| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Pull out the key share handling code and provide a clean/self contained
interface. This will make it easier to support groups other than X25519.
ok beck@ inoguchi@ tb@
|
|
This reduces replication between the existing TLS client/server and allows
the code to soon be reused for TLSv1.3.
With feedback from inoguchi@ and tb@
ok inoguchi@ tb@
|
|
Note that the last test triggers a kernel bug related to waitpid(9) and
ptraced processes. This is now visible thanks to recent make(1) changes.
guenther@ suggests to look at the logic behind `p_orphan' in FreeBSD to
fix this bug.
|
|
|
|
on the error stack, refrain from pushing an 'unknown' error on the stack.
This should allow libcrypto errors (including bio) to be visible, where we
have nothing better to offer.
ok tb@
|
|
and used version is in tls13_server.c.
ok inoguchi jsing
|
|
4672ff74d68766e7785c2cac4c597effccef2c5c have a zero byte prepended.
Run the secp224k1 ECDH tests and adjust this if needed.
|
|
will attempt again later, now that there is new regress
|
|
ok jsing@
|
|
Currently, only s_client has TLSv1.3 and s_server does not.
|
|
ok tb@
|
|
|
|
|
|
Discussed with jsing
|
|
behavior.
ok jsing
|
|
incoming method if it is a client.
This addresses the case where TLS_method() is used to initialise a SSL_CTX,
then a TLS_client_method() is then set, resulting in TLSv1.2 being used
instead of TLSv1.3. This is observable in smtpd.
ok beck@
|
|
handshake function pointer.
Fixes an isssue found by jca@ with OpenVPN.
ok beck@ tb@
|
|
traffic retries when not yet encrypting.
ok jsing@
|
|
ok jsing@
|
|
ok jsing@
|
|
in OpenSSL's test suite.
|
|
in tls 1.3
Will be used in a follow on commit to enable tls1.3 client certificates
ok jsing@
|
|
|
|
Test vectors taken from OpenSSL 1.1.1d (under OpenSSL's old license).
|
|
ok jsing@
|
|
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.
Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.
Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen
ok jsing
|
|
|
|
The libressl TLSv1.3 client and server currently lack client certificate
authentication support and this test expects all clients can auth with
all servers.
We can likely turn this back on in the near future.
|
|
|
|
These make far too many assumptions about cipher suites - TLSv1.3 cipher
suites can only be used with TLSv1.3 and there is tests using TLSv1.3
cipher suites with TLSv1.2 will not work. Likewise, expecting TLSv1.2
cipher suites to work with TLSv1.3 is futile. Additionally, eopenssl11
lists TLSv1.3 cipher suites with different names to libressl.
Futher work will be necessary before this can be re-enabled.
|
|
This can potentially be improved by adding knowledge about which libraries
support which versions and handle differences between clients and servers.
|
|
This is now talking over TLSv1.3 and needs session support.
|
|
This code was correct, it was the entry in the table that was incorrect.
ok beck@
|
|
Issue noticed by kn@ when talking to a TLSv1.3 capable mail server, but
with smtpd capping max version to TLSv1.2.
ok beck@
|
|
and correct the message type for certificate request.
ok jsing@
|
|
support. Makes openssl s_client -msg work for handshake messages.
ok beck jsing
|
|
ok beck@ tb@
|
|
messages.
TLSv1.3 messages that include extensions need a length prefixed field with
zero bytes, rather than no data at all.
ok beck@ tb@
|
|
ok beck@
|
|
client hello.
Allow pre-TLSv1.3 alerts (including warnings) to be received before the
server hello message. Disallow pre-TLSv1.3 alerts as soon as we know that
we are using TLSv1.3.
Noticed by ajacoutot@ while connecting to www.openprinting.org.
ok tb@
|
|
from the server.
ok jsing@
|
|
|
|
The golden values have changed due to TLSv1.3 and will likely change more
in the near future. This will be updated and re-enabled when things settle.
Discussed with beck@
|
|
hello tests.
|
|
ok beck jsing
|
|
ok beck@ tb@
|
|
This is needed for the TLSv1.3 server and will also be needed for client
certificate authentication. Note that we preserve on receive but before
recording the new handshake message, whereas we preserve on send after
recording the new handshake message.
ok tb@
|
|
ok jsing@
|
|
echo it.
ok beck@ tb@
|
