openssl/ssl
Matt Caswell 293d0a0052 Check that a supported_versions extension is present in an HRR
If an HRR is sent then it MUST contain supported_versions according to the
RFC. We were sanity checking any supported_versions extension that was sent
but failed to verify that it was actually present.

Fixes #25041

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25068)
2024-08-07 19:34:23 +02:00
..
quic Do not implicitly start connection with SSL_handle_events() or SSL_poll() 2024-08-03 09:18:11 -04:00
record Fix typos found by codespell 2024-08-07 19:09:43 +02:00
rio QUIC POLLING: Support no-quic builds 2024-02-10 11:37:14 +00:00
statem Check that a supported_versions extension is present in an HRR 2024-08-07 19:34:23 +02:00
bio_ssl.c bio_ssl.c: Do not call SSL_shutdown if not inited 2024-06-25 16:06:17 +02:00
build.info QUIC RIO: Add frontend SSL_poll implementation 2024-02-10 11:37:14 +00:00
d1_lib.c Remove SSL_ENC_FLAG_EXPLICIT_IV which is only set and never read. 2024-05-14 15:34:07 +02:00
d1_msg.c Copyright year updates 2023-09-07 09:59:15 +01:00
d1_srtp.c Copyright year updates 2024-04-09 13:43:26 +02:00
event_queue.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
methods.c Update some inclusions of <openssl/macros.h> 2019-11-07 11:37:25 +01:00
pqueue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
priority_queue.c open brace '{' following struct go on the same line 2024-07-22 06:55:35 -04:00
s3_enc.c Copyright year updates 2024-04-09 13:43:26 +02:00
s3_lib.c 3DES ciphersuites are not allowed in FIPS anymore 2024-08-01 17:29:32 +02:00
s3_msg.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
ssl_asn1.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
ssl_cert_comp.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
ssl_cert_table.h Make ssl_cert_info read-only 2023-11-27 07:51:33 +00:00
ssl_cert.c Speed up SSL_add_{file,dir}_cert_subjects_to_stack 2024-08-01 17:28:18 +02:00
ssl_ciph.c Move stack of compression methods from libssl to OSSL_LIB_CTX 2024-05-28 08:56:13 +02:00
ssl_conf.c Fix second error from Coverity-161057 2024-07-26 13:25:18 -04:00
ssl_err_legacy.c Update copyright year 2021-06-17 13:24:59 +01:00
ssl_err.c Check that a supported_versions extension is present in an HRR 2024-08-07 19:34:23 +02:00
ssl_init.c Move stack of compression methods from libssl to OSSL_LIB_CTX 2024-05-28 08:56:13 +02:00
ssl_lib.c ssl: factorize and improved hex conversion code 2024-08-07 19:25:10 +02:00
ssl_local.h Extend TLSv1.3 record layer padding API calls 2024-07-10 11:44:39 +02:00
ssl_mcnf.c Set SSL_CONF_FLAG_SHOW_ERRORS when conf_diagnostics is enabled 2024-05-09 09:20:58 +02:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_rsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_sess.c Incorporate review feedback 2024-06-21 07:57:56 -04:00
ssl_stat.c SSL_alert_desc_string_long(): Delete unnecessary underline 2024-04-04 08:33:21 +02:00
ssl_txt.c Move stack of compression methods from libssl to OSSL_LIB_CTX 2024-05-28 08:56:13 +02:00
ssl_utst.c Remove the old buffer management code 2022-10-20 14:39:33 +01:00
sslerr.h QUIC APL: Implement optimised FIN API 2024-01-23 14:20:06 +00:00
t1_enc.c Copyright year updates 2024-04-09 13:43:26 +02:00
t1_lib.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
t1_trce.c Add logging support for early data 2024-08-07 19:32:17 +02:00
tls13_enc.c Add support for integrity-only cipher suites for TLS v1.3 2024-05-14 15:39:15 +02:00
tls_depr.c SSL object refactoring using SSL_CONNECTION object 2022-07-28 10:04:28 +01:00
tls_srp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00