| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
This reverts commit 2b0bcfaf834e2fb7cd52888d7330b247e3878115.
It wasn't reviewed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new X509_VERIFY_PARAM_set_auth_level() function sets the
authentication security level. For verification of SSL peers, this
is automatically set from the SSL security level. Otherwise, for
now, the authentication security level remains at (effectively) 0
by default.
The new "-auth_level" verify(1) option is available in all the
command-line tools that support the standard verify(1) options.
New verify(1) tests added to check enforcement of chain signature
and public key security levels. Also added new tests of enforcement
of the verify_depth limit.
Updated documentation.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
| |
|
|
| |
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
Move the the BIO_METHOD and BIO structures into internal header files,
provide appropriate accessor methods and update all internal code to use
the new accessors where appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Session resumption involves a version check, so version negotiation must
happen first. Currently, the DTLS implementation cannot do session
resumption in DTLS 1.0 because the ssl_version check always checks
against 1.2.
Switching the order also removes the need to fixup ssl_version in DTLS
version negotiation.
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
RT: #4392, MR: #2452
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now send the highest supported version by the client, even if the session
uses an older version.
This fixes 2 problems:
- When you try to reuse a session but the other side doesn't reuse it and
uses a different protocol version the connection will fail.
- When you're trying to reuse a session with an old version you might be
stuck trying to reuse the old version while both sides support a newer
version
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
GH: #852, MR: #2452
|
| |
|
|
|
|
|
|
| |
algo_strength contains 2 parts that need to be checked by their own.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #2082
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
| |
BIO_new, etc., don't need a non-const BIO_METHOD. This allows all the
built-in method tables to live in .rodata.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
| |
Misc fixes for no-sock
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
| |
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
* Clear proposed, along with selected, before looking at ClientHello
* Add test case for above
* Clear NPN seen after selecting ALPN on server
* Minor documentation updates
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
| |
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
If a call to EVP_DecryptUpdate fails then a memory leak could occur.
Ensure that the memory is freed appropriately.
Issue reported by Guido Vranken.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
| |
The TLSv1.0 form is retained for reporting the first protocol version
that supports a given cupher.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
| |
Reduces #ifdef complexity.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove 'log' field from SCT and related accessors
In order to still have access to an SCT's CTLOG when calling SCT_print,
SSL_CTX_get0_ctlog_store has been added.
Improved documentation for some CT functions in openssl/ssl.h.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1824
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
|
|
|
| |
This currently seems to be the only cipher we still support that should get
disabled.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
|
|
|
| |
Adjust ssl_set_client_hello_version to get both the minimum and maximum and then
make ssl_set_client_hello_version use the maximum version.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
|
| |
|
|
|
| |
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
| |
Properly check the return value of CRYPTO_THREAD_lock_new()
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| |
|
|
|
|
|
|
| |
Copy/paste error between SSL_CIPHER_get_kx_nid() and
SSL_CIPHER_get_auth_nid(), wrong table was referenced
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Perform ALPN after the SNI callback; the SSL_CTX may change due to
that processing
* Add flags to indicate that we actually sent ALPN, to properly error
out if unexpectedly received.
* clean up ssl3_free() no need to explicitly clear when doing memset
* document ALPN functions
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
| |
Add functions to determine authentication, key-exchange, FIPS and AEAD.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
CCA8, CCA9, CCAA, CCAB, CCAC, CCAD, and CCAE are now present in
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
so remove the "as per draft-ietf-tls-chacha20-poly1305-03" note
accordingly.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Perform ALPN after the SNI callback; the SSL_CTX may change due to
that processing
* Add flags to indicate that we actually sent ALPN, to properly error
out if unexpectedly received.
* clean up ssl3_free() no need to explicitly clear when doing memset
* document ALPN functions
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
Not all platforms support multiblock. Building without it fails prior to
this fix.
RT#4396
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
The numpipes argument to ssl3_enc/tls1_enc is actually the number of
records passed in the array. To make this clearer rename the argument to
|n_recs|.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
| |
Rename the have_whole_app_data_record_waiting() function to include the
ssl3_record prefix...and make it a bit shorter.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
We used to use the wrec field in the record layer for keeping track of the
current record that we are writing out. As part of the pipelining changes
this has been moved to stack allocated variables to do the same thing,
therefore the field is no longer needed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
| |
Update a comment that was out of date due to the pipelining changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
| |
Fix an erroenous fall through when setting the max_pipelines value.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is similar to SSL_pending() but just returns a 1 if there is data
pending in the internal OpenSSL buffers or 0 otherwise (as opposed to
SSL_pending() which returns the number of bytes available). Unlike
SSL_pending() this will work even if "read_ahead" is set (which is the
case if you are using read pipelining, or if you are doing DTLS). A 1
return value means that we have unprocessed data. It does *not* necessarily
indicate that there will be application data returned from a call to
SSL_read(). The unprocessed data may not be application data or there
could be errors when we attempt to parse the records.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
