New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unit/regression test for TLS heartbeats. #81

wants to merge 1 commit into
base: master


None yet
3 participants

mbland commented Apr 26, 2014

Regression test against CVE-2014-0160 (Heartbleed).

More info:

As per Ben Laurie's encouragement:

This should supercede Pete Dettman's earlier request on my behalf, made before the code was adapted to OpenSSL style (and was more in the Google style): #67

I've ported this commit to other branches; the only conflicts were in test/Makefile. It currently passes in:

ported commit: ab56680

ported commit: 58341fa

It currently fails and aborts in these branches, which contain the Heartbleed flaw, but not the fix:

ported commit: e16255c

ported commit: d773bf6

Cherry-picking commit 731f431 should allow these failing tests to pass.

mbland referenced this pull request Apr 26, 2014

Add heartbeat extension bounds check.
A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <> and Bodo Moeller <> for
preparing the fix (CVE-2014-0160)
(cherry picked from commit 96db902)

@mbland mbland referenced this pull request Apr 26, 2014


Add heartbeat tests #67


This comment has been minimized.

jkingdon commented May 14, 2014

+1. Nice to see someone doing something about creating more tests, rather than just wringing one's hands.

Unit/regression test for TLS heartbeats.
Regression test against CVE-2014-0160 (Heartbleed).

More info:

This comment has been minimized.


benlaurie commented May 19, 2014

Merged at 814972e.

@benlaurie benlaurie closed this May 19, 2014

dstebila pushed a commit to open-quantum-safe/openssl that referenced this pull request Aug 28, 2017

