summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix compilation on alpha, where DEF_WEAK() really must be paired withguenther2018-11-191-2/+1
| | | | PROTO_NORMAL(). Problem noted by deraadt@
* Revert previous - DTLSv1 uses MD5+SHA1 for RSA signature verification.jsing2018-11-192-10/+4
| | | | Discussed with beck@
* Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.jsing2018-11-191-4/+4
| | | | | | | In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
* Implement malloc_usable_size(); ok millert@ deraadt@ and jmc@ for the man pageotto2018-11-182-6/+108
|
* Fix DTLS, because DTLS still remains a special flower, allows regress to passbeck2018-11-172-4/+10
|
* Fix whitespace around assignment operators.tb2018-11-171-7/+7
|
* revert previousbeck2018-11-161-5/+3
|
* Fix DTLS. Because the DTLS code is strange. I am really coming around tobeck2018-11-161-3/+5
| | | | joel's line of thinking about it
* Unbreak legacy ciphers for prior to 1.1 by setting having a legacybeck2018-11-164-10/+22
| | | | | sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
* Port OpenSSL commit 99540ec79491f59ed8b46b4edf130e17dc907f52 -- mitigationtb2018-11-151-4/+4
| | | | | | | | | | for a timing vullnerability in ECDSA signature generation (CVE-2018-0735). Note that the blinding that we introduced back in June for ECDSA and DSA should mitigate this and related issues. This simply adds an additional layer of protection. discussed with jsing
* Fix wrong sizeof argument by using 'uint16_t *', with minor nit from tb@,mestre2018-11-141-2/+2
| | | | | | | | | | instead of 'uint16_t' Found with llvm's static analyzer, noticed that it was also already reported in Coverity CID 155890 and to ensure this was correct also inspected OpenSSL's equivalent code. OK tb@ and jsing@
* didn't found -> didn't find.tb2018-11-141-2/+2
| | | | From Edgar Pettijohn III
* In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1beck2018-11-141-2/+2
| | | | Makes connections to outlook.office365.com work
* Temporary workaround for breakage seen in www.videolan.org with curve mismatchbeck2018-11-131-3/+4
|
* Just err if we can't create secretsbeck2018-11-131-2/+2
|
* NULL out mdctx to prevent possible double free introduced in version 1.4beck2018-11-131-1/+2
| | | | Spotted by maestre@, ok tb@
* Fix pkey_ok to be less strange, and add cuve checks required for the EC onesbeck2018-11-131-9/+26
| | | | ok tb@
* Missing initialization for pub_key. CID 184303.tb2018-11-121-2/+2
| | | | ok bcook
* Rework the sm3 regress based on a suggestion by jsing. Zap the weirdtb2018-11-121-30/+36
| | | | | | hex_encode() function and use byte arrays instead of strings to store the expected values. Snatch and tweak hexdump() from beck's key_schedule test to pretty-print data in case of failure.
* Add check function to verify that pkey is usable with a sigalg.beck2018-11-114-7/+24
| | | | | Include check for appropriate RSA key size when used with PSS. ok tb@
* Add back a few missing compatibility stubsbcook2018-11-112-4/+37
| | | | ok beck@
* quiet warning on other compilersbcook2018-11-111-3/+3
| | | | ok beck@
* Fix a race in libssl interop regress. The success messages frombluhm2018-11-113-6/+9
| | | | | the server child could be delayed. In this case wait a second and check again.
* Hook up sm3 regress tests.tb2018-11-111-1/+2
|
* Add sm3 regress tests.tb2018-11-112-0/+101
|
* Add sm3 to the 'openssl dgst' command.tb2018-11-111-1/+5
| | | | ok beck inoguchi
* Add EVP_sm3() to OpenSSL_add_all_digests_internal().tb2018-11-111-1/+4
| | | | ok beck inoguchi
* bump minors after symbol addition.tb2018-11-113-3/+3
|
* Add SSL_set1_host(), a thin wrapper around X509_VERIFY_PARAM_set1_host().tb2018-11-113-2/+10
| | | | | | | Used by unbound's DNS over TLS implementation to do server name verification. ok jsing
* Add Ribose Inc's implementation of the SM3 hashing function withtb2018-11-118-3/+437
| | | | | | | | | tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
* Nuke trailing whitespacebeck2018-11-111-6/+6
|
* Add automatic threading initialization for libcrypto.bcook2018-11-118-561/+141
| | | | | | | | | | | | | | This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
* Free the server tls transcript in case session reuse did not work.bluhm2018-11-111-3/+4
| | | | | Regression found by Perl module p5-IO-Socket-SSL tests. with beck@ tb@
* include crypto.h from the correct path, remove unused variablebcook2018-11-111-5/+2
|
* Add support for RSA PSS algorithims being used in sigalgs.beck2018-11-112-2/+29
| | | | | | lightly tested, but will need sanity checks and regress test changes before being added to any sigalgs list for real ok jsing@ tb@
* Convert signatures and verifcation to use the EVP_DigestXXX apibeck2018-11-113-45/+93
| | | | | | to allow for adding PSS, Nuke the now unneejded guard around the PSS algorithms in the sigalgs table ok jsing@ tb@
* Reorganize libssl interop tests. Move netcat tests into separatebluhm2018-11-119-148/+197
| | | | | directory. Keep all log files for easier debugging. Name regress target names consistently.
* Remove dead codebeck2018-11-102-16/+2
| | | | ok jsing@
* Spelingbeck2018-11-101-2/+2
|
* Regress client and server can do session reuse now. Test this withbluhm2018-11-106-129/+220
| | | | | all combinations of LibreSSL, OpenSSL 1.0.2, and OpenSSL 1.1. It is currently disabled for TLS 1.3 as this needs more setup.
* Tweak and improve the TLSv1.3 state machine.jsing2018-11-101-24/+46
| | | | | | | | | | | | | | | | - Provide a tls13_handshake_active_action() function to reduce code duplication and replace tls13_handshake_get_sender(). - Add an INVALID message_type, so we can explicitly detect invalid conditions. - Implement skeletons for the tls13_handshake_send_action() and tls13_handshake_recv_action() functions. - OR in the NEGOTIATED value at the end of recving or sending a server hello so that we switch to the next chain in the state table. ok tb@
* Make sure the interop test happen last (since they take a long time)beck2018-11-102-8/+9
|
* Clean up and free objects at the completion of the regress test.jsing2018-11-101-1/+13
| | | | From Ben L <bobsayshilol at live dot co dot uk>.
* fix a leak reported by Ben L (bobsayshilol () live ! co ! uk)tb2018-11-101-1/+3
|
* Fix a leak reported by Ben L bobsayshilol () live ! co ! uk.tb2018-11-101-1/+3
|
* fix a leak pointed out by Ben L (bobsayshi () live ! co ! uk)tb2018-11-101-4/+8
|
* Avoid a double allocation and memory leak.jsing2018-11-101-4/+2
| | | | Reported by Ben L <bobsayshilol at live dot co dot uk>
* Stop keeping track of sigalgs by guessing it from digest and pkey,beck2018-11-108-92/+102
| | | | | | just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
* More regress all the way to exporter_masterbeck2018-11-101-4/+44
|
* Use TLS13_HS_{CLIENT,SERVER} instead of using a redundant _SEND{,S}.tb2018-11-101-30/+28
| | | | ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 03:47:15 +0000