CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	delphij <delphij@FreeBSD.org>
	Tue, 7 Jan 2014 19:02:08 +0000 (19:02 +0000)
committer	delphij <delphij@FreeBSD.org>
	Tue, 7 Jan 2014 19:02:08 +0000 (19:02 +0000)
commit	b9c1fb3406de31e64b6dc3d3b194b295c623f0a6
tree	2e2eb91a8a37902a3e02fcc8726521f89373fdd8	tree \| snapshot
parent	31e26e90200a0e79e3f108523facc54b5e1b86e2	commit \| diff

Import vendor fixes:

197e0ea Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure.  The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).

ssl/d1_both.c		diff \| blob \| history
ssl/s3_both.c		diff \| blob \| history
ssl/s3_lib.c		diff \| blob \| history
ssl/ssl_locl.h		diff \| blob \| history
ssl/t1_enc.c		diff \| blob \| history