wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Adam Langley ec1af3c419 Don't set client_version to the ServerHello version. 
The client_version needs to be preserved for the RSA key exchange.

This change also means that renegotiation will, like TLS, repeat the old
client_version rather than advertise only the final version. (Either way,
version change on renego is not allowed.) This is necessary in TLS to work
around an SChannel bug, but it's not strictly necessary in DTLS.

(From BoringSSL)

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-12-16 14:44:17 +00:00
..
bio_ssl.c OPENSSL_NO_SOCK fixes. 2012-04-16 17:42:36 +00:00
d1_both.c Remove extraneous white space, and add some braces 2014-12-16 00:00:25 +00:00
d1_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
d1_lib.c dtls1_new: free s on error path 2014-12-04 23:48:44 +01:00
d1_meth.c Dual DTLS version methods. 2013-04-09 14:02:48 +01:00
d1_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:39:47 +00:00
d1_srtp.c Include <openssl/foo.h> instead of "foo.h" 2014-12-08 14:21:35 -05:00
d1_srvr.c Fixed memory leak if BUF_MEM_grow fails 2014-12-13 00:02:20 +00:00
dtls1.h Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP) 2014-12-03 09:24:12 +00:00
heartbeat_test.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
install-ssl.com Install srtp.h 2012-07-05 13:20:19 +00:00
kssl.c RT2848: Remove extra NULL check 2014-08-19 12:43:58 -04:00
kssl.h Fix for WIN32 builds with KRB5 2014-02-26 15:33:11 +00:00
kssl_lcl.h Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
Makefile make update 2014-12-11 23:52:47 +00:00
s3_both.c [PR3597] Advance to the next state variant when reusing messages. 2014-11-28 20:47:41 +01:00
s3_cbc.c Remove some unnecessary OPENSSL_FIPS references 2014-12-08 13:18:43 +00:00
s3_clnt.c Don't set client_version to the ServerHello version. 2014-12-16 14:44:17 +00:00
s3_enc.c ssl3_digest_cached_records: check for NULL after allocating s->s3->handshake_dgst 2014-12-10 18:35:17 +01:00
s3_lib.c Add OPENSSL_NO_ECDH guards 2014-12-16 14:13:45 +00:00
s3_meth.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 18:11:37 +00:00
s3_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:39:47 +00:00
s3_srvr.c Fixed memory leak in the event of a failure of BUF_MEM_grow 2014-12-08 16:43:25 +00:00
s23_clnt.c Remove some unnecessary OPENSSL_FIPS references 2014-12-08 13:18:43 +00:00
s23_lib.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
s23_meth.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Fixed memory leak if BUF_MEM_grow fails 2014-12-13 00:02:20 +00:00
srtp.h Add include of ssl.h which is required by srtp.h 2014-11-27 13:16:36 +00:00
ssl-lib.com Add d1_srtp and t1_trce. 2012-07-05 13:20:02 +00:00
ssl.h Add more meaningful OPENSSL_NO_ECDH error message for suite b mode 2014-12-16 14:14:09 +00:00
ssl2.h Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl3.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl_asn1.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl_cert.c ssl_cert_dup: Fix memory leak 2014-12-04 23:48:44 +01:00
ssl_ciph.c Add more meaningful OPENSSL_NO_ECDH error message for suite b mode 2014-12-16 14:14:09 +00:00
ssl_conf.c Allow using -SSLv2 again when setting Protocol in the config. 2014-12-15 18:09:53 +01:00
ssl_err.c Add more meaningful OPENSSL_NO_ECDH error message for suite b mode 2014-12-16 14:14:09 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Add OPENSSL_NO_ECDH guards 2014-12-16 14:13:45 +00:00
ssl_locl.h Add OPENSSL_NO_ECDH guards 2014-12-16 14:13:45 +00:00
ssl_rsa.c serverinfo_process_buffer: check result of realloc(ctx->cert->key->serverinfo) and don't leak memory if it fails 2014-12-10 18:35:17 +01:00
ssl_sess.c SSL_set_session: check for NULL after allocating s->kssl_ctx->client_princ 2014-12-10 18:35:18 +01:00
ssl_stat.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl_task.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl_txt.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
ssl_utst.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
ssltest.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
t1_clnt.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_enc.c Remove some unnecessary OPENSSL_FIPS references 2014-12-08 13:18:43 +00:00
t1_ext.c Rename some callbacks, fix alignment. 2014-08-28 17:06:53 +01:00
t1_lib.c Add OPENSSL_NO_ECDH guards 2014-12-16 14:13:45 +00:00
t1_meth.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:58:55 +00:00
t1_srvr.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_trce.c Remove SSLv2 support 2014-12-04 11:55:03 +01:00
tls1.h Support TLS_FALLBACK_SCSV. 2014-10-15 04:03:28 +02:00
tls_srp.c Check SRP parameters early. 2014-08-06 20:36:41 +01:00