root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/ssl
History
Viktor Dukhovni 19a54fe98f Check for excess data in CertificateVerify 
As reported by Alicja Kario, we ignored excess bytes after the
signature payload in TLS CertificateVerify Messages.  These
should not be present.

Fixes: #25298

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25302)

(cherry picked from commit b4e4bf29ba)
 		2024-08-29 19:32:21 +02:00
..
quic Do not implicitly start connection with SSL_handle_events() 2024-08-07 19:37:37 +02:00
record Copyright year updates 2024-06-04 14:58:30 +02:00
statem Check for excess data in CertificateVerify 2024-08-29 19:32:21 +02:00
bio_ssl.c bio_ssl.c: Do not call SSL_shutdown if not inited 2024-06-25 16:07:54 +02:00
build.info Revise build.info 2023-03-30 11:14:17 +01:00
d1_lib.c Move freeing of an old record layer to dtls1_clear_sent_buffer 2023-11-21 13:12:15 +01:00
d1_msg.c Copyright year updates 2023-09-07 09:59:15 +01:00
d1_srtp.c Copyright year updates 2023-09-07 09:59:15 +01:00
event_queue.c Remove a spurious inclusion of the sparse array header file 2023-09-25 07:45:32 +10:00
methods.c Update some inclusions of <openssl/macros.h> 2019-11-07 11:37:25 +01:00
pqueue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
priority_queue.c Fix bug in priority queue remove function 2023-11-08 11:09:35 +00:00
s3_enc.c Copyright year updates 2023-09-07 09:59:15 +01:00
s3_lib.c Copyright year updates 2024-06-04 14:58:30 +02:00
s3_msg.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
ssl_asn1.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
ssl_cert.c tls: update to structure based atomics 2023-07-01 21:18:25 +10:00
ssl_cert_comp.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_cert_table.h Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_ciph.c Fix a possible memory leak in load_builtin_compressions 2023-11-02 08:17:54 +00:00
ssl_conf.c Consolidate raising errors in SSL_CONF_cmd() 2023-12-19 12:06:37 +01:00
ssl_err.c Copyright year updates 2024-06-04 14:58:30 +02:00
ssl_err_legacy.c Update copyright year 2021-06-17 13:24:59 +01:00
ssl_init.c Copyright year updates 2023-09-28 14:23:29 +01:00
ssl_lib.c Fix SSL_select_next_proto 2024-06-27 10:34:37 +01:00
ssl_local.h Incorporate more review feedback 2024-06-21 08:38:18 -04:00
ssl_mcnf.c Consolidate raising errors in SSL_CONF_cmd() 2023-12-19 12:06:37 +01:00
ssl_rsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_sess.c Incorporate review feedback 2024-06-21 08:38:17 -04:00
ssl_stat.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_txt.c Cast values to match printf format strings. 2022-11-14 07:47:53 +00:00
ssl_utst.c Remove the old buffer management code 2022-10-20 14:39:33 +01:00
sslerr.h Provide better errors for some QUIC failures 2023-03-20 09:35:38 +11:00
t1_enc.c Remove some redundant code 2023-12-12 16:07:27 +00:00
t1_lib.c Fix handling of max_fragment_length extension for PSK 2024-06-20 16:51:46 +02:00
t1_trce.c Fix an SSL_trace bug 2023-05-24 12:18:33 +01:00
tls13_enc.c Copyright year updates 2023-09-07 09:59:15 +01:00
tls_depr.c SSL object refactoring using SSL_CONNECTION object 2022-07-28 10:04:28 +01:00
tls_srp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00