summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Sort.jsing2019-04-011-3/+3
|
* Make the openssl(1) enc -iter flag actually work.jsing2019-04-011-2/+2
| | | | Diff from Steven Roberts <sroberts at fenderq dot com> - thanks!
* Add a mutex to guard reference counting for tls_config.jsing2019-04-013-4/+16
| | | | | | | | This makes libtls more friendly for multithreaded use - otherwise we can end up with incorrect refcounts and end up freeing when we should not be (or not freeing when we should be). ok beck@
* Implement a print function for BIGNUM_it.jsing2019-04-011-2/+18
| | | | ok beck@, tb@
* Correct the return values from long_print.jsing2019-04-011-2/+5
| | | | | | | BIO_print() returns -1 on failure, whereas the ASN print functions need to return 0. ok beck@, tb@
* Require all ASN1_PRIMITIVE_FUNCS functions to be provided.jsing2019-04-015-26/+42
| | | | | | | | | | | | If an ASN.1 item provides its own ASN1_PRIMITIVE_FUNCS functions, require all functions to be provided (currently excluding prim_clear). This avoids situations such as having a custom allocator that returns a specific struct but then is then printed using the default primative print functions, which interpret the memory as a different struct. Found by oss-fuzz, fixes issue #13799. ok beck@, tb@
* mark ERR_R_INTERNAL_ERROR instead of assert or _exit, sighderaadt2019-04-011-3/+3
|
* Correct subtle bug in sigalgs, only care about curve_nid if we arebeck2019-04-011-4/+4
| | | | | checking the curve. ok jsing@ tb@
* Clean up and simplify the client verify code:jsing2019-03-311-50/+49
| | | | | | | | | | - Be consistent with _len naming. - Use size_t where possible/appropriate. - Group the CBB code. - Use EVP_MAX_MD_SIZE consistently, instead of "magic" values. - Switch GOST to EVP_DigestSign*, making it similar to sigalgs. ok tb@ a while back.
* Wrap long lines and apply some style(9).jsing2019-03-311-7/+10
|
* Use named field initialisers.jsing2019-03-312-16/+18
|
* Use correct capitalization of EC_GROUP_get_curve_GF{2m,p}(3).tb2019-03-291-4/+4
|
* Enable GOST cipher selection test after libssl has been fixed.bluhm2019-03-281-6/+1
|
* Cast nonce bytes to avoid undefined behaviour when left shifting.jsing2019-03-271-3/+3
| | | | | | Reported by oss-fuzz, really fixes issue #13805. ok beck@ tb@
* remove duplicate set key file call. from alf.tedu2019-03-271-3/+1
| | | | ok jsing
* bump to 2.9.1bcook2019-03-271-3/+3
|
* Use limits.h instead of sys/limits.h for portability.jsing2019-03-261-3/+2
| | | | From phrocker via github.
* Update regress following sigalgs changes.jsing2019-03-251-17/+1
|
* Strip out all of the pkey to sigalg and sigalg to pkey linkages.jsing2019-03-255-59/+8
| | | | | | These are no longer used now that we defer signature algorithm selection. ok beck@
* tls1_process_sigalgs() is no longer needed.jsing2019-03-252-57/+2
| | | | ok beck@
* Defer sigalgs selection until the certificate is known.jsing2019-03-259-48/+124
| | | | | | | | | | | | | Previously the signature algorithm was selected when the TLS extension was parsed (or the client received a certificate request), however the actual certificate to be used is not known at this stage. This leads to various problems, including the selection of a signature algorithm that cannot be used with the certificate key size (as found by jeremy@ via ruby regress). Instead, store the signature algorithms list and only select a signature algorithm when we're ready to do signature generation. Joint work with beck@.
* Rework ssl_ctx_use_certificate_chain_bio() to use the CERT_PKEY chain.jsing2019-03-251-46/+26
| | | | | | | | | | This means that any additional CA certificates end up on the per certificate chain, rather than the single/shared extra_certs. Also simplify this code and in particular, avoid setting the return value to indicate success until we've actually succeeded. ok beck@ tb@
* Remove ssl_get_server_send_cert() which is now unused.jsing2019-03-252-14/+2
| | | | ok beck@ tb@
* Rework ssl3_output_cert_chain() to take a CERT_PKEY and consider chains.jsing2019-03-254-40/+36
| | | | | | | | | | We will now include the certificates in the chain in the certificate list, or use the existing extra_certs if present. Failing that we fall back to the automatic chain building if not disabled. This also simplifies the code significantly. ok beck@ tb@
* Add a chain member to CERT_PKEY and provide functions for manipulating it.jsing2019-03-252-3/+74
| | | | | | | | | Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it... ok beck@ tb@
* In the incredibly unbelievable circumstance where _rs_init() fails toderaadt2019-03-241-2/+2
| | | | | | | | | allocate pages, don't call abort() because of corefile data leakage concerns, but simply _exit(). The reasoning is _rs_init() will only fail if someone finds a way to apply specific pressure against this failure point, for the purpose of leaking information into a core which they can read. We don't need a corefile in this instance to debug that. So take this "lever" away from whoever in the future wants to do that.
