openssl/ssl at c5f8cd7bc661f90dc012c9d2bae1808a4281985f - openssl - Atria-soft GIT

generic-library/openssl

History

Matt Caswell c5f8cd7bc6 Add length sanity check in SSLv2 n_do_ssl_write()

Fortify flagged up a problem in n_do_ssl_write() in SSLv2. Analysing the
code I do not believe there is a real problem here. However the logic flows
are complicated enough that a sanity check of |len| is probably worthwhile.

Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>

2015-04-29 17:23:45 +01:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

bio_ssl.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_both.c

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

d1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_lib.c

Fix Seg fault in DTLSv1_listen

2015-03-19 11:11:22 +00:00

d1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_pkt.c

Harmonize return values in dtls1_buffer_record

2015-03-10 13:52:32 -07:00

d1_srtp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

d1_srvr.c

Don't send a for ServerKeyExchange for kDHr and kDHd

2015-03-24 22:42:30 +01:00

dtls1.h

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

heartbeat_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

install-ssl.com

Don't forget to install srtp.h as well

2012-05-10 15:01:26 +00:00

kssl_lcl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

kssl.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

kssl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Makefile

make update

2015-04-21 17:50:36 +02:00

s2_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_enc.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_lib.c

Fix reachable assert in SSLv2 servers.

2015-03-19 12:58:35 +00:00

s2_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s2_pkt.c

Add length sanity check in SSLv2 n_do_ssl_write()

2015-04-29 17:23:45 +01:00

s2_srvr.c

Harden SSLv2-supporting servers against Bleichenbacher's attack.

2015-04-08 16:28:42 +02:00

s3_both.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_cbc.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

s3_clnt.c

Repair EAP-FAST session resumption

2015-04-21 19:31:09 +02:00

s3_enc.c

Cleanse buffers

2015-03-11 10:45:23 +00:00

s3_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s3_pkt.c

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

s3_srvr.c

Error out immediately on empty ciphers list.

2015-04-17 18:44:35 +02:00

s23_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_lib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_pkt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s23_srvr.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

srtp.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl2.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl3.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl23.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_algs.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_asn1.c

Fix d2i_SSL_SESSION for DTLS1_BAD_VER

2015-02-27 20:31:28 +00:00

ssl_cert.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_ciph.c

Remove export ciphers from the DEFAULT cipher list

2015-03-07 23:02:19 +01:00

ssl_conf.c

Add support for ServerInfo SSL_CONF option.

2015-03-18 12:31:06 +00:00

ssl_err2.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_err.c

Repair EAP-FAST session resumption

2015-04-21 19:31:09 +02:00

ssl_lib.c

Add DTLS to SSL_get_version

2015-03-20 12:06:12 +00:00

ssl_locl.h

fix warning

2015-03-08 17:31:48 +00:00

ssl_rsa.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_sess.c

Fix ssl_get_prev_session overrun

2015-04-14 14:59:40 +01:00

ssl_stat.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_task.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

ssl_txt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl_utst.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ssl-lib.com

VMS fixups for 1.0.2

2015-01-07 02:15:35 +01:00

ssl.h

Repair EAP-FAST session resumption

2015-04-21 19:31:09 +02:00

ssltest.c

Add DTLS support to ssltest

2015-03-20 12:09:22 +00:00

t1_clnt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_enc.c

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

t1_ext.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_lib.c

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

t1_meth.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_reneg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_srvr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

t1_trce.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls1.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

tls_srp.c

Code style: space after 'if'

2015-04-16 13:50:01 -04:00