mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
7c770d572a
openssl/ssl
History
Ben Laurie 7c770d572a Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
2013-02-06 14:16:55 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes. 2012-04-16 17:42:36 +00:00
d1_both.c PR: 2755 2012-03-06 13:47:43 +00:00
d1_clnt.c Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
d1_enc.c Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and 2012-05-10 16:03:52 +00:00
d1_lib.c Improve WINCE support. 2013-01-19 21:23:13 +01:00
d1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
d1_pkt.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
d1_srtp.c Submitted by: Eric Rescorla <ekr@rtfm.com> 2012-02-11 22:53:31 +00:00
d1_srvr.c PR: 2778(part) 2012-03-31 18:03:02 +00:00
dtls1.h PR: 2658 2011-12-31 22:59:57 +00:00
install-ssl.com Install srtp.h 2012-07-05 13:20:19 +00:00
kssl_lcl.h Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
kssl.c Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
kssl.h make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:50:18 +00:00
Makefile Make "make depend" work on MacOS out of the box. 2013-01-19 14:14:30 +00:00
s2_clnt.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
s2_enc.c Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
s2_lib.c Add ctrl and utility functions to retrieve raw cipher list sent by client in 2012-09-12 13:57:48 +00:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
s2_srvr.c Fix some warnings caused by __owur. Temporarily (I hope) remove the more 2011-11-14 00:36:10 +00:00
s3_both.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
s3_clnt.c perform sanity checks on server certificate type as soon as it is received instead of waiting until server key exchange 2012-08-31 11:18:54 +00:00
s3_enc.c oops, typo 2012-08-28 23:19:25 +00:00
s3_lib.c Print out point format list for clients too. 2012-11-26 18:39:38 +00:00
s3_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s3_pkt.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
s3_srvr.c stop warning when compiling with no-comp 2012-12-29 23:37:56 +00:00
s23_clnt.c send out the raw SSL/TLS headers to the msg_callback and display them in SSL_trace 2012-12-07 23:42:33 +00:00
s23_lib.c Fix warnings. 2010-06-12 14:13:23 +00:00
s23_meth.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Add three Suite B modes to TLS code, supporting RFC6460. 2012-08-15 15:15:05 +00:00
srtp.h move internal functions to ssl_locl.h 2011-11-21 22:52:13 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines 2011-04-29 22:37:12 +00:00
ssl3.h send out the raw SSL/TLS headers to the msg_callback and display them in SSL_trace 2012-12-07 23:42:33 +00:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c add GCM ciphers in SSL_library_init 2011-10-10 12:56:18 +00:00
ssl_asn1.c Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
ssl_cert.c Add ctrl and utility functions to retrieve raw cipher list sent by client in 2012-09-12 13:57:48 +00:00
ssl_ciph.c return error if Suite B mode is selected and TLS 1.2 can't be used. Correct error coded 2012-12-01 18:33:21 +00:00
ssl_conf.c really fix automatic ;-) 2012-12-07 12:41:13 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_err.c return error if Suite B mode is selected and TLS 1.2 can't be used. Correct error coded 2012-12-01 18:33:21 +00:00
ssl_lib.c fix typo and warning 2012-11-19 02:46:46 +00:00
ssl_locl.h Add ctrl and utility functions to retrieve raw cipher list sent by client in 2012-09-12 13:57:48 +00:00
ssl_rsa.c Rearrange and test authz extension. 2012-06-07 13:20:47 +00:00
ssl_sess.c Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
ssl_stat.c PR: 1794 2011-11-25 00:17:44 +00:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
ssl-lib.com Add d1_srtp and t1_trce. 2012-07-05 13:20:02 +00:00
ssl.h typo 2012-12-26 15:23:42 +00:00
ssltest.c stop warning when compiling with no-comp 2012-12-29 23:37:56 +00:00
t1_clnt.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
t1_enc.c * ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug. Fortunately in 2012-09-21 13:08:24 +00:00
t1_lib.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
t1_meth.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:58:55 +00:00
t1_srvr.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
t1_trce.c Fix for trace code: SSL3 doesn't include a length value for 2013-02-04 15:13:12 +00:00
tls1.h Add three Suite B modes to TLS code, supporting RFC6460. 2012-08-15 15:15:05 +00:00
tls_srp.c PR: 1794 2011-12-14 22:17:06 +00:00