generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,670 Commits 16 Branches 258 Tags
e8d2e6cac283b4edf1792aedd807c128f2c60b31
Commit Graph

355 Commits

Author SHA1 Message Date
Ulf Möller
c99b94be3e ssl3_read_bytes bug fix 
Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
 2001-12-28 17:13:10 +00:00
Richard Levitte
5dfaf1c437 make update 2001-12-20 22:25:41 +00:00
Bodo Möller
3ece3605ac remove redundant ERR_load_... declarations 2001-12-17 19:24:39 +00:00
Richard Levitte
479275ef18 make update 
perl util/mkdef.pl crypto update rewrite
 2001-11-15 12:36:30 +00:00
Bodo Möller
c37e7bf580 fix warning 2001-11-14 21:19:47 +00:00
Bodo Möller
a10b85d9e6 make code a little more similar to what it looked like before the fixes 2001-11-10 10:43:51 +00:00
Bodo Möller
a807f6460e important SSL 2.0 bugfixes 2001-11-10 01:15:29 +00:00
Richard Levitte
d6945e10b5 Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names 2001-10-29 13:06:29 +00:00
Bodo Möller
0b9925be4f Consistency with s2_... and s23_... variants (no real functional 
change)
 2001-10-25 08:18:56 +00:00
Bodo Möller
3e9ae0c462 Oops 2001-10-25 08:18:36 +00:00
Bodo Möller
96ec4ce0d2 Assume TLS 1.0 if ClientHello fragment is too short. 2001-10-25 06:06:50 +00:00
Bodo Möller
38b3e9edde Fix SSL handshake functions and SSL_clear() such that SSL_clear() 
never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions.
 2001-10-24 19:05:26 +00:00
Bodo Möller
9ccadf1c6f In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if 
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
 2001-10-20 17:52:40 +00:00
Bodo Möller
2dbdcd9734 Fix ssl3_get_message to handle message fragmentation correctly. 2001-10-15 17:42:43 +00:00
Bodo Möller
1147fa5a5f the previous commit accidentily removed 'ret = 1' from the SSL_ST_OK 
case of ssl3_accept
 2001-10-15 17:40:22 +00:00
Bodo Möller
ae9010abd5 comment 2001-09-24 07:57:20 +00:00
Bodo Möller
029dfa64d4 bugfix: handle HelloRequest received during handshake correctly 2001-09-21 11:19:26 +00:00
Bodo Möller
f8845509b6 Disable session related stuff in SSL_ST_OK case of ssl3_accept if we 
just sent a HelloRequest.
 2001-09-21 07:01:04 +00:00
Bodo Möller
3f98e1dd11 Bugfix: correct cleanup after sending a HelloRequest 2001-09-21 00:03:00 +00:00
Bodo Möller
e53afa9e9b fix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case 2001-09-20 21:36:39 +00:00
Bodo Möller
e41c5bd730 Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't 
reveal whether illegal block cipher padding was found or a MAC
verification error occured.

In ssl/s2_pkt.c, verify that the purported number of padding bytes is in
the legal range.
 2001-09-20 18:34:36 +00:00
Bodo Möller
10981a5c84 add comment 2001-09-14 13:48:37 +00:00
Bodo Möller
9cf8888149 Increase permissible ClientKeyExchange message length as in main 
branch (revision 1.50, 2000-11-17)
 2001-09-14 13:32:03 +00:00
Lutz Jänicke
a04baf9b5c Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.) 2001-08-25 11:48:35 +00:00
Lutz Jänicke
51db1db082 Checked in from the wrong !@#$%^&*() copy... 2001-08-21 07:27:47 +00:00
Lutz Jänicke
653cc07b51 Alert description strings for TLSv1 and documentation. 2001-08-19 16:23:57 +00:00
Bodo Möller
904de6e4f5 Bugfix: larger message size in ssl3_get_key_exchange() because 
ServerKeyExchange message may be skipped.