* If ssl_cipher_apply_rule() is given a specific cipher suite, match on it.jsing2019-03-241-3/+4
| | | | | | | | | | Otherwise matching a specific cipher is performed by matching against its characteristics, which can result in multiple rather than a single match. Found by bluhm@'s regress tests. ok bluhm@ tb@
* Don't allow asn1_parse2 to recurse arbitrarily deep. Constrain to a maxbeck2019-03-241-1/+5
| | | | | depth of 128 - For oss-fuzz issue 13802 ok jsing@
* Cast nonce bytes to avoid undefined behaviour when left shifting.jsing2019-03-241-3/+3
| | | | | | Reported by oss-fuzz, fixes issue #13805. ok beck@ tb@
* do not call assert(), which has a tendency to leave traces of stuff inderaadt2019-03-241-2/+3
| | | | | | corefiles. Instead call OPENSSL_assert(), which has recently been trained to do this in a safer (if more awkward to debug) way. discussed with jsing and beck a while back
* Add range checks to varios ASN1_INTEGER functions to ensure thebeck2019-03-233-6/+62
| | | | | | sizes used remain a positive integer. Should address issue 13799 from oss-fuzz ok tb@ jsing@
* Fix typo in usage and comment.bluhm2019-03-213-6/+6
|
* import EVP_camellia_128_cbc(3) from OpenSSL 1.1.1,schwarze2019-03-214-3/+156
| | | | still under a free license, tweaked by me
* space before punct;jmc2019-03-211-3/+3
|
* Split EVP_rc4(3) out of EVP_EncryptInit(3) to reduce clutter.schwarze2019-03-214-21/+116
| | | | | | The algorithm is insecure and yet its description would spread over three paragraphs in the cipher list, including remarkable advice like using a 40 bit key length.
* Split EVP_des_cbc(3) out of EVP_EncryptInit(3) to reduce clutter:schwarze2019-03-214-55/+230
| | | | | this moves a large number of functions out of the way that are no longer the latest and greatest. Also mention a few that were missing.
* add a handful of missing functionsschwarze2019-03-211-5/+38
| | | | that are also documented in OpenSSL 1.1.1 (still under a free license)
* Bring back EVP_chacha20 list item that was accidentally removedtb2019-03-211-2/+3
| | | | in r1.28 when the AES ciphers were split into their own manual.
* fix examples (libtls uses its own error reporting mechanism)espie2019-03-201-4/+4
| | | | okay tb@
* escape backslashes;schwarze2019-03-202-11/+11
| | | | patch from Peter Piwowarski <peterjpiwowarski at gmail dot com>
* Document the flag EVP_CIPHER_CTX_FLAG_WRAP_ALLOW needed for the EVPschwarze2019-03-192-4/+71
| | | | | | | AES wrap modes, the function EVP_CIPHER_CTX_set_flags(3) needed to set it, and the companion functions EVP_CIPHER_CTX_clear_flags(3) and EVP_CIPHER_CTX_test_flags(3). With help and an OK from tb@.
* Avoid an internal 2 byte overread in ssl_sigalgs().jsing2019-03-191-7/+2
| | | | | | Found by oss-fuzz, fixes issue #13797. ok beck@ tb@
* Revert TLS1_get{,_client}_version simplification because DTLS.jsing2019-03-194-14/+15
|
* * note that the handshake must be completed firstschwarze2019-03-181-4/+15
| | | | | | | * correct the description of "unknown" (the previous are both from OpenSSL 1.1.1, still under a free license) * add a comment saying that TLS1_get_version() and TLS1_get_client_version() are intentionally undocumented (reasons provided by jsing@)
* Insert a missing input line break after a .Vt macro;schwarze2019-03-181-4/+5
| | | | | from Jan Stary <hans at stare dot cz>. Where here, correct one .Vt NULL -> .Dv NULL.
* Split EVP_aes_128_cbc(3) out of EVP_EncryptInit(3):schwarze2019-03-184-74/+322
| | | | | | | | | | | | both resulting pages are still long. Mention a number of missing functions. Add some text from the OpenSSL 1.1.1 EVP_aes.pod manual page, which is still under a free license. Add missing HISTORY information. Triggered by tb@ providing EVP_aes_{128,192,256}_wrap(3) in evp.h rev. 1.74.
* In ssl.h rev. 1.165, tb@ provided version agnostic DTLS methods.schwarze2019-03-181-3/+26
| | | | Document them.
* Document SM4; related to evp.h rev. 1.73.schwarze2019-03-184-6/+93
|
* Expand the ERR_PACK() macro to ERR_REASON() for consistency.tb2019-03-181-2/+2
| | | | No binary change.
* In evp.h rev. 1.75, tb@ provided EVP_PKEY_get0_hmac(3).schwarze2019-03-181-3/+29
| | | | | | | | | Document it. Even though OpenSSL muddles the waters by lumping the description together with the other EVP_PKEY_get0_*() functions, describe it separately because a char * has no reference count and because the function fills in an additional length parameter.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-03 20:00:59 +0000