summaryrefslogtreecommitdiff
path: root/src/lib/libssl/d1_srvr.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASEcvs2svn2015-08-021-1329/+0
|
* Remove Microsoft Server Gated Crypto.doug2015-06-181-16/+7
| | | | | | | | | Another relic due to the old US crypto policy. From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and 95275599399e277e71d064790a1f828a99fc661a. ok jsing@ miod@
* Change DTLS client cert request code to match TLS.doug2015-06-181-6/+6
| | | | | | | | DTLS currently doesn't check whether a client cert is expected. This change makes the logic in dtls1_accept() match that from ssl3_accept(). From OpenSSL commit c8d710dc5f83d69d802f941a4cc5895eb5fe3d65 input + ok jsing@ miod@
* Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days.doug2015-06-151-15/+5
| | | | | | | This commit matches the OpenSSL removal in commit 3c33c6f6b10864355553961e638514a6d1bb00f6. ok deraadt@
* Fix bad indenting in LibreSSL.doug2015-06-131-2/+2
| | | | | | | | | jsg@ noticed that some of the lines in libssl and libcrypto are not indented properly. At a quick glance, it looks like it has a different control flow than it really does. I checked the history in our tree and in OpenSSL to make sure these were simple mistakes. ok miod@ jsing@
* Fix return paths with missing EVP_CIPHER_CTX_cleanup() calls.jsg2015-05-151-1/+2
| | | | ok doug@
* Factor out the init_buf initialisation code, rather than duplicating itjsing2015-03-271-14/+4
| | | | | | in four different places. ok doug@ guenther@
* Jettison DTLS over SCTP.jsing2015-02-091-130/+1
| | | | | | | | OpenBSD does not have SCTP support and it sees little use in the wild. OPENSSL_NO_SCTP is already specified via opensslfeatures.h, hence this is a code removal only and symbols should remain unchanged. ok beck@ miod@ tedu@
* Convert several of the server side handshake functions to the new handshakejsing2015-02-071-62/+29
| | | | | | message handling routines. ok miod@
* Bring back the horrible API that is get_cipher_by_char/put_cipher_by_char.jsing2015-02-061-1/+3
| | | | | | | | This API was intended to be an internal only, however like many things in OpenSSL, it is exposed externally and parts of the software ecosystem are now using it since there is no real alternative within the public API. ok doug@, tedu@ and reluctantly miod@
* Add error handling for EVP_DigestInit_ex().doug2014-12-151-3/+4
| | | | | | | | | | | | | A few EVP_DigestInit_ex() calls were left alone since reporting an error would change the public API. Changed internal ssl3_cbc_digest_record() to return a value due to the above change. It will also now set md_out_size=0 on failure. This is based on part of BoringSSL's commit to fix malloc crashes: https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364 ok miod@
* Remove trailing whitespace.jsing2014-12-141-16/+16
|
* unifdef NETSCAPE_HANG_BUG from the DTLS code. The code is not currentlyjsing2014-12-141-23/+1
| | | | | | | enabled and I would hope that no one is using client certificates with DTLS and Netscape, assuming it even supported it... ok bcook@ miod@
* ssl3_init_finished_mac() calls BIO_new() which can fail since it in turnjsing2014-12-101-5/+16
| | | | | | | | calls malloc(). Instead of silently continuing on failure, check the return value of BIO_new() and propagate failure back to the caller for appropriate handling. ok bcook@
* Sort and group includes.jsing2014-11-161-5/+7
|
* Remove support for ephemeral/temporary RSA private keys.jsing2014-10-311-50/+8
| | | | | | | | | The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers). ok bcook@ miod@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-181-5/+3
| | | | | | | | | | | | | | | arc4random provides high quality pseudo-random numbers, hence there is no need to differentiate between "strong" and "pseudo". Furthermore, the arc4random_buf() function is guaranteed to succeed, which avoids the need to check for and handle failure, simplifying the code. It is worth noting that a number of the replaced RAND_bytes() and RAND_pseudo_bytes() calls were missing return value checks and these functions can fail for a number of reasons (at least in OpenSSL - thankfully they were converted to wrappers around arc4random_buf() some time ago in LibreSSL). ok beck@ deraadt@ miod@
* There is not much point checking ecdhp is not NULL... twice.jsing2014-09-271-6/+2
| | | | ok miod@
* Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,jsing2014-09-071-3/+2
| | | | | | nor do we plan on supporting them. ok guenther@
* Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and ajsing2014-08-241-4/+2
| | | | | | | ssl3_cipher_get_value() helper function, which returns the cipher suite value for the given cipher. ok miod@
* Since we no longer need to support SSLv2-style cipher lists, startjsing2014-08-101-3/+1
| | | | | | | | | | unravelling the maze of function pointers and callbacks by directly calling ssl3_{get,put}_cipher_by_char() and removing the ssl_{get,put}_cipher_by_char macros. Prompted by similar changes in boringssl. ok guenther.
