generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Matt Caswell d3cc5e610d Fix DHE Null CKE vulnerability 
If client auth is used then a server can seg fault in the event of a DHE
cipher being used and a zero length ClientKeyExchange message being sent
by the client. This could be exploited in a DoS attack.

CVE-2015-1787

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:01:13 +00:00
..
bio_ssl.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
d1_both.c
Fix DTLS1_BAD_VER regression
2015-03-09 10:51:57 +00:00
d1_clnt.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
d1_lib.c
Fix Seg fault in DTLSv1_listen
2015-03-19 11:11:02 +00:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
d1_pkt.c
Harmonize return values in dtls1_buffer_record
2015-03-10 12:18:18 -07:00
d1_srtp.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
d1_srvr.c
Remove NETSCAPE_HANG_BUG
2015-02-26 23:27:09 +00:00
dtls1.h
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 20:29:03 +00:00
heartbeat_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
install-ssl.com
Install srtp.h
2012-07-05 13:20:19 +00:00
kssl_lcl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
kssl.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
kssl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
Makefile
RT478: Add uninstall make target
2015-01-12 10:28:05 -05:00
s3_both.c
OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS
2015-01-27 16:43:53 -05:00
s3_cbc.c
OPENSSL_NO_xxx cleanup: SHA
2015-01-27 12:34:45 -05:00
s3_clnt.c
ssl/s3_clnt.c: fix intermittent failures.
2015-03-12 08:54:28 +01:00
s3_enc.c
Cleanse buffers
2015-03-11 10:40:44 +00:00
s3_lib.c
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
s3_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
s3_pkt.c
Multiblock corrupted pointer fix
2015-03-19 11:11:02 +00:00
s3_srvr.c
Fix DHE Null CKE vulnerability
2015-03-19 13:01:13 +00:00
s23_clnt.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
s23_lib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
s23_meth.c
OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1
2015-01-27 15:14:12 -05:00
s23_pkt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
s23_srvr.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
srtp.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl2.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl3.h
Make libssl opaque. Move all structures that were previously protected by
2015-01-31 18:06:45 +00:00
ssl23.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_algs.c
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
ssl_asn1.c
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 20:29:03 +00:00
ssl_cert.c
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
ssl_ciph.c
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
ssl_conf.c
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_err.c
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
ssl_lib.c
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
ssl_locl.h
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
ssl_rsa.c
Remove ssl_cert_inst()
2015-03-15 12:15:08 +01:00
ssl_sess.c
Add SSL_SESSION_get0_ticket API function.
2015-02-10 22:54:27 +00:00
ssl_stat.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_task.c
Make the libssl opaque changes compile on VMS
2015-01-31 18:07:32 +00:00
ssl_txt.c
Extended master secret extension support.
2015-02-03 14:50:07 +00:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl-lib.com
VMS adjustments:
2015-01-30 14:43:57 +01:00
ssl.h
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
ssltest.c
ssl/s3_clnt.c: fix intermittent failures.
2015-03-12 08:54:28 +01:00
t1_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
t1_enc.c
Add sanity check to PRF
2015-03-17 13:39:53 +00:00
t1_ext.c
Remove support for opaque-prf
2015-01-28 15:37:16 -05:00
t1_lib.c
Fix for CVE-2015-0291
2015-03-19 13:01:13 +00:00
t1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
t1_reneg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
t1_srvr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
t1_trce.c
dead code cleanup: #if 0 in ssl
2015-02-06 10:52:12 -05:00
tls1.h
Remove experimental 56bit export ciphers
2015-03-01 16:18:16 -05:00
tls_srp.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00