openssl/ssl
Emilia Käsper 1716003376 Fix DTLS anonymous EC(DH) denial of service
CVE-2014-3510

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-06 20:36:40 +01:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes. 2012-04-16 17:42:36 +00:00
d1_both.c Remove some duplicate DTLS code. 2014-08-06 20:36:40 +01:00
d1_clnt.c DTLS/SCTP Finished Auth Bug 2013-11-01 21:41:52 +00:00
d1_enc.c misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
d1_lib.c Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
d1_meth.c Dual DTLS version methods. 2013-04-09 14:02:48 +01:00
d1_pkt.c Added SSLErr call for internal error in dtls1_buffer_record 2014-06-01 21:36:25 +01:00
d1_srtp.c Submitted by: Eric Rescorla <ekr@rtfm.com> 2012-02-11 22:53:31 +00:00
d1_srvr.c Fix DTLS certificate requesting code. 2014-07-15 18:23:13 +01:00
dtls1.h Dual DTLS version methods. 2013-04-09 14:02:48 +01:00
heartbeat_test.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
install-ssl.com Install srtp.h 2012-07-05 13:20:19 +00:00
kssl_lcl.h Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
kssl.c RT 1229; typo in comment "dont't"->"don't" 2014-07-01 13:02:57 -04:00
kssl.h Fix for WIN32 builds with KRB5 2014-02-26 15:33:11 +00:00
Makefile Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
s2_clnt.c Security framework. 2014-03-28 14:56:30 +00:00
s2_enc.c Experimental encrypt-then-mac support. 2013-09-08 13:14:03 +01:00
s2_lib.c Update strength_bits for 3DES. 2014-06-09 12:09:52 +01:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Add and use a constant-time memcmp. 2013-02-06 14:16:55 +00:00
s2_srvr.c Security framework. 2014-03-28 14:56:30 +00:00
s3_both.c Security framework. 2014-03-28 14:56:30 +00:00
s3_cbc.c misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
s3_clnt.c Fix DTLS anonymous EC(DH) denial of service 2014-08-06 20:36:40 +01:00
s3_enc.c Fixed incorrect return code handling in ssl3_final_finish_mac. 2014-06-13 15:36:20 +01:00
s3_lib.c Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
s3_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s3_pkt.c s3_pkt.c: fix typo. 2014-07-05 23:56:54 +02:00
s3_srvr.c Don't limit message sizes in ssl3_get_cert_verify. 2014-07-05 13:19:12 +01:00
s23_clnt.c Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
s23_lib.c Don't advertise ECC ciphersuits in SSLv2 compatible client hello. 2014-06-27 16:51:26 +01:00
s23_meth.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Fix protocol downgrade bug in case of fragmented packets 2014-08-06 20:36:40 +01:00
srtp.h move internal functions to ssl_locl.h 2011-11-21 22:52:13 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines 2011-04-29 22:37:12 +00:00
ssl3.h Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
ssl_asn1.c fix coverity issue 966597 - error line is not always initialised 2014-05-07 23:54:25 +01:00
ssl_cert.c Fix SSL_CTX_get{first,next}_certificate. 2014-04-21 16:52:28 +01:00
ssl_ciph.c Use more common name for GOST key exchange. 2014-07-14 18:31:55 +01:00
ssl_conf.c Add -no_resumption_on_reneg to SSL_CONF. 2014-03-27 16:12:40 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_err.c Reduce casting nastiness. 2014-07-05 15:00:53 +01:00
ssl_lib.c Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
ssl_locl.h Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
ssl_rsa.c Security framework. 2014-03-28 14:56:30 +00:00
ssl_sess.c Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 2013-09-06 13:59:13 +01:00
ssl_stat.c Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352 2014-05-24 00:02:24 +01:00
ssl_utst.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
ssl-lib.com Add d1_srtp and t1_trce. 2012-07-05 13:20:02 +00:00
ssl.h Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
ssltest.c Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
t1_clnt.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_enc.c RT 1528; misleading debug print, "pre-master" should be "master key" 2014-07-01 13:22:38 -04:00
t1_lib.c Fix possible buffer overrun. 2014-07-02 00:11:10 +01:00
t1_meth.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:58:55 +00:00
t1_srvr.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_trce.c Adding padding extension to trace code. 2014-05-20 11:09:04 +01:00
tls1.h Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
tls_srp.c PR: 1794 2011-12-14 22:17:06 +00:00