summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Check tls1_PRF() return value in tls1_generate_master_secret().jsing2017-03-251-4/+4
|
* Update regress to match changes to tls1_PRF().jsing2017-03-251-10/+10
|
* More cleanup for tls1_PRF()/tls1_P_hash() - change the argument order ofjsing2017-03-251-46/+50
| | | | | | | tls1_PRF() so that it matches tls1_P_hash(), use more explicit argument names and change lengths to size_t. ok inoguchi@
* add a helper function to print all pools #ifdef MALLOC_STATSotto2017-03-241-1/+16
| | | | from David CARLIER
* document new recallocarray diagnostic; zap a few diagnostics that shouldotto2017-03-241-8/+9
| | | | never occur
* move recallocarray to malloc.c andotto2017-03-242-19/+207
| | | | | | | - use internal meta-data to do more consistency checking (especially with option C) - use cheap free if possible ok deraadt@
* Fewer magic numbers.jsing2017-03-181-3/+3
|
* t1_enc.cjsing2017-03-181-3/+2
|
* Update regress and remove temporary buffer to match changes in tls_PRF().jsing2017-03-181-8/+4
|
* Currently tls1_PRF() requires that a temporary buffer be provided, thatjsing2017-03-181-50/+32
| | | | | | | | | | | | | | matches the size of the output buffer. This is used in the case where there are multiple hashes - tls_P_hash() is called with the temporary buffer and the result is then xored into the output buffer. Avoid this by simply using a local buffer in tls_P_hash() and then xoring the result into the output buffer. Overall this makes the code cleaner and simplifies all of the tls_PRF() callers. Similar to BoringSSL. ok inoguchi@
* remove unneccessary macro;jmc2017-03-171-2/+2
|
* Strengthen description of recallocarray(3) behaviour, hoping that readersderaadt2017-03-171-5/+10
| | | | | make the behaviour -> use case connection. help from jmc and jsing
* Convert BUF_MEM_grow() and BUF_MEM_grow_clean() to recallocarray(),jsing2017-03-161-13/+3
| | | | | | | | | | ensuring that the buffer contents are zeroed on allocation and not leaked when resizing. It is worth noting that BUF_MEM_grow_clean() already did this manually by avoiding realloc(). ok beck@ inoguchi@
* Use calloc() instead of malloc() followed by manually zeroing fields.jsing2017-03-161-6/+3
| | | | ok beck@ inoguchi@
* copy /etc/services in test directoryeric2017-03-141-1/+2
|
* refresh the test infrastructure a bit.eric2017-03-103-90/+93
|
* Remove the handshake digests and related code, replacing remaining usesjsing2017-03-107-166/+45
| | | | | | | with the handshake hash. For now tls1_digest_cached_records() is retained to release the handshake buffer. ok beck@ inoguchi@
* Switch CBB to use recallocarray() - this ensures that we do not leakjsing2017-03-101-2/+2
| | | | | | secrets via realloc(). ok inoguchi@
* First pass at cleaning up the tls1_P_hash() function - remove a pointlessjsing2017-03-101-20/+19
| | | | | | | EVP_DigestSignInit() call and avoid the need for ctx_tmp by reordering the code slightly. ok inoguchi@
* Add a unit test for tls1_PRF().jsing2017-03-102-1/+257
|
* Make tls1_PRF() non-static so it can be regress tested.jsing2017-03-101-2/+7
|
* The netcat server did not print the correct TLS error message ifbluhm2017-03-091-2/+2
| | | | | | the handshake after accept had failed. Use the context of the accepted TLS connection. OK beck@
* remove bogus variable expansioneric2017-03-092-4/+4
|
* missing includeeric2017-03-091-1/+2
|
* Correctly handle TLS PRF with MD5+SHA1 - the secret has to be partitionedjsing2017-03-071-5/+26
| | | | | | and each hash processed separately. Tested by tb@
* Add a test that covers a libtls client talking to a Go TLS server withjsing2017-03-071-5/+107
| | | | | varying minimum and maximum protocol versions. This gives us protocol version test coverage against an independent TLS stack.
* Allow ciphers to be set on the TLS config.jsing2017-03-071-0/+10
|
* Provide support for libtls protocols and allow for protocols to be set onjsing2017-03-071-3/+47
| | | | | a TLS config. The ConnVersion function now also returns a protocol version instead of a string.
* Add handling for errors on the TLS config and properly check/handlejsing2017-03-072-6/+23
| | | | failures when setting the CA file.
* libtls errors are much more descriptive these days - return them directlyjsing2017-03-071-9/+8
| | | | and avoid adding redundant/duplicate information.
* We no longer need to keep pointers following tls_config_set_*() calls.jsing2017-03-071-6/+3
|
* Some tweaks from jmc@ and describe better what recallocarray does;otto2017-03-071-7/+16
| | | | help and ok from tom@ and deraadt@
* Use an unsigned loop variable to avoid a comparison between signedbluhm2017-03-061-1/+1
| | | | | and unsigned. Makes the test compile again. OK inoguchi@
* Introducing recallocarray(3), a blend of calloc(3) and reallocarray(3)otto2017-03-063-7/+147
| | | | | with the added feature that released memory is cleared. Much input from various developers. ok deraadt@ tom@
* size is unsigned so using ==0 not <=0 when checking for buffer exhaustionmillert2017-03-061-4/+4
|
* Pull in a change from the bind 8 resolver that fixes a potentialmillert2017-03-061-10/+16
| | | | | crash when given a large hex number as part of the dotted quad. OK deraadt@ jsg@
* Clean up and simplify the tls1_PRF() implementation now that we have ajsing2017-03-061-48/+19
| | | | | | single EVP MD for the PRF hash. ok beck@ inoguchi@
* Correctly convert an SSLv2 challenge into an SSLv3/TLS client random byjsing2017-03-051-9/+27
| | | | | | truncating or left zero padding. ok beck@ inoguchi@ sthen@
* Provide a rolling handshake hash that commences as soon as the cipherjsing2017-03-058-54/+193
| | | | | | | | | | suite has been selected, and convert the final finish MAC to use this handshake hash. This is a first step towards cleaning up the current handshake buffer/digest code. ok beck@ inoguchi@
* Convert various handshake message generation functions to CBB.jsing2017-03-054-56/+113
| | | | ok beck@ inoguchi@
* Add an initial regress test that covers the server-side of libssl, byjsing2017-03-053-1/+220
| | | | providing SSL_accept() with fixed ClientHello messages.
* Drop the second argument of dtls1_set_message_header() and make it a voidjsing2017-03-043-13/+10
| | | | | function. Nothing makes use of the return value and the second argument was only used to produce the return value...
* Call ssl3_handshake_write() instead of ssl3_do_write() - this was missedjsing2017-03-041-2/+2
| | | | | | | | | | | when ssl3_send_client_certificate() was converted to the standard handshake functions in r1.150 of s3_clnt.c. This has no impact on TLS, however it causes the DTLS client to fail if the server sends a certificate request, since the TLS MAC is calculated on a non-populated DTLS header. Issue reported by umokk on github.
* Treat "ERROR in STARTUP" as an actual error, rather than failing withoutjsing2017-03-041-2/+2
| | | | | | | exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors. Spotted by inogochi@
* Remove commented out code and fix indentation of surrounding statements.jsing2017-03-041-12/+5
|
* Remove handling for SSLv2.jsing2017-03-041-14/+3
|
* Ensure MD and key initialized before processing HMACinoguchi2017-03-032-35/+224
| | | | | | | | Ensure both MD and key have been initialized before processing HMAC. Releasing HMAC_CTX in error path of HMAC(). In regress test, added test 4,5,6 and cleaned up the code. ok jsing@
* fix error in Dt; from robert kleinjmc2017-03-021-3/+3
|
* Convert ssl3_{get,send}_server_key_exchange() to EVP_md5_sha1().jsing2017-03-013-44/+29
| | | | ok inoguchi@
* Add EVP test for MD5-SHA1.jsing2017-03-011-0/+3
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 05:36:22 +0000