summaryrefslogtreecommitdiff
path: root/src/lib/libssl/d1_clnt.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASEcvs2svn2015-08-021-1160/+0
|
* Flense out dead code, we don't do ecdhe_clnt_cert.beck2015-07-151-89/+35
| | | | | coverity ID's 21691 21698 ok miod@, "Fry it" jsing@
* Convert dtls1_get_hello_verify to CBS.doug2015-07-141-17/+23
| | | | ok miod@ jsing@
* Fix bad indenting in LibreSSL.doug2015-06-131-2/+2
| | | | | | | | | jsg@ noticed that some of the lines in libssl and libcrypto are not indented properly. At a quick glance, it looks like it has a different control flow than it really does. I checked the history in our tree and in OpenSSL to make sure these were simple mistakes. ok miod@ jsing@
* Factor out the init_buf initialisation code, rather than duplicating itjsing2015-03-271-20/+6
| | | | | | in four different places. ok doug@ guenther@
* Jettison DTLS over SCTP.jsing2015-02-091-145/+1
| | | | | | | | OpenBSD does not have SCTP support and it sees little use in the wild. OPENSSL_NO_SCTP is already specified via opensslfeatures.h, hence this is a code removal only and symbols should remain unchanged. ok beck@ miod@ tedu@
* Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char.jsing2015-02-061-1/+3
| | | | | | | | This API was intended to be an internal only, however like many things in OpenSSL, it is exposed externally and parts of the software ecosystem are now using it since there is no real alternative within the public API. ok doug@, tedu@ and reluctantly miod@
* Convert all of the straight forward client handshake handling code to usejsing2014-12-141-52/+19
| | | | | | the new handshake functions. ok miod@
* ssl3_init_finished_mac() calls BIO_new() which can fail since it in turnjsing2014-12-101-2/+5
| | | | | | | | calls malloc(). Instead of silently continuing on failure, check the return value of BIO_new() and propagate failure back to the caller for appropriate handling. ok bcook@
* Remove client handling of RSA in ServerKeyExchange messages, along withjsing2014-12-061-14/+10
| | | | | | | | | the associated peer_rsa_tmp goop. This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
* Avoid a NULL dereference in the DTLS client that can be triggered by ajsing2014-11-271-1/+9
| | | | | | | | | | | | crafted server response used in conjunction with an anonymous DH or anonymous ECDH ciphersuite. Fixes CVE-2014-3510, which is effectively a repeat of CVE-2014-3470 in copied code. Reported by Felix Groebert of the Google Security Team. ok beck@ miod@
* Sort and group includes.jsing2014-11-161-4/+6
|
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-181-5/+3
| | | | | | | | | | | | | | | arc4random provides high quality pseudo-random numbers, hence there is no need to differentiate between "strong" and "pseudo". Furthermore, the arc4random_buf() function is guaranteed to succeed, which avoids the need to check for and handle failure, simplifying the code. It is worth noting that a number of the replaced RAND_bytes() and RAND_pseudo_bytes() calls were missing return value checks and these functions can fail for a number of reasons (at least in OpenSSL - thankfully they were converted to wrappers around arc4random_buf() some time ago in LibreSSL). ok beck@ deraadt@ miod@
* Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,jsing2014-09-071-2/+2
| | | | | | nor do we plan on supporting them. ok guenther@
* Since we no longer need to support SSLv2-style cipher lists, startjsing2014-08-101-4/+2
| | | | | | | | | | unravelling the maze of function pointers and callbacks by directly calling ssl3_{get,put}_cipher_by_char() and removing the ssl_{get,put}_cipher_by_char macros. Prompted by similar changes in boringssl. ok guenther.
* Oops, revert changes commited by mistake. The previous commit was supposedmiod2014-08-071-4/+4
| | | | to only apply to s23_srvr.c.
