Dmitry Belyavsky 41b4280772 Avoid KCI attack for GOST ... Russian GOST ciphersuites are vulnerable to the KCI attack because they use long-term keys to establish the connection when ssl client authorization is on. This change brings the GOST implementation into line with the latest specs in order to avoid the attack. It should not break backwards compatibility. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>		2016-09-22 09:27:45 +01:00
..
record	Fix a hang with SSL_peek()	2016-09-22 09:27:45 +01:00
statem	Avoid KCI attack for GOST	2016-09-22 09:27:45 +01:00
bio_ssl.c
build.info	First pass at writing a writeable packets API	2016-09-13 09:41:21 +01:00
d1_lib.c	Convert tls_construct_client_hello() to use PACKETW	2016-09-13 09:41:21 +01:00
d1_msg.c
d1_srtp.c	Convert tls_construct_client_hello() to use PACKETW	2016-09-13 09:41:21 +01:00
methods.c
packet_locl.h	Convert WPACKET_put_bytes to use convenience macros	2016-09-20 14:47:44 +01:00
packet.c	Convert WPACKET_put_bytes to use convenience macros	2016-09-20 14:47:44 +01:00
pqueue.c
s3_cbc.c
s3_enc.c
s3_lib.c	Convert WPACKET_put_bytes to use convenience macros	2016-09-20 14:47:44 +01:00
s3_msg.c
ssl_asn1.c
ssl_cert.c	Style tweaks following review feedback	2016-09-20 10:16:56 +01:00
ssl_ciph.c
ssl_conf.c
ssl_err.c	Don't allow too many consecutive warning alerts	2016-09-21 20:17:04 +01:00
ssl_init.c
ssl_lib.c	Revert "Constify code about X509_VERIFY_PARAM"	2016-09-21 10:37:03 -04:00
ssl_locl.h	Convert Certificate message construction to WPACKET	2016-09-20 10:16:56 +01:00
ssl_mcnf.c
ssl_rsa.c
ssl_sess.c
ssl_stat.c
ssl_txt.c
ssl_utst.c
t1_enc.c
t1_ext.c	Convert WPACKET_put_bytes to use convenience macros	2016-09-20 14:47:44 +01:00
t1_lib.c	Fix a mem leak in NPN handling	2016-09-22 09:27:45 +01:00
t1_reneg.c	Convert tls_construct_client_hello() to use PACKETW	2016-09-13 09:41:21 +01:00
t1_trce.c	Ensure trace recognises X25519	2016-09-08 12:34:02 +01:00
tls_srp.c