| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
that was presented by the peer. The hash used is currently SHA256, however
since we prefix the result with the hash name, we can change this in the
future as the need arises.
The same output can be generated by using:
h=$(openssl x509 -outform der -in mycert.crt | sha256)
printf "SHA256:${h}\n"
ok beck@
|
| |
|
|
| |
our tree. ok guenther miod
|
| | |
|
| |
|
|
|
|
| |
handshake. Free the reference when we reset the TLS context.
ok beck@
|
| |
|
|
| |
ok deraadt@
|
| | |
|
| |
|
|
| |
ok jsing@ who wears the cone of shame.
|
| |
|
|
|
| |
- zap trailing whitespace
- avoid "can not"
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
perform a proper shutdown by sending a "close notify" alert to the
server. This allows s_time to benchmark a full TLS connection
more accurately.
Introduce a new flag called -no_shutdown to make s_time adopt the
previous behavior (i.e. shut down the connection without notifying the
server) so that comparisons can still be made with OpenSSL's version.
The idea of using a flag (which replaces a #define) was suggested by
bcook@. Thanks to millert@ and miod@ as well for their feedback on an
earlier diff which resulted in this change.
ok bcook@ beck@
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.
ok deraadt@ beck@ miod@
|
| |
|
|
| |
tls_configure_ssl_verify(). Also tweak an error message and unwrap a line.
|
| |
|
|
|
|
|
|
| |
so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio. Eliminate direct #includes of it. Make
sure it's a dependency of all objects (unnecessary for asm, but close enough).
ok deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
perform some consistency checks on its `p' and `q' values, and return an
error if the checks failed.
Thanks for Georgi Guninski (guninski at guninski dot com) for mentioning
the possibility of a weak (non prime) q value and providing a test case.
See https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html
for a longer discussion.
ok bcook@ beck@
|
| | |
|
| |
|
|
|
|
|
| |
incomplete implementations just so that we can interoperate with products
from vendors who have not bothered to fix things in the last ~10 years.
ok bcook@ miod@
|
| |
|
|
|
|
|
| |
1. hoist pollfd fields which don't change upwards
2. show ret as ssize_t, it MUST BE, or there will be lots of crying
3. on first pass, must check for either POLLIN|POLLOUT
ok millert beck
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
noops, so neuter the CRYPTO_malloc_init and CRYPTO_malloc_debug_init
macros.
With input from miod@
ok beck@ bcook@ miod@
|
| | |
|
| |
|
|
| |
ok miod@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| |
|
|
| |
ok "captain obvious"
|
| |
|
|
|
|
|
| |
document functions that clear errno.
change examples to provide demonstration of both the blocking and
non-blocking cases.
ok jsing@, bluhm@
|
| |
|
|
|
|
|
| |
This is not the same as the macro expansion, however the ASN1_STRING_*
functions do match the macro expansions.
ok doug@ miod@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
for closing the file descriptors unless libtls allocated them.
ok beck@
|
| |
|
|
|
|
| |
document the calling requirements.
ok beck@
|
| |
|
|
| |
ok beck@
|
| | |
|
| |
|
|
| |
ok deraadt@ jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
| |
to make it more clear to users of this api what needs to be done in these error
cases.
Discussed extensively with bluhm@ and jsing@ and others.
ok jsing@
|
| |
|
|
|
|
|
|
| |
match read() and write() semantics to make porting existing code using
read/write easier.. requested by bluhm@ who convinced jsing and I to break
the api
ok jsing@ bluhm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tls_accept/tls_connect functions can be guaranteed to succeed or fail and
will no longer return TLS_READ_AGAIN/TLS_WRITE_AGAIN. This also resolves
the semantics of tls_accept_*.
The tls_handshake() function now does I/O and can return
TLS_READ_AGAIN/TLS_WRITE_AGAIN. Calls to tls_read() and tls_write() will
trigger the handshake if it has not already completed, meaning that in many
cases existing code will continue to work.
Discussed over many coffees at l2k15.
ok beck@ bluhm@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
list. Prefer the server's cipher list by default.
Based on a diff from Kyle Thompson <jmp at giga dot moe>.
ok beck@ bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
a sockaddr_dl is a questionnable interface. But now it makes it harder
to properly reference ifp becauses of this.
Set sdl_index to the index of the corresponding interface when
constructing a routing message.
Ridding previous libc crank.
ok guenther@, deraadt@, dlg@
|
| |
|
|
|
|
| |
From Matt Caswell's OpenSSL commit "RT3192: spurious error in DSA verify".
https://github.com/openssl/openssl/commit/eb63bce040d1cc6147d256f516b59552c018e29b
|
| |
|
|
|
|
| |
's_time -verify 1' will now actually verify the peer certificate.
ok beck@
|
| |
|
|
|
|
| |
No binary change.
ok millert@ miod@
|