* When you expect a function to return a particular value, don't put a commentmiod2014-08-071-4/+4
| | | | | | | | | | | saying that you expect it to return that value and compare it against zero because it is supposedly faster, for this leads to bugs (especially given the high rate of sloppy cut'n'paste within ssl3 and dtls1 routines in this library). Instead, compare for the exact value it ought to return upon success. ok deraadt@
* The correct name for EDH is DHE, likewise EECDH should be ECDHE.jsing2014-07-121-3/+3
| | | | | | Based on changes to OpenSSL trunk. ok beck@ miod@
* Remove remnants from PSK, KRB5 and SRP.jsing2014-07-121-4/+4
| | | | ok beck@ miod@
* As reported by David Ramos, most consumer of ssl_get_message() perform latemiod2014-07-111-1/+9
| | | | | | | | | | | | | | | | | | bounds check, after reading the 2-, 3- or 4-byte size of the next chunk to process. But the size fields themselves are not checked for being entirely contained in the buffer. Since reading past your bounds is bad practice, and may not possible if you are using a secure memory allocator, we need to add the necessary bounds check, at the expense of some readability. As a bonus, a wrong size GOST session key will now trigger an error instead of a printf to stderr and it being handled as if it had the correct size. Creating this diff made my eyes bleed (in the real sense); reviewing it made guenther@'s and beck@'s eyes bleed too (in the literal sense). ok guenther@ beck@
* Remove the PSK code. We don't need to drag around thisbeck2014-07-111-78/+1
| | | | | baggage. ok miod@ jsing@
* decompress libssl. ok beck jsingtedu2014-07-101-22/+4
|
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162e ↵deraadt2014-06-071-2/+1
| | | | | | | | | | | | | | | | | | | c30718b5e7480add42598158 Don't know the full story, but it looks like a "can't do random perfectly, so do it god awful" problem was found in 2013, and replaced with "only do it badly if a flag is set". New flags (SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME) were added [Ben Laurie?] to support the old scheme of "use time_t for first 4 bytes of the random buffer". Nothing uses these flags [ecosystem scan by sthen] Fully discourage use of these flags in the future by removing support & definition of them. The buflen < 4 check is also interesting, because no entropy would be returned. No callers passed such small buffers. ok miod sthen
* The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all havejsing2014-06-071-6/+4
| | | | | implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
* More KNF.jsing2014-05-311-103/+122
|
* TLS would not be entirely functional without extensions, so unifdefjsing2014-05-311-19/+0
| | | | | | OPENSSL_NO_TLSEXT. ok tedu@
* remove some #if 0 code. we don't need any more reminders that we're usingtedu2014-05-301-7/+0
| | | | a not quite appropriate data structure. ok jsing
* unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.tedu2014-05-291-12/+0
| | | | ok deraadt jsing
* There is no point in checking if a pointer is non-NULL before calling free,jsing2014-05-281-9/+6
| | | | | | | | since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
* DeIMPLEMENT libssl. Expand the IMPLEMENT_* macros since it is far morejsing2014-05-241-3/+38
| | | | | | | | readable and one less layer of abstraction. Use C99 initialisers for clarity, grepability and to protect from future field reordering/removal. ok miod@ (tedu@ also thought it was a wonderful idea, beck@ also agreed, but ran away squealing since it reminded him of the VOP layer...)
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-051-134/+0
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* Unifdef -UPKCS1_CHECK and remove SSL_OP_PKCS1_CHECK_[12], this is leftovermiod2014-04-231-6/+0
| | | | | | | | ``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_* constants have had a value of zero since ages. No production code should use them. ok beck@
* more malloc/realloc/calloc cleanups; ok beck kettenisderaadt2014-04-211-3/+1
|
* More KNF and style consistency tweaksguenther2014-04-191-4/+3
|
* no longer need to fool emacs indentation and other if (0) oddities.tedu2014-04-171-4/+1
|
* always build in RSA and DSA. ok deraadt miodtedu2014-04-171-12/+0
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-5/+5
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-12/+0
|
* So the OpenSSL codebase does "get the time, add it as a random seed"deraadt2014-04-141-2/+0
| | | | | | | in a bunch of places inside the TLS engine, to try to keep entropy high. I wonder if their moto is "If you can't solve a problem, at least try to do it badly". ok miod
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-811/+734
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* Do not include "e_os.h" anymore. Simply pull in the necessary headers.mpi2014-04-131-1/+1
| | | | ok miod@, deraadt@
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-14/+22
|
* resolve conflictsdjm2012-10-131-10/+184
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-2/+4
|
* resolve conflicts, fix local changesdjm2010-10-011-36/+415
|
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-051-2/+1
|
* import of OpenSSL 0.9.8hdjm2008-09-061-0/+1156
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 08:20:24 +0000