generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Dr. Stephen Henson 410a49a4fa Fix for CVE-2014-0224 
Only accept change cipher spec when it is expected instead of at any
time. This prevents premature setting of session keys before the master
secret is determined which an attacker could use as a MITM attack.

Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for reporting this issue
and providing the initial fix this patch is based on.
2014-06-03 16:30:23 +01:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
PR: 2529
2011-05-25 15:15:43 +00:00
d1_both.c
Fix for CVE-2014-0195
2014-06-03 16:30:23 +01:00
d1_clnt.c
PR: 2748
2012-03-06 13:20:20 +00:00
d1_enc.c
Update DTLS code to match CBC decoding in TLS.
2013-02-05 16:50:33 +00:00
d1_lib.c
Free up s->d1->buffered_app_data.q properly.
2014-06-02 14:40:45 +01:00
d1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
d1_pkt.c
DTLS message_sequence number wrong in rehandshake ServerHello
2013-08-13 19:00:59 +01:00
d1_srvr.c
DTLS message_sequence number wrong in rehandshake ServerHello
2013-08-13 19:00:59 +01:00
dtls1.h
PR: 2230
2010-04-14 00:17:12 +00:00
install.com
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
2009-05-15 16:37:29 +00:00
kssl_lcl.h
To avoid commit wars over dependencies, let's make it so things that
2001-10-10 07:55:02 +00:00
kssl.c
Submitted by: Tomas Hoger <thoger@redhat.com>
2010-03-03 15:34:11 +00:00
kssl.h
Make kerberos ciphersuite code work with newer header files
2005-04-09 23:55:55 +00:00
Makefile
make update
2013-02-05 16:50:36 +00:00
s2_clnt.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s2_enc.c
ensure that the EVP_CIPHER_CTX object is initialized
2007-02-16 20:40:07 +00:00
s2_lib.c
Update from HEAD.
2007-01-21 16:07:25 +00:00
s2_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s2_pkt.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s2_srvr.c
Assorted bugfixes:
2011-02-03 12:04:48 +00:00
s3_both.c
Add and use a constant-time memcmp.
2013-02-05 16:50:32 +00:00
s3_cbc.c
Check DTLS_BAD_VER for version number.
2013-02-12 15:12:52 +00:00
s3_clnt.c
Fix for CVE-2014-0224
2014-06-03 16:30:23 +01:00
s3_enc.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
s3_lib.c
Fix compilation with this branch's definition of SSL_CIPHER.
2013-10-04 14:55:01 +01:00
s3_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
s3_pkt.c
Fix for CVE-2014-0224
2014-06-03 16:30:23 +01:00
s3_srvr.c
Fix for CVE-2014-0224
2014-06-03 16:30:23 +01:00
s23_clnt.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
s23_lib.c
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
s23_meth.c
make "./configure no-ssl2" work again
2006-01-15 16:57:01 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
PR: 2171
2010-02-16 14:19:42 +00:00
ssl2.h
Implement msg_callback for SSL 2.0.
2001-11-10 01:16:28 +00:00
ssl3.h
Fix for CVE-2014-0224
2014-06-03 16:30:23 +01:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
2010-04-07 13:19:48 +00:00
ssl_asn1.c
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
ssl_cert.c
PR: 1731 and maybe 2197
2010-03-24 23:16:35 +00:00
ssl_ciph.c
Resolve a stack set-up race condition (if the list of compression
2011-12-02 12:50:44 +00:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
ssl_lib.c
Check sk_SSL_CIPHER_num() after assigning sk.
2014-05-12 23:07:44 +01:00
ssl_locl.h
ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.
2013-02-07 15:03:00 +00:00
ssl_rsa.c
PR: 1411
2009-09-12 23:09:59 +00:00
ssl_sess.c
PR: 2160
2010-02-01 16:48:40 +00:00
ssl_stat.c
Fix alert handling.
2014-03-27 00:54:16 +00:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Add strings for DTLS protocol versions
2010-01-16 19:02:43 +00:00
ssl-lib.com
Add t1_reneg to the VMS build.
2010-02-22 07:05:24 +00:00
ssl.h
Fix alert handling.
2014-03-27 00:54:16 +00:00
ssltest.c
Fix in ssltest is no-ssl2 configured
2013-02-11 18:27:33 +00:00
t1_clnt.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_enc.c
Fix for non compilation with TLS_DEBUG defined
2014-05-25 00:02:38 +01:00
t1_lib.c
Tidy up comments.
2013-10-04 14:55:01 +01:00
t1_meth.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 23:03:40 +00:00
t1_srvr.c
Initialize SSL_METHOD structures at compile time. This removes the need
2005-08-05 23:52:08 +00:00
tls1.h
Backport TLS 1.1/1.2 #defines
2013-10-04 14:55:01 +01:00