generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Emilia Kasper f6e725e868 Reject elliptic curve lists of odd lengths. 
The Supported Elliptic Curves extension contains a vector of NamedCurves
of 2 bytes each, so the total length must be even. Accepting odd-length
lists was observed to lead to a non-exploitable one-byte out-of-bounds
read in the latest development branches (1.0.2 and master). Released
versions of OpenSSL are not affected.

Thanks to Felix Groebert of the Google Security Team for reporting this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 33d5ba862939ff8db70a9e36fc9a326fab3e8d98)
2014-12-05 16:44:12 +01:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
OPENSSL_NO_SOCK fixes [from HEAD].
2012-04-16 17:43:02 +00:00
d1_both.c
Remove "#if 0" code
2014-12-03 09:31:39 +00:00
d1_clnt.c
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
2014-11-20 15:17:36 +01:00
d1_lib.c
Remove incorrect code inadvertently introduced through commit 59669b6ab.
2014-12-04 14:18:45 +00:00
d1_meth.c
Dual DTLS version methods.
2013-09-18 13:46:02 +01:00
d1_pkt.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:44:03 +00:00
d1_srtp.c
Fix for SRTP Memory Leak
2014-10-15 08:54:26 -04:00
d1_srvr.c
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
2014-11-20 15:17:36 +01:00
dtls1.h
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:31:35 +00:00
heartbeat_test.c
Add conditional unit testing interface.
2014-07-24 19:42:26 +01:00
install-ssl.com
Don't forget to install srtp.h as well
2012-05-10 15:01:26 +00:00
kssl_lcl.h
Some fixes for kerberos builds.
2009-04-21 22:20:12 +00:00
kssl.c
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:52:34 +00:00
kssl.h
Fix for WIN32 builds with KRB5
2014-02-26 15:33:10 +00:00
Makefile
Delete unused file
2014-11-27 21:46:00 +00:00
s2_clnt.c
RT2842: Remove spurious close-comment marker.
2014-09-08 10:50:33 -04:00
s2_enc.c
Fix warning in ssl2_enc
2014-11-27 21:46:04 +00:00
s2_lib.c
Support TLS_FALLBACK_SCSV.
2014-10-15 04:04:55 +02:00
s2_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s2_pkt.c
Check EVP_Cipher return values for SSL2
2014-11-27 21:46:04 +00:00
s2_srvr.c
Reduce version skew: trivia (I hope).
2012-06-03 22:03:37 +00:00
s3_both.c
[PR3597] Advance to the next state variant when reusing messages.
2014-11-28 23:31:28 +01:00
s3_cbc.c
RT3066: rewrite RSA padding checks to be slightly more constant time.
2014-09-24 12:47:19 +02:00
s3_clnt.c
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
2014-11-20 15:17:36 +01:00
s3_enc.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:44:03 +00:00
s3_lib.c
Support TLS_FALLBACK_SCSV.
2014-10-15 04:04:55 +02:00
s3_meth.c
New option no-ssl3-method which removes SSLv3_*method
2014-11-19 22:54:30 +00:00
s3_pkt.c
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
2014-11-27 21:44:03 +00:00
s3_srvr.c
Do not resume a session if the negotiated protocol version does not match
2014-11-20 16:31:35 +01:00
s23_clnt.c
Fix no-ssl3 configuration option
2014-10-15 08:54:26 -04:00
s23_lib.c
Don't advertise ECC ciphersuits in SSLv2 compatible client hello.
2014-06-27 16:52:00 +01:00
s23_meth.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
Keep old method in case of an unsupported protocol
2014-10-21 21:04:09 +02:00
srtp.h
Add include of ssl.h which is required by srtp.h
2014-11-27 13:17:56 +00:00
ssl2.h
Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
2011-05-11 12:56:38 +00:00
ssl3.h
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
2014-11-20 15:17:36 +01:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
Add AES-NI+SHA256 stitch registrations (from master).
2014-02-02 00:05:02 +01:00
ssl_asn1.c
fix coverity issue 966597 - error line is not always initialised
2014-05-07 23:57:00 +01:00
ssl_cert.c
Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST
2014-11-27 20:51:59 +00:00
ssl_ciph.c
Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH
2014-11-10 10:58:49 +01:00
ssl_conf.c
Add -no_resumption_on_reneg to SSL_CONF.
2014-03-27 15:51:25 +00:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
Remove more references to dtls1_enc
2014-11-27 21:46:04 +00:00
ssl_lib.c
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:31:35 +00:00
ssl_locl.h
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:31:35 +00:00
ssl_rsa.c
Rename some callbacks, fix alignment.
2014-08-28 18:10:21 +01:00
ssl_sess.c
Tighten session ticket handling
2014-10-28 17:38:23 +01:00
ssl_stat.c
Remove all RFC5878 code.
2014-07-04 13:42:05 +01:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Provisional DTLS 1.2 support.
2013-09-18 13:46:02 +01:00
ssl_utst.c
Add conditional unit testing interface.
2014-07-24 19:42:26 +01:00
ssl-lib.com
Add t1_ext and ssl_utst to the VMS build as well.
2014-08-31 18:22:02 +02:00
ssl.h
Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
2014-12-03 09:31:35 +00:00
ssltest.c
New option no-ssl3-method which removes SSLv3_*method
2014-11-19 22:54:30 +00:00
t1_clnt.c
Use appropriate versions of SSL3_ENC_METHOD
2013-09-18 13:46:02 +01:00
t1_enc.c
Support TLS_FALLBACK_SCSV.
2014-10-15 04:04:55 +02:00
t1_ext.c
Rename some callbacks, fix alignment.
2014-08-28 18:10:21 +01:00
t1_lib.c
Reject elliptic curve lists of odd lengths.
2014-12-05 16:44:12 +01:00
t1_meth.c
Use appropriate versions of SSL3_ENC_METHOD
2013-09-18 13:46:02 +01:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 22:59:09 +00:00
t1_srvr.c
Use appropriate versions of SSL3_ENC_METHOD
2013-09-18 13:46:02 +01:00
t1_trce.c
Adding padding extension to trace code.
2014-05-20 11:22:15 +01:00
tls1.h
Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH
2014-11-10 10:58:49 +01:00
tls_srp.c
Check SRP parameters early.
2014-08-06 20:41:53 +01:00