| Commit message (Collapse) | Author | Files | Lines |
|---|
|
ok deraadt@ tedu@
|
|
Fix the tls13_handshake_advance_state_machine() return value, which
inadvertantly got flipped in an earlier commit. Also move this function
to a more suitable location.
ok tb@
|
|
A couple of cleanup/style tweaks while here.
ok tb@
|
|
of overloading/abusing action->sender.
ok jsing
|
|
Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd
by David Benjamin.
ok djm, jsing
|
|
From BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd
by David Benjamin.
ok djm, jsing
|
|
openssl x509 -fingerprint
openssl crl -fingerprint
from sha1 to sha256
ok jsing@
|
|
|
|
EVP_ENCODE_CTX_free(3). Docomuent them, in part using text
from OpenSSL that was still published under a free license.
|
|
ok tb@
|
|
Check that the handshake message type received matches that required by the
state machine.
However, thanks to poor state design in the TLSv1.3 RFC, there is no way to
know if you're going to receive a certificate request message or not, hence
we have to special case it and teach the receive handler how to handle this
situation.
Discussed at length with beck@ and tb@ during the hackathon.
ok tb@
|
|
The I/O paths are from the tls13_handshake_send_action() and
tls13_handshake_recv_action() functions - both of these need to propagate
I/O conditions (EOF, failure, want poll in, want poll out) up the stack,
so we need to capture and return values <= 0. Use an I/O condition to
indicate successful handshake completion.
Also, the various send/recv functions are currently unimplemented, so
return 0 (failure) rather than 1 (success).
ok tb@
|
|
|
|
|
|
This is a self-contained struct and set of functions that knows how to
decode and read a TLS record from data supplied via a read callback, and
send itself via a write callback.
This will soon be used to build the TLSv1.3 record layer handling code.
ok beck@ tb@
|
|
|
|
ok jsing
|
|
|
|
Pass const method to EC_KEY_METHOD_get_*() to get rid
of an XXX.
from markus
|
|
This commit adds missing API for ECDH/ECDSA_verify.
from markus
|
|
This commit adds init/free, support for signing, setting and
getting the method, engine support as well as extra data.
from markus
|
|
ok deraadt@
|
|
Reorder option descriptions so -iter and -pbkdf2 show up alphabetically.
Add missing argument name for -iter.
ok jmc@
|
|
ok jsing@
|
|
|
|
|
|
ok jsing@
|
|
* mention LC_COLLATE;
* clarify that all these functions are infested, including the *_l() versions;
* avoid ENVIRONMENT, these functions don't inspect it;
* and point to the C library functions that change the locale.
OK millert@
|
|
clearly stating which arguments have to be avoided, and mention the
header files defining the constants required for the checks.
Feedback and OK guenther@, OK bluhm@.
|
|
|
|
Update the handshake state tables and flag names according to the
design decisions and naming conventions in the hackroom. Garbage collect
some things that turn out not to belong here.
ok jsing
|
|
|
|
|
|
pbkdf2 with OpenSSL compatible flags
ok jsing@
|
|
ok jsing@
|
|
appear with which messages.
ok jsing@
|
|
|
|
When the TLS extension code was rewritten, TLS extensions could only exist
in ClientHello and ServerHello messages - as such, they were named in pairs
of *_clienthello_{needs,build} which would be called by the client and
*_clienthello_parse. Likewise for *_serverhello_{needs,build} which would
be called by a server and *_serverhello_parse, which would be called by a
client.
Enter TLSv1.3 - TLS extensions can now exist in one of seven messages,
with only certain types being allowed to appear in each, meaning the naming
scheme no longer works. Instead, rename them to indicate the caller rather
than the message type - this effectively means:
clienthello_needs -> client_needs
clienthello_build -> client_build
clienthello_parse -> server_parse
serverhello_needs -> server_needs
serverhello_build -> server_build
serverhello_parse -> client_parse
ok beck@ tb@
|
|
|
|
ok jsing@ tb@
|
|
The read callback returns a TLS13_IO_* value on EOF, failure, want pollin
or want pollout, or a positive value indicating the number of bytes read.
This will be used by upcoming TLSv1.3 handshake message and record
processing code, both of which need the ability to read a fixed size
header, before extending the buffer to the number of bytes specified in the
header.
ok beck@ tb@
|
|
as per RFC8446 section 4.2. Recognized extensions that appear in an
incorrect message must abort the handshake.
ok jsing@
|
|
At the moment this is mechanical, with the functions renamed. This will be
refactored for tls13.
ok jsing@
|
|
CAVEATS pointing to the new CAVEATS section in setlocale(3).
Make those in wprintf(3) and wscanf(3) more concise
since duplicate information is a bad idea.
Incompleteness of information originally pointed out by millert@.
OK millert@
|
|
Checking Disabled flag. Introduce a RES flag to do so. ok krw@
deraadt@ eric@
|
|
by me and others indicate that it is the optimum.
|
|
making the number of pools variable. Do not document the malloc
conf settings atm, don't know yet if they will stay. Thanks to all
the testers. ok deraadt@
|
|
Use memset(3) instead of bzero(3) since POSIX recommends using the former and
because it's also more portable (conforms to ANSI C standard)
OK tedu@ tb@
|
|
bzero is defined in strings.h.
ok deraadt@
|
|
|
