summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Prepare to provide stubbed out versions for reading/writing 0-RTT datatb2020-09-192-2/+41
| | | | | | | | | | | We do not support this feature but need to provide OpenSSL's API since software assumes it's available whenever TLS1_3_VERSION is available. These are minimal stubs that should have a decent chance to interact reasonably with software expecting the tricky upstream semantics, but this will have to be sorted out with runtime testing, so will likely have to be refined and revisited. ok beck jsing
* Prepare to provide SSL{,_CTX}_{get,set}_max_early_datatb2020-09-192-2/+34
| | | | | | | Similar to the SSL_SESSION versions, these are noops that are expected to be available by some configure tests. ok beck jsing
* Prepare to provide SSL_SESSION_{set,get}_max_early_data()tb2020-09-192-2/+18
| | | | | | | Since we do not support 0-RTT, these are noops. Some software expects this API to be available if TLS1_3_VERSION is defined. ok beck jsing
* If ssl_cert_dup() fails in SSL_set_SSL_CTX(3), return failureschwarze2020-09-181-5/+10
| | | | | | | | | | | | | | | | rather than silently leaving a NULL pointer in ssl->cert. Kurt Roeckx fixed the same bug similarly in OpenSSL in 2015. While here, (1) make the code easier to read and more robust by returning right away when ssl still uses the context it was created from and the ctx argument is NULL, rather than doing a lot of work that changes nothing unless data is already corrupt, and (2) use the shorter and more inituitive SSL_CTX_up_ref(3) rather than manually calling CRYPTO_add(3), which means no functional change and is also in the OpenSSL 1.1 branch. OK tb@
* add forgotten link to newish page SSL_set1_host(3)schwarze2020-09-181-3/+4
| | | | and update merge notice
* Move variable declaration to beginning of scope in order to make thistb2020-09-181-3/+4
| | | | test compile and pass on sparc64.
* make this test compile and pass on sparc64 by moving variable declarationstb2020-09-181-4/+9
| | | | to the beginning of the respective scopes (and out of for loops)
* move variable declaration up to top to make this compile and passtb2020-09-181-1/+1
| | | | on sparc64
* Use void function argument to appease gcc 4.2.1tb2020-09-181-1/+1
|
* fix "warning: value computed is not used"tb2020-09-181-2/+2
| | | | | Add a cast to tell gcc 4.2.1 that the return value is deliberately ignored. This makes the test compile and pass on sparc64.
* fix "warning: function declaration isn't a prototype"tb2020-09-181-3/+3
| | | | | Make tests compile and pass on sparc64 with gcc 4.2.1 by properly declaring "static int foo()" as "static int foo(void)".
* zap redundant linetb2020-09-181-2/+1
|
* hook symbols test to regresstb2020-09-181-1/+2
|
* Check availability of the symbols in Symbols.listtb2020-09-182-0/+182
| | | | | | | | | | | | | | This regress parses Symbols.list and pulls all public headers out of libcrypto's Makefile to generate a simple program that uses all public symbols. A number of symbols need to be declared extern since they are unavailable in public headers and a handful must be skipped since they are apparently architecture dependent. This would have caught the recent breakage due to the accidental removal of the NAME_CONSTRAINTS_check() function and points out a number of places where cleanup may happen in the future. discussed with beck
* Fix potential overflow in CN subject line parsing, thanks tobeck2020-09-181-4/+5
| | | | | | | | ASN1_STRING - the gift that keeps on giving. Found by Guido Vranken's cryptofuzzer. ok tb@
* Prepare to provide SSL_get_peer_tmp_key().jsing2020-09-172-9/+20
| | | | | | | | OpenSSL effectively renamed SSL_get_server_tmp_key() to SSL_get_peer_tmp_key() and removed the client-side restriction. Prepare for a matching rename. ok tb@
* Simplify SSL method lookups.jsing2020-09-175-66/+44
| | | | | | | | | There are three places where we call tls1_get_{client,server}_method() and if that returns NULL, call dtls1_get_{client,server}_method(). Simplify this by combining the lookup into a single function. While here also use uint16_t for version types. ok inoguchi@ millert@
* Add a comment saying that the public function NAME_CONSTRAINTS_check(3)schwarze2020-09-171-2/+5
| | | | | is intentionally undocumented and needs to be deprecated. No change of the formatted text.
