| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
OK tb@
|
| |
|
|
|
|
|
|
|
|
| |
still widely used according to code searches on the web, so people
reading existing code will occasionally want to look them up.
While here, correct the return type of X509_CRL_get0_lastUpdate(3)
and X509_CRL_get0_nextUpdate(3), which return const pointers.
Also, add some precision regarding RETURN VALUES.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC 8446 section 9.2 imposes some requirements on the extensions sent
in the ClientHello: key_share and supported_groups must either both be
present or both be absent. If no pre_shared_key was sent, the CH must
contain both signature_algorithms and supported_groups. If either of
these conditions is violated, servers must abort the handshake with a
missing_extensions alert. Add a function that enforces this. If we are
going to enforce that clients send an SNI, we can also do this in this
function.
Fixes failing test case in tlsfuzzer's test-tls13-keyshare-omitted.py
ok beck inoguchi jsing
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
missed a subsequent fix for an off-by-one in that code. If the first
byte of a CBC padding of length 255 is mangled, we don't detect that.
Adam Langley's BoringSSL commit 80842bdb44855dd7f1dde64a3fa9f4e782310fc7
Fixes the failing tlsfuzzer lucky 13 test case.
ok beck inoguchi
|
| |
|
|
|
| |
and point to UI_UTIL_read_pw(3) instead;
tb@ agrees with the general direction
|
| |
|
|
|
|
| |
correct the description of X509_get_X509_PUBKEY(3),
document error handling of the read accessors,
and mention the relevant STANDARDS
|
| | |
|
| |
|
|
| |
which is still under a free license. Wording tweaked by me.
|
| |
|
|
|
|
|
| |
Add detailed information on the return values of all the functions
in this page and remove the previous incorrect information.
tweaks & ok schwarze
|
| |
|
|
|
|
|
| |
Move pem_password_cb(3) to the file PEM_read(3) and rewrite
its description from scratch for precision and conciseness.
Plus some minor improvements in the vicinity.
Tweaks and OK tb@.
|
| |
|
|
| |
amount of text, the ERRORS section, in the previous commit
|
| |
|
|
| |
tb@ agrees that it should not be part of the public API
|
| |
|
|
| |
tweaks and OK tb@
|
| |
|
|
| |
ok tb
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
how our tree gets built. If this was done in all the libraries (imagine
sys/dev), it would disrupt the development process hugely. So it should
not be done here either. use 'make includes' by hand instead.
|
| |
|
|
|
|
|
|
| |
section 4.1.2 to ensure subsequent ClientHello messages after a
HelloRetryRequest messages must be unchanged from the initial
ClientHello.
ok tb@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is necessary because ctx->cipher_data is an EVP_AES_WRAP_CTX
containing a pointer to ctx->iv. EVP_CIPHER_CTX_copy() uses memcpy
to copy cipher_data to the target struct. The result is that the
copy contains a pointer to the wrong struct, which then leads to a
use-after-free. The custom copy handler fixes things up to avoid
that.
Issue reported by Guido Vranken
ok beck inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
IANA has allocated numbers for GOST ClientCertificateType. Use them in
addition to private values (left in place for compatibility).
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
GOST R 34.10-94 is an obsolete certificate type, unsupported by
LibreSSL and by the rest of current software, so there is no point in
sending in the CertificateTypes.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
GOST cipher suites requires that CertVerify signatures be generated in a
special way (see ssl3_send_client_kex_gost(), ssl3_get_cert_verify()).
However, the GOST_SIG_FORMAT_RS_LE flag was not passed in case of TLS 1.2
connections (because they use different code path). Set this flag on
GOST PKEYs.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
| |
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
| |
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
| |
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These GOST curves are defined in RFC 7836 and draft-deremin-rfc4491-bis.
Add aliases for 256-bit GOST curves (see
draft-smyshlyaev-tls12-gost-suites) and rename the 512-bit curve ids to
follow names defined in tc26 OID registry.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux.
ok inoguchi@
|
| |
|
|
|
|
|
|
|
| |
A number of years ago we dropped the concept of having function names in
errors, since it is not that useful and very quickly gets out of sync when
refactoring. It would seem that some new ones got imported and some missed
the last clean up.
ok tb@ beck@ "kill it with fire"
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by documented API functions like
PKCS7_add_attribute(3) and the NID comes straight from the user.
This fixes a bug found while working on documentation.
OK tb@ and "thanks" bluhm@
|
| |
|
|
|
|
| |
* below SEE ALSO, point to the most similar function that is not deprecated
* add a comment saying why ERR_load_ERR_strings() is intentionally undocumented
* update the comment specifying the merge status
|
| |
|
|
|
|
| |
tls13_client_select_certificate().
ok inoguchi
|
| |
|
|
|
|
| |
This allows clients to use EC certificates.
ok inoguchi, jsing
|
| |
|
|
| |
tb@ OKed this part of a larger diff from inoguchi@
|
| |
|
|
|
|
|
| |
This avoids the need to grep across directories to find functions and
prepares for further rototilling and chainsawing.
Discussed with tb@ (who also tested the release build)
|
| |
|
|
| |
tweaks and OK tb@
|
| |
|
|
| |
in passing in some other manual pages.
|
| |
|
|
|
| |
xfail for now. Arguably, the expected decode_error is more appropriate
than the decrypt_error that we send at the moment.
|
| |
|
|
|
|
| |
which make no sense as pointed out by gcc on sparc64.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
own recv function. This simplifies tls13_recod_layer_read_internal()
greatly and makes the phh handling easier to reason about since the
code is no longer glued to the right hand edge of the terminal.
ok jsing
|
| |
|
|
| |
/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
|
| |
|
|
| |
three tests that fail due to a BIO_gets() bug.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
shares. Previously we would fail and just close the pipe.
Fixes the remaining failing test-dhe-rsa-key-exchange-with-bad-messages.py
tests of tlsfuzzer.
ok beck (earlier version) jsing
|
