summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add error handling for EVP_DigestInit_ex().doug2014-12-151-3/+7
| | | | | | | | | | | | | A few EVP_DigestInit_ex() calls were left alone since reporting an error would change the public API. Changed internal ssl3_cbc_digest_record() to return a value due to the above change. It will also now set md_out_size=0 on failure. This is based on part of BoringSSL's commit to fix malloc crashes: https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364 ok miod@
* unifdef OPENSSL_NO_NEXTPROTONEG, which is one of the last standing #ifndefjsing2014-12-141-9/+1
| | | | | | | mazes in libssl. NPN is being replaced by ALPN, however it is still going to be around for a while yet. ok miod@
* Remove support for GOST R 34.10-94 signature authentication, along withjsing2014-12-101-8/+1
| | | | | | | the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway. Discussed with Dmitry Eremin-Solenikov.
* Add support for ALPN.jsing2014-12-101-1/+85
| | | | | | Based on OpenSSL and BoringSSL. ok bcook@
* Sort and group includes.jsing2014-11-161-4/+7
|
* Add support for automatic DH ephemeral keys.jsing2014-10-311-2/+51
| | | | | | | This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length. Partly based on OpenSSL.
* Remove support for ephemeral/temporary RSA private keys.jsing2014-10-311-4/+3
| | | | | | | | | The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers). ok bcook@ miod@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-181-6/+5
| | | | | | | | | | | | | | | arc4random provides high quality pseudo-random numbers, hence there is no need to differentiate between "strong" and "pseudo". Furthermore, the arc4random_buf() function is guaranteed to succeed, which avoids the need to check for and handle failure, simplifying the code. It is worth noting that a number of the replaced RAND_bytes() and RAND_pseudo_bytes() calls were missing return value checks and these functions can fail for a number of reasons (at least in OpenSSL - thankfully they were converted to wrappers around arc4random_buf() some time ago in LibreSSL). ok beck@ deraadt@ miod@
* Disable SSLv3 by default.jsing2014-10-151-1/+4
| | | | | | | | | | | | | | SSLv3 has been long known to have weaknesses and the POODLE attack has once again shown that it is effectively broken/insecure. As such, it is time to stop enabling a protocol was deprecated almost 15 years ago. If an application really wants to provide backwards compatibility, at the cost of security, for now SSL_CTX_clear_option(ctx, SSL_OP_NO_SSLv3) can be used to re-enable it on a per-application basis. General agreement from many. ok miod@
* Add support for automatic ephemeral EC keys.jsing2014-10-031-2/+3
| | | | | | | | | | This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve. Based on OpenSSL with inspiration from boringssl. ok miod@
* Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,jsing2014-09-071-16/+2
| | | | | | nor do we plan on supporting them. ok guenther@
* Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and ajsing2014-08-241-3/+4
| | | | | | | ssl3_cipher_get_value() helper function, which returns the cipher suite value for the given cipher. ok miod@
* Replace the remaining ssl3_get_cipher_by_char() calls with n2s() andjsing2014-08-231-8/+11
| | | | | | ssl3_get_cipher_by_id(). ok bcook@
* Check the return value of sk_SSL_CIPHER_new_null(), since it allocatesjsing2014-08-111-5/+7
| | | | | | memory and can return NULL. ok miod@
* Currently, ssl3_put_char_by_bytes(NULL, NULL) is just a long handed wayjsing2014-08-111-10/+8
| | | | | | | | of writing "2". Add a define for the SSL3_CIPHER_VALUE_SIZE (rather than using a less-readable hardcoded constant everywhere) and replace the ssl3_put_char_by_bytes(NULL, NULL) calls with it. ok bcook@ miod@
* Since we no longer need to support SSLv2-style cipher lists, startjsing2014-08-101-11/+9
| | | | | | | | | | unravelling the maze of function pointers and callbacks by directly calling ssl3_{get,put}_cipher_by_char() and removing the ssl_{get,put}_cipher_by_char macros. Prompted by similar changes in boringssl. ok guenther.
