openssl/ssl
Richard Levitte 2650515394 Better check of DH parameters in TLS data
When the client reads DH parameters from the TLS stream, we only
checked that they all are non-zero.  This change updates the check to
use DH_check_params()

DH_check_params() is a new function for light weight checking of the p
and g parameters:

    check that p is odd
    check that 1 < g < p - 1

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2017-01-26 10:54:01 +00:00
..
record Cleanup EVP_CIPH/EP_CTRL duplicate defines 2017-01-24 18:47:10 +01:00
statem Better check of DH parameters in TLS data 2017-01-26 10:54:01 +00:00
bio_ssl.c Test the size_t constant time functions 2016-11-04 12:09:46 +00:00
build.info Move client parsing of ServerHello extensions into new framework 2016-12-08 17:18:25 +00:00
d1_lib.c Ensure we are in accept state in DTLSv1_listen 2016-11-29 10:01:49 +00:00
d1_msg.c Convert libssl writing for size_t 2016-11-04 12:09:45 +00:00
d1_srtp.c Move client parsing of ServerHello extensions into new framework 2016-12-08 17:18:25 +00:00
methods.c Add the SSL_METHOD for TLSv1.3 and all other base changes required 2016-11-02 13:08:21 +00:00
packet_locl.h Add an ability to find out the current write location from a WPACKET 2016-12-05 17:05:40 +00:00
packet.c Various style fixes from the TLSv1.3 record changes review 2016-12-05 17:05:40 +00:00
pqueue.c Fix a missed size_t variable declaration 2016-11-04 12:09:46 +00:00
s3_cbc.c Provide some constant time functions for dealing with size_t values 2016-11-04 12:09:46 +00:00
s3_enc.c fix a memory leak in ssl3_generate_key_block fix the error handling in ssl3_change_cipher_state 2017-01-23 11:41:59 +01:00
s3_lib.c Review comments 2017-01-09 22:26:47 -05:00
s3_msg.c Fix some missed size_t updates 2016-11-04 12:09:45 +00:00
ssl_asn1.c Move extension data into sub-structs 2017-01-09 22:26:47 -05:00
ssl_cert.c Convert Sigalgs processing to use ints 2017-01-10 23:02:50 +00:00
ssl_ciph.c Fix a few misspellings. 2017-01-25 09:06:34 +00:00
ssl_conf.c Test mac-then-encrypt 2016-11-28 12:23:36 +01:00
ssl_err.c Add support for key logging callbacks. 2017-01-23 17:07:43 +01:00
ssl_init.c
ssl_lib.c Limit the length of the encrypted premaster key. 2017-01-25 21:54:35 +01:00
ssl_locl.h Fix a few misspellings. 2017-01-25 09:06:34 +00:00
ssl_mcnf.c Fix misc size_t issues causing Windows warnings in 64 bit 2016-11-04 12:09:46 +00:00
ssl_rsa.c
ssl_sess.c Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert 2017-01-24 15:05:12 +01:00
ssl_stat.c
ssl_txt.c Move extension data into sub-structs 2017-01-09 22:26:47 -05:00
ssl_utst.c Remove heartbeat support 2016-11-13 16:24:02 -05:00
t1_enc.c Fix EXTMS error introduced by commit 94ed2c6 2016-11-23 09:50:26 +00:00
t1_ext.c Add some missing extensions to SSL_extension_supported() 2016-12-08 17:17:33 +00:00
t1_lib.c If client doesn't send curves list, don't assume all. 2017-01-18 12:24:28 -05:00
t1_trce.c Teach SSL_trace about the new sigalgs 2017-01-10 23:02:50 +00:00
tls13_enc.c Verify that the sig algs extension has been sent for TLSv1.3 2017-01-10 23:02:50 +00:00
tls_srp.c