* Install the new page SSL_set1_host(3), link to it from relevant places,schwarze2020-09-176-22/+31
| | | | | | | and add two other .Xrs that might help readers find their way. Update the merge notices of all files touched and merge a few trivial changes from the OpenSSL 1.1.1 branch. OK tb@
* Import a manual page for SSL_set1_host(3), which we already have since 6.5,schwarze2020-09-171-0/+155
| | | | | | | and for SSL_get0_peername(3), which tb@ will soon make available, from the OpenSSL 1.1.1 branch, which is still under a free license, deleting parts that do not apply to OpenBSD, and tweaked by me. Several improvements and OK by tb@.
* revert my putting this on a diet. sadly the NAME_CONSTRAINTS_checkbeck2020-09-161-7/+1
| | | | symbol is exposed api and we probably need to deprecate it thoughtfully.
* Group seal record functions together.jsing2020-09-161-11/+11
| | | | No functional change.
* Add cipher set tests with empty SSL_set_ciphersuites().jsing2020-09-161-0/+22
|
* Correct cipher_set_test() when run on a machine without AES acceleration.jsing2020-09-161-1/+19
| | | | Noted by bcook@ and inoguchi@ while working on portable.
* Make cipher_set_test() log failures and continue, rather than aborting.jsing2020-09-161-11/+3
|
* noop NAME_CONSTRAINTS_check stubinoguchi2020-09-161-4/+5
| | | | | | | | | | | On OSX and Windows platform portable build fails since it can't find NAME_CONSTRAINTS_check. It is still remain in x509v3.h and Symbols.list but '#if 0'ed from x509_ncons.c. In this situation, some platforms appears to get error. Add noop NAME_CONSTRAINTS_check stub to solve this issue. ok beck@
* Let SSL_CTX_get_ciphers(NULL) return NULL rather than crashschwarze2020-09-162-6/+7
| | | | | | | for compatibility with OpenSSL and for consistency with neighbouring functions; suggested by jsing@ after i documented the crash; OK jsing@.
* Mark SSL_get_cipher_list(3) as deprecated; it is badly misnamed, and thereschwarze2020-09-161-4/+6
| | | | | | is already a comment above it in ssl_lib.c in both OpenSSL and LibreSSL: /* The old interface to get the same thing as SSL_get_ciphers(). */ Suggested by and OK jsing@.
* Avoid memset() before memcpy() for CBB_add_bytes().jsing2020-09-161-2/+2
| | | | | | | | | CBB_add_bytes() calls CBB_add_space(), which now explicitly zeros memory to avoid information leaks. However CBB_add_bytes() calls memcpy() for the same memory region, so the memset() is unnecessary. Avoid this by inlining part of CBB_add_space() rather than calling it directly. ok beck@ tb@
* Make check in x509_verify_ctx_set_max_signatures() consistent with others.jsing2020-09-161-4/+2
| | | | ok beck@
* Dedup code in x509_verify_ctx_new_from_xsc().jsing2020-09-161-14/+7
| | | | | | | Rather than duplicating code, have x509_verify_ctx_new_from_xsc() call x509_verify_ctx_new(), then handle the xsc specific parts. ok beck@
* The undocumented public function SSL_set_SSL_CTX(3) changes theschwarze2020-09-151-4/+4
| | | | | | context used by an SSL object, so do not talk about the SSL_CTX that "an SSL object was created from"; fixing an inaccuracy pointed out by jsing@.
* Split the tls12_record_layer_write_mac() function.jsing2020-09-151-10/+19
| | | | | | | | | Split the existing tls12_record_layer_write_mac() function so that we can soon reuse part of it for the read side. No functional change. ok tb@
* Do not destroy an existing cipher list when ssl_parse_ciphersuites()schwarze2020-09-151-4/+2
| | | | | | | fails, to match the behaviour of ssl_create_cipher_list(). This also agrees with the behaviour of SSL_set_ciphersuites(3) in OpenSSL. Issue found while writing documentation. OK jsing@
* Correct a failure case in tls12_record_layer_seal_record_protected()jsing2020-09-151-2/+2
| | | | This should be a 'goto err' rather than returning.