Douglas Stebila
Squashed 'vendor/liboqs/' changes from 5bfeb0887e..04d7eaa4ea
04d7eaa4ea Enable or disable each algorithm (openssl#158)
498756396e Add sig api with picnic (openssl#120)
461b563f5e AppVeyor badge should point to master branch.
95df321556 copy header files instead of link (openssl#157)
2a058c507e Windows continuous integration (openssl#155)
ae3dd114f2 Merge pull request openssl#154 from open-quantum-safe/fix-illegal-instruction
caede46535 Bring macOS build config closer to original.
b2730934ba Try a few changes to see if we can narrow down the bug.
0022252601 Switch to a different version of Xcode and set travis-tests to fail on error.
1385ddc8ff Fix windows build july2017 (openssl#151)
f55adf997c Fix unknown pseudo-op: .global under macOS (openssl#152)
9e71658238 Remove NTRU download and build script. (openssl#150)
f696207235 Add --quiet flag during Travis tests. (openssl#148)
9af78655ec Merge pull request openssl#146 from open-quantum-safe/fix-clang-format-macos
c3cdcfb26d Fix clang-format on macOS at version 3.9.
4d28c38a8a Enabling NTRU by default, minor cleaning of (openssl#142)
40012c2427 Merge pull request openssl#141 from open-quantum-safe/change-namespace-check
0bef3027ec Fix bug mentioned in issue openssl#137.
6d817d85b7 Removing non-namespaced global symbols from Kyber (openssl#139)
30743c2a2e Doc for Kyber
f07f64d455 Add 2 OSX to travis (openssl#132)
8f7cff5b75 Mlwe kyber (openssl#131)
d08b510b8f Remove picnic (openssl#134)
2fecc3ba37 Typo: s/director/directory (openssl#133)
a18af315aa fix pretty print format
6346d98080 Merge branch 'christianpaquin-add-sidh2.0'
1496cc8fae Merge branch 'add-sidh2.0' of into christianpaquin-add-sidh2.0
a020ad117a ignore files
3aaa26aace Add libm4ri-dev
68533e7bc4 Adding Picnic algorithm from MSR
d423ae5499 Add ntru_ under global namespace
ea9a604b8f Merge branch 'master' of
dc71dff2ec Adding directory env variables
db438fe1b2 Fix format error on mac
c9d0404d4f --enable-mcbits needs --with-mcbits-dir option
d6aecfafbd Rename configure options to match naming scheme
0b465c720b Merge branch 'master' of
5b11574508 Remove ntru download as it is no more external
001759a3fb Link NTRU using static libraries
e478476cc5 Directly include NTRU code in project? openssl#116
152d6839ca Fix make distclean errors openssl#106
bc998ff9ef Fixing openssl#107 by removing compilation of include files in NewHope (openssl#122)
03b099b7c0 Add silent rules if possible (openssl#123)
15d96d96b9 Update Readme with Ubuntu commands (openssl#124)
3a2b7230a5 README: fixed rand.h link (openssl#121)
732d18da53 Adding back -Werror to makefile and suppressing warnings in sidh to prevent compilation errors.
9416e18819 Removed -Werror flag.
3f5c4c5998 Updated SIDH to v2.0.
e1e3b24e9e Merge remote-tracking branch 'upstream/master'
f7b29e409e Try to fix prettyprinting inconsistency.
312c220683 Prettyprint.
83683b30ca Prettyprint.
1bd6ef012f Revert to fix  globalspace pollution warnings
b91c93098f Flag warning as error and fix warnings
5e63937d9a Merge remote-tracking branch 'upstream/master'
d0ec688e33 Fix build problems on macOS. (openssl#114)
a8093007c3 Remove GPL headers to relicense as MIT licensed, with permission of original author (openssl#113)
83c40e954f Missing libtool package (openssl#104)
1404c651de do not get an error if external repository already exist (openssl#105)
cf6d45c004 fixed block size in OQS_RAND_urandom_aesctr_n() (openssl#108)
c4645a2ffb spelling fixes (openssl#109)
a466e9abd9 Enable openssl and gmp dir to be specified
35bd9bc741 Ntru build related changes
f8c8d95d2b Update for Darwin
f215add476 Ignore generated files.
40dd8ce2d0 Prettyprint.
aa5958dca8 remove gmp from install
4d20f93691 Global namespace fix
516bcace93 Add ifdef for sidh iqc ref
dd3f752e6c valid
6b6afa837f Adding Javad's SIDH IQC implementation
42d38a59f5 clang-format showing format change
62c8981ea3 Merge remote-tracking branch 'upstream/master'
8420268db7 ntru download already happening in .travis.yml
475c713002 Provide ON_DARWIN flag for both the platforms
f6d08ccccb Silent rule;NTRU build;Darwin test program build updates
baab63ab88 better statistics (openssl#100)
c6da8e5af0 Update README with brew instructions on macOS.
fa0e98eb72 Add public key sizes to benchmarking table
09cff0d2fd Autotools (openssl#99)
9a4924754d Merge remote-tracking branch 'upstream/master'
d74a252ae8 Fix clang warnings (openssl#98)
f12bf87f5b Merge remote-tracking branch 'upstream/master'
f2c7538498 Call OQS entropy collection api in NTRU (openssl#97)
17045b69d7 Merge remote-tracking branch 'upstream/master'
76e8675970 System entropy refactoring proposal (openssl#96)
8a09a124ef Enable ntru on windows (openssl#95)
68d67103f3 Merge remote-tracking branch 'upstream/master'
e98ddd13ab Fix windows build after clang format refactoring (openssl#94)
d2056a0221 Merge remote-tracking branch 'upstream/master'
810651c4d2 Add algorithm datasheet for Frodo.
94a49529a6 Add option to build with NTRU  (openssl#85)
c1568a137d Clang format instead of astyle (openssl#84)
095945d3c4 Merge remote-tracking branch 'upstream/master'
669f1aee5e Solves openssl#81: dir was not created (openssl#83)
091b1882a5 Add test_aes to README (openssl#82)
540e6353e8 Travis revisited (still with astyle) and nicer makefile output (openssl#80)
235ab1795e Merge remote-tracking branch 'upstream/master'
88d18d7d49 Enable McBits on Windows (openssl#78)
fe14bf7ccd Enable McBits on Windows (openssl#77)
d6de0a452f Merge remote-tracking branch 'upstream/master'
6098c7f32b Add wrapper around mcbits. (openssl#67)
5214ce4db1 Merge remote-tracking branch 'upstream/master'
60f28a7502 Merge remote-tracking branch 'upstream/master'
3d5facbeaa Merge remote-tracking branch 'upstream/master'
812404e535 Merge remote-tracking branch 'upstream/master'
5741875965 Merge remote-tracking branch 'upstream/master'
6119d1e730 Merge remote-tracking branch 'upstream/master'
cfda5d550b Merge remote-tracking branch 'upstream/master'
ab352e4a56 Merge remote-tracking branch 'upstream/master'
71b217e9e9 Merge remote-tracking branch 'upstream/master'
7b2d2b3146 Merge remote-tracking branch 'upstream/master'
ab99f9f5d0 Merge remote-tracking branch 'upstream/master'
9c00eedd27 Merge branch 'master' of
b0049c1902 Merge remote-tracking branch 'upstream/master'
29fa20a736 Removed spurious white spaces.
12ce5d6da6 Merge branch 'win-build'
a498f701b8 Modified CAPI call to avoid error when no key container is present for the user.
7f6fec2da1 Enables Windows build.

git-subtree-dir: vendor/liboqs
git-subtree-split: 04d7eaa4ea1e83cc6017992c957a85427441b220

levitte added a commit to openssl/web that referenced this pull request Sep 19, 2018

Fix htaccess
Redirect works with prefixes.  If only / should be redirected and not
any sub-path, use RedirectMatch

Reviewed-by: Tim Hudson <>
(Merged from openssl/openssl#81)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment