summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Update regress following TLS extension renaming.jsing2019-01-182-379/+378
|
* Rename TLS extension handling to use less "hello".jsing2019-01-184-220/+228
| | | | | | | | | | | | | | | | | | | | | | | When the TLS extension code was rewritten, TLS extensions could only exist in ClientHello and ServerHello messages - as such, they were named in pairs of *_clienthello_{needs,build} which would be called by the client and *_clienthello_parse. Likewise for *_serverhello_{needs,build} which would be called by a server and *_serverhello_parse, which would be called by a client. Enter TLSv1.3 - TLS extensions can now exist in one of seven messages, with only certain types being allowed to appear in each, meaning the naming scheme no longer works. Instead, rename them to indicate the caller rather than the message type - this effectively means: clienthello_needs -> client_needs clienthello_build -> client_build clienthello_parse -> server_parse serverhello_needs -> server_needs serverhello_build -> server_build serverhello_parse -> client_parse ok beck@ tb@
* Add regress for extensible buffer code.jsing2019-01-173-1/+169
|
* Get rid of is_serverhello in preparation for other messagesbeck2019-01-171-13/+24
| | | | ok jsing@ tb@
* Provide an extensible buffer implementation that uses a read callback.jsing2019-01-173-3/+148
| | | | | | | | | | | | The read callback returns a TLS13_IO_* value on EOF, failure, want pollin or want pollout, or a positive value indicating the number of bytes read. This will be used by upcoming TLSv1.3 handshake message and record processing code, both of which need the ability to read a fixed size header, before extending the buffer to the number of bytes specified in the header. ok beck@ tb@
* Add support to enforce restrictions on where extensions can appearbeck2019-01-172-12/+38
| | | | | | as per RFC8446 section 4.2. Recognized extensions that appear in an incorrect message must abort the handshake. ok jsing@
* Add a direct copy of the exension parsing code to be modified for tls13.beck2019-01-173-2/+1596
| | | | | | At the moment this is mechanical, with the functions renamed. This will be refactored for tls13. ok jsing@
* For all functions known to be infected by LC_NUMERIC, add shortschwarze2019-01-162-4/+22
| | | | | | | | CAVEATS pointing to the new CAVEATS section in setlocale(3). Make those in wprintf(3) and wscanf(3) more concise since duplicate information is a bad idea. Incompleteness of information originally pointed out by millert@. OK millert@
* There are cases where a program doing dns requests wants to set theotto2019-01-141-2/+4
| | | | | Checking Disabled flag. Introduce a RES flag to do so. ok krw@ deraadt@ eric@
* Move default numer of pools in the multi-threaded case to 8. Various testsotto2019-01-101-2/+2
| | | | by me and others indicate that it is the optimum.
* Make the "not my pool" searching loop a tiny bit smarter, whileotto2019-01-102-22/+39
| | | | | | making the number of pools variable. Do not document the malloc conf settings atm, don't know yet if they will stay. Thanks to all the testers. ok deraadt@
* Revert back previous commit and stop including strings.hmestre2019-01-102-9/+7
| | | | | | | Use memset(3) instead of bzero(3) since POSIX recommends using the former and because it's also more portable (conforms to ANSI C standard) OK tedu@ tb@
* Include strings.h for bzero in usr.bin/ncinoguchi2019-01-092-2/+4
| | | | | | bzero is defined in strings.h. ok deraadt@
* correct article;jmc2019-01-022-6/+6
|
* too many words in previous;jmc2018-12-271-2/+2
|
* port ranges can be ambiguous with hypenated port-names.tedu2018-12-272-6/+7
| | | | | | specify that ranges must be numeric, and only check for range if first argument is a digit. identified by danj, fix suggest by sthen
* Make AES CCM available in tables.tb2018-12-261-1/+4
| | | | | | Omission reported by reyk and Alice Wonder. ok bcook jsing
* Make this page much more readable by deleting as much text as possibleschwarze2018-12-241-28/+9
| | | | | | | | | about functions that are deprecated, identical to other functions, and never made sense in the first place. As deraadt@ points out, we should not hide the information that matters in a heap of clutter. It would waste reader's time and make confusion and accidental misuse more likely. OK deraadt@ jmc@
* EVP_MD_CTX_cleanup() is deprecated and doesn't free, so recommend usingtb2018-12-234-12/+12
| | | | | | EVP_MD_CTX_free() instead if the goal is to avoid leaking memory. From my corresponding upstream commit, reminded by schwarze
* Document EVP_PKEY_new_mac_key(3);schwarze2018-12-221-8/+50
| | | | | from Matt Caswell <matt at openssl dot org> via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000.
* Delete irrelevant HISTORY details. Simply use BN_rand(3); thereschwarze2018-12-221-12/+2
| | | | | | | is no need to know at which time BN_pseudo_rand(3) was made the same as BN_rand(3). Considering that question might even mislead people to attempt ill-advised #ifdef'ing. Pointed out by deraadt@.
* The wrong header file was given for EVP_PKEY_CTX_set_signature_md(3).schwarze2018-12-211-13/+69
| | | | | | | | | | | | | Also clarify to which algorithms it applies. From Matt Caswell <matt at openssl dot org> via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000. Document EVP_PKEY_CTX_get_rsa_padding(3), EVP_PKEY_CTX_get_rsa_pss_saltlen(3), EVP_PKEY_CTX_set_rsa_mgf1_md(3), and EVP_PKEY_CTX_get_rsa_mgf1_md(3). From Antoine Salon <asalon at vmware dot com> via OpenSSL commit 87103969 Oct 1 14:11:57 2018 -0700 from the OpenSSL_1_1_1-stable branch, which is still under a free license.
* Document the ECDSA_SIG_new(3) return value.schwarze2018-12-211-2/+10
| | | | | | Inspired by OpenSSL commit 6da34cfb Jun 2 16:17:32 2018 -0400 by Ken Goldman <kgoldman at us dot ibm dot com>, but use the same wording as in ASN1_item_new(3) instead.
* Clarify behaviour of DH_get0_pqg(3) and DH_get0_key(3) with NULL arguments;schwarze2018-12-211-4/+19
| | | | | from <Matthias dot St dot Pierre at ncp dash e dot com> via OpenSSL commit 5777254b May 27 09:07:07 2018 +0200.
* grammar and style fixes from wesinator at githubschwarze2018-12-211-13/+14
| | | | via OpenSSL commit 521738e9 Oct 5 14:58:30 2018 -0400
* Since OpenBSD 6.1, BN_pseudo_rand*(3) does the same as BN_rand*(3).schwarze2018-12-211-10/+18
| | | | | Say so, and note that OpenSSL followed suit in 1.1.0 according to OpenSSL commit 5ecff87d Jun 21 13:55:02 2017 +0100.
* Mention that some functions call BN_GENCB_call(3) with a secondschwarze2018-12-211-4/+15
| | | | | argument of 3; from Beat Bolli <dev at drbeat dot li> via OpenSSL commit bd93f1ac Jul 28 16:45:22 2018 -0400.
* Correctly describe the return values of BN_hex2bn(3) and BN_dec2bn(3).schwarze2018-12-191-5/+8
| | | | | | Inspired by OpenSSL commit a130950d Aug 23 12:06:41 2017 -0400 by Rich Salz <rsalz at openssl dot org>, but using a more explicit wording, and fixing *both* places rather than only half of them.
* Specify the return values of some of these functions more precisely;schwarze2018-12-191-15/+16
| | | | | | | | inspired by OpenSSL commit 1f13ad31 Dec 25 17:50:39 2017 +0800 by Paul Yang <yang sot yang at baishancloud dot com>, but without creating a RETURN VALUES section because that makes no sense here: it would either result in a confusing order of information or in duplicate information.
* typo;schwarze2018-12-191-4/+5
| | | | | from Jakub Wilk <jwilk at jwilk dot net> via OpenSSL commit a21285b3 Aug 21 18:30:34 2018 +0200
* Add regress test for bugs in stdio/fread.c rev 1.13 and 1.17millert2018-12-163-2/+160
|
* Regenerate root CA list using updated format-pem.pl. Specifically thissthen2018-12-161-101/+1
| | | | | | | | | | | | | drops CA certificates whose validity dates don't comply with the rules on ASN.1 encoding in RFC 5280 (and predecessors - same rule goes back to at least RFC 2459, section 4.1.2.5). LibreSSL strictly enforces this, so attempting to validate certificates signed by these CAs just result in the following: error 13 at 1 depth lookup:format error in certificate's notBefore field "probably" beck@
* Add a check that libressl is actually able to verify CA certs.sthen2018-12-161-12/+28
| | | | Skip outputting them if invalid (e.g. GENERALIZEDTIME date before 2050).
* add a -R option to set/unset resolver flags.libressl-v2.9.0eric2018-12-159-20/+101
| | | | use strcasecmp for reading args.
* Delete a note taken during the rev. 1.1 man page spliteschwarze2018-12-141-5/+2
| | | | | | that should have been deleted before commit. The cross reference is already present below SEE ALSO. Glitch noticed by jsing@.
* Improve speed for the multi-threaded case by reducing lock contention.otto2018-12-101-30/+21
| | | | tested by many; ok florian@
* Keep usage in sync with logic if OPENSSL_NO_DES is set.tobias2018-12-091-1/+3
| | | | ok jmc@, jsing@
* style; OK ottoflorian2018-12-091-3/+3
|
* Remove an ugly hack in the client certificate verification code that workstb2018-12-071-48/+44
| | | | | | | | | | around broken GOST implementations. It looks like client certificates with GOST have been completely broken since reimport of the GOST code, so no-one is using LibreSSL this way. The client side was fixed only last week for TLSv1.0 and TLSv1.1. This workaround is now in the way of much needed simplifcation and cleanup, so it is time for it to go. suggested by and ok jsing
* remove a stray line accidentally left behind in rev. 1.120;schwarze2018-12-051-3/+2
| | | | patch from Hiltjo Posthuma <hiltjo at codemadness dot org>
* Send SSL_AD_DECODE alerts in the case of a bad hello request or antb2018-12-031-7/+7
| | | | | | | invalid change cipher spec. Found due to dead assignment warnings by the Clang static analyzer. ok inoguchi (previous version), jsing
* Restore function prototype for ASN1_dup, fixing usage on I32LP64 platforms.jeremy2018-11-301-1/+7
| | | | | | This prototype was removed inadvertantly in r1.50. OK jsing@
* This test does not terminate if malloc conf is preconfigured withbluhm2018-11-291-2/+6
| | | | | J. Clear that option to allow running full regress with paranoid malloc flags. This is the same fix as for malloc_ulimit1.
* missed adding tls_default_ca_cert_file here. found by sthentedu2018-11-291-0/+1
|
* update for libtls default cert changes.tedu2018-11-292-7/+8
| | | | bonus: this exposed a few missing const qualifiers.
* expose the default cert file as a function, not a define. it's reallytedu2018-11-295-10/+24
| | | | | | an internal detail of the library, so the string should live inside it, not in the application code. ok jsing
* Refactor a tangle in ssl3_send_client_verify() into one function for eachtb2018-11-291-118/+213
| | | | | | | | | | type, sigalgs/rsa/ec/gost. Move a few special dances for GOST where they belong now. This prompted a fix for a long-standing bug with GOST client certificate authentication where tls1_transcript_data() fails since the transcript was already freed before. Add a bit of missing error checking and leave some further cleanup for later. idea, guidance & ok jsing
* We're manipulating malloc flags ourselves, start with restting them all.otto2018-11-291-1/+5
| | | | ok bluhm@
* Correct lock initialisation for libcrypto.jsing2018-11-282-16/+55
| | | | | | | | | | | | The current crypto_lock_init() function is not called early enough, meaning that locks are already in use before it gets called. Worse, locks could be in use when they are then initialised. Furthermore, since functions like CRYPTO_lock() are public API, these could be called directly bypassing initialisation. Avoid these issues by using static initialisers. ok bcook@
* This test does not terminate if malloc conf is preconfigured withbluhm2018-11-281-4/+8
| | | | | | J. Clear that option to allow running full regress with paranoid malloc flags. Also fix whitespace. OK otto@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 17:28:11 +0000