* The correct name for EDH is DHE, likewise EECDH should be ECDHE.jsing2014-07-121-5/+5
| | | | | | Based on changes to OpenSSL trunk. ok beck@ miod@
* Provide ssl_version_string() function, which uses one of those modern Cjsing2014-07-121-11/+23
| | | | | | | | constructs (a switch statement) and returns the appropriate string defined by SSL_TXT_* for the given version, including support for DTLSv1 and DTLSv1-bad. Use this function in SSL_get_version() and SSL_SESSION_print(). ok beck@
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-121-11/+6
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* Remove remnants from PSK, KRB5 and SRP.jsing2014-07-121-4/+1
| | | | ok beck@ miod@
* Remove the PSK code. We don't need to drag around thisbeck2014-07-111-115/+1
| | | | | baggage. ok miod@ jsing@
* Remove more compression tendrils.jsing2014-07-101-6/+2
| | | | ok tedu@
* decompress libssl. ok beck jsingtedu2014-07-101-29/+1
|
* remove unused ecc_pkey_size.bcook2014-07-101-4/+2
| | | | ok jsing@ miod@
* tedu the SSL export cipher handling - since we do not have enabled exportjsing2014-07-091-66/+5
| | | | | | ciphers we no longer need the flags or code to support it. ok beck@ miod@
* convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoringtedu2014-06-191-2/+2
| | | | | | libc interfaces over libcrypto interfaces. for now we also prefer timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable. ok beck deraadt matthew miod
* ssl_session_cmp is not a sort function, can use CRYPTO_memcmp here too.tedu2014-06-171-2/+4
|
* Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher.jsing2014-06-131-1/+12
| | | | | | | | | Read and write contexts are also added to the SSL_CTX, along with supporting code. Based on Adam Langley's chromium diffs. Rides the recent SSL library bump.
* Remove support for the `opaque PRF input' extension, which draft has expiredmiod2014-06-131-2/+1
| | | | | | | | 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
* tags as requested by miod and teduderaadt2014-06-121-0/+1
|
* More KNF.jsing2014-06-071-6/+4
|
* Some KNF and fix the vairable spelling.jsing2014-05-311-23/+16
|
* More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.jsing2014-05-311-1/+1
|
* unifdef -UDOXYGEN and manually remove the few doxygen comments that are notjsing2014-05-311-31/+0
| | | | | | wrapped in #ifdef DOXYGEN... Requested by miod@
* ECDH and ECDSA will not work overly well if there is no EC, so unifdefjsing2014-05-311-4/+0
| | | | | | OPENSSL_NO_EC. ok tedu@
* TLS would not be entirely functional without extensions, so unifdefjsing2014-05-311-10/+0
| | | | | | OPENSSL_NO_TLSEXT. ok tedu@
* remove some #if 0 code. we don't need any more reminders that we're usingtedu2014-05-301-38/+1
| | | | a not quite appropriate data structure. ok jsing
* Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS andjsing2014-05-301-3/+1
| | | | | | SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head.
* Any sane platform has stdio. Stop pretending we will ever use a platformbeck2014-05-291-2/+0
| | | | | that does not. "fire bomb" tedu@
* no space before labeltedu2014-05-291-9/+9
|
* consistent bracestedu2014-05-291-13/+13
|
* unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.tedu2014-05-291-20/+0
| | | | ok deraadt jsing
* Make it substantially easier to identify protocol version requirementsjsing2014-05-291-0/+1
| | | | | | | | | | | | | | by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@
* When you have functions that perform specific functions, use them.jsing2014-05-291-18/+9
| | | | | | | | EVP_CIPHER_CTX_free() does a NULL check, then calls EVP_CIPHER_CTX_cleanup() and frees the memory. COMP_CTX_free() also had its own NULL check, so there is no point in duplicating that here. ok beck@
* EVP_MD_CTX_create() calls malloc and can return NULL. However, only one ofjsing2014-05-281-1/+1
| | | | | | | the calls in libssl actually checks the return value before using it. Add NULL checks for the remaining three calls. ok miod@
* There is no point in checking if a pointer is non-NULL before calling free,jsing2014-05-281-19/+11
| | | | | | | | since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
* remove unused shit. from Alexander Schrijvertedu2014-05-251-4/+0
|
* Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much ofjsing2014-05-251-12/+0
| | | | | | | this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
* I'm so sorry to learn that the Diab compiler can't (or used not to) parse Cmiod2014-05-241-5/+1
| | | | code. Remove workaround.
* Use C99 initialisers for SSL3_ENC_METHOD structs.jsing2014-05-241-16/+19
| | | | ok miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 16:31:50 +0000