summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add Copyright and license.schwarze2016-11-291-67/+99
| | | | | | | SSLv2 and export ciphers are no longer supported, delete related text. Sync SSL_CIPHER_description(3) return values with the source code. Wording simplifications from OpenSSL. Delete empty RETURN VALUES section.
* The OpenSSL file doc/man3/PEM_read_CMS.pod contains parts belongingschwarze2016-11-282-1/+137
| | | | | to libcrypto and parts belonging to libssl. Extract the parts relevant for our libssl and import them with some tweaks.
* Import the DTLSv1_listen(3) manual from OpenSSL,schwarze2016-11-212-1/+188
| | | | | | | | excluding interface changes that don't apply to LibreSSL, except that i left the confusing discussion of RETURN VALUES completely unchanged, to warn users that this is a mess: OpenSSL first published this interface, then later changed its syntax and semantics in multiple ways.
* Convert ssl3_get_client_kex_dhe() to CBS and perform some general codejsing2016-11-171-38/+29
| | | | | | cleanup, including the removal of a dead code path. ok beck@
* Use defines instead of magic numbers and comments.jsing2016-11-171-5/+3
|
* Add Copyright and license.schwarze2016-11-141-13/+93
| | | | | In the SYNOPSIS, show function prototypes rather than macro definitions. Delete the useless NOTES section header.
* Disable ec assembly for amd64 pending fixes for ssh, and bumpbeck2016-11-111-2/+2
| | | | majors appropriately
* When using an union including a type known for having strong alignmentmiod2016-11-081-7/+15
| | | | | | | | constraints, in order to force the union to have the same constraint, use the actual type instead of `double'. And add a comment explaining why we want such an alignment in there. ok beck@
* Remove unused SSLv3 from ssl3_cbc_record_digest_supported().jsing2016-11-063-77/+33
| | | | | | From Markus Uhlin <markus.uhlin at bredband dot net> ok beck@ bcooK@
* Split ssl3_get_client_key_exchange() into separate per algorithm functions.jsing2016-11-061-320/+388
| | | | ok beck@
* Remove pointless check - without fixed ECDH, there is only one way to reachjsing2016-11-061-8/+1
| | | | | | this code path. ok beck@ bcook@
* Split out the DHE and ECDHE code paths fromjsing2016-11-061-203/+221
| | | | | | ssl3_send_server_key_exchange(). ok beck@ bcook@
* Adjust cipher suite strengths - move MD5 to LOW, RC4 to LOW and 3DES tojsing2016-11-061-13/+13
| | | | | | MEDIUM. ok beck@ bcook@
* Remove the single IDEA cipher suite. There is no good reason to supportjsing2016-11-063-29/+3
| | | | | | this. ok beck@ bcook@
* unifdef -m -UOPENSSL_NO_CHACHA -UOPENSSL_NO_POLY1305jsing2016-11-062-6/+2
| | | | ok beck@
* remove unused variablebcook2016-11-061-6/+3
|
* One of the error paths would attempt to access not-yet-initialized locals.miod2016-11-051-2/+2
| | | | | | Simply return since there is nothing more to do. Spotted by coverity. ok jsing@ beck@
* Do a partial CBB conversion of ssl3_send_server_key_exchange(), which willjsing2016-11-051-52/+67
| | | | | | make it easier to do further clean up. ok beck@ miod@
* move manual pages from doc/ to man/ for consistency with otherschwarze2016-11-0585-169/+169
| | | | | libraries, in particular considering that there are unrelated files in doc/; requested by jsing@ and beck@
* bump minors for symbol addition for ocsp and x25519 symbol additionsbeck2016-11-051-1/+1
|
* after getting rid of the pod files, clean up the Makefiles; ok bcook@schwarze2016-11-052-28/+13
|
* Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve()jsing2016-11-053-62/+41
| | | | | | | in the process. This also fixes a long standing bug where tls1_ec_curve_id2nid() is called with only one byte of the curve ID. ok beck@ miod@
* Remove generated Symbols.map on make clean.jsing2016-11-051-2/+2
