| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Consistently include local headers in the same location, using the same
grouping/sorting across all files.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is the next step in replacing the TLSv1.2 record layer.
The existing record handling code does decryption and processing in
place, which is not ideal for various reasons, however it is retained
for now as other code depends on this behaviour. Additionally, CBC
requires special handling to avoid timing oracles - for now the
existing timing safe code is largely retained.
ok beck@ inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
missed a subsequent fix for an off-by-one in that code. If the first
byte of a CBC padding of length 255 is mangled, we don't detect that.
Adam Langley's BoringSSL commit 80842bdb44855dd7f1dde64a3fa9f4e782310fc7
Fixes the failing tlsfuzzer lucky 13 test case.
ok beck inoguchi
|
| |
|
|
|
|
|
|
|
| |
to prefer that. No binary change except in d1_srtp.c where the
generated assembly differs only in line numbers (due to a wrapped
long line) and in s3_cbc.c where there is no change in the generated
assembly.
ok inoguchi jsing
|
| |
|
|
|
|
|
|
| |
Currently the CBC related code stuffs the padding length in the upper bits
of the type field... stop doing that and add a padding_length field to the
record struct instead.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
| |
SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA are currently still in
public headers, even though their usage is internal. This moves to
using _INTERNAL suffixed versions that are in internal headers, which
then allows us to change them without any potential public API fallout.
ok inoguchi@ tb@
|
| |
|
|
| |
ok inoguchi@ tb@
|
| |
|
|
| |
ok inoguchi@ tb@
|
| |
|
|
| |
other perversions touches them sickly and unnaturally.
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
| |
constraints, in order to force the union to have the same constraint,
use the actual type instead of `double'. And add a comment explaining why we
want such an alignment in there.
ok beck@
|
| |
|
|
|
|
| |
From Markus Uhlin <markus.uhlin at bredband dot net>
ok beck@ bcooK@
|
| |
|
|
|
|
| |
"the" with the obviously intended word.
Started with a "the the" spotted by Mihal Mazurek.
|
| |
|
|
| |
ok "flensing knife"
|
| |
|
|
|
|
|
|
|
| |
OpenSSL doesn't remember which clients were impacted and the
functionality has been broken in their stable releases for 2 years.
Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5.
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A few EVP_DigestInit_ex() calls were left alone since reporting an
error would change the public API.
Changed internal ssl3_cbc_digest_record() to return a value due to the above
change. It will also now set md_out_size=0 on failure.
This is based on part of BoringSSL's commit to fix malloc crashes:
https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364
ok miod@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
magic numbers around.
ok deraadt@
|
| |
|
|
|
|
| |
SSL_USE_TLS1_2_CIPHERS.
Largely based on OpenSSL head.
|
| | |
|
| |
|
|
|
| |
meets their needs, but dumping it in here only penalizes the rest of us.
ok miod
|
| |
|
|
|
| |
readable. This pass is whitespace only and can readily be verified using
tr and md5.
|
|
|
from the openssl git (changes between openssl 1.0.1c and 1.0.1d).
ok djm@
|
