generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6df777ed50
openssl/ssl
History
Emilia Kasper ae50d82700 Harden SSLv2-supporting servers against Bleichenbacher's attack. 
There is no indication that the timing differences are exploitable in
OpenSSL, and indeed there is some indication (Usenix '14) that they
are too small to be exploitable. Nevertheless, be careful and apply
the same countermeasures as in s3_srvr.c

Thanks to Nimrod Aviram, Sebastian Schinzel and Yuval Shavitt for
reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-08 16:28:42 +02:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_both.c Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00
d1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_lib.c Fix Seg fault in DTLSv1_listen 2015-03-19 11:11:22 +00:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_pkt.c Harmonize return values in dtls1_buffer_record 2015-03-10 13:52:32 -07:00
d1_srtp.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_srvr.c Don't send a for ServerKeyExchange for kDHr and kDHd 2015-03-24 22:42:30 +01:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
heartbeat_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
kssl.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
kssl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile Delete unused file 2014-11-27 21:46:00 +00:00
s2_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_lib.c Fix reachable assert in SSLv2 servers. 2015-03-19 12:58:35 +00:00
s2_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_pkt.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
s2_srvr.c Harden SSLv2-supporting servers against Bleichenbacher's attack. 2015-04-08 16:28:42 +02:00
s3_both.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_cbc.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
s3_clnt.c Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00
s3_enc.c Cleanse buffers 2015-03-11 10:45:23 +00:00
s3_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_pkt.c Multiblock corrupted pointer fix 2015-03-19 11:11:22 +00:00
s3_srvr.c Add ticket length before buffering DTLS message 2015-03-25 12:29:48 +00:00
s23_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_pkt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_srvr.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
srtp.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl2.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl3.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl23.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_algs.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
ssl_cert.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_ciph.c Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:02:19 +01:00
ssl_conf.c Add support for ServerInfo SSL_CONF option. 2015-03-18 12:31:06 +00:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_err.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_lib.c Add DTLS to SSL_get_version 2015-03-20 12:06:12 +00:00
ssl_locl.h fix warning 2015-03-08 17:31:48 +00:00
ssl_rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_sess.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
ssl_stat.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_task.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
ssl_txt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl-lib.com VMS fixups for 1.0.2 2015-01-07 02:15:35 +01:00
ssl.h Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:02:19 +01:00
ssltest.c Add DTLS support to ssltest 2015-03-20 12:09:22 +00:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_enc.c Ensure last_write_sequence is saved in DTLS1.2 2015-03-25 12:28:45 +00:00
t1_ext.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_lib.c Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_trce.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls1.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls_srp.c Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00