* Prevent a possible use after free by mimicing the s3_srvr.c fixes contributed bymiod2014-08-061-4/+1
| | | | | | | Adam Langley close to three years ago, which were commited in https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e7928282d0148af5f28fa3437a625a2006af0214 ok jsing@
* The RSA, DH, and ECDH temporary key callbacks expect the number of keybitsguenther2014-07-281-4/+7
| | | | | | | | | | | | | for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as their second argument, not zero. (jsing@ notes that the RSA callback is only invoked for 'export' ciphers, which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA option, which is makes the application non-compliant. More fuel for the tedu fire...) jasper@ noted the breakage and bisected it down to the diff that broke this ok jsing@ miod@
* The correct name for EDH is DHE, likewise EECDH should be ECDHE.jsing2014-07-121-6/+6
| | | | | | Based on changes to OpenSSL trunk. ok beck@ miod@
* Remove remnants from PSK, KRB5 and SRP.jsing2014-07-121-22/+9
| | | | ok beck@ miod@
* Place comments in a block above the if statement, rather than attemptingjsing2014-07-121-18/+32
| | | | | to interleave them within the conditions. Also fix wrapping and indentation.
* Remove the PSK code. We don't need to drag around thisbeck2014-07-111-25/+1
| | | | | baggage. ok miod@ jsing@
* decompress libssl. ok beck jsingtedu2014-07-101-8/+1
|
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-091-21/+5
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* fix the identical leak in three different files.tedu2014-06-301-2/+3
| | | | reported by Brent Cook, original diff by logan
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162e ↵deraadt2014-06-071-1/+2
| | | | | | | | | | | | | | | | | | | c30718b5e7480add42598158 Don't know the full story, but it looks like a "can't do random perfectly, so do it god awful" problem was found in 2013, and replaced with "only do it badly if a flag is set". New flags (SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME) were added [Ben Laurie?] to support the old scheme of "use time_t for first 4 bytes of the random buffer". Nothing uses these flags [ecosystem scan by sthen] Fully discourage use of these flags in the future by removing support & definition of them. The buflen < 4 check is also interesting, because no entropy would be returned. No callers passed such small buffers. ok miod sthen
* TLS would not be entirely functional without extensions, so unifdefjsing2014-05-311-19/+0
| | | | | | OPENSSL_NO_TLSEXT. ok tedu@
* remove some #if 0 code. we don't need any more reminders that we're usingtedu2014-05-301-5/+0
| | | | a not quite appropriate data structure. ok jsing
* unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.tedu2014-05-291-16/+0
| | | | ok deraadt jsing
* More KNF.jsing2014-05-281-3/+2
|
* DeIMPLEMENT libssl. Expand the IMPLEMENT_* macros since it is far morejsing2014-05-241-3/+38
| | | | | | | | readable and one less layer of abstraction. Use C99 initialisers for clarity, grepability and to protect from future field reordering/removal. ok miod@ (tedu@ also thought it was a wonderful idea, beck@ also agreed, but ran away squealing since it reminded him of the VOP layer...)
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-051-3/+0
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* Make libssl and libcrypto compile with -Werrorbeck2014-04-231-1/+1
| | | | ok miod@
* more malloc/realloc/calloc cleanups; ok beck kettenisderaadt2014-04-211-2/+1
|
* More KNF and style consistency tweaksguenther2014-04-191-4/+3
|
* always build in RSA and DSA. ok deraadt miodtedu2014-04-171-8/+0
|
* fix a potential double freejsg2014-04-171-2/+2
| | | | ok miod@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-6/+6
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* strncpy(d, s, strlen(s)) is a special kind of stupid. even when it's right,tedu2014-04-161-4/+8
| | | | | it looks wrong. replace with auditable code and eliminate many strlen calls to improve efficiency. (wait, did somebody say FASTER?) ok beck
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-12/+0
|
* So the OpenSSL codebase does "get the time, add it as a random seed"deraadt2014-04-141-2/+0
| | | | | | | in a bunch of places inside the TLS engine, to try to keep entropy high. I wonder if their moto is "If you can't solve a problem, at least try to do it badly". ok miod
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-797/+726
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* Do not include "e_os.h" anymore. Simply pull in the necessary headers.mpi2014-04-131-1/+1
| | | | ok miod@, deraadt@
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-9/+20
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 23:39:21 +0000