#
14c45338 |
| 26-Aug-2024 |
slontis |
EVP_MD_size() updates For SHAKE algorithms we now return 0 from EVP_MD_size(). So all the places that check for < 0 needed to change to <= 0 (Otherwise the behaviour will be to diges
EVP_MD_size() updates For SHAKE algorithms we now return 0 from EVP_MD_size(). So all the places that check for < 0 needed to change to <= 0 (Otherwise the behaviour will be to digest nothing in most cases). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25285)
show more ...
|
#
c07a34e1 |
| 21-Aug-2024 |
cx <1249843194@qq.com> |
Return SSL_AD_UNEXPECTED_MESSAGE alert when receiving any other change_cipher_spec value(RFC 8446) Fixes: #25086 CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Rev
Return SSL_AD_UNEXPECTED_MESSAGE alert when receiving any other change_cipher_spec value(RFC 8446) Fixes: #25086 CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25257)
show more ...
|
#
8781087a |
| 12-Aug-2024 |
Matt Caswell |
Ensure the msg_callback is called on CCS receipt in TLSv1.3 CCS records are ignore in TLSv1.3. But we should still call the msg_callback anyway. Fixes #25166 Reviewed-b
Ensure the msg_callback is called on CCS receipt in TLSv1.3 CCS records are ignore in TLSv1.3. But we should still call the msg_callback anyway. Fixes #25166 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25169)
show more ...
|
#
21dfb975 |
| 04-Jul-2024 |
Stephen Farrell |
Extend TLSv1.3 record layer padding API calls Added SSL_set_block_padding_ex() and SSL_CTX_set_block_padding_ex() to allow separate padding block size values for handshake messages a
Extend TLSv1.3 record layer padding API calls Added SSL_set_block_padding_ex() and SSL_CTX_set_block_padding_ex() to allow separate padding block size values for handshake messages and application data messages. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24796)
show more ...
|
#
bfb81281 |
| 23-Apr-2024 |
Matt Caswell |
Set rl->packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rl->packet pointer to NULL after we free it. Follow on from CVE-2024-47
Set rl->packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rl->packet pointer to NULL after we free it. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24395)
show more ...
|
#
38690cab |
| 23-Apr-2024 |
Matt Caswell |
Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer b
Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24395)
show more ...
|
#
b6a5e801 |
| 01-Dec-2023 |
Rajeev Ranjan |
Add support for integrity-only cipher suites for TLS v1.3 - add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC onl
Add support for integrity-only cipher suites for TLS v1.3 - add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC only to tls 1.3 - tls13_enc.c: extend function to add MAC only - ssl_local.h: add ssl_cipher_get_evp_md_mac() - s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS - ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it - tls13secretstest.c: add dummy test function - Configure: add integrity-only-ciphers option - document the new ciphers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22903)
show more ...
|
#
933f57df |
| 13-Mar-2024 |
Neil Horman |
Raise an error on syscall failure in tls_retry_write_records Record the errno when we get a syscall failure in tls_retry_write_records Reviewed-by: Matt Caswell <matt@openssl.or
Raise an error on syscall failure in tls_retry_write_records Record the errno when we get a syscall failure in tls_retry_write_records Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23723)
show more ...
|
#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
cfabddfb |
| 07-Feb-2024 |
Frederik Wedel-Heinen |
Remove unused function arguments from tls_int_new_record_layer Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github
Remove unused function arguments from tls_int_new_record_layer Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23514)
show more ...
|
#
c1decd62 |
| 02-Jan-2024 |
Matt Caswell |
Don't apply max_frag_len checking if no Max Fragment Length extension Don't check the Max Fragment Length if the it hasn't been negotiated. We were checking it anyway, and using the defa
Don't apply max_frag_len checking if no Max Fragment Length extension Don't check the Max Fragment Length if the it hasn't been negotiated. We were checking it anyway, and using the default value (SSL3_RT_MAX_PLAIN_LENGTH). This works in most cases but KTLS can cause the record length to actually exceed this in some cases. Fixes #23169 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23182)
show more ...
|
#
e07b5e1a |
| 12-Dec-2023 |
Matt Caswell |
Ensure the default length calculation includes the content type byte TLSv1.3 includes an extra byte after the payload for the content type. We should incorporate that in the calculation
Ensure the default length calculation includes the content type byte TLSv1.3 includes an extra byte after the payload for the content type. We should incorporate that in the calculation of the default buffer length. Fixes #23015 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23021)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
eb1eaa9a |
| 24-Aug-2023 |
Tomas Mraz |
Always use uint8_t for TLS record type Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pul
Always use uint8_t for TLS record type Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21823)
show more ...