* Create the missing RETURN VALUES section and move the appropriateschwarze2020-09-151-57/+103
| | | | | | | | content there. Clarify when the returned pointers become invalid, which is far from obvious but sets surprising traps for the user. For three of the functions, correct statements about when they fail. Also improve a number of wordings while here. OK beck@
* set error_depth and current_cert to make more legacy callbacks that don't checkbeck2020-09-151-1/+3
| | | | | | happy ok tb@
* Deduplicate the time validation code between the legacy and newbeck2020-09-153-27/+8
| | | | | | verification code. ok jsing@
* ifdef out code that is no longer used in here. once we are certainbeck2020-09-151-2/+5
| | | | | | of staying with the new name constraint code this will be deleted ok jsing@
* Cleanup/simplify SSL_set_ssl_method().jsing2020-09-151-18/+18
| | | | | | | In particular, figure what the handshake_func should be early on, so we can just assign later. ok beck@
* Mop up the get_ssl_method function pointer.jsing2020-09-152-50/+2
| | | | | | | Now that get_ssl_method is no longer used, we can garbage collect the function pointer and some associated machinery. ok beck@
* Test botan TLS client with libressl, openssl, openssl11 server.bluhm2020-09-154-6/+305
|
* Move state initialisation from SSL_clear() to ssl3_clear().jsing2020-09-142-4/+4
| | | | | | | | | | | | | | | | | | | | | | If we use the default method (now TLSv1.3) and end up talking to a TLSv1.2 server that gives us a session ticket, then try to resume that session, we end up trying to talk TLS without doing a handshake. This is caused by the state (S3I(s)->hs.state) getting cleared, which results in SSL_do_handshake() and others thinking they do not need to do anything (as SSL_in_init() and SSL_in_before() are not true). The reason this occurs is due to SSL_set_ssl_method() calling ssl_free() and ssl_new() when switching methods. The end result is that the S3I(s) has been freed and reallocated, losing the state in the process. Since the state is part of the S3I(s) structure, move its initialisation into ssl3_clear() - this ensures it gets correctly reinitialised across a SSL_set_ssl_method() call. Issue noticed by sthen@ with nginx and unifi. ok beck@ tb@
* Cleanup and simplify SSL_set_session().jsing2020-09-141-36/+22
| | | | | | | | | | SSL_set_ssl_method() checks to see if the method is already the same, so we do not need to do this check in three different places. Switch to dtls1_get_client_method()/tls1_get_client_method() to find the method - this is a slight change in behaviour, however there is not much point trying to resume a session on something other than a client. ok beck@
* Avoid NULL deref SSL_{,CTX_}set_ciphersuitestb2020-09-141-2/+2
| | | | | | | | Move assignment to the correct place so that the run continuation condition actually checks what it is supposed to. Found by getting lucky when running regress. ok beck jsing
* simplify RETURN VALUES for x509_verify(3) after beck@ made the rulesschwarze2020-09-141-7/+3
| | | | | simpler and more consistent in x509_verify.c rev. 1.6; OK beck@
* Add initial man page for new x509_verify chain validatorbeck2020-09-141-0/+225
| | | | | | | | | | This may be changed substantially before we enable the public api, as discussions are still happening over it's final form, however after one pass by ingo he would rather this was here and it can be adjusted in tree, but not installed by the makefile until we make this visible ok schwarze@
* Set error if we are given an NULL ctx in x509_verify, and set errorbeck2020-09-141-5/+3
| | | | | | | | to X509_V_ERR_OUT_OF_MEM instead of UNSPECIFIED in chain_append when allocation fails. noticed by ingo@ ok tb@
* nuke a stray spacetb2020-09-141-2/+2
|
* Fix potential leak when tmpext fails to be added tobeck2020-09-141-2/+6
| | | | | | | the extension list. found by llvm static analyzer ok tb@