Commit Graph

1094 Commits

Author SHA1 Message Date
Dr. Stephen Henson
44959ee456 PR: 1833
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.
2010-08-26 14:23:52 +00:00
Ben Laurie
ee2ffc2794 Add Next Protocol Negotiation. 2010-07-28 10:06:55 +00:00
Dr. Stephen Henson
f96ccf36ff PR: 1830
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson

Support for RFC5705 key extractor.
2010-07-18 17:43:18 +00:00
Dr. Stephen Henson
b9e7793dd7 oops, revert wrong patch.. 2010-07-18 17:43:01 +00:00
Dr. Stephen Henson
d135da5192 Fix warnings (From HEAD, original patch by Ben). 2010-07-18 16:52:47 +00:00
Dr. Stephen Henson
9674de7d3d no need for empty fragments with TLS 1.1 and later due to explicit IV 2010-06-27 14:43:03 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
7837c7ec45 PR: 2259
Submitted By: Artem Chuprina <ran@cryptocom.ru>

Check return values of HMAC in tls_P_hash and tls1_generate_key_block.

Although the previous version could in theory crash that would only happen if a
digest call failed. The standard software methods can never fail and only one
ENGINE currently uses digests and it is not compiled in by default.
2010-05-17 11:27:22 +00:00
Dr. Stephen Henson
6006ae148c PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix bug in bitmask macros and stop warnings.
2010-05-03 13:01:40 +00:00
Dr. Stephen Henson
45106caab7 fix signed/unsigned comparison warnings 2010-04-14 00:41:14 +00:00
Dr. Stephen Henson
934e22e814 PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix various DTLS fragment reassembly bugs.
2010-04-14 00:17:55 +00:00
Dr. Stephen Henson
3122d1d382 PR: 2229
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Don't drop DTLS connection if mac or decryption failed.
2010-04-14 00:10:05 +00:00
Dr. Stephen Henson
b7463c8818 PR: 2228
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS buffer record MAC failure bug.
2010-04-14 00:03:27 +00:00
Dr. Stephen Henson
c0b8eb606f Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
2010-04-07 13:18:07 +00:00
Dr. Stephen Henson
ff12f88b8e PR: 2218
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
2010-04-06 12:45:04 +00:00
Dr. Stephen Henson
47e6a60e42 PR: 2219
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
2010-04-06 12:40:19 +00:00
Dr. Stephen Henson
87a37cbadd PR: 2223
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
2010-04-06 12:29:31 +00:00
Dr. Stephen Henson
00a37b5a9b PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:59 +00:00
Bodo Möller
3e8b6485b3 Fix for "Record of death" vulnerability CVE-2010-0740.
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010),
and further harmonize this version of CHANGES with the versions in the current branches.
2010-03-25 11:25:30 +00:00
Dr. Stephen Henson
a3a06e6543 PR: 1731 and maybe 2197
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:17:15 +00:00
Dr. Stephen Henson
cca1cd9a34 Submitted by: Tomas Hoger <thoger@redhat.com>
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
2010-03-03 15:41:18 +00:00
Dr. Stephen Henson
2b13f80360 algorithms field has changed in 1.0.0 and later: update 2010-02-28 00:24:04 +00:00
Dr. Stephen Henson
c1ca9d3238 Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
2010-02-27 23:02:41 +00:00
Dr. Stephen Henson
7512141162 OR default SSL_OP_LEGACY_SERVER_CONNECT so existing options are preserved 2010-02-17 19:43:56 +00:00
Dr. Stephen Henson
c2c49969e2 Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:31 +00:00
Dr. Stephen Henson
8d934c2585 PR: 2171
Submitted by: Tomas Mraz <tmraz@redhat.com>

Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.

Also can now use SSL2 compatible client hello because RFC5746 supports it.
2010-02-16 14:21:11 +00:00
Dr. Stephen Henson
17ebc10ffa PR: 2161
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:35:27 +00:00
Dr. Stephen Henson
434745dc19 PR: 2160
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Make session tickets work with DTLS.
2010-02-01 16:51:09 +00:00
Dr. Stephen Henson
b380f9b884 PR: 2159
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Typo in PR#1949 bug, oops!
2010-02-01 12:43:45 +00:00
Dr. Stephen Henson
00b525781b oops revert test code accidentally committed 2010-01-28 16:48:39 +00:00
Dr. Stephen Henson
d5e7f2f2c3 PR: 1949
Submitted by: steve@openssl.org

More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
2010-01-26 19:47:37 +00:00
Richard Levitte
c3502985b2 Compile t1_reneg on VMS as well.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:31 +00:00
Dr. Stephen Henson
bc120a54c9 PR: 2153, 2125
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:20 +00:00
Dr. Stephen Henson
21a5c040e5 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:20 +00:00
Dr. Stephen Henson
3a88efd48c If legacy renegotiation is not permitted then send a fatal alert if a patched
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:34 +00:00
Dr. Stephen Henson
49371e3acb oops 2010-01-20 17:59:53 +00:00
Dr. Stephen Henson
eb125795d2 update NEWS file 2010-01-20 17:56:34 +00:00
Dr. Stephen Henson
071ef65cfa The use of NIDs in the password based encryption table can result in
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
2010-01-19 19:56:06 +00:00
Dr. Stephen Henson
0debb681e1 PR: 2144
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
2010-01-19 19:11:35 +00:00
Dr. Stephen Henson
8d39d2800a PR: 2144
Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:46:10 +00:00
Dr. Stephen Henson
598b562a7f PR: 2133
Submitted by: steve@openssl.org

Add missing DTLS state strings.
2010-01-16 19:20:52 +00:00
Dr. Stephen Henson
031c78901b make update 2010-01-15 15:24:19 +00:00
Dr. Stephen Henson
ce1ec9c35e PR: 2125
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
2010-01-14 17:51:29 +00:00
Dr. Stephen Henson
bd5f21a4ae Fix version handling so it can cope with a major version >3.
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
2010-01-13 19:08:02 +00:00
Dr. Stephen Henson
423c66f10e Simplify RI+SCSV logic:
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
2010-01-07 19:04:52 +00:00
Dr. Stephen Henson
76998a71bc Updates to conform with draft-ietf-tls-renegotiation-03.txt:
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:09 +00:00
Dr. Stephen Henson
dd792d6222 Missing commit from change ofr compress_meth to unsigned 2010-01-06 17:35:27 +00:00
Dr. Stephen Henson
82a107eaa8 compress_meth should be unsigned 2010-01-06 14:01:45 +00:00
Dr. Stephen Henson
2be3d6ebc8 Client side compression algorithm sanity checks: ensure old compression
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
2010-01-01 14:39:37 +00:00
Dr. Stephen Henson
e6f418bcb7 Compression handling on session resume was badly broken: it always
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
2009-12-31 14:13:30 +00:00