openssl/ssl at 35384e8e5b9e5fc98e08c6bd110b3c4a90fa4f7f - openssl - Atria-soft GIT

generic-library/openssl

History

Matt Caswell 35384e8e5b Fix dtls_query_mtu so that it will always either complete with an mtu that is

at least the minimum or it will fail.
There were some instances in dtls1_query_mtu where the final mtu can end up
being less than the minimum, i.e. where the user has set an mtu manually. This
shouldn't be allowed. Also remove dtls1_guess_mtu that, despite having
logic for guessing an mtu, was actually only ever used to work out the minimum
mtu to use.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 1620a2e49c777f31f2ce57966ae74006b48ad759)

2014-12-03 09:35:24 +00:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

bio_ssl.c

OPENSSL_NO_SOCK fixes [from HEAD].

2012-04-16 17:43:15 +00:00

d1_both.c

Fix dtls_query_mtu so that it will always either complete with an mtu that is

2014-12-03 09:35:24 +00:00

d1_clnt.c

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

2014-11-20 15:32:08 +01:00

d1_enc.c

Add checks to the return value of EVP_Cipher to prevent silent encryption failure.

2014-11-27 21:53:02 +00:00

d1_lib.c

Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)

2014-12-03 09:35:23 +00:00

d1_meth.c

Let the TLSv1_method() etc. functions return a const SSL_METHOD

2005-08-14 21:48:33 +00:00

d1_pkt.c

Add checks to the return value of EVP_Cipher to prevent silent encryption failure.

2014-11-27 21:53:02 +00:00

d1_srtp.c

Fix for SRTP Memory Leak

2014-10-15 08:51:49 -04:00

d1_srvr.c

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

2014-11-20 15:32:08 +01:00

dtls1.h

Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)

2014-12-03 09:35:23 +00:00

heartbeat_test.c

Add conditional unit testing interface.

2014-07-24 19:43:25 +01:00

install-ssl.com

Don't forget to install srtp.h as well

2012-05-10 15:01:22 +00:00

kssl_lcl.h

Some fixes for kerberos builds.

2009-04-21 22:20:12 +00:00

kssl.c

make kerberos work with OPENSSL_NO_SSL_INTERN

2011-05-11 22:52:34 +00:00

kssl.h

Fix for WIN32 builds with KRB5

2014-02-26 15:33:09 +00:00

Makefile

RT3067: simplify patch

2014-09-24 15:52:41 +02:00

s2_clnt.c

Add and use a constant-time memcmp.

2013-01-28 17:30:38 +00:00

s2_enc.c

Fixed warning in ssl2_enc

2014-11-27 21:53:44 +00:00

s2_lib.c

Support TLS_FALLBACK_SCSV.

2014-10-15 04:05:42 +02:00

s2_meth.c

Type-checked (and modern C compliant) OBJ_bsearch.

2008-10-12 14:32:47 +00:00

s2_pkt.c

Check EVP_Cipher return values for SSL2

2014-11-27 21:53:27 +00:00

s2_srvr.c

Reduce version skew.

2012-06-08 09:18:47 +00:00

s3_both.c

[PR3597] Advance to the next state variant when reusing messages.

2014-11-28 23:31:45 +01:00

s3_cbc.c

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:17:41 +02:00

s3_clnt.c

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

2014-11-20 15:32:08 +01:00

s3_enc.c

Add checks to the return value of EVP_Cipher to prevent silent encryption failure.

2014-11-27 21:53:02 +00:00

s3_lib.c

Support TLS_FALLBACK_SCSV.

2014-10-15 04:05:42 +02:00

s3_meth.c

New option no-ssl3-method which removes SSLv3_*method

2014-11-19 22:57:51 +00:00

s3_pkt.c

Add checks to the return value of EVP_Cipher to prevent silent encryption failure.

2014-11-27 21:53:02 +00:00

s3_srvr.c

Do not resume a session if the negotiated protocol version does not match

2014-11-20 16:31:42 +01:00

s23_clnt.c

Fix no-ssl3 configuration option

2014-10-15 08:51:50 -04:00

s23_lib.c

Don't advertise ECC ciphersuits in SSLv2 compatible client hello.

2014-06-27 16:52:05 +01:00

s23_meth.c

Backport TLS v1.2 support from HEAD.

2011-05-11 13:37:52 +00:00

s23_pkt.c

Reorder inclusion of header files:

2002-07-10 07:01:54 +00:00

s23_srvr.c

Keep old method in case of an unsupported protocol

2014-10-21 21:08:14 +02:00

srtp.h

Add include of ssl.h which is required by srtp.h

2014-11-27 13:19:23 +00:00

ssl2.h

Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN

2011-05-11 12:56:38 +00:00

ssl3.h

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

2014-11-20 15:32:08 +01:00

ssl23.h

Import of old SSLeay release: SSLeay 0.9.0b

1998-12-21 10:56:39 +00:00

ssl_algs.c

e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.

2013-02-02 19:35:09 +01:00

ssl_asn1.c

fix coverity issue 966597 - error line is not always initialised

2014-05-08 00:00:08 +01:00

ssl_cert.c

Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST

2014-11-27 20:53:58 +00:00

ssl_ciph.c

Use more common name for GOST key exchange.

2014-07-14 18:31:54 +01:00

ssl_err2.c

Use new-style system-id macros everywhere possible. I hope I haven't

2001-02-20 08:13:47 +00:00

ssl_err.c

Support TLS_FALLBACK_SCSV.

2014-10-15 04:05:42 +02:00

ssl_lib.c

Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)

2014-12-03 09:35:23 +00:00

ssl_locl.h

Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)

2014-12-03 09:35:23 +00:00

ssl_rsa.c

Reduce version skew.

2012-06-08 09:18:47 +00:00

ssl_sess.c

Tighten session ticket handling

2014-10-28 17:41:49 +01:00

ssl_stat.c

Don't disable state strings with no-ssl2

2014-06-28 00:56:42 +01:00

ssl_task.c

Security fixes brought forward from 0.9.7.

2002-11-13 15:43:43 +00:00

ssl_txt.c

Backport TLS v1.2 support from HEAD.

2011-05-11 13:37:52 +00:00

ssl_utst.c

Add conditional unit testing interface.

2014-07-24 19:43:25 +01:00

ssl-lib.com

Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces

2014-10-15 10:49:24 +02:00

ssl.h

Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)

2014-12-03 09:35:23 +00:00

ssltest.c

New option no-ssl3-method which removes SSLv3_*method

2014-11-19 22:57:51 +00:00

t1_clnt.c

Backport TLS v1.2 support from HEAD.

2011-05-11 13:37:52 +00:00

t1_enc.c

Support TLS_FALLBACK_SCSV.

2014-10-15 04:05:42 +02:00

t1_lib.c

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

2014-11-20 15:32:08 +01:00

t1_meth.c

Backport TLS v1.2 support from HEAD.

2011-05-11 13:37:52 +00:00

t1_reneg.c

Update RI to match latest spec.

2009-12-27 22:59:09 +00:00

t1_srvr.c

Backport TLS v1.2 support from HEAD.

2011-05-11 13:37:52 +00:00

tls1.h

Support TLS_FALLBACK_SCSV.

2014-10-15 04:05:42 +02:00

tls_srp.c

Check SRP parameters early.

2014-08-06 20:27:51 +01:00