wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Dr. Stephen Henson f3dcc8411e Don't change version number if session established 
When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.

Thanks to Marek Majkowski for additional analysis of this issue.

PR#3191
2014-01-02 15:12:48 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes [from HEAD]. 2012-04-16 17:43:15 +00:00
d1_both.c Fix DTLS retransmission from previous session. 2013-12-20 23:12:18 +00:00
d1_clnt.c DTLS/SCTP Finished Auth Bug 2013-11-01 22:44:20 +00:00
d1_enc.c Update DTLS code to match CBC decoding in TLS. 2013-01-28 17:34:33 +00:00
d1_lib.c Set s->d1 to NULL after freeing it. 2013-04-08 18:40:28 +01:00
d1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
d1_pkt.c DTLS message_sequence number wrong in rehandshake ServerHello 2013-08-13 18:55:41 +01:00
d1_srtp.c ssl/*: fix linking errors with no-srtp. 2013-02-09 19:52:07 +01:00
d1_srvr.c DTLS/SCTP Finished Auth Bug 2013-11-01 22:44:20 +00:00
dtls1.h Reduce version skew. 2012-06-08 09:18:47 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:22 +00:00
kssl.c make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl.h make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl_lcl.h Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
Makefile make update 2013-12-08 13:23:14 +00:00
s2_clnt.c Add and use a constant-time memcmp. 2013-01-28 17:30:38 +00:00
s2_enc.c Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
s2_lib.c Make no-ssl2 work including on Win32 builds. 2009-04-04 17:57:34 +00:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Add and use a constant-time memcmp. 2013-01-28 17:30:38 +00:00
s2_srvr.c Reduce version skew. 2012-06-08 09:18:47 +00:00
s3_both.c Check EVP errors for handshake digests. 2013-12-18 13:26:10 +00:00
s3_cbc.c Check DTLS_BAD_VER for version number. 2013-02-12 15:16:05 +00:00
s3_clnt.c Refactor {client,server}_random to call an intermediate function 2013-10-09 10:28:42 -04:00
s3_enc.c ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 2013-02-01 15:34:09 +01:00
s3_lib.c Use version in SSL_METHOD not SSL structure. 2013-12-19 21:04:28 +00:00
s3_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s3_pkt.c Don't change version number if session established 2014-01-02 15:12:48 +00:00
s3_srvr.c Don't change version number if session established 2014-01-02 15:12:48 +00:00
s23_clnt.c Cleanup. 2013-10-19 12:34:15 +01:00
s23_lib.c Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
s23_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c add FIPS support to ssl: doesn't do anything on this branch yet as there is no FIPS compilation support 2011-05-19 18:22:16 +00:00
srtp.h move internal functions to ssl_locl.h 2011-11-21 22:52:01 +00:00
ssl-lib.com PR: 2652 2012-01-05 14:30:08 +00:00
ssl.h Merge branch 'no_gmt_unix_time' of git://github.com/nmathewson/openssl into OpenSSL_1_0_1-stable 2013-10-19 11:46:32 +01:00
ssl2.h Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN 2011-05-11 12:56:38 +00:00
ssl3.h Tidy up comments. 2013-09-16 15:07:52 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 2013-02-02 19:35:09 +01:00
ssl_asn1.c Use correct tag for SRP username. 2011-10-25 12:52:47 +00:00
ssl_cert.c don't use pseudo digests for default values of keys 2012-06-27 14:11:40 +00:00
ssl_ciph.c add "missing" TLSv1.2 cipher alias 2012-11-15 19:15:20 +00:00
ssl_err.c Fix error codes. 2013-02-04 21:13:18 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Disable compression for DTLS. 2013-03-19 13:47:29 +00:00
ssl_locl.h Fix DTLS retransmission from previous session. 2013-12-20 23:12:18 +00:00
ssl_rsa.c Reduce version skew. 2012-06-08 09:18:47 +00:00
ssl_sess.c New ctrl values to clear or retrieve extra chain certs from an SSL_CTX. 2011-12-22 15:01:16 +00:00
ssl_stat.c PR: 1794 2011-11-25 00:18:10 +00:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
ssltest.c Fix in ssltest is no-ssl2 configured 2013-02-11 18:17:50 +00:00
t1_clnt.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_enc.c Fix DTLS retransmission from previous session. 2013-12-20 23:12:18 +00:00
t1_lib.c Don't use RSA+MD5 with TLS 1.2 2013-10-20 12:23:27 +01:00
t1_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:59:09 +00:00
t1_srvr.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
tls1.h Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> 2012-03-09 18:37:41 +00:00
tls_srp.c Reduce version skew. 2012-06-08 09:18:47 +00:00