|
#
1cc8c53b |
| 23-Aug-2023 |
Tomas Mraz |
Avoid issues with endianness when type is used in SSL_trace() The TLS record type is a single byte value so we can use uint8_t for it. This allows passing its address directly to SSL
Avoid issues with endianness when type is used in SSL_trace() The TLS record type is a single byte value so we can use uint8_t for it. This allows passing its address directly to SSL_trace() instead of converting it to a single byte type first. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21823)
show more ...
|
#
0577dbad |
| 16-Aug-2023 |
Matt Caswell |
Fix a memory leak in tls_new_record_layer If setting the crypto state has failed then memory might have been partially allocated to fields within the partially constructed record lay
Fix a memory leak in tls_new_record_layer If setting the crypto state has failed then memory might have been partially allocated to fields within the partially constructed record layer. We need to call tls_int_free() to properly free it. Found by the reproducible error patch in openssl#21668 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21753)
show more ...
|
#
73bac6e2 |
| 25-Apr-2023 |
Matt Caswell |
Ensure that the SSL_rstate_string*() API works as they used to We initialise the record layer rstate variable to ensure the SSL_rstate_string*() APIs return values that are consistent wi
Ensure that the SSL_rstate_string*() API works as they used to We initialise the record layer rstate variable to ensure the SSL_rstate_string*() APIs return values that are consistent with previous versions. Fixes #20808 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20827)
show more ...
|
#
7a4e109e |
| 27-Feb-2023 |
Matt Caswell |
Allow partially releasing a record for TLS This enables the cleansing of plaintext to occur in the record layer and avoids the need to cast away const above the record layer. Re
Allow partially releasing a record for TLS This enables the cleansing of plaintext to occur in the record layer and avoids the need to cast away const above the record layer. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20404)
show more ...
|
#
2eb91b0e |
| 23-Feb-2023 |
Matt Caswell |
Make the data field for get_record() const Improves consistency with the QUIC rstream implementation - and improves the abstraction between the TLS implementation and the abstract record
Make the data field for get_record() const Improves consistency with the QUIC rstream implementation - and improves the abstraction between the TLS implementation and the abstract record layer. We should not expect that the TLS implementation should be able to change the underlying buffer. Future record layers may not expect that. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20404)
show more ...
|
#
79abf0df |
| 27-Feb-2023 |
Matt Caswell |
Remove spurious error queue entries on early data Early data decryption is expected to fail sometimes. If it does we should not leave spurious error entries on the queue. Fixes
Remove spurious error queue entries on early data Early data decryption is expected to fail sometimes. If it does we should not leave spurious error entries on the queue. Fixes #20377 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20401)
show more ...
|
#
1dbfd7fe |
| 09-Feb-2023 |
Philippe Antoine |
fuzz: fix coverity warnings introduced by 2b9e2afc382490592078cdb69d06f54f0fefd4c6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Rev
fuzz: fix coverity warnings introduced by 2b9e2afc382490592078cdb69d06f54f0fefd4c6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20253)
show more ...
|
#
25624c90 |
| 11-Nov-2022 |
Tomas Mraz |
Rationalize FIPS sources Avoid including QUIC related stuff in the FIPS sources. Also avoid including libssl headers in ssl3_cbc.c. Reviewed-by: Paul Dale <pauli@openssl.org>
Rationalize FIPS sources Avoid including QUIC related stuff in the FIPS sources. Also avoid including libssl headers in ssl3_cbc.c. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19658)
show more ...
|
#
2b9e2afc |
| 25-Jan-2023 |
Philippe Antoine |
fuzz: make post handshake reachable So that CVE-2021-3449 can be found through fuzzing Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (
fuzz: make post handshake reachable So that CVE-2021-3449 can be found through fuzzing Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/20128)
show more ...
|
#
3f9175c7 |
| 14-Nov-2022 |
Matt Caswell |
Extend the new_record_layer function Add the ability to pass the main secret and length, as well as the digest used for the KDF. Reviewed-by: Hugo Landau <hlandau@openssl.org>
Extend the new_record_layer function Add the ability to pass the main secret and length, as well as the digest used for the KDF. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19748)
show more ...
|
#
bea8d704 |
| 10-Nov-2022 |
Matt Caswell |
Add support for setting a custom TLS Record Layer This is just an internal API for now. Something like this will be made public API at some point - but it is likely to be based on the pr
Add support for setting a custom TLS Record Layer This is just an internal API for now. Something like this will be made public API at some point - but it is likely to be based on the provider interface rather that a direct setting of a METHOD like we do for now. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19748)
show more ...
|