467daf6b6e
Fix race condition in NewSessionTicket
...
If a NewSessionTicket is received by a multi-threaded client when
attempting to reuse a previous ticket then a race condition can occur
potentially leading to a double free of the ticket data.
CVE-2015-1791
This also fixes RT#3808 where a session ID is changed for a session already
in the client session cache. Since the session ID is the key to the cache
this breaks the cache access.
Parts of this patch were inspired by this Akamai change:
c0bf69a79127c76b9b80
2015-06-02 12:51:37 +01:00
c85c1e08ce
Disable export and SSLv2 ciphers by default
...
They are moved to the COMPLEMENTOFDEFAULT instead.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-03-14 18:46:31 +01:00
40720ce3ca
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:55 +00:00
9d03aabea3
More comment changes required for indent
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:49 +00:00
bc91221636
More tweaks for comments due indent issues
...
Conflicts:
ssl/ssl_ciph.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:40 +00:00
13270477f4
Move more comments that confuse indent
...
Conflicts:
crypto/dsa/dsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl_locl.h
Conflicts:
crypto/bn/rsaz_exp.c
crypto/evp/e_aes_cbc_hmac_sha1.c
crypto/evp/e_aes_cbc_hmac_sha256.c
ssl/ssl_locl.h
Conflicts:
crypto/ec/ec2_oct.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ecp_nistputil.c
crypto/ec/ecp_oct.c
crypto/modes/gcm128.c
ssl/ssl_locl.h
Conflicts:
apps/apps.c
crypto/crypto.h
crypto/rand/md_rand.c
ssl/d1_pkt.c
ssl/ssl.h
ssl/ssl_locl.h
ssl/ssltest.c
ssl/t1_enc.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:21 +00:00
175af9de89
Fix indent comment corruption issue
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:49 +00:00
c7c7a432df
indent has problems with comments that are on the right hand side of a line.
...
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Conflicts:
crypto/ec/ec_lcl.h
ssl/tls1.h
Conflicts:
crypto/ec/ecp_nistp224.c
crypto/evp/evp.h
ssl/d1_both.c
ssl/ssl.h
ssl/ssl_lib.c
Conflicts:
crypto/bio/bss_file.c
crypto/ec/ec_lcl.h
crypto/evp/evp.h
crypto/store/str_mem.c
crypto/whrlpool/wp_block.c
crypto/x509/x509_vfy.h
ssl/ssl.h
ssl/ssl3.h
ssl/ssltest.c
ssl/t1_lib.c
ssl/tls1.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:57 +00:00
3e8042c38f
Additional comment changes for reformat of 0.9.8
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:49:06 +00:00
b558c8d597
mark all block comments that need format preserving so that
...
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c84351
2015-01-22 09:48:44 +00:00
72f1815391
Only allow ephemeral RSA keys in export ciphersuites.
...
OpenSSL clients would tolerate temporary RSA keys in non-export
ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
enabled this server side. Remove both options as they are a
protocol violation.
Thanks to Karthikeyan Bhargavan for reporting this issue.
(CVE-2015-0204)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 4b4c1fcc88
2015-01-06 13:27:22 +00:00
6a04b0d5a4
Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-21 22:41:27 +02:00
c6a876473c
Support TLS_FALLBACK_SCSV.
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15 04:18:29 +02:00
a375025e4d
Fix alert handling.
...
Fix OpenSSL 0.9.8 alert handling.
PR#3038
2014-03-27 00:54:16 +00:00
0da40f0ffc
Restore SSL_OP_MSIE_SSLV2_RSA_PADDING
...
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
0.9.7h but deleting it will break source compatibility with any software
that references it. Restore it but #define to zero.
(cherry picked from commit b17d6b8d1d
2014-01-04 14:01:25 +00:00
cadbbd51c8
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
...
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-10-04 14:55:01 +01:00
ca3b81c858
Fix error codes.
...
(cherry picked from commit 35d732fc2e
2013-02-05 16:50:36 +00:00
48819f4d54
fix error code
2012-03-12 14:50:55 +00:00
21c4b25959
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
2012-01-04 18:52:18 +00:00
50a095ed16
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
...
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:59:41 +00:00
ccc3df8c33
New option to enable/disable connection to unpatched servers
2009-12-16 20:34:20 +00:00
ef4bd0167c
Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL
2009-12-11 00:22:12 +00:00
cb4823fdd6
Add ctrls to clear options and mode.
...
Change RI ctrl so it doesn't clash.
2009-12-09 13:15:01 +00:00
59f44e810b
Add ctrl and macro so we can determine if peer support secure renegotiation.
...
Fix SSL_CIPHER initialiser for mcsv
2009-12-08 13:47:28 +00:00
b14713c231
Include a more meaningful error message when rejecting legacy renegotiation
2009-11-18 14:24:00 +00:00
af13c50d51
Fix wrong function codes and duplicate codes
2009-11-09 18:21:57 +00:00
c2b78c31d6
First cut of renegotiation extension.
2009-11-08 14:51:54 +00:00
949fbf073a
Disable renegotiation.
2009-11-05 11:28:37 +00:00
07cb0a82d1
PR: 2025
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Constify SSL_CIPHER_description
2009-09-12 23:18:43 +00:00
43e9e1a160
PR: 2033
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
2009-09-09 17:06:13 +00:00
da6ce18279
PR: 2006
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
2009-08-26 11:54:14 +00:00
fbc4a24633
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-13 15:14:32 +00:00
17620eec4c
Fix error codes.
2009-08-06 16:23:17 +00:00
a224fe14e9
PR: 1751
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
2009-04-19 18:08:12 +00:00
f9f6f0e9f0
sanity check
...
PR: 1679
2008-08-13 19:44:44 +00:00
14748adb09
Make ssl code consistent with FIPS branch. The new code has no effect
...
at present because it asserts either noop flags or is inside
OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
4aefb1dd98
Backport more ENGINE SSL client auth code to 0.9.8.
2008-06-04 18:35:27 +00:00
aa03989791
Backport ssl client auth ENGINE support to 0.9.8.
2008-06-04 18:01:40 +00:00
db533c96e3
TLS ticket key setting callback: this allows and application to set
...
its own TLS ticket keys.
2008-04-30 16:11:33 +00:00
ccac657556
New unused field crippled ssl_ctx_st in 0.9.8"f".
2007-10-17 21:22:58 +00:00
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
bb99ce5f80
make update, and more DTLS stuff.
2007-10-11 14:36:59 +00:00
c2079de880
Update from HEAD.
2007-08-28 01:12:44 +00:00
865a90eb4f
Backport of TLS extension code to OpenSSL 0.9.8.
...
Include server name and RFC4507bis support.
This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
2007-08-12 18:59:03 +00:00
2c12e7f6f5
Ensure that AES remains the preferred cipher at any given key length.
...
(This does not really require a special case for Camellia.)
2007-04-25 07:58:32 +00:00
c3cc4662af
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:50:26 +00:00
d9e262443c
oops -- this should have been in 0.9.8e
2007-03-21 14:18:27 +00:00
b2710ee19a
remove inconsistency between builds with and without Camellia enabled
2007-02-19 17:55:07 +00:00
d4a6240005
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
b610f46bae
Make sure that AES ciphersuites get priority over Camellia ciphersuites
...
in the default cipher string.
2006-06-14 13:52:49 +00:00
Matt Caswell
Kurt Roeckx
Tim Hudson
Dr. Stephen Henson
Bodo Moeller
mancha
Rob Stradling
Ben Laurie
Andy Polyakov
Nils Larsch