| Age | Commit message (Collapse) | Author |
|---|
|
This should be a one off operation (subsequent invokation of the
script should not move them)
This commit is for the 0.9.8 changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Conflicts:
crypto/ec/ec_lcl.h
ssl/tls1.h
Conflicts:
crypto/ec/ecp_nistp224.c
crypto/evp/evp.h
ssl/d1_both.c
ssl/ssl.h
ssl/ssl_lib.c
Conflicts:
crypto/bio/bss_file.c
crypto/ec/ec_lcl.h
crypto/evp/evp.h
crypto/store/str_mem.c
crypto/whrlpool/wp_block.c
crypto/x509/x509_vfy.h
ssl/ssl.h
ssl/ssl3.h
ssl/ssltest.c
ssl/t1_lib.c
ssl/tls1.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)
Conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_prime.c
crypto/engine/eng_all.c
crypto/rc4/rc4_utl.c
crypto/sha/sha.h
ssl/kssl.c
ssl/t1_lib.c
Conflicts:
crypto/rc4/rc4_enc.c
crypto/x509v3/v3_scts.c
crypto/x509v3/v3nametest.c
ssl/d1_both.c
ssl/s3_srvr.c
ssl/ssl.h
ssl/ssl_locl.h
ssl/ssltest.c
ssl/t1_lib.c
Conflicts:
crypto/asn1/a_sign.c
crypto/bn/bn_div.c
crypto/dsa/dsa_asn1.c
crypto/ec/ecp_nistp224.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ecp_nistputil.c
crypto/modes/gcm128.c
crypto/opensslv.h
ssl/d1_both.c
ssl/heartbeat_test.c
ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl_sess.c
ssl/t1_lib.c
test/testutil.h
Conflicts:
apps/openssl.c
apps/ts.c
apps/vms_decc_init.c
crypto/aes/aes_core.c
crypto/aes/aes_x86core.c
crypto/dsa/dsa_ameth.c
crypto/ec/ec2_mult.c
crypto/evp/evp.h
crypto/objects/objects.h
crypto/rsa/rsa_pss.c
crypto/stack/safestack.h
crypto/ts/ts.h
crypto/ts/ts_rsp_verify.c
crypto/whrlpool/wp_dgst.c
crypto/x509v3/v3_ncons.c
e_os2.h
engines/ccgost/gost89.c
engines/ccgost/gost_ctl.c
engines/ccgost/gost_keywrap.c
engines/ccgost/gost_keywrap.h
engines/ccgost/gost_sign.c
ssl/kssl.c
ssl/s3_srvr.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
of the crash due to p being NULL. Steve's fix prevents this situation from
occuring - however this is by no means obvious by looking at the code for
dtls1_get_record. This fix just makes things look a bit more sane.
Conflicts:
ssl/d1_pkt.c
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
|
|
separate reads performed - one for the header and one for the body of the
handshake record.
CVE-2014-3571
Reviewed-by: Matt Caswell <matt@openssl.org>
Conflicts:
ssl/s3_pkt.c
|
|
This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
Conflicts:
ssl/d1_pkt.c
(cherry picked from commit 6f87807e629ee10ec0006b39d8851af8c5ade67b)
|
|
Reported by: Prashant Jaikumar <rmstar@gmail.com>
Fix handling of application data received before a handshake.
(cherry picked from commit 0c75eeacd3285b395dc75b65c3e6fe6ffbef59f0)
|
|
(cherry picked from commit 8545f73b8919770a5d012fe7a82d6785b69baa27)
|
|
Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 413cbfe68d83f9afc726b7234c49bd5ccddb97b4)
|
|
(cherry picked from commit 35d732fc2e1badce13be22a044187ebd4d769552)
|
|
This change updates the DTLS code to match the constant-time CBC
behaviour in the TLS.
(cherry picked from commit 9f27de170d1b7bef3d46d41382dc4dafde8b3900)
(cherry picked from commit 5e4ca556e970edb8a7f364fcb6ee6818a965a60b)
Conflicts:
ssl/d1_enc.c
ssl/d1_pkt.c
ssl/s3_pkt.c
|
|
The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
(cherry picked from commit 6cb19b7681f600b2f165e4adc57547b097b475fd)
(cherry picked from commit 2c948c1bb218f4ae126e14fd3453d42c62b93235)
Conflicts:
ssl/s3_enc.c
|
|
|
|
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a246d648ecddadc5b91367bee4a5d98)
Conflicts:
crypto/crypto.h
ssl/t1_lib.c
(cherry picked from commit dc406b59f3169fe191e58906df08dce97edb727c)
Conflicts:
crypto/crypto.h
ssl/d1_pkt.c
ssl/s3_pkt.c
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS timeout handling.
|
|
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
|
|
<tuexen@fh-muenster.de>
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS buffering and decryption bug.
|
|
alert.
|
|
|
|
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Don't drop DTLS connection if mac or decryption failed.
|
|
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS buffer record MAC failure bug.
|
|
|
|
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS replay bug.
|
|
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS buffering bug.
|
|
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen bug fix,
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS cookie resumption and typo fix.
|
|
Submitted by: Michael Tüxen <Michael.Tuexen@lurchi.franken.de>
Approved by: steve@openssl.org
PR#1984 DTLS fix for 0.9.8.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix application data in handshake bug.
|
|
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS retransmission bug.
|
|
length, so a _single_ pair of packets getting switched around would
cause one of them to be 'dropped'.
Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
|
|
overall [from HEAD].
PR: 1604
|
|
PR: 1632
|
|
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
|
|
|
|
|
|
server interoperates with non-compliant pre-0.9.8f.
|
|
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
|
