summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Collapse)Author
2012-09-21* ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug. Fortunately inRichard Levitte
debugging code that's seldom used.
2012-05-10Sanity check record length before skipping explicit IV in DTLSDr. Stephen Henson
to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. (CVE-2012-2333)
2012-03-31PR: 2778(part)Dr. Stephen Henson
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com> Time is always encoded as 4 bytes, not sizeof(Time).
2012-03-12fix error codeDr. Stephen Henson
2012-03-12manually patch missing part of PR#2756Dr. Stephen Henson
2012-03-09PR: 2756Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS timeout handling.
2012-03-07PR: 2755Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions. [0.9.8 version of patch]
2012-03-06revert PR#2755: it breaks compilationDr. Stephen Henson
2012-03-06PR: 2755Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.
2012-03-06PR: 2748Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.
2012-02-16Fix bug in CVE-2011-4619: check we have really received a client helloDr. Stephen Henson
before rejecting multiple SGC restarts.
2012-01-18Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.Dr. Stephen Henson
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
2012-01-05Fix for builds without DTLS support.Bodo Möller
Submitted by: Brian Carlstrom
2012-01-04Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen ↵Dr. Stephen Henson
<tuexen@fh-muenster.de> Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.
2012-01-04Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)Dr. Stephen Henson
2012-01-04Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)Dr. Stephen Henson
2012-01-04Submitted by: Adam Langley <agl@chromium.org>Dr. Stephen Henson
Reviewed by: steve Fix memory leaks.
2011-12-26PR: 2326Dr. Stephen Henson
Submitted by: Tianjie Mao <tjmao@tjmao.net> Reviewed by: steve Fix incorrect comma expressions and goto f_err as alert has been set.
2011-12-02Resolve a stack set-up race condition (if the list of compressionBodo Möller
methods isn't presorted, it will be sorted on first read). Submitted by: Adam Langley
2011-10-27PR: 2628Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Send alert instead of assertion failure for incorrectly formatted DTLS fragments.
2011-10-19Oops: this change (http://cvs.openssl.org/chngview?cn=21503)Bodo Möller
wasn't right for 0.9.8-stable (it's actually a fix for http://cvs.openssl.org/chngview?cn=14494, which introduced SSL_CTRL_SET_MAX_SEND_FRAGMENT).
2011-10-13In ssl3_clear, preserve s3->init_extra along with s3->rbuf.Bodo Möller
Submitted by: Bob Buckholz <bbuckholz@google.com>
2011-09-26fix signed/unsigned warningDr. Stephen Henson
2011-09-23PR: 2602Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS bug which prevents manual MTU setting
2011-09-05(EC)DH memory handling fixes.Bodo Möller
Submitted by: Adam Langley
2011-09-01PR: 2573Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS buffering and decryption bug.
2011-07-20PR: 2555Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS sequence number bug
2011-07-20PR: 2550Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS HelloVerifyRequest Timer bug
2011-06-22PR: 2543Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Correctly handle errors in DTLSv1_handle_timeout()
2011-05-25PR: 2529Dr. Stephen Henson
Submitted by: Marcus Meissner <meissner@suse.de> Reviewed by: steve Call ssl_new() to reallocate SSL BIO internals if we want to replace the existing internal SSL structure.
2011-05-25Oops use up to date patch for PR#2506Dr. Stephen Henson
2011-05-25PR: 2506Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fully implement SSL_clear for DTLS.
2011-05-25PR: 2505Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS session resumption timer bug.
2011-05-19set encodedPoint to NULL after freeing itDr. Stephen Henson
2011-04-03PR: 2462Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS Retransmission Buffer Bug
2011-04-03PR: 2458Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Don't change state when answering DTLS ClientHello.
2011-04-03PR: 2457Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS fragment reassembly bug.
2011-02-08OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)OpenSSL_0_9_8rBodo Möller
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-03Assorted bugfixes:Bodo Möller
- RLE decompression boundary case - SSL 2.0 key arg length check Submitted by: Google (Neel Mehta, Bodo Moeller)
2011-01-04Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failedDr. Stephen Henson
alert.
2010-12-02fix for CVE-2010-4180Dr. Stephen Henson
2010-11-16fix CVE-2010-3864Dr. Stephen Henson
2010-10-10PR: 2314Dr. Stephen Henson
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net> Reviewed by: steve Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
2010-06-12Fix gcc 4.6 warnings. Check TLS server hello extension length.Ben Laurie
2010-05-03PR: 2230Dr. Stephen Henson
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fix bug in bitmask macros and stop warnings.
2010-04-14PR: 2230Dr. Stephen Henson
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fixed various DTLS fragment reassembly bugs patch for 0.9.8.
2010-04-14fix signed/unsigned comparison warningsDr. Stephen Henson
2010-04-14PR: 2230Dr. Stephen Henson
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fix various DTLS fragment reassembly bugs.
2010-04-14PR: 2229Dr. Stephen Henson
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Don't drop DTLS connection if mac or decryption failed.
2010-04-14PR: 2228Dr. Stephen Henson
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS buffer record MAC failure bug.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 01:25:40 +0000