| Commit message (Collapse) | Author | Files | Lines |
|---|
|
These are dynamically populated based on strerror() values.
|
|
Its only caller passes NULL, so we can simplify the entry point and the
exit of this function a bit.
ok jsing
|
|
The parameters argument is always NULL, so we can simplify this helper
accordingly.
ok jsing
|
|
priv_key->parameters is always NULL at this point, since its corresponding
entry in the ASN.1 template has ASN1_TFLG_OPTIONAL set, so there is no point
in pretending to pass it to ec_asn1_group2pkparameters().
ok jsing
|
|
Use better variable names and turn it into single-exit. This changes the
behavior slightly in that an error is pushed onto the stack also for
i2d_ECPKPARAMETERS() return values < 0.
ok jsing
|
|
ok beck jsing
|
|
Nothing uses this and it collides with ALPN
|
|
This is so gross...
|
|
ok beck
|
|
For every TLS alert there needs a corresponding error with error code
having an offset of SSL_AD_REASON_OFFSET (aka 1000), otherwise the error
stack fails to set the reason correctly.
ok beck
|
|
This was only used by the NIST method. For all other group methods it's
an uninitialized pointer (as EC_GROUP_new() still uses the malloc + set
all members to 0 idiom).
ok jsing
|
|
They aren't used outside of this file.
|
|
Same issue/leak as for BN_to_ASN1_INTEGER(). Stop reusing the elliptic
curve parameters a and b for order and cofacter. It's confusing.
ok jsing
|
|
ok jsing
|
|
You can either let this API reuse an existing ASN1_INTEGER or you can let
it allocate a new one. If you try to do both at the same time, you'll leak.
ok jsing
|
|
The brilliant idea of installing a fragile non-idempotent cleanup atexit
handler as a library has bitten many people over time. This gets particularly
exciting when you can't control who dlopens the lib first (don't we all love
Python bindings) or if you are in a threaded context. Fake OpenSSL clones
chose not to do this but now get to carry a noop flag since people start
opting out of this madness (there's a good old tradition at work here).
ok beck joshua jsing millert miod
|
|
|
|
Reorder functions so that things are somewhat more logical, moving internal
functions towards the top (and removing now unnecessary prototypes).
|
|
Like all good OpenSSL code, errors was built to be completely extensible.
Thankfully, the ERR_{get,set}_implementation() functions were removed in
r1.127 of err.c, which means that the extensibility can no longer be used.
Take the first of many steps to clean up this code - remove err_fns and
associated machinery, calling functions directly. Rename so that we have
an 'err_' prefix rather than 'int_' (or nothing).
ok joshua@ tb@
|
|
|
|
|
|
It was previously possible to call CRYPTO_get_ex_new_index() with either
a negative index or a positive index that equaled or exceeded
CRYPTO_EX_INDEX__COUNT. The reimplementation of exdata treats these as
error cases.
|
|
From Kenjiro Nakayama
Closes https://github.com/libressl/portable/issues/1097
|
|
|
|
parameter extension which we now know about
|
|
|
|
|
|
|
|
|
|
|
|
We accidentally have two errors 235 since we didn't notice that OpenSSL
removed the unused SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER and later that
becamse SSL_R_NO_APPLICATION_PROTOCOL. Getting an "unsupported cipher"
error when fiddling with ALPN is confusing, so fix that.
ok jsing
|
|
Only close_notify and user_cancelled are warning alerts. All others
should be fatal. In order for the lower layers to behave correctly,
the return code for fatal alerts needs to be TLS13_IO_ALERT instead
of TLS13_IO_SUCCESS.
Failure to signal handshake failure in the public API led to a crash
in HAProxy when forcing the tls cipher to TLS_AES_128_CCM_SHA256 as
found by haproxyfred while investigating
https://github.com/haproxy/haproxy/issues/2569
Kenjiro Nakayama found misbehavior of ngtcp2-based servers, wrote a
similar patch and tested this version.
Fixes https://github.com/libressl/portable/issues/1093
ok jsing
|
|
This is a small refactoring that wraps a direct call to the record layer's
alert_sent() callback into a handler for upcoming reuse in the QUIC code.
No functional change.
ok jsing
|
|
|
|
when we send illegal_parameter. Shrug.
|
|
The OPENSSL_cpu_caps() change after the last bump missed a crucial bit:
there is more MD mess in the MI code than anticipated, with the result
that AES is now used without AES-NI on amd64 and i386, hurting machines
that previously greatly benefitted from it.
Temporarily add an internal crypto_cpu_caps_ia32() API that returns the
OPENSSL_ia32cap_P or 0 like OPENSSL_cpu_caps() previously did. This can
be improved after the release.
Regression reported and fix tested by Mark Patruck.
No impact on public ABI or API.
with/ok jsing
PS: Next time my pkg_add feels very slow, I should perhaps not mechanically
blame IEEE 802.11...
|
|
X509_LOOKUP_by_subject() was made internal a while back. Its documentation
was very detailed, so this was a bit of a tangle to undo.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The former is gone and the latter is available in crypto.h.
|
|
|
|
ok jsing
|
