summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Correct test reversed during merge of fix for CVE-2014-3509guenther2014-08-071-2/+2
| | | | | pointed out by Watson Ladd (watson (at) matasano.com) ok deraadt@
* merge fix for CVE-2014-3509 -- basically a missing s->hit check; ok guentherderaadt2014-08-061-9/+13
|
* Expand the tlsext_sigalg macros. The end result is about the same numberjsing2014-07-131-16/+19
| | | | | | of lines and much more readable. ok miod@
* The bell tolls for BUF_strdup - Start the migration to usingbeck2014-07-131-2/+3
| | | | | | intrinsics. This is the easy ones, a few left to check one at a time. ok miod@ deraadt@
* The correct name for EDH is DHE, likewise EECDH should be ECDHE.jsing2014-07-121-4/+4
| | | | | | Based on changes to OpenSSL trunk. ok beck@ miod@
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoringtedu2014-06-191-3/+3
| | | | | | libc interfaces over libcrypto interfaces. for now we also prefer timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable. ok beck deraadt matthew miod
* Make sure to always invoke EVP_CIPHER_CTX_cleanup() before returning in themiod2014-06-181-4/+10
| | | | | | error paths from tls_decrypt_ticket(). ok tedu@
* Remove support for the `opaque PRF input' extension, which draft has expiredmiod2014-06-131-213/+1
| | | | | | | | 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* Sanitize use of client_opaque_prf_input: set it to NULL immediately aftermiod2014-06-041-18/+22
| | | | | | | | | | free()ing it, rather than in conditional code. Also do not bother setting server_opaque_prf_input (server, not client) to NULL in conditional code 10 lines after explicitely free()ing it and setting it to NULL (were the developers afraid of zombie pointers?) ok guenther@
* without overthinking it, replace a few memcmp calls with CRYPTO_memcmptedu2014-06-041-1/+1
| | | | where it is feasible to do so. better safe than sorry.
* ECDH and ECDSA will not work overly well if there is no EC, so unifdefjsing2014-05-311-22/+0
| | | | | | OPENSSL_NO_EC. ok tedu@
* TLS would not be entirely functional without extensions, so unifdefjsing2014-05-311-6/+0
| | | | | | OPENSSL_NO_TLSEXT. ok tedu@
* remove some #if 0 code. we don't need any more reminders that we're usingtedu2014-05-301-36/+0
| | | | a not quite appropriate data structure. ok jsing
* Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS andjsing2014-05-301-3/+4
| | | | | | SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head.
* unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.tedu2014-05-291-10/+0
| | | | ok deraadt jsing
* Make it substantially easier to identify protocol version requirementsjsing2014-05-291-0/+38
| | | | | | | | | | | | | | by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@
* There is no point in checking if a pointer is non-NULL before calling free,jsing2014-05-281-32/+18
| | | | | | | | since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@
* Replace the following logic:miod2014-05-261-26/+39
| | | | | | | | | | | | | | | | | | | | | if (nothing to allocate) ptr = malloc(1) else { if ((ptr = malloc(size to allocate)) memcpy(ptr, data to copy, size to allocate) } if (ptr == NULL) OMG ERROR with a saner logic where the NULL pointer check if moved to the actual malloc branch, so that we do not need to malloc a single byte, just to avoid having a NULL pointer. Whoever thought allocating a single byte was a smart idea was obviously not taking his meds. ok beck@ guenther@
* tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.miod2014-05-261-1/+4
|
* Use C99 initialisers for SSL3_ENC_METHOD structs.jsing2014-05-241-12/+14
| | | | ok miod@
* Enable three brainpool elliptic curves for TLS, as specified in RFC 7027;miod2014-05-241-1/+13
| | | | | | from OpenSSL HEAD. ok beck@ deraadt@ jsing@
* Use sizeof(cryptopro_ext) instead of 36 when applicable.miod2014-05-241-4/+4
| | | | ok jsing@
* More KNF.jsing2014-05-221-184/+194
|
* Fix several bounds checks in ssl_add_clienthello_tlsext() andmiod2014-05-191-34/+39
| | | | | | | | | ssl_add_serverhello_tlsext(), and convert all of them to the same idiom, for easier review. Math is hard, let's go webshopping. Help and ok guenther@
* Remove SRP and Kerberos support from libssl. These are complex protocolstedu2014-05-051-50/+0
| | | | | all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
* Appease gcc3 -Wuninitialized.miod2014-04-261-1/+1
|
* more malloc/realloc/calloc cleanups; ok beck kettenisderaadt2014-04-211-6/+9
|
* More KNF and style consistency tweaksguenther2014-04-191-6/+6
|
* now that knf carpet bombing is finished, switch to hand to hand combat.tedu2014-04-181-91/+91
| | | | | still not sure what to make of mysteries like this: for (i = 7; i >= 0; i--) { /* increment */
* always build in RSA and DSA. ok deraadt miodtedu2014-04-171-20/+0
|
* SHA and AES (and sadly MD5) can't be considered optional. ok beck miodtedu2014-04-171-8/+0
|
* quick pass at removing ability to disable sha256 and sha512. ok miodtedu2014-04-171-12/+0
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-28/+28
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* add back SRP. i was being too greedy.tedu2014-04-161-0/+50
|
* Thanks to the knobs in http://tools.ietf.org/html/rfc5746, we have a knobbeck2014-04-161-4/+2
| | | | | | to say "allow this connection to negotiate insecurely". de-fang the code that respects this option to ignore it. ok miod@
* disentangle SRP code from TLStedu2014-04-161-50/+0
|
* make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miodtedu2014-04-141-214/+0
|
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-141-1067/+935
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-61/+208
|
* cherrypick fix for CVE-2014-0160 "heartbleed" vulnerability fromdjm2014-04-071-5/+9
| | | | OpenSSL git; ok sthen@
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-1/+1
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* resolve conflictsdjm2012-10-131-58/+883
|
* OpenSSL 1.0.0f: mergedjm2012-01-051-0/+6
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-9/+11
|
* fix for CVE-2011-0014 "OCSP stapling vulnerability";djm2011-02-101-1/+7
| | | | | | ok markus@ jasper@ miod@ AFAIK nothing in base uses this, though apache2 from ports may be affected.
* - Apply security fix for CVE-2010-3864 (+commit 19998 which fixes the fix).jasper2010-11-171-18/+42
| | | | ok djm@ deraadt@
* resolve conflicts, fix local changesdjm2010-10-011-40/+877
|
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-051-6/+8
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:28:32 +0000