zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/ssl
History
Viktor Dukhovni b4e4bf29ba Check for excess data in CertificateVerify 
As reported by Alicja Kario, we ignored excess bytes after the
signature payload in TLS CertificateVerify Messages.  These
should not be present.

Fixes: #25298

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25302)
2024-08-29 19:32:00 +02:00
..
quic
Do not implicitly start connection with SSL_handle_events() or SSL_poll()
2024-08-03 09:18:11 -04:00
record
EVP_MD_size() updates
2024-08-29 10:29:53 +02:00
rio
QUIC POLLING: Support no-quic builds
2024-02-10 11:37:14 +00:00
statem
Check for excess data in CertificateVerify
2024-08-29 19:32:00 +02:00
bio_ssl.c
bio_ssl.c: Do not call SSL_shutdown if not inited
2024-06-25 16:06:17 +02:00
build.info
Remove the event queue code
2024-08-07 19:48:26 +02:00
d1_lib.c
Remove SSL_ENC_FLAG_EXPLICIT_IV which is only set and never read.
2024-05-14 15:34:07 +02:00
d1_msg.c
Copyright year updates
2023-09-07 09:59:15 +01:00
d1_srtp.c
Copyright year updates
2024-04-09 13:43:26 +02:00
methods.c
Update some inclusions of <openssl/macros.h>
2019-11-07 11:37:25 +01:00
pqueue.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
priority_queue.c
open brace '{' following struct go on the same line
2024-07-22 06:55:35 -04:00
s3_enc.c
EVP_MD_size() updates
2024-08-29 10:29:53 +02:00
s3_lib.c
3DES ciphersuites are not allowed in FIPS anymore
2024-08-01 17:29:32 +02:00
s3_msg.c
Resolve a TODO in ssl3_dispatch_alert
2022-11-14 10:14:41 +01:00
ssl_asn1.c
RFC7250 (RPK) support
2023-03-28 13:49:54 -04:00
ssl_cert_comp.c
Remove trailing whitespace
2024-07-22 06:55:35 -04:00
ssl_cert_table.h
Make ssl_cert_info read-only
2023-11-27 07:51:33 +00:00
ssl_cert.c
Speed up SSL_add_{file,dir}_cert_subjects_to_stack
2024-08-01 17:28:18 +02:00
ssl_ciph.c
EVP_MD_size() updates
2024-08-29 10:29:53 +02:00
ssl_conf.c
Fix second error from Coverity-161057
2024-07-26 13:25:18 -04:00
ssl_err_legacy.c
Update copyright year
2021-06-17 13:24:59 +01:00
ssl_err.c
Check that a supported_versions extension is present in an HRR
2024-08-07 19:34:23 +02:00
ssl_init.c
Move stack of compression methods from libssl to OSSL_LIB_CTX
2024-05-28 08:56:13 +02:00
ssl_lib.c
ssl: factorize and improved hex conversion code
2024-08-07 19:25:10 +02:00
ssl_local.h
adds TLS signature algorithms list feature
2024-08-13 11:48:54 +10:00
ssl_mcnf.c
Set SSL_CONF_FLAG_SHOW_ERRORS when conf_diagnostics is enabled
2024-05-09 09:20:58 +02:00
ssl_rsa_legacy.c
Deprecate RSA harder
2020-11-18 23:38:34 +01:00
ssl_rsa.c
Copyright year updates
2023-09-07 09:59:15 +01:00
ssl_sess.c
Incorporate review feedback
2024-06-21 07:57:56 -04:00
ssl_stat.c
SSL_alert_desc_string_long(): Delete unnecessary underline
2024-04-04 08:33:21 +02:00
ssl_txt.c
Move stack of compression methods from libssl to OSSL_LIB_CTX
2024-05-28 08:56:13 +02:00
ssl_utst.c
Remove the old buffer management code
2022-10-20 14:39:33 +01:00
sslerr.h
QUIC APL: Implement optimised FIN API
2024-01-23 14:20:06 +00:00
t1_enc.c
Copyright year updates
2024-04-09 13:43:26 +02:00
t1_lib.c
adds TLS signature algorithms list feature
2024-08-13 11:48:54 +10:00
t1_trce.c
adds TLS signature algorithms list feature
2024-08-13 11:48:54 +10:00
tls13_enc.c
EVP_MD_size() updates
2024-08-29 10:29:53 +02:00
tls_depr.c
SSL object refactoring using SSL_CONNECTION object
2022-07-28 10:04:28 +01:00
tls_srp.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00