Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-26 17:28:29 -05:00
Code Issues Projects Releases Wiki Activity
f0356ec85c
fragattacks/src/crypto
History
Jouni Malinen bb52293e71 OpenSSL: Detect and prevent TLS heartbeat attack 
Some OpenSSL versions have vulnerability in TLS heartbeat request
processing. Check the processed message to determine if the attack has
been used and if so, do not send the response to the peer. This does not
prevent the buffer read overflow within OpenSSL, but this prevents the
attacker from receiving the information.

This change is an additional layer of protection if some yet to be
identified paths were to expose this OpenSSL vulnerability. However, the
way OpenSSL is used for EAP-TLS/TTLS/PEAP/FAST in hostapd/wpa_supplicant
was already rejecting the messages before the response goes out and as
such, this additional change is unlikely to be needed to avoid the
issue.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-09 14:58:48 +03:00
..
.gitignore Add rules for building src/crypto as a library 2009-12-05 22:03:46 +02:00
aes_i.h Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes_wrap.h Move AES-CCM implementation into src/crypto 2012-09-09 18:07:19 +03:00
aes-cbc.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-ccm.c Move AES-CCM implementation into src/crypto 2012-09-09 18:07:19 +03:00
aes-ctr.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-eax.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-encblock.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-gcm.c Share common GCM-AE and GCM-AD functionality 2012-09-09 13:54:33 +03:00
aes-internal-dec.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-internal-enc.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-internal.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-omac1.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-unwrap.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-wrap.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_cryptoapi.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_gnutls.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_internal-cipher.c Fix AES block size handling for internal cipher 2012-09-09 14:12:59 +03:00
crypto_internal-modexp.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_internal-rsa.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_libtomcrypt.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_none.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_nss.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_openssl.c Remove unused crypto_bignum_rshift() 2014-02-15 11:31:20 +02:00
crypto.h Remove unused crypto_bignum_rshift() 2014-02-15 11:31:20 +02:00
des_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
des-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
dh_group5.c Add dh5_init_fixed() to allow fixed DH parameters to be used 2012-06-27 21:22:12 +03:00
dh_group5.h Add dh5_init_fixed() to allow fixed DH parameters to be used 2012-06-27 21:22:12 +03:00
dh_groups.c Use ARRAY_SIZE() macro 2013-10-26 17:49:05 +03:00
dh_groups.h Add Diffie-Hellman group definitions for MODP groups in RFC 5114 2013-01-12 17:51:54 +02:00
fips_prf_internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
fips_prf_openssl.c OpenSSL: Make fips186_2_prf() easier for static analyzers 2012-08-19 18:54:34 +03:00
Makefile Use internal FIPS 186-2 PRF if needed 2014-03-11 16:44:22 +02:00
md4-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
md5_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
md5-internal.c Hide strict-aliasing warning with gcc 4.7 2012-11-11 20:29:20 +02:00
md5.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
md5.h FIPS: Remove md5-non-fips.c 2012-08-19 16:53:15 +03:00
milenage.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
milenage.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ms_funcs.c Fix MSCHAP UTF-8 to UCS-2 conversion for three-byte encoding 2014-02-15 12:06:35 +02:00
ms_funcs.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
random.c FIPS: Mix in OpenSSL RAND_bytes() into random_get_bytes() 2012-08-16 21:49:41 +03:00
random.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rc4.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha1_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha1-internal.c Use internal FIPS 186-2 PRF if needed 2014-03-11 16:44:22 +02:00
sha1-pbkdf2.c Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha1-prf.c Move SHA1-based PRF function into a separate C file 2012-08-16 20:26:16 +03:00
sha1-tlsprf.c FIPS: Remove md5-non-fips.c 2012-08-19 16:53:15 +03:00
sha1-tprf.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha1.c Move SHA1-based PRF function into a separate C file 2012-08-16 20:26:16 +03:00
sha1.h Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha256_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256-prf.c SAE: Add support for ECC group 21 (521-bit random ECP group) 2013-01-12 17:51:53 +02:00
sha256-tlsprf.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256.c OpenSSL: Implement SHA256 HMAC functions using HMAC API 2012-08-16 22:34:35 +03:00
sha256.h SAE: Add support for ECC group 21 (521-bit random ECP group) 2013-01-12 17:51:53 +02:00
tls_gnutls.c Declare wpa_debug_* variables in src/utils/wpa_debug.h 2013-12-31 19:29:52 +02:00
tls_internal.c TLS testing: Allow hostapd to be used as a TLS testing tool 2014-03-09 18:47:09 +02:00
tls_none.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tls_nss.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tls_openssl.c OpenSSL: Detect and prevent TLS heartbeat attack 2014-04-09 14:58:48 +03:00
tls_schannel.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tls.h TLS testing: Add new test cases for RSA-DHE primes 2014-03-16 12:43:49 +02:00