CHANGES.md - OpenGrok cross reference for /openssl/CHANGES.md

Lines Matching refs:ticket
1641  * Fix handling of a ticket key callback that returns 0 in TLSv1.3 to not send a
1642    ticket
6739  * Malformed SHA512 ticket DoS
6741    If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
6742    DoS attack where a malformed ticket will result in an OOB read which will
6746    a custom server callback and ticket lookup mechanism.
7313    reuse a previous ticket then a race condition can occur potentially leading to
7314    a double free of the ticket data.
7940  * Malformed SHA512 ticket DoS
7942    If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
7943    DoS attack where a malformed ticket will result in an OOB read which will
7947    a custom server callback and ticket lookup mechanism.
8484    reuse a previous ticket then a race condition can occur potentially leading to
8485    a double free of the ticket data.
8718  * Tighten client-side session ticket handling during renegotiation:
8719    ensure that the client only accepts a session ticket if the server sends
8721    reuse the old extension state and thus accept a session ticket if one was
8724    Similarly, ensure that the client requires a session ticket if one
8749    When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
8750    integrity of that ticket is first verified. In the event of a session
8751    ticket integrity check failing, OpenSSL will fail to free memory
9270    - Fix a bug that suppressed issuing of a new ticket if the client
9271      presented a ticket with an expired session.
9272    - Try to set the ticket lifetime hint to something reasonable.
9557    reuse a previous ticket then a race condition can occur potentially leading to
9558    a double free of the ticket data.
9766    When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
9767    integrity of that ticket is first verified. In the event of a session
9768    ticket integrity check failing, OpenSSL will fail to free memory
10319  * Add session ticket override functionality for use by EAP-FAST.
10568    RFC4507bis. The encrypted ticket format is an encrypted encoded
10576    The SSL_CTX structure automatically generates keys for ticket
11486      (NB: This would require knowledge of the secret session ticket key
11588  * Add TLS session ticket callback. This allows an application to set
11589    TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
11711    RFC4507bis. The encrypted ticket format is an encrypted encoded
11719    The SSL_CTX structure automatically generates keys for ticket
14420    Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,