openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix alert callback in the QUIC layer	tb	2024-09-09	1	-2/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Only close_notify and user_cancelled are warning alerts. All others should be fatal. In order for the lower layers to behave correctly, the return code for fatal alerts needs to be TLS13_IO_ALERT instead of TLS13_IO_SUCCESS. Failure to signal handshake failure in the public API led to a crash in HAProxy when forcing the tls cipher to TLS_AES_128_CCM_SHA256 as found by haproxyfred while investigating https://github.com/haproxy/haproxy/issues/2569 Kenjiro Nakayama found misbehavior of ngtcp2-based servers, wrote a similar patch and tested this version. Fixes https://github.com/libressl/portable/issues/1093 ok jsing
*	Make internal header file names consistent	tb	2022-11-26	1	-3/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Libcrypto currently has a mess of _lcl.h, _locl.h, and _local.h names used for internal headers. Move all these headers we inherited from OpenSSL to _local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
*	Plug leak of BIO in tls13_quic_init()	tb	2022-08-30	1	-2/+1
\| \| \| \| \| \| \|	If rbio and wbio are the same, SSL_free() only frees one BIO, so the BIO_up_ref() before SSL_set_bio() leads to a leak. ok jsing
*	Handle SSL_do_handshake() being called before SSL_provide_quic_data().	jsing	2022-08-27	1	-1/+4
\| \| \| \| \| \| \|	If SSL_do_handshake() is called before SSL_provide_quic_data() has been called, the QUIC read buffer will not have been initialised. In this case we want to return TLS13_IO_WANT_POLLIN so that the QUIC stack will provide handshake data.
*	Wire up SSL_QUIC_METHOD callbacks to the record layer callbacks for QUIC.	jsing	2022-08-21	1	-16/+48
\| \| \| \|	ok tb@
*	Provide and use QUIC specific error reasons.	jsing	2022-08-21	1	-3/+3
\| \| \| \|	ok tb@
*	Set NULL BIOs for QUIC.	jsing	2022-07-24	1	-1/+14
\| \| \| \| \| \| \| \|	When used with QUIC, the SSL BIOs are effectively unused, however we still currently expect them to exist for status (such as SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE). Set up NULL BIOs if QUIC is in use. ok tb@
*	Provide record layer callbacks for QUIC.	jsing	2022-07-24	1	-0/+135
	QUIC uses TLS to complete the handshake, however unlike normal TLS it does not use the TLS record layer, rather it provides its own transport. This means that we need to intercept all communication between the TLS handshake and the record layer. This allows TLS handshake message writes to be directed to QUIC, likewise for TLS handshake message reads. Alerts also need to be sent via QUIC, plus it needs to be provided with the traffic keys that are derived by TLS. ok tb@