summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove support for DSS/DSA, since we removed the cipher suites a whilejsing2017-08-121-5/+1
| | | | | | back. ok guenther@
* Convert ssl3_send_certificate_request() to CBB.jsing2017-08-111-16/+25
| | | | ok beck@ doug@
* Clean up the EC key/curve configuration handling.jsing2017-08-101-44/+14
| | | | | | | | | | | | | | | | | | | | | | Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...). We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op. ok beck@ doug@
* Consistently return from each SSL/SSL_CTX control case, rather thanjsing2017-08-091-33/+27
| | | | breaking from some and returning from others.
* Split out the remaining SSL_CTX controls into individual functions.jsing2017-08-091-40/+88
|
* Start splitting out SSL_CTX controls into individual functions, so thatjsing2017-08-091-71/+92
| | | | they can eventually be exposed as direct functions/symbols.
* Be consistent and return from each SSL control case, rather than breakingjsing2017-08-091-18/+10
| | | | from some.
* Split out the remaining SSL controls into individual functions.jsing2017-08-091-46/+93
|
* Split more controls into individual functions.jsing2017-08-091-64/+91
|
* Start splitting out controls into individual functions, so that they canjsing2017-08-091-29/+63
| | | | eventually be exposed as direct functions/symbols.
* Remove unnecessary curly braces and unindent. Also add a few blank linesjsing2017-08-091-11/+13
| | | | for readability.
* Fix conditionals for DH controls.jsing2017-08-091-3/+3
|
* Remove unused variable.jsing2017-07-151-3/+3
| | | | Reported by <dravion at ht-foss dot net>
* Drop cipher suites with DSS authentication - there is no good reason tojsing2017-05-071-197/+1
| | | | | | keep these around. ok beck@
* Move state from ssl->internal to the handshake structure.beck2017-05-071-3/+3
| | | | | | | while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
* Bring in an SSL_HANDSHAKE structure and commence the great shovellingbeck2017-05-061-3/+3
| | | | ok jsing@, gcc@, regress@
* Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.jsing2017-05-061-1/+21
| | | | | | Rides minor bump. ok beck@
* Use freezero() for the internal opaque structures, instead of the currentjsing2017-04-101-6/+3
| | | | explicit_bzero()/free(). Less code and potentially less overhead.
* Use freezero() for X25519 keys - same result with more readable code.jsing2017-04-101-7/+3
|
* Remove the handshake digests and related code, replacing remaining usesjsing2017-03-101-3/+1
| | | | | | | with the handshake hash. For now tls1_digest_cached_records() is retained to release the handshake buffer. ok beck@ inoguchi@
* Provide a rolling handshake hash that commences as soon as the cipherjsing2017-03-051-1/+6
| | | | | | | | | | suite has been selected, and convert the final finish MAC to use this handshake hash. This is a first step towards cleaning up the current handshake buffer/digest code. ok beck@ inoguchi@
* Drop the second argument of dtls1_set_message_header() and make it a voidjsing2017-03-041-3/+3
| | | | | function. Nothing makes use of the return value and the second argument was only used to produce the return value...
* Change SSLerror() back to taking two args, with the first one being an SSL *.beck2017-02-071-24/+24
| | | | | | | | | Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
* Define values for SSL_CTRL_SET_GROUPS{,_LIST} and wire them up to thejsing2017-02-051-1/+13
| | | | | | | | SSL_{,CTX_}ctrl() functions. As crazy as it is, some software appears to call the control functions directly rather than using the macros (or functions) provided by the library. Discussed with beck@ and sthen@
* Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the uglybeck2017-01-261-35/+18
| | | | line wraps that resulted
* Send the error function codes to rot in the depths of hell where they belongbeck2017-01-261-24/+24
| | | | | | | We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
* sk_pop_free() checks for NULL so do not bother doing it from the callers.jsing2017-01-241-9/+5
|
* Add support for setting the supported EC curves viajsing2017-01-241-1/+30
| | | | | | | | | | | | | SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous SSL{_CTX}_set1_curves{_list} names. This also changes the default list of EC curves to be X25519, P-256 and P-384. If you want others (such a brainpool) you need to configure this yourself. Inspired by parts of BoringSSL and OpenSSL. ok beck@
* There is no point returning then breaking...jsing2017-01-241-2/+1
|
* Move options and mode from SSL_CTX and SSL to internal, since these can bejsing2017-01-231-4/+4
| | | | set and cleared via existing functions.
