openssl/ssl at 76343947ada960b6269090638f5391068daee88d - openssl - Atria-soft GIT

generic-library/openssl

History

Dr. Stephen Henson 76343947ad Fix for CVE-2015-0291

If a client renegotiates using an invalid signature algorithms extension
it will crash a server with a NULL pointer dereference.

Thanks to David Ramos of Stanford University for reporting this bug.

CVE-2015-0291

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	ssl/t1_lib.c

2015-03-19 12:58:35 +00:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

bio_ssl.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_both.c

Fix DTLS1_BAD_VER regression

2015-03-09 10:54:06 +00:00

d1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_lib.c

Fix Seg fault in DTLSv1_listen

2015-03-19 11:11:22 +00:00

d1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_pkt.c

Harmonize return values in dtls1_buffer_record

2015-03-10 13:52:32 -07:00

d1_srtp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_srvr.c

Rerun util/openssl-format-source -v -c .

2015-01-22 09:31:48 +00:00

dtls1.h

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

heartbeat_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

install-ssl.com

Don't forget to install srtp.h as well

2012-05-10 15:01:26 +00:00

kssl_lcl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

kssl.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

kssl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Makefile

Delete unused file

2014-11-27 21:46:00 +00:00

s2_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_enc.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_pkt.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

s2_srvr.c

Rerun util/openssl-format-source -v -c .

2015-01-22 09:31:48 +00:00

s3_both.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_cbc.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

s3_clnt.c

Prevent handshake with unseeded PRNG

2015-03-10 10:45:52 +00:00

s3_enc.c

Cleanse buffers

2015-03-11 10:45:23 +00:00

s3_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_pkt.c

Multiblock corrupted pointer fix

2015-03-19 11:11:22 +00:00

s3_srvr.c

Fix missing return value checks.

2015-02-27 15:18:20 +00:00

s23_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_pkt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_srvr.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

srtp.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl2.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl3.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl23.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_algs.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_asn1.c

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

ssl_cert.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_ciph.c

Remove export ciphers from the DEFAULT cipher list

2015-03-07 23:02:19 +01:00

ssl_conf.c

Add support for ServerInfo SSL_CONF option.

2015-03-18 12:31:06 +00:00

ssl_err2.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_lib.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_locl.h

fix warning

2015-03-08 17:31:48 +00:00

ssl_rsa.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_sess.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_stat.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_task.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_txt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_utst.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl-lib.com

VMS fixups for 1.0.2

2015-01-07 02:15:35 +01:00

ssl.h

Remove export ciphers from the DEFAULT cipher list

2015-03-07 23:02:19 +01:00

ssltest.c

Fix error handling in ssltest

2015-02-06 10:08:58 +00:00

t1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_enc.c

Add sanity check to PRF

2015-03-17 13:48:04 +00:00

t1_ext.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_lib.c

Fix for CVE-2015-0291

2015-03-19 12:58:35 +00:00

t1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_reneg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_srvr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_trce.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls1.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls_srp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00