generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Matt Caswell 708cf59358 More ssl_session_dup fixes 
Fix error handling in ssl_session_dup, as well as incorrect setting up of
the session ticket. Follow on from CVE-2015-1791.

Thanks to LibreSSL project for reporting these issues.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-06-11 10:00:23 +01:00
..
record
Remove SSL_OP_TLS_BLOCK_PADDING_BUG
2015-06-10 13:55:11 +02:00
bio_ssl.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_both.c
DTLS handshake message fragments musn't span packets
2015-06-10 12:06:29 +01:00
d1_clnt.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
d1_lib.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
d1_msg.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_srtp.c
Use p==NULL not !p (in if statements, mainly)
2015-05-11 10:06:38 -04:00
d1_srvr.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
install-ssl.com
Updates following review comments
2015-05-16 09:20:52 +01:00
Makefile
Fix the update target and remove duplicate file updates
2015-05-22 18:44:33 +02:00
s3_both.c
Updates following review comments
2015-05-16 09:20:52 +01:00
s3_cbc.c
Identify and move OpenSSL internal header files
2015-05-14 15:13:49 +02:00
s3_clnt.c
Only allow a temporary rsa key exchange when they key is larger than 512.
2015-06-09 00:46:59 +02:00
s3_enc.c
clear/cleanse cleanup
2015-05-30 12:28:05 -04:00
s3_lib.c
Remove export static DH ciphersuites
2015-05-22 23:58:52 +01:00
s3_msg.c
Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and
2015-03-26 15:01:59 +00:00
s3_srvr.c
Clean premaster_secret for GOST
2015-06-04 11:20:51 +01:00
ssl_algs.c
Fix missing return value checks
2015-03-23 15:23:11 +00:00
ssl_asn1.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_cert.c
Add CHANGES entry for OPENSSL_NO_TLSEXT removal
2015-05-22 23:11:22 +01:00
ssl_ciph.c
Tidy disabled algorithm handling.
2015-06-10 21:56:23 +01:00
ssl_conf.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_err.c
Fix race condition in NewSessionTicket
2015-06-02 09:30:12 +01:00
ssl_lib.c
Change return type of the new accessors
2015-05-28 16:55:15 +01:00
ssl_locl.h
Fix race condition in NewSessionTicket
2015-06-02 09:30:12 +01:00
ssl_rsa.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_sess.c
More ssl_session_dup fixes
2015-06-11 10:00:23 +01:00
ssl_stat.c
Version negotiation rewrite cleanup
2015-05-16 09:20:38 +01:00
ssl_txt.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl-lib.com
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_clnt.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_enc.c
Silence Clang warning about unit'd variable
2015-05-31 17:58:36 -04:00
t1_ext.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
t1_lib.c
Tighten extension handling
2015-06-10 10:09:57 +01:00
t1_meth.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_reneg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
t1_srvr.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_trce.c
Update trace code.
2015-06-06 13:19:58 +01:00
tls_srp.c
Use #error in openssl/srp.h
2015-05-15 08:16:21 -04:00