Google Git
Sign in
android / platform / external / chromium_org / third_party / boringssl / src / c3d7960
commitc3d79605ab06cffa87877bcfe0792f767bde8b90[log] [tgz]
authorEmilia Käsper <emilia@openssl.org>Thu Jul 24 22:15:29 2014 +0200
committerAdam Langley <agl@google.com>Thu Aug 07 21:13:45 2014 +0000
treee0cbb4fb435d47f4a8768787b72a73538a2f2c12
parent5ba06a75324e33a8381556b98e52f5a3247227d0 [diff]
Fix DTLS anonymous EC(DH) denial of service

(This change originally applied to 1.0.1. In the switch to 1.0.2, the
DTLS specific client processing was removed and now the s3_clnt.c
functions are used. This caused most of the patch to be moot. What
remains is still useful however. For the original patch, see the change
against 1.0.1: 88ae012c8092852f03c50f6461175271104b4c8a)

CVE-2014-3510

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

(Imported from upstream's 1d7d0ed9c21403d79d602b6c7d76fdecf5e737da)

Change-Id: I666f9c48d603f2366cab821ae446a57360c3026b
Reviewed-on: https://boringssl-review.googlesource.com/1439
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: e0cbb4fb435d47f4a8768787b72a73538a2f2c12
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt