openssl/ssl
Dr. Stephen Henson a4aa188799 Fix typo.
Fix typo in ssl3_get_cert_verify: we can only skip certificate verify
message if certificate is absent.

NB: OpenSSL 0.9.8 is NOT vulnerable to CVE-2015-0205 as it doesn't
support DH certificates and this typo prohibits skipping of
certificate verify message for sign only certificates anyway.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-08 14:31:19 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c PR: 2529 2011-05-25 15:15:43 +00:00
d1_both.c Remove some duplicate DTLS code. 2014-08-06 22:02:00 +01:00
d1_clnt.c Fix DTLS anonymous EC(DH) denial of service 2014-08-06 22:02:00 +01:00
d1_enc.c Update DTLS code to match CBC decoding in TLS. 2013-02-05 16:50:33 +00:00
d1_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
d1_meth.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
d1_pkt.c Follow on from CVE-2014-3571. This fixes the code that was the original source 2015-01-08 14:18:52 +00:00
d1_srvr.c Only allow ephemeral RSA keys in export ciphersuites. 2015-01-06 13:27:22 +00:00
dtls1.h Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
install.com Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 2009-05-15 16:37:29 +00:00
kssl.c Submitted by: Tomas Hoger <thoger@redhat.com> 2010-03-03 15:34:11 +00:00
kssl.h Make kerberos ciphersuite code work with newer header files 2005-04-09 23:55:55 +00:00
kssl_lcl.h To avoid commit wars over dependencies, let's make it so things that 2001-10-10 07:55:02 +00:00
Makefile RT3067: simplify patch 2014-09-24 16:01:46 +02:00
s2_clnt.c Add and use a constant-time memcmp. 2013-02-05 16:50:32 +00:00
s2_enc.c ensure that the EVP_CIPHER_CTX object is initialized 2007-02-16 20:40:07 +00:00
s2_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
s2_meth.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
s2_pkt.c Add and use a constant-time memcmp. 2013-02-05 16:50:32 +00:00
s2_srvr.c Assorted bugfixes: 2011-02-03 12:04:48 +00:00
s3_both.c Add and use a constant-time memcmp. 2013-02-05 16:50:32 +00:00
s3_cbc.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 14:39:44 +02:00
s3_clnt.c fix error discrepancy 2015-01-07 18:11:27 +00:00
s3_enc.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
s3_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
s3_meth.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
s3_pkt.c Fix crash in dtls1_get_record whilst in the listen state where you get two 2015-01-08 11:28:17 +00:00
s3_srvr.c Fix typo. 2015-01-08 14:31:19 +00:00
s23_clnt.c Fix no-ssl3 configuration option 2014-10-15 08:46:57 -04:00
s23_lib.c Fix ECC SSLv2 exclusion on OpenSSL 0.9.8. 2014-07-07 13:00:07 +01:00
s23_meth.c make "./configure no-ssl2" work again 2006-01-15 16:57:01 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Fix warning 2014-10-21 21:32:50 +02:00
ssl-lib.com Add t1_reneg to the VMS build. 2010-02-22 07:05:24 +00:00
ssl.h Only allow ephemeral RSA keys in export ciphersuites. 2015-01-06 13:27:22 +00:00
ssl2.h Implement msg_callback for SSL 2.0. 2001-11-10 01:16:28 +00:00
ssl3.h Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Add SHA2 algorithms to SSL_library_init(). Although these aren't used 2010-04-07 13:19:48 +00:00
ssl_asn1.c Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
ssl_cert.c PR: 1731 and maybe 2197 2010-03-24 23:16:35 +00:00
ssl_ciph.c Fix off-by-one errors in ssl_cipher_get_evp() 2014-06-22 23:26:33 +01:00
ssl_err.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c When processing ClientHello.cipher_suites, don't ignore cipher suites 2014-10-21 22:33:03 +02:00
ssl_locl.h ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 2013-02-07 15:03:00 +00:00
ssl_rsa.c PR: 1411 2009-09-12 23:09:59 +00:00
ssl_sess.c PR: 2160 2010-02-01 16:48:40 +00:00
ssl_stat.c Don't disable state strings with no-ssl2 2014-06-28 00:57:18 +01:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Add strings for DTLS protocol versions 2010-01-16 19:02:43 +00:00
ssltest.c Fix in ssltest is no-ssl2 configured 2013-02-11 18:27:33 +00:00
t1_clnt.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
t1_enc.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:18:29 +02:00
t1_lib.c Fix for session tickets memory leak. 2014-10-15 08:46:57 -04:00
t1_meth.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 23:03:40 +00:00
t1_srvr.c Initialize SSL_METHOD structures at compile time. This removes the need 2005-08-05 23:52:08 +00:00
tls1.h Oops -- fix typo in coment added with TLS_FALLBACK_SCSV support. 2014-10-15 04:26:29 +02:00