summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_methods.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove get_cipher from SSL_METHOD.jsing2024-07-231-16/+1
| | | | | | | | | | | | | | | Inline the get_cipher implementation (including the special handling for DTLS) in ssl_cipher_collect_ciphers() (the only consumer), remove the get_cipher member of SSL_METHOD and mop up dtls1_get_cipher(). ssl3_get_cipher() has always had a strange property of being a reverse index, which is relied on by the cipher list ordering code, since it currently assumes that high cipher suite values are preferable. Rather than complicating ssl3_get_cipher() (and regress), change the iteration order in ssl_cipher_collect_ciphers() to match what it requires. Lastly, rename ssl3_get_cipher() to be more descriptive. ok tb@
* Hide all public symbols in libsslbeck2023-07-081-1/+25
| | | | | | With the guentherizer 9000 ok tb@
* unifdef the LIBRESSL_HAS_TLS1_3_[CLIENT|SERVER] goobeck2023-07-061-36/+1
| | | | | And remove the tendrils. This was useful for transition but we are now well past this.
* Make internal header file names consistenttb2022-11-261-3/+3
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Dedup dtls1_dispatch_alert()/ssl3_dispatch_alert().jsing2021-07-261-17/+1
| | | | | | | | The code for dtls1_dispatch_alert() and ssl3_dispatch_alert() is largely identical - with a bit of reshuffling we can use ssl3_dispatch_alert() for both protocols and remove the ssl_dispatch_alert function pointer. ok inoguchi@ tb@
* Do a first pass clean up of SSL_METHOD.jsing2021-07-031-49/+1
| | | | | | | | | The num_ciphers, get_cipher_by_char and put_cipher_by_char function pointers use the same function for all methods - call ssl3_num_ciphers() directly, absorb ssl3_get_cipher_by_char() into SSL_CIPHER_find() and remove the unused ssl3_put_cipher_by_char() code. ok inoguchi@ tb@
* Merge SSL_METHOD_INTERNAL into SSL_METHOD.jsing2021-07-011-97/+33
| | | | | | | Now that SSL_METHOD is opaque and in internal headers, we can remove SSL_METHOD_INTERNAL by merging it back into SSL_METHOD. ok tb@
* Move DTLS structs/definitions/prototypes to dtls_locl.h.jsing2021-05-161-1/+2
| | | | | | | | Now that the DTLS structs are opaque, add a dtls_locl.h header and move internal-only structs from dtls1.h, along with prototypes from ssl_locl.h. Only pull this header in where DTLS code actually exists. ok inoguchi@ tb@
* Expose various DTLSv1.2 specific functions and definestb2021-03-311-15/+1
| | | | ok bcook inoguchi jsing
* Only use TLS versions internally (rather than both TLS and DTLS versions).jsing2021-02-251-33/+33
| | | | | | | | | | | | | | DTLS protocol version numbers are the 1's compliment of human readable TLS version numbers, which means that newer versions decrease in value and there is no direct mapping between TLS protocol version numbers and DTLS protocol version numbers. Rather than having to deal with this internally, only use TLS versions internally and map between DTLS and TLS protocol versions when necessary. Rename functions and variables to use 'tls_version' when they contain a TLS version (and never a DTLS version). ok tb@
* Add DTLSv1.2 methods.jsing2021-02-201-2/+152
| | | | | | These are currently guarded by LIBRESSL_HAS_DTLS1_2 and LIBRESSL_INTERNAL. ok tb@
* Bring back *_client_method() structstb2020-12-011-8/+196
| | | | | | | | | | | | | | | | | | | | | | | | | | The method unification broke an API promise of SSL_is_server(). According to the documentation, calling SSL_is_server() on SSL objects constructed from generic and server methods would result in 1 even before any call to SSL_set_accept_state(). This means the information needs to be available when SSL_new() is called, so must come from the method itself. Prior to the method unification, s->server would be set to 0 or 1 in SSL_new() depending on whether the accept method was undefined or not. Instead, introduce a flag to the internal structs to distinguish client methods from server and generic methods and copy that flag to s->server in SSL_new(). This problem was reported to otto due to breakage of DoH in net/dnsdist. The reason for this is that www/h2o relies on SSL_is_server() to decide whether to call SSL_accept() or SSL_connect(). Thus, the h2o server would end up responding to a ClientHello with another ClientHello, which results in a handshake failure. The bandaid applied to www/h2o can be removed once this fix has made it into snaps. No other breakage is known. This commit brings back only about half of the duplication removed in the method unification, so is preferable to a full revert. ok jsing
* Mark DTLS methods as DTLS.jsing2020-10-141-1/+7
| | | | | | | | Rather than inferring DTLS from the method version, add a field that marks a method as specifically being DTLS. Have SSL_IS_DTLS condition on this rather than on version. ok tb@
* SSL3_ENC_METHOD is just a flag word; merge it into SSL_METHOD_INTERNALguenther2020-10-111-7/+7
| | | | | | | with #defines for the per-version initializers instead of extern globals. Add SSL_USE_SHA256_PRF() to complete the abstraction. ok tb@ jsing@
* Condense and simplify TLS methods.jsing2020-10-111-419/+54
| | | | | | | | | | | | | | | Historically, OpenSSL has had client and server specific methods - the only difference between these is that the .ssl_connect or .ssl_accept function pointer is set to ssl_undefined_function, with the intention of reducing code size for a statically linked binary that was only a client or server. These days the difference is minimal or non-existant in many cases and we can reduce the amount of code and complexity by having single method. Internally remove all of the client and server specific methods, simplifying code in the process. The external client/server specific API remain, however these now return the same thing as TLS_method() does. ok tb@
* Use TLSv1_1_enc_data instead of DTLSv1_enc_data.jsing2020-10-031-4/+4
| | | | | | | | DTLSv1 is TLSv1.1 over datagrams - there is no need for a separate SSL3_ENC_METHOD struct, just use TLSv1_1_enc_data and remove DTLSv1_enc_data entirely. ok tb@
* Simplify SSL method lookups.jsing2020-09-171-49/+35
| | | | | | | | | There are three places where we call tls1_get_{client,server}_method() and if that returns NULL, call dtls1_get_{client,server}_method(). Simplify this by combining the lookup into a single function. While here also use uint16_t for version types. ok inoguchi@ millert@
* Mop up the get_ssl_method function pointer.jsing2020-09-151-47/+1
| | | | | | | Now that get_ssl_method is no longer used, we can garbage collect the function pointer and some associated machinery. ok beck@
* Remove some unnecessary function pointers from SSL_METHOD_INTERNAL.jsing2020-07-071-37/+1
| | | | | | ssl_version is completely unused and get_timeout is the same everywhere. ok beck@ inoguchi@ tb@
* Enable TLSv1.3 for the generic TLS_method().jsing2020-07-071-4/+50
| | | | | | This can be done now that we have both TLSv1.3 client and server. ok beck@ inoguchi@ tb@
* Add a workaround to make SSL_set_session() work with TLSv1.3.jsing2020-02-061-1/+9
| | | | | | | | While we do not currently do session resumption, just return the TLS_client_method() or TLS_server_method() when asked for a method that does TLSv1.3. ok tb@ (who also arrived at the same diff)
* Remove the ssl_get_message function pointer from SSL_METHOD_INTERNAL.jsing2020-01-231-20/+3
| | | | | | | | | ssl_get_message is essentially a switch between ssl3_get_message and dtls1_get_message, both only used by the legacy stack. Instead, use SSL_IS_DTLS() in ssl3_get_message to call the DTLS function when necessary. ok beck@ inoguchi@ tb@
* Implement pending for TLSv1.3.jsing2020-01-231-3/+3
| | | | | | Makes `openssl s_client -peekaboo` work with TLSv1.3. ok beck@ tb@
* Switch back to a function pointer for ssl_pending.jsing2020-01-231-1/+18
| | | | | | | This will allow the TLSv1.3 stack to provide its own implementation. Nuke a completely bogus comment from SSL_pending() whilst here. ok beck@
* Wire up the TLSv1.3 server.jsing2020-01-221-3/+45
| | | | | | | | This currently only has enough code to handle fallback to the legacy TLS stack for TLSv1.2 or earlier, however allows for further development and testing. ok beck@
* Hook up the TLSv1.3 legacy shutdown code.jsing2020-01-221-2/+2
| | | | Missed in an earlier commit.
* Split the TLSv1.3 guards into separate client and server guards.jsing2020-01-221-3/+3
| | | | ok beck@ tb@
* Bring back the ssl_shutdown internal method pointer.jsing2019-11-171-1/+17
| | | | | | | For now ssl3_shutdown() is called in all cases, however TLSv1.3 will soon get its own version. ok beck@
* Provide version agnostic DTLS methods.jsing2019-03-171-1/+19
| | | | ok tb@
* Correct guards.jsing2019-02-141-3/+3
|
* Provide a TLS 1.3 capable client method.jsing2019-02-141-3/+45
| | | | ok tb@
* Consolidate all of the SSL method structs/functions into a single file.jsing2018-11-051-0/+666
Discussed with tb@