Submitted by:  Petr Lampa <lampa@fee.vutbr.cz>
 2001-08-07 09:31:03 +00:00
Lutz Jänicke
65ce21da9a Fix typos (shinagawa@star.zko.dec.com). 2001-08-07 07:53:53 +00:00
Lutz Jänicke
dd186f600d Only set the verify callback if there's one to set! 2001-07-31 10:20:53 +00:00
Lutz Jänicke
03a70bad4f Fix inconsistent behaviour with respect to verify_callback handling. 2001-07-30 11:48:20 +00:00
Richard Levitte
7ca6deef3f SSL_get_rfc were documented but not implemented. 2001-07-16 10:50:49 +00:00
Richard Levitte
026dad0f3b SSL_get_[rw]fd were documented but not implemented. 2001-07-15 20:12:45 +00:00
Bodo Möller
dab4c2824f pay attention to blocksize before attempting decryption 2001-06-15 18:06:06 +00:00
Richard Levitte
e90323844f Use memmove() instead of memcpy() on areas that may overlap. 
Spotted by Nalin Dahyabhai <nalin@redhat.com>
 2001-06-07 04:45:55 +00:00
Bodo Möller
83583e9479 Fix Bleichenbacher PKCS #1 1.5 countermeasure. 
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
 2001-06-01 09:43:23 +00:00
Bodo Möller
9a22ce66c9 This change should be suitable as a workaround for the Solaris x86 
compiler bug reported in <01032110293775.22278@weba3.iname.net>
(the '++seq[i]' condition is evaluated as 256 rather than 0
when the previous value is 255).
 2001-04-03 13:46:36 +00:00
Bodo Möller
1e01dbfbb2 backport the comment (here it's NO_DH, not OPENSSL_NO_DH ...) 2001-03-22 15:00:45 +00:00
Bodo Möller
6ebcd441d6 Avoid compiler warning for NO_DH as in the main trunk. 2001-03-22 14:59:18 +00:00
Richard Levitte
5098bc92f8 A correction from the main trunk that was forgotten. 2001-03-13 14:39:51 +00:00
Bodo Möller
c6a15854ee Consistently use 'void *' for SSL read, peek and write functions. 2001-03-09 10:08:06 +00:00
Bodo Möller
f46a878e3f add ssl23_peek 2001-03-08 21:53:29 +00:00
Richard Levitte
3e0d891828 SSLv2 session reuse bugfix from main development branch. 2001-03-05 14:52:30 +00:00
Dr. Stephen Henson
de0b3ab7fb Zero the premaster secret after deriving the master secret in DH 
ciphersuites.
 2001-01-25 13:20:39 +00:00
Bodo Möller
6610d4f3b9 For improved compatibility with 'strange' certificates, add some 
digest aliases (as found in OpenSSL_add_all_digests).
 2001-01-23 13:55:01 +00:00
Bodo Möller
799751bcff Get rid of unused error code. 2000-12-27 23:41:50 +00:00
Bodo Möller
beaea31a96 Finish SSL_peek/SSL_pending fixes. 2000-12-26 12:06:48 +00:00
Bodo Möller
a9c3dc60b9 Fix SSL_peek and SSL_pending. 2000-12-25 18:41:37 +00:00
Bodo Möller
7947f98b9b Fix another buffer overrun bug (which is not really a bug because 
s->s2->escape is never set when sending data because the escape
bit is just reserved for future use in SSL 2.0)
 2000-12-18 11:32:09 +00:00
Bodo Möller
fc4868cb47 Increase wbuf by one byte to fix the bug reported by 
Eric Day <eday@concentric.net> to openssl-dev@openssl.org,
Message-ID: <20001218013437.A5526@concentric.net>
 2000-12-18 11:23:23 +00:00
Bodo Möller
555a8493cd typo 2000-12-14 17:45:36 +00:00