generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Matt Caswell ee4ffd6fcc Fix DTLS session ticket renewal 
A DTLS client will abort a handshake if the server attempts to renew the
session ticket. This is caused by a state machine discrepancy between DTLS
and TLS discovered during the state machine rewrite work.

The bug can be demonstrated as follows:

Start a DTLS s_server instance:
openssl s_server -dtls

Start a client and obtain a session but no ticket:
openssl s_client -dtls -sess_out session.pem -no_ticket

Now start a client reusing the session, but allow a ticket:
openssl s_client -dtls -sess_in session.pem

The client will abort the handshake.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-08-26 10:17:49 +01:00
..
record
CCM support.
2015-08-14 06:56:11 +01:00
bio_ssl.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_both.c
Fix "make test" seg fault with SCTP enabled
2015-08-11 22:16:38 +01:00
d1_clnt.c
Fix DTLS session ticket renewal
2015-08-26 10:17:49 +01:00
d1_lib.c
RT3999: Remove sub-component version strings
2015-08-10 12:13:32 -04:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
d1_msg.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_srtp.c
PACKETise ClientHello processing
2015-08-03 11:01:42 +01:00
d1_srvr.c
Fix missing return value checks in SCTP
2015-08-11 22:16:38 +01:00
install-ssl.com
Updates following review comments
2015-05-16 09:20:52 +01:00
Makefile
Add initial packet parsing code
2015-08-03 11:01:42 +01:00
packet_locl.h
Enhance PACKET readability
2015-08-13 20:34:51 +01:00
s3_both.c
Remove Gost94 signature algorithm.
2015-08-11 18:23:29 -04:00
s3_cbc.c
Identify and move OpenSSL internal header files
2015-05-14 15:13:49 +02:00
s3_clnt.c
PACKETise CertificateRequest
2015-08-14 17:29:21 +01:00
s3_enc.c
Avoid duplication.
2015-06-23 22:24:09 +01:00
s3_lib.c
Add CCM ciphersuites from RFC6655 and RFC7251
2015-08-14 06:57:32 +01:00
s3_msg.c
Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and
2015-03-26 15:01:59 +00:00
s3_srvr.c
PACKETise ClientKeyExchange processing
2015-08-14 17:19:57 +01:00
ssl_algs.c
CCM support.
2015-08-14 06:56:11 +01:00
ssl_asn1.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_cert.c
Remove SESS_CERT entirely.
2015-06-22 13:52:24 +01:00
ssl_ciph.c
ccm8 support
2015-08-14 06:56:11 +01:00
ssl_conf.c
free names before context
2015-07-21 14:27:25 +01:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_err.c
Fix seg fault with 0 p val in SKE
2015-08-11 19:57:01 +01:00
ssl_lib.c
Remove Gost94 signature algorithm.
2015-08-11 18:23:29 -04:00
ssl_locl.h
ccm8 support
2015-08-14 06:56:11 +01:00
ssl_rsa.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_sess.c
PACKETise ClientHello processing
2015-08-03 11:01:42 +01:00
ssl_stat.c
Version negotiation rewrite cleanup
2015-05-16 09:20:38 +01:00
ssl_txt.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl-lib.com
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_clnt.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_enc.c
ccm8 support
2015-08-14 06:56:11 +01:00
t1_ext.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
t1_lib.c
Fix session tickets
2015-08-14 17:00:11 +01:00
t1_meth.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_reneg.c
PACKETise ClientHello processing
2015-08-03 11:01:42 +01:00
t1_srvr.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_trce.c
Add full PSK trace support
2015-07-30 14:43:35 +01:00
tls_srp.c
Use single master secret generation function.
2015-06-29 11:47:59 +01:00