A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.5.3 2022-01-14T09:09:30+00:00 2022-01-14T09:09:30+00:00 tb 2022-01-14T09:09:30+00:00 urn:sha1:53be7c999edf2b5da8c31198d2e78dd5906217c2 2022-01-05T17:10:03+00:00 jsing 2022-01-05T17:10:03+00:00 urn:sha1:767ff39662be70f355eac7cf069fd9c23c34580d In preparation to use the key share code in both the TLSv1.3 and legacy stacks, rename tls13_key_share to tls_key_share, moving it into the shared handshake struct. Further changes will then allow the legacy stack to make use of the same code for ephemeral key exchange. ok inoguchi@ tb@ 2021-10-23T13:12:14+00:00 jsing 2021-10-23T13:12:14+00:00 urn:sha1:3262c76ed1f7d7ad4c2133bc12fc909491a69e83 This code will soon be used in the DTLSv1.2 and TLSv1.2 stack. Also introduce tls_internal.h and move/rename the read/write/flush callbacks. ok beck@ tb@ 2021-09-04T16:26:12+00:00 jsing 2021-09-04T16:26:12+00:00 urn:sha1:fb975bbc325bbf4283ef4fa3886bde95fe20607e Currently, the plaintext content from opened TLS records is handled via the rbuf code in the TLSv1.3 record layer. Factor this out and provide a separate struct tls_content, which knows how to track and manipulate the content. This makes the TLSv1.3 code cleaner, however it will also soon also be used to untangle parts of the legacy record layer. ok beck@ tb@ 2021-05-05T10:05:27+00:00 jsing 2021-05-05T10:05:27+00:00 urn:sha1:1a056896b1f8722603712ec9956a081ee5b6c651 For TLSv1.2 a single key block is generated, then partitioned into individual secrets for use as IVs and keys. The previous implementation splits this across two functions tls1_setup_key_block() and tls1_change_cipher_state(), which means that the IV and key sizes have to be known in multiple places. This implementation generates and partitions the key block in a single step, meaning that the secrets are then simply handed out when requested. ok inoguchi@ tb@ 2021-04-25T13:15:23+00:00 jsing 2021-04-25T13:15:23+00:00 urn:sha1:8b55d917f6299f185307b9010616350e6d6a3d93 Make this process more readable by having specific client/server functions, calling the correct one based on s->server. This allows to remove various SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code. ok inoguchi@ tb@ 2020-10-03T18:01:55+00:00 jsing 2020-10-03T18:01:55+00:00 urn:sha1:5098f12eea025395beea9f3b681f58f7f41cdede The d1_{clnt,srvr}.c contain a single function each - merge these into the ssl_{clnt,srvr}.c, renaming them with an ssl3_ prefix for consistency. ok beck@ tb@ 2020-08-30T15:40:20+00:00 jsing 2020-08-30T15:40:20+00:00 urn:sha1:5df2cd671a3bb55e3ec34638a6a36eef237c529f This takes the same design/approach used in TLSv1.3 and provides an opaque struct that is self contained and cannot reach back into other layers. For now this just implements/replaces the writing of records for DTLSv1/TLSv1.0/TLSv1.1/TLSv1.2. In doing so we stop copying the plaintext into the same buffer that is used to transmit to the wire. ok inoguchi@ tb@ 2020-06-09T16:53:53+00:00 deraadt 2020-06-09T16:53:53+00:00 urn:sha1:baa0c5c5165ab0d82f8bf0f78e00dcc807069782 how our tree gets built. If this was done in all the libraries (imagine sys/dev), it would disrupt the development process hugely. So it should not be done here either. use 'make includes' by hand instead. 2020-05-10T14:22:51+00:00 jsing 2020-05-10T14:22:51+00:00 urn:sha1:7307f1dd5e30b646fc44384ead7b0ded4fb8f217 This makes it easier to debug TLSv1.3 handshake failures. "Yes please!" tb@, ok beck@