* Split most of SSL_METHOD out into an internal variant, which is opaque.jsing2017-01-231-8/+8
| | | | Discussed with beck@
* send state and rstate from ssl_st into internal. There are accessorsbeck2017-01-231-4/+4
| | | | | so these should not be diddled with directly ok jsing@
* Move a large part of ssl_st into internal, so we can see what squeals.beck2017-01-231-31/+31
| | | | ok jsing@
* Move most of the fields in SSL_CTX to internal - the ones that remain arejsing2017-01-231-11/+11
| | | | | | known to be in use. ok beck@
* move the callbacks from ssl_st to internalbeck2017-01-231-7/+7
| | | | ok jsing@
* Move callback function pointers and argument pointers from SSL_CTX tojsing2017-01-231-6/+6
| | | | | | internal. ok beck@
* Move not_resumable and sess_cert from SSL_SESSION to internal.jsing2017-01-231-3/+3
| | | | ok beck@
* Move most of the SSL3_STATE fields to internal - the ones that remain arejsing2017-01-221-52/+58
| | | | | | known to be used by ports. ok beck@
* Move ALPN and NPN fields from SSL/SSL_CTX to internal.jsing2017-01-221-4/+4
| | | | ok beck@
* Convert publically visible structs to translucent structs.jsing2017-01-221-3/+15
| | | | | | | | | | | | | This change adds an internal opaque struct for each of the significant publically visible structs. The opaque struct is then allocated and attached to the publically visible struct when the appropriate *_new() function is called, then cleared and freed as necessary. This will allow for changes to be made to the internals of libssl, without requiring a major bump each time the publically visible structs are modified. ok beck@
* Clean up ssl3_new() - in particular, we do not need to zero fields thatjsing2017-01-221-11/+4
| | | | | | are within a struct that was just allocated via calloc. ok beck@
* There is no point in setting struct fields to zero, when you've alreadyjsing2017-01-221-5/+2
| | | | | | zeroed the entire struct via memset. ok beck@
* Add support for SSL_get_server_tmp_key().jsing2016-12-301-1/+67
| | | | ok doug@
* Add support for ECDHE with X25519.jsing2016-12-211-1/+11
| | | | | | Testing of an earlier revision by naddy@. ok beck@
* Convert certificate handshake message generation to CBB, with some cleanjsing2016-12-061-1/+72
| | | | | | | | | | up and restructure. This also adds CBB based variants of the ssl3_handshake_msg_{start,finish} functions - for the time being these use a CBB to build the messages, then copy back into the init_buf. ok doug@
* Adjust cipher suite strengths - move MD5 to LOW, RC4 to LOW and 3DES tojsing2016-11-061-13/+13
| | | | | | MEDIUM. ok beck@ bcook@
* Remove the single IDEA cipher suite. There is no good reason to supportjsing2016-11-061-19/+1
| | | | | | this. ok beck@ bcook@
* unifdef -m -UOPENSSL_NO_CHACHA -UOPENSSL_NO_POLY1305jsing2016-11-061-3/+1
| | | | ok beck@
* Remove support for fixed ECDH cipher suites - these is not widely supportedjsing2016-10-191-303/+3
| | | | | | | | | and more importantly they do not provide PFS (if you want to use ECDH, use ECDHE instead). With input from guenther@. ok deraadt@ guenther@
* Implement the IETF ChaCha20-Poly1305 cipher suites.jsing2016-04-281-6/+57
| | | | | | | | | Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix, effectively replaces the original Google implementation. We continue to support both the IETF and Google versions, however the existing names now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04. Feedback from doug@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 00:55:45 +0000