chains 2018-09-01 08:58:42 +08:00
tls13_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
tls_srp.c Use the private RNG for data that is not public 2018-04-02 22:22:43 +02:00