generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
c46ecc3a55bcbbe4ff31da3864d015e343b0189f
openssl/ssl
History
Dr. Stephen Henson c46ecc3a55 Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and 
DTLS to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
2012-05-10 16:03:52 +00:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
OPENSSL_NO_SOCK fixes.
2012-04-16 17:42:36 +00:00
d1_both.c
PR: 2755
2012-03-06 13:47:43 +00:00
d1_clnt.c
PR: 2748
2012-03-06 13:26:15 +00:00
d1_enc.c
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
2012-05-10 16:03:52 +00:00
d1_lib.c
correct error codes
2012-04-18 15:36:12 +00:00
d1_meth.c
Let the TLSv1_method() etc. functions return a const SSL_METHOD
2005-08-14 21:48:33 +00:00
d1_pkt.c
PR: 2756
2012-03-09 15:52:33 +00:00
d1_srtp.c
Submitted by: Eric Rescorla <ekr@rtfm.com>
2012-02-11 22:53:31 +00:00
d1_srvr.c
PR: 2778(part)
2012-03-31 18:03:02 +00:00
dtls1.h
PR: 2658
2011-12-31 22:59:57 +00:00
install-ssl.com
After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
2011-03-19 10:58:14 +00:00
kssl_lcl.h
Merge from 1.0.0-stable branch.
2009-04-23 16:32:42 +00:00
kssl.c
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:50:18 +00:00
kssl.h
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:50:18 +00:00
Makefile
make update
2011-12-27 14:46:03 +00:00
s2_clnt.c
Updatde from stable branch.
2009-01-07 23:44:27 +00:00
s2_enc.c
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
2007-06-04 17:04:40 +00:00
s2_lib.c
Updates from 1.0.0-stable
2009-04-04 19:54:06 +00:00
s2_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s2_pkt.c
Use new common flags and fix resulting warnings.
2009-02-15 14:08:51 +00:00
s2_srvr.c
Fix some warnings caused by __owur. Temporarily (I hope) remove the more
2011-11-14 00:36:10 +00:00
s3_both.c
recognise X9.42 DH certificates on servers
2012-04-18 17:03:29 +00:00
s3_clnt.c
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-24 12:22:23 +00:00
s3_enc.c
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
2012-01-04 23:16:15 +00:00
s3_lib.c
Disable SHA-2 ciphersuites in < TLS 1.2 connections.
2012-04-17 15:23:03 +00:00
s3_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s3_pkt.c
Partial workaround for PR#2771.
2012-04-17 13:21:19 +00:00
s3_srvr.c
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-24 12:22:23 +00:00
s23_clnt.c
s23_clnt.c: ensure interoperability by maitaining client "version capability"
2012-04-25 22:06:32 +00:00
s23_lib.c
Fix warnings.
2010-06-12 14:13:23 +00:00
s23_meth.c
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
2011-04-29 22:56:51 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
Implement FIPS_mode and FIPS_mode_set
2011-05-19 18:09:02 +00:00
srtp.h
move internal functions to ssl_locl.h
2011-11-21 22:52:13 +00:00
ssl2.h
Initial "opaque SSL" framework. If an application defines
2011-04-29 22:37:12 +00:00
ssl3.h
ABI compliance fixes.
2012-02-22 15:39:54 +00:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
add GCM ciphers in SSL_library_init
2011-10-10 12:56:18 +00:00
ssl_asn1.c
Use correct tag for SRP username.
2011-10-25 12:51:22 +00:00
ssl_cert.c
oops, not yet ;-)
2012-04-23 21:58:29 +00:00
ssl_ciph.c
Don't try to use unvalidated composite ciphers in FIPS mode
2012-04-26 18:55:01 +00:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-24 12:22:23 +00:00
ssl_lib.c
oops, not yet ;-)
2012-04-23 21:58:29 +00:00
ssl_locl.h
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-24 12:22:23 +00:00
ssl_rsa.c
Support for fixed DH ciphersuites.
2012-01-16 18:19:14 +00:00
ssl_sess.c
Initial revision of ECC extension handling.
2012-03-28 15:05:04 +00:00
ssl_stat.c
PR: 1794
2011-11-25 00:17:44 +00:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
2011-04-29 22:56:51 +00:00
ssl-lib.com
Corrections to the VMS build system.
2011-03-25 16:20:35 +00:00
ssl.h
Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and
2012-04-25 23:04:42 +00:00
ssltest.c
PR: 1794
2011-12-14 22:17:06 +00:00
t1_clnt.c
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
2011-04-29 22:56:51 +00:00
t1_enc.c
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
2012-05-10 16:03:52 +00:00
t1_lib.c
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-04-24 12:22:23 +00:00
t1_meth.c
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
2011-04-29 22:56:51 +00:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 22:58:55 +00:00
t1_srvr.c
Initial incomplete TLS v1.2 support. New ciphersuites added, new version
2011-04-29 22:56:51 +00:00
tls1.h
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-03-09 18:38:35 +00:00
tls_srp.c
PR: 1794
2011-12-14 22:17:06 +00:00