generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Emilia Kasper a20db08e77 Harden SSLv2-supporting servers against Bleichenbacher's attack. 
There is no indication that the timing differences are exploitable in
OpenSSL, and indeed there is some indication (Usenix '14) that they
are too small to be exploitable. Nevertheless, be careful and apply
the same countermeasures as in s3_srvr.c

Thanks to Nimrod Aviram, Sebastian Schinzel and Yuval Shavitt for
reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit ae50d8270026edf5b3c7f8aaa0c6677462b33d97)
2015-04-08 16:42:28 +02:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_both.c
Fix RAND_(pseudo_)?_bytes returns
2015-03-25 12:45:17 +00:00
d1_clnt.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
d1_enc.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_lib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_pkt.c
Harmonize return values in dtls1_buffer_record
2015-03-10 13:52:37 -07:00
d1_srtp.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_srvr.c
Don't send a for ServerKeyExchange for kDHr and kDHd
2015-03-24 22:58:30 +01:00
dtls1.h
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 20:32:49 +00:00
heartbeat_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
install-ssl.com
Don't forget to install srtp.h as well
2012-05-10 15:01:22 +00:00
kssl_lcl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
kssl.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
kssl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
Makefile
RT3067: simplify patch
2014-09-24 15:52:41 +02:00
s2_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s2_enc.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s2_lib.c
Fix reachable assert in SSLv2 servers.
2015-03-19 12:59:31 +00:00
s2_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s2_pkt.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
s2_srvr.c
Harden SSLv2-supporting servers against Bleichenbacher's attack.
2015-04-08 16:42:28 +02:00
s3_both.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s3_cbc.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
s3_clnt.c
Fix RAND_(pseudo_)?_bytes returns
2015-03-25 12:45:17 +00:00
s3_enc.c
Cleanse buffers
2015-03-11 10:49:22 +00:00
s3_lib.c
Rerun util/openssl-format-source -v -c .
2015-01-22 09:38:49 +00:00
s3_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s3_pkt.c
Use constants not numbers
2015-03-05 09:30:35 +00:00
s3_srvr.c
Fix missing return value checks.
2015-02-27 15:25:05 +00:00
s23_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_lib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_pkt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_srvr.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
srtp.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl2.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl3.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl23.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_algs.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_asn1.c
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 20:32:49 +00:00
ssl_cert.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_ciph.c
Remove export ciphers from the DEFAULT cipher list
2015-03-07 23:08:12 +01:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_lib.c
Fix no-ec warning
2015-02-27 08:57:44 +00:00
ssl_locl.h
fix warning
2015-03-08 22:42:23 +00:00
ssl_rsa.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_sess.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
ssl_stat.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_task.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
ssl_txt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl-lib.com
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-10-15 10:49:24 +02:00
ssl.h
Remove export ciphers from the DEFAULT cipher list
2015-03-07 23:08:12 +01:00
ssltest.c
Fix error handling in ssltest
2015-02-06 10:10:49 +00:00
t1_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_enc.c
Add sanity check to PRF
2015-03-17 13:49:32 +00:00
t1_lib.c
Fix RAND_(pseudo_)?_bytes returns
2015-03-25 12:45:17 +00:00
t1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_reneg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_srvr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
tls1.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
tls_srp.c
Fix RAND_(pseudo_)?_bytes returns
2015-03-25 12:45:17 +00:00