openssl/ssl at 86f8fb0e344d62454f8daf3e15236b2b59210756 - openssl - Atria-soft GIT

generic-library/openssl

History

Emilia Kasper 86f8fb0e34 Fix reachable assert in SSLv2 servers.

This assert is reachable for servers that support SSLv2 and export ciphers.
Therefore, such servers can be DoSed by sending a specially crafted
SSLv2 CLIENT-MASTER-KEY.

Also fix s2_srvr.c to error out early if the key lengths are malformed.
These lengths are sent unencrypted, so this does not introduce an oracle.

CVE-2015-0293

This issue was discovered by Sean Burford (Google) and Emilia Käsper of
the OpenSSL development team.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

2015-03-19 12:58:35 +00:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

bio_ssl.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_both.c

Fix DTLS1_BAD_VER regression

2015-03-09 10:54:06 +00:00

d1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_lib.c

Fix Seg fault in DTLSv1_listen

2015-03-19 11:11:22 +00:00

d1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_pkt.c

Harmonize return values in dtls1_buffer_record

2015-03-10 13:52:32 -07:00

d1_srtp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_srvr.c

Rerun util/openssl-format-source -v -c .

2015-01-22 09:31:48 +00:00

dtls1.h

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

heartbeat_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

install-ssl.com

Don't forget to install srtp.h as well

2012-05-10 15:01:26 +00:00

kssl_lcl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

kssl.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

kssl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Makefile

Delete unused file

2014-11-27 21:46:00 +00:00

s2_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_enc.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_lib.c

Fix reachable assert in SSLv2 servers.

2015-03-19 12:58:35 +00:00

s2_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_pkt.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

s2_srvr.c

Fix reachable assert in SSLv2 servers.

2015-03-19 12:58:35 +00:00

s3_both.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_cbc.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

s3_clnt.c

Prevent handshake with unseeded PRNG

2015-03-10 10:45:52 +00:00

s3_enc.c

Cleanse buffers

2015-03-11 10:45:23 +00:00

s3_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_pkt.c

Multiblock corrupted pointer fix

2015-03-19 11:11:22 +00:00

s3_srvr.c

Fix DHE Null CKE vulnerability

2015-03-19 12:58:35 +00:00

s23_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_pkt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_srvr.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

srtp.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl2.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl3.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl23.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_algs.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_asn1.c

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

ssl_cert.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_ciph.c

Remove export ciphers from the DEFAULT cipher list

2015-03-07 23:02:19 +01:00

ssl_conf.c

Add support for ServerInfo SSL_CONF option.

2015-03-18 12:31:06 +00:00

ssl_err2.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_lib.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_locl.h

fix warning

2015-03-08 17:31:48 +00:00

ssl_rsa.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_sess.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_stat.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_task.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_txt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_utst.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl-lib.com

VMS fixups for 1.0.2

2015-01-07 02:15:35 +01:00

ssl.h

Remove export ciphers from the DEFAULT cipher list

2015-03-07 23:02:19 +01:00

ssltest.c

Fix error handling in ssltest

2015-02-06 10:08:58 +00:00

t1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_enc.c

Add sanity check to PRF

2015-03-17 13:48:04 +00:00

t1_ext.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_lib.c

Fix for CVE-2015-0291

2015-03-19 12:58:35 +00:00

t1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_reneg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_srvr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_trce.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls1.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls_srp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00