| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
| |
ok jsing
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Some applications that use X509_VERIFY_PARAM expect these to exist, since
they're also part of the OpenSSL 1.0.2 API.
|
| |
|
|
|
|
|
|
|
|
|
| |
Several pieces of software make use of these based on a conditional around
OPENSSL_NPN_NEGOTIATED, rather than using the presence of the symbols, the
non-existence of a OPENSSL_NO_NEXTPROTONEG define or even the existence of
the TLS extension type.
Unfortunately we cannot remove OPENSSL_NPN_NEGOTIATED since the API for
ALPN was effectively botched and reuses two parts from the NPN
implementation, rather than providing ALPN specific or generic versions.
|
| |
|
|
| |
Based on a diff from doug@, similar diff from inoguchi@
|
| |
|
|
|
|
|
|
| |
This was added as a workaround for broken F5 TLS termination, which then
created issues talking to broken IronPorts. The size of the padding is
hardcoded so it cannot be used in any generic sense.
ok bcook@ beck@ doug@
|
| |
|
|
|
|
|
| |
This was a workaround for a server that needed to talk GOST to old/broken
CryptoPro clients. This has no impact on TLS clients that are using GOST.
ok bcook@ beck@ doug@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Over the years OpenSSL grew multiple ways of being able to specify EC keys
(and/or curves) for use with ECDH and ECDHE key exchange. You could specify
a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and
generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via
a callback that was provided with insufficient information
(SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation
of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to
problems (like ECDHE not being enabled) and potential weird configuration
(like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE
ciphers from the cipher list. As such, permanently enable automatic EC
curve selection and generation, effectively disabling all of the
configuration knobs. The only exception is the
SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous
behaviour by configuring the curve of the given EC key as the only curve
being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
| |
|
|
|
|
|
| |
while we are at it, convert SSLerror to use a function
internally, so that we may later allocate the handshake
structure and check for it
ok jsing@
|
| |
|
|
|
|
| |
Rides minor bump.
ok beck@
|
| |
|
|
|
|
|
|
| |
SSL_{,CTX_}ctrl() functions. As crazy as it is, some software appears to
call the control functions directly rather than using the macros (or
functions) provided by the library.
Discussed with beck@ and sthen@
|
| |
|
|
|
|
|
| |
client-initiated renegotiation. The current default behaviour remains
unchanged.
ok beck@ reyk@
|
| |
|
|
|
|
| |
before yielding, and fail if we exceed a maximum. loosely based
on what boring and openssl are doing
ok jsing@
|
| |
|
|
| |
Noted by zhuk@
|
| |
|
|
|
|
|
|
| |
that are conditioning on these.
From BoringSSL.
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous
SSL{_CTX}_set1_curves{_list} names.
This also changes the default list of EC curves to be X25519, P-256 and
P-384. If you want others (such a brainpool) you need to configure this
yourself.
Inspired by parts of BoringSSL and OpenSSL.
ok beck@
|
| |
|
|
| |
ok beck@
|
| |
|
|
|
|
|
| |
the ssl_ctx from internal - these are used directly by python
and openvpn and a few other things - we have the set accessors
but the get accessors were added in 1.1 and these roll their
own caveat OPENSSL_VERSION chickenpluckery
|
| |
|
|
| |
set and cleared via existing functions.
|
| |
|
|
| |
Discussed with beck@
|
| |
|
|
|
|
|
| |
from SSL_METHOD, replacing usage with direct calls to the appropriate
functions.
ok beck@
|
| |
|
|
|
| |
so these should not be diddled with directly
ok jsing@
|
| |
|
|
| |
other perversions touches them sickly and unnaturally.
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok beck@
|
| |
|
|
|
|
| |
known to be in use.
ok beck@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
internal.
ok beck@
|
| |
|
|
| |
ok beck@
|
| |
|
|
| |
(thankfully).
|
| |
|
|
| |
ok beck@
|
| |
|
|
| |
ok beck@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
opaque structs.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds an internal opaque struct for each of the significant
publically visible structs. The opaque struct is then allocated and
attached to the publically visible struct when the appropriate *_new()
function is called, then cleared and freed as necessary.
This will allow for changes to be made to the internals of libssl, without
requiring a major bump each time the publically visible structs are
modified.
ok beck@
|
| |
|
|
| |
ok doug@
|
| |
|
|
|
|
| |
for future work.
Discussed with beck@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
For backward compatibility, the flags are redefined as 0.
ok jsing@
|
| |
|
|
|
|
|
| |
incomplete implementations just so that we can interoperate with products
from vendors who have not bothered to fix things in the last ~10 years.
ok bcook@ miod@
|
| |
|
|
|
|
|
|
|
|
| |
This is the first wave of SSLv3 removal which removes the main SSLv3
functions. Future commits will remove the rest of the SSLv3 support.
Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@,
sthen@, naddy@, and deraadt@.
ok jsing@, beck@
|
