|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook | 
| | 
| 
| 
| 
| 
| 
| 
| | These are no longer necessary due to SSL_CTX and SSL now being fully
opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back
into SSL.
Prompted by tb@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff
is now confined into ssl_seclevel.c and the rest of the library can make
use of the more straightforward wrappers, which makes it a lot easier on
the eyes.
ok beck jsing | 
| | 
| 
| 
| | ok beck jsing | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | OpenSSL chose to break the previous naming convention for ciphers and
to adopt TLS_* "RFC" names instead. Unfortunately, these names are
exposed in several APIs and some language bindings test for these
non-standard names instead of cipher values, which is ... unfortunate
(others would say "plain crazy").
We currently have to maintain patches in regress and ports (p5-Net-SSLeay,
openssl-ruby-tests - which means that Ruby will pick this up at some point)
to work around this difference and that's just not worth the effort.
The old AEAD- names will become aliases and continue to work, but in
openssl ciphers and netcat output the TLS_* names will now be displayed.
"I would be very happy if this gets committed" bluhm
ok beck inoguchi, begrudgingly ok jsing | 
| | 
| 
| 
| 
| 
| 
| 
| | S3I has served us well, however now that libssl is fully opaque it is time
to say goodbye. Aside from removing the calloc/free/memset, the rest is
mechanical sed.
ok inoguchi@ tb@ | 
| | 
| 
| 
| 
| 
| 
| | Now that we store our maximum TLS version at the start of the handshake,
we can check against that directly.
ok inoguchi@ tb@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.
Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).
ok tb@ | 
| | 
| 
| 
| 
| 
| 
| | fails, to match the behaviour of ssl_create_cipher_list().  This also
agrees with the behaviour of SSL_set_ciphersuites(3) in OpenSSL.
Issue found while writing documentation.
OK jsing@ | 
| | 
| 
| 
| 
| 
| 
| 
| | Move assignment to the correct place so that the run continuation condition
actually checks what it is supposed to. Found by getting lucky when running
regress.
ok beck jsing | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | OpenSSL added a separate API for configuring TLSv1.3 ciphersuites. Provide
this API, while retaining the current behaviour of being able to configure
TLSv1.3 via the existing interface.
Note that this is not currently exposed in the headers/exported symbols.
ok beck@ inoguchi@ tb@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | When parsing a cipher string, a cipher list is created, before being
duplicated and sorted - the second copy being stored as cipher_list_by_id.
This is done only so that a client can ensure that the cipher selected by
a server is in the cipher list. This is pretty pointless given that most
clients are short-lived and that we already had to iterate over the cipher
list in order to build the client hello. Additionally, any update to the
cipher list requires that cipher_list_by_id also be updated and kept in
sync.
Remove all of this and replace it with a simple linear scan - the overhead
of duplicating and sorting the cipher list likely exceeds that of a simple
linear scan over the cipher list (64 maximum, more typically ~9 or so).
ok beck@ tb@ | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | The name ssl_cipher_is_permitted() is not entirely specific - what it
really means is "can this cipher be used with a given version range".
Use ssl_cipher_allowed_in_version_range() to more clearly indicate this.
Bikeshedded with tb@
ok tb@ | 
| | 
| 
| 
| 
| 
| 
| | Replace the only occurrence of ssl_max_server_version() with a call
to ssl_downgrade_max_version() and remove ssl_max_server_version().
ok beck@ tb@ | 
| | 
| 
| 
| 
| 
| 
| | no need to check for it. Fixes COV-165788, identified with help from Alex
Bumstead.
ok jsing@ | 
| | 
| 
| 
| 
| 
| 
| | a more appropriately licenced file.  jsing and doug have rewritten
these functions (including the comments) over the past years.
ok jsing | 
|  | will be used in a few places shortly, e.g. in
ssl_cipher_list_to_bytes().
ok jsing |