mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
0f7b5cc9f3
openssl/ssl
History
Hugo Landau 0f7b5cc9f3 QUIC RX: Refactor unsafe DCID consistency checking 
Previously, we enforced the requirement that the DCIDs be the same for
all packets in a datagram by keeping a pointer to the first RXE
generated from a datagram. This is unsafe and could lead to a UAF if the
first packet is malformed, meaning that no RXE ended up being generated
from it. Keep track of the DCID directly instead, as we should enforce
this correctly even if the first packet in a datagram is malformed (but
has an intelligible header with a DCID and length).

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:13 +00:00
..
quic QUIC RX: Refactor unsafe DCID consistency checking 2023-01-13 13:20:13 +00:00
record Fixed typos in documentation and comments 2023-01-04 12:53:05 +01:00
statem Make error reason for disallowed legacy sigalg more specific 2022-12-13 10:10:57 +11:00
bio_ssl.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
build.info Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
d1_lib.c Fix coverity 1516101 deadcode 2022-10-24 09:51:00 +11:00
d1_msg.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
d1_srtp.c SSL object refactoring using SSL_CONNECTION object 2022-07-28 10:04:28 +01:00
event_queue.c Make OSSL_TIME a structure 2022-08-12 15:44:01 +01:00
methods.c
pqueue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
priority_queue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
s3_enc.c Remove enc_write_state 2022-10-12 15:53:31 +01:00
s3_lib.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
s3_msg.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
ssl_asn1.c ssl: modify libssl so that it uses OSSL_TIME 2022-09-13 21:13:22 +10:00
ssl_cert_comp.c Add zlib oneshot compression 2022-11-07 11:23:13 +01:00
ssl_cert_table.h
ssl_cert.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_ciph.c Cast values to match printf format strings. 2022-11-14 07:47:53 +00:00
ssl_conf.c Add support for KTLS zerocopy sendfile on Linux 2022-11-24 13:19:37 +01:00
ssl_err_legacy.c Update copyright year 2021-06-17 13:24:59 +01:00
ssl_err.c Make error reason for disallowed legacy sigalg more specific 2022-12-13 10:10:57 +11:00
ssl_init.c err: get rid of err_free_strings_int() 2022-05-10 09:47:54 +02:00
ssl_lib.c Fix the check of BIO_set_write_buffer_size and BIO_set_read_buffer_size 2022-12-05 13:04:18 +01:00
ssl_local.h Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
ssl_mcnf.c SSL: refactor all SSLfatal() calls 2020-11-11 12:12:23 +01:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_rsa.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ssl_sess.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ssl_stat.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_txt.c Cast values to match printf format strings. 2022-11-14 07:47:53 +00:00
ssl_utst.c Remove the old buffer management code 2022-10-20 14:39:33 +01:00
sslerr.h Transfer the functionality from ssl3_read_n to the new record layer 2022-08-18 16:38:12 +01:00
t1_enc.c Fix dtls_get_max_record_overhead() 2022-11-07 10:59:20 +00:00
t1_lib.c Remove some redundant code 2022-10-20 14:39:33 +01:00
t1_trce.c Cleanup : directly include of internal/nelem.h when required. 2022-11-23 18:08:25 +01:00
tls13_enc.c Remove the read_iv/write_iv fields from SSL_CONNECTION 2022-11-14 07:51:17 +00:00
tls_depr.c SSL object refactoring using SSL_CONNECTION object 2022-07-28 10:04:28 +01:00
tls_srp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00