generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
fc213217e8
openssl/ssl
History
Scott Deboy fc213217e8 Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake.

Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.

(cherry picked from commit ac20719d99)
Conflicts:
	ssl/t1_lib.c
2014-02-08 16:17:24 -08:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes [from HEAD]. 2012-04-16 17:43:02 +00:00
d1_both.c Fix DTLS retransmission from previous session. 2013-12-20 23:25:41 +00:00
d1_clnt.c DTLS/SCTP Finished Auth Bug 2013-10-30 14:37:22 +00:00
d1_enc.c Update DTLS code to match CBC decoding in TLS. 2013-02-06 13:56:13 +00:00
d1_lib.c Improve WINCE support. 2014-02-01 22:48:56 +01:00
d1_meth.c Dual DTLS version methods. 2013-09-18 13:46:02 +01:00
d1_pkt.c DTLS version usage fixes. 2013-09-18 13:47:05 +01:00
d1_srtp.c Submitted by: Eric Rescorla <ekr@rtfm.com> 2012-02-11 22:53:48 +00:00
d1_srvr.c DTLS/SCTP Finished Auth Bug 2013-10-30 14:37:22 +00:00
dnssec.c Change header order to pick up OPENSSL_SYS_WIN32 2013-12-01 23:29:40 +00:00
dtls1.h Dual DTLS version methods. 2013-09-18 13:46:02 +01:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl_lcl.h Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
kssl.c make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl.h make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
Makefile make update 2013-12-01 23:09:44 +00:00
s2_clnt.c Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
s2_enc.c Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
s2_lib.c Add ctrl and utility functions to retrieve raw cipher list sent by client in 2012-12-26 16:25:06 +00:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
s2_srvr.c Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
s3_both.c Add fix for CVE-2013-4353 2014-01-07 15:41:11 +00:00
s3_cbc.c Use enc_flags when deciding protocol variations. 2013-09-18 13:46:02 +01:00
s3_clnt.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
s3_enc.c ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 2013-02-06 13:56:15 +00:00
s3_lib.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
s3_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s3_pkt.c ssl/s3_pkt.c: add multi-block processing [from master]. 2014-02-05 21:43:17 +01:00
s3_srvr.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
s23_clnt.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
s23_lib.c Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
s23_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Add three Suite B modes to TLS code, supporting RFC6460. 2012-12-26 16:17:40 +00:00
srtp.h move internal functions to ssl_locl.h 2011-11-21 22:52:01 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN 2011-05-11 12:56:38 +00:00
ssl3.h Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Add AES-NI+SHA256 stitch registrations (from master). 2014-02-02 00:05:02 +01:00
ssl_asn1.c Use correct tag for SRP username. 2011-10-25 12:52:47 +00:00
ssl_cert.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
ssl_ciph.c Return previous compression methods when setting them. 2014-02-06 13:58:18 +00:00
ssl_conf.c Delete duplicate entry. 2013-11-13 23:47:26 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_err.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
ssl_lib.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
ssl_locl.h Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
ssl_rsa.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
ssl_sess.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
ssl_stat.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Provisional DTLS 1.2 support. 2013-09-18 13:46:02 +01:00
ssl-lib.com VMS fixes 2014-01-11 22:44:04 +00:00
ssl.h Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
ssltest.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
t1_clnt.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_enc.c ssl/t1_enc.c: optimize PRF (suggested by Intel). 2014-01-03 21:56:03 +01:00
t1_lib.c Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert. 2014-02-08 16:17:24 -08:00
t1_meth.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:59:09 +00:00
t1_srvr.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_trce.c Add brainpool curves to trace output. 2013-11-02 14:07:21 +00:00
tls1.h Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2014-02-08 16:12:15 -08:00
tls_srp.c Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00