generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Dr. Stephen Henson 37580f43b5 Only allow ephemeral RSA keys in export ciphersuites. 
OpenSSL clients would tolerate temporary RSA keys in non-export
ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
enabled this server side. Remove both options as they are a
protocol violation.

Thanks to Karthikeyan Bhargavan for reporting this issue.
(CVE-2015-0204)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

(cherry picked from commit 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6)

Conflicts:
	doc/ssl/SSL_CTX_set_options.pod
2015-01-06 13:14:05 +00:00
..
.cvsignore
bio_ssl.c
OPENSSL_NO_SOCK fixes [from HEAD].
2012-04-16 17:43:15 +00:00
d1_both.c
Remove extraneous white space, and add some braces
2014-12-16 00:08:04 +00:00
d1_clnt.c
Checkout return value of dtls1_output_cert_chain
2014-12-15 21:27:19 +00:00
d1_enc.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:53:02 +00:00
d1_lib.c
Remove incorrect code inadvertently introduced through commit 59669b6ab.
2014-12-04 14:21:50 +00:00
d1_meth.c
d1_pkt.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:53:02 +00:00
d1_srtp.c
Fix for SRTP Memory Leak
2014-10-15 08:51:49 -04:00
d1_srvr.c
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 13:14:05 +00:00
dtls1.h
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:35:23 +00:00
heartbeat_test.c
Add conditional unit testing interface.
2014-07-24 19:43:25 +01:00
install-ssl.com
Don't forget to install srtp.h as well
2012-05-10 15:01:22 +00:00
kssl_lcl.h
Some fixes for kerberos builds.
2009-04-21 22:20:12 +00:00
kssl.c
Clear warnings/errors within KSSL_DEBUG code sections
2014-12-17 14:27:42 +01:00
kssl.h
Fix for WIN32 builds with KRB5
2014-02-26 15:33:09 +00:00
Makefile
RT3067: simplify patch
2014-09-24 15:52:41 +02:00
s2_clnt.c
Add and use a constant-time memcmp.
2013-01-28 17:30:38 +00:00
s2_enc.c
Fixed warning in ssl2_enc
2014-11-27 21:53:44 +00:00
s2_lib.c
Support TLS_FALLBACK_SCSV.
2014-10-15 04:05:42 +02:00
s2_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s2_pkt.c
Check EVP_Cipher return values for SSL2
2014-11-27 21:53:27 +00:00
s2_srvr.c
Fix memory leak in s2_srvr.c if BUF_MEM_grow fails
2014-12-13 00:05:52 +00:00
s3_both.c
[PR3597] Advance to the next state variant when reusing messages.
2014-11-28 23:31:45 +01:00
s3_cbc.c
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 14:17:41 +02:00
s3_clnt.c
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 13:14:05 +00:00
s3_enc.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:53:02 +00:00
s3_lib.c
Clear warnings/errors within KSSL_DEBUG code sections
2014-12-17 14:27:42 +01:00
s3_meth.c
New option no-ssl3-method which removes SSLv3_*method
2014-11-19 22:57:51 +00:00
s3_pkt.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:53:02 +00:00
s3_srvr.c
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 13:14:05 +00:00
s23_clnt.c
Fix no-ssl3 configuration option
2014-10-15 08:51:50 -04:00
s23_lib.c
Don't advertise ECC ciphersuits in SSLv2 compatible client hello.
2014-06-27 16:52:05 +01:00
s23_meth.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
s23_pkt.c
s23_srvr.c
Fixed memory leak if BUF_MEM_grow fails
2014-12-13 00:05:52 +00:00
srtp.h
Add include of ssl.h which is required by srtp.h
2014-11-27 13:19:23 +00:00
ssl2.h
Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
2011-05-11 12:56:38 +00:00
ssl3.h
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
2014-11-20 15:32:08 +01:00
ssl23.h
ssl_algs.c
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.
2013-02-02 19:35:09 +01:00
ssl_asn1.c
fix coverity issue 966597 - error line is not always initialised
2014-05-08 00:00:08 +01:00
ssl_cert.c
Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST
2014-11-27 20:53:58 +00:00
ssl_ciph.c
Clear warnings/errors within KSSL_DEBUG code sections
2014-12-17 14:27:42 +01:00
ssl_err2.c
ssl_err.c
Support TLS_FALLBACK_SCSV.
2014-10-15 04:05:42 +02:00
ssl_lib.c
Ensure that the session ID context of an SSL* is updated
2015-01-05 17:33:28 +01:00
ssl_locl.h
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:35:23 +00:00
ssl_rsa.c
Reduce version skew.
2012-06-08 09:18:47 +00:00
ssl_sess.c
Tighten session ticket handling
2014-10-28 17:41:49 +01:00
ssl_stat.c
Don't disable state strings with no-ssl2
2014-06-28 00:56:42 +01:00
ssl_task.c
ssl_txt.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
ssl_utst.c
Add conditional unit testing interface.
2014-07-24 19:43:25 +01:00
ssl-lib.com
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-10-15 10:49:24 +02:00
ssl.h
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 13:14:05 +00:00
ssltest.c
New option no-ssl3-method which removes SSLv3_*method
2014-11-19 22:57:51 +00:00
t1_clnt.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
t1_enc.c
Clear warnings/errors within TLS_DEBUG code sections
2014-12-17 14:27:42 +01:00
t1_lib.c
Clear existing extension state.
2015-01-02 22:30:20 +00:00
t1_meth.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 22:59:09 +00:00
t1_srvr.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
tls1.h
Support TLS_FALLBACK_SCSV.
2014-10-15 04:05:42 +02:00
tls_srp.c
Check SRP parameters early.
2014-08-06 20:27:51 +01:00