| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
This is a convenience reacharound to libcrypto that trivially wraps
X509_VERIFY_PARAM_get0_peername(). It is used by unbound 1.11.0 for
better logging. As it's part of the API that landed with OpenSSL's
DANE, more recent postfix snapshots use it as well.
ok beck inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
We do not support this feature but need to provide OpenSSL's API since
software assumes it's available whenever TLS1_3_VERSION is available.
These are minimal stubs that should have a decent chance to interact
reasonably with software expecting the tricky upstream semantics, but
this will have to be sorted out with runtime testing, so will likely
have to be refined and revisited.
ok beck jsing
|
| |
|
|
|
|
|
| |
Similar to the SSL_SESSION versions, these are noops that are expected
to be available by some configure tests.
ok beck jsing
|
| |
|
|
|
|
|
| |
Since we do not support 0-RTT, these are noops. Some software expects
this API to be available if TLS1_3_VERSION is defined.
ok beck jsing
|
| |
|
|
|
|
|
|
| |
OpenSSL effectively renamed SSL_get_server_tmp_key() to
SSL_get_peer_tmp_key() and removed the client-side restriction. Prepare
for a matching rename.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
OpenSSL added a separate API for configuring TLSv1.3 ciphersuites. Provide
this API, while retaining the current behaviour of being able to configure
TLSv1.3 via the existing interface.
Note that this is not currently exposed in the headers/exported symbols.
ok beck@ inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
| |
to prefer that. No binary change except in d1_srtp.c where the
generated assembly differs only in line numbers (due to a wrapped
long line) and in s3_cbc.c where there is no change in the generated
assembly.
ok inoguchi jsing
|
| |
|
|
|
|
| |
reverts previous attempt which would have broken ports
ok jsing@
|
| |
|
|
| |
ok beck@ tb@
|
| |
|
|
|
|
|
| |
This allows us to indicate that the cause of the failure is unknown, rather
than implying that it was an internal error when it was not.
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In OpenSSL, SSL_CTX_get_extra_chain_certs() really means return extra
certs, unless there are none, in which case return the chain associated
with the certificate. If you really just want the extra certs, including
knowing if there are no extra certs, then you need to call
SSL_CTX_get_extra_chain_certs_only()! And to make this even more
entertaining, these functions are not documented in any OpenSSL release.
Reported by sephiroth-j on github, since the difference in behaviour
apparently breaks OCSP stapling with nginx.
ok beck@ inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
These allow for chains to be managed on a per-certificate basis rather than
as a single "extra certificates" list. Note that "chain" in this context
does not actually include the leaf certificate however, unlike
SSL_CTX_use_certificate_chain_{file,mem}().
Thanks to sthen@ for running this through a bulk ports build.
ok beck@ tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
| |
Part of OpenSSL 1.1 API (pre-licence-change).
input schwarze
ok jsing
|
| |
|
|
|
|
| |
Part of OpenSSL 1.1 API, pre-licence change.
ok jsing
|
| |
|
|
|
|
|
| |
Used by unbound's DNS over TLS implementation to do server name
verification.
ok jsing
|
| |
|
|
| |
ok beck@ tb@
|
| |
|
|
| |
ok beck@ bluhm@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Accordingly, add some error checking to SSL_copy_session_id(),
BIO_ssl_copy_session_id(), and SSL_dup().
Prompted by OpenSSL commit 17dd65e6e1f
Tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
| |
public API in libssl.
ok beck, jsing
|
| |
|
|
| |
previous commit.
|
| |
|
|
|
|
|
|
| |
our libssl functions match theirs wrt const, except for BIO_f_ssl(3)
which will be fixed in a later step.
this went through a i386 bulk by sthen
ok jsing
|
| |
|
|
|
|
|
| |
around the SSLv3/TLSv1.0 period... and buggy clients are buggy. This also
helps to clean up the RSA key exchange code.
ok "kill it with fire" beck@ tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well
thread safety modifications for the existing LibreSSL init
functions. The initialization routines are called automatically
by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
| |
|
|
|
|
| |
SSL_SESSION_has_ticket()
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
Noted by schwarze@
ok jsing@
|
| |
|
|
|
| |
SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and
SSL_CIPHER_is_aead().
|
| | |
|
| |
|
|
|
|
|
|
|
| |
We already provided the setters, so also provide the getters like
OpenSSL does. Addition prompted by the use of those functions in recent
openvpn releases.
manpage diff from schwarze@ (thanks!) with input from jsing@, ok tb@
jsing@
|
| |
|
|
|
| |
Needed at least by openvpn-2.4.5, which detects availability of this
interface using #ifdefs... Discussed with & ok jsing@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok jsing
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Some applications that use X509_VERIFY_PARAM expect these to exist, since
they're also part of the OpenSSL 1.0.2 API.
|
| |
|
|
|
|
|
|
|
|
|
| |
Several pieces of software make use of these based on a conditional around
OPENSSL_NPN_NEGOTIATED, rather than using the presence of the symbols, the
non-existence of a OPENSSL_NO_NEXTPROTONEG define or even the existence of
the TLS extension type.
Unfortunately we cannot remove OPENSSL_NPN_NEGOTIATED since the API for
ALPN was effectively botched and reuses two parts from the NPN
implementation, rather than providing ALPN specific or generic versions.
|
| |
|
|
| |
Based on a diff from doug@, similar diff from inoguchi@
|
| |
|
|
|
|
|
|
| |
This was added as a workaround for broken F5 TLS termination, which then
created issues talking to broken IronPorts. The size of the padding is
hardcoded so it cannot be used in any generic sense.
ok bcook@ beck@ doug@
|
| |
|
|
|
|
|
| |
This was a workaround for a server that needed to talk GOST to old/broken
CryptoPro clients. This has no impact on TLS clients that are using GOST.
ok bcook@ beck@ doug@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Over the years OpenSSL grew multiple ways of being able to specify EC keys
(and/or curves) for use with ECDH and ECDHE key exchange. You could specify
a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and
generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via
a callback that was provided with insufficient information
(SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation
of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to
problems (like ECDHE not being enabled) and potential weird configuration
(like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE
ciphers from the cipher list. As such, permanently enable automatic EC
curve selection and generation, effectively disabling all of the
configuration knobs. The only exception is the
SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous
behaviour by configuring the curve of the given EC key as the only curve
being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
| |
|
|
|
|
|
| |
while we are at it, convert SSLerror to use a function
internally, so that we may later allocate the handshake
structure and check for it
ok jsing@
|