| | | | ok guenther@
* Rename ssl3_get_key_exchange() to ssl3_get_server_key_exchange(), sincejsing2016-11-043-7/+7
| | | | | | that's what it really is. ok miod@
* Tidy up the usage of peer_ecdh_tmp, following the fixed ECDH removal.jsing2016-11-041-13/+5
| | | | ok beck@
* Mark a couple local functions as staticguenther2016-11-042-4/+4
| | | | ok jsing@ beck@
* The *_method_data structures can be staticguenther2016-11-046-21/+21
| | | | ok jsing@
* Add an explict list of exported symbols with just the functionsguenther2016-11-045-11/+289
| | | | | | | declared in the public headers, and use __{BEGIN,END}_HIDDEN_DECLS in the internal headers to optimize internal functions ok jsing@
* make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hiddenbeck2016-11-041-2/+2
| | | | | | functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@
* Make do_dtls1_write() static to d1_pkt.c and delete declarations forguenther2016-11-042-8/+6
| | | | | | three functions that were removed a while ago ok jsing@
* Fix some linewrapping glitchesguenther2016-11-041-7/+5
| | | | ok jsing@
* Completely rewrite the session handling ASN.1 code using CBB and CBS. Thisjsing2016-11-041-616/+329
| | | | | | | addresses two 2038 related issues and also adds support for allocation in the i2d function, which will allow for simplification in the callers. ok beck@ miod@
* Convert ssl3_get_server_kex_dhe() to CBS.jsing2016-11-041-42/+19
| | | | ok beck@
* In ssl3_read_bytes(), do not process more than three consecutive TLSjsing2016-11-031-4/+24
| | | | | | | | records, otherwise a peer can potentially cause us to loop indefinately. Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose when they want to handle further processing for this connection. ok beck@ miod@
* Split ssl3_get_key_exchange() into separate functions for DHE/ECDHE.jsing2016-11-031-205/+256
| | | | ok beck@ (who was struggling to keep lunch down while reviewing the diff)
* Clean up the TLS handshake digest handling - this refactors some of thejsing2016-11-032-30/+43
| | | | | | | | | | | | | | | | | | | code for improved readability, however it also address two issues. The first of these is a hard-to-hit double free that will occur if EVP_DigestInit_ex() fails. To avoid this and to be more robust, ensure that tls1_digest_cached_records() either completes successfully and sets up all of the necessary digests, or it cleans up and frees everything that was allocated. The second issue is that EVP_DigestUpdate() can fail - detect and handle this in tls1_finish_mac() and change the return type to an int so that a failure can be propagated to the caller (the callers still need to be fixed to handle this, in a later diff). The double-free was reported by Matthew Dillon. ok beck@ doug@ miod@
* Expand LHASH_OF, IMPLEMENT_LHASH_DOALL_ARG_FN and LHASH_DOALL_ARG_FNjsing2016-11-022-7/+13
| | | | macros. Only change in generated assembly is due to line numbering.
* Expand another LHASH_OF macro.jsing2016-11-021-2/+2
|
* Expand DECLARE_LHASH_OF and LHASH_OF macros.jsing2016-11-021-3/+5
|
* Expand DECLARE_PEM_rw macro.jsing2016-11-021-2/+7
|
* Expand IMPLEMENT_LHASH_COMP_FN/IMPLEMENT_LHASH_HASH_FN macros - the onlyjsing2016-11-021-5/+17
| | | | change to generated assembly results from a difference in line numbers.
* Wrap some >80 char lines.jsing2016-11-021-9/+9
|
* Remove support for fixed ECDH cipher suites - these is not widely supportedjsing2016-10-197-466/+42
| | | | | | | | | and more importantly they do not provide PFS (if you want to use ECDH, use ECDHE instead). With input from guenther@. ok deraadt@ guenther@
* Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate()guenther2016-10-021-5/+11
| | | | | based on openssl commit a5184a6c89ff954261e73d1e8691ab73b9b4b2d4 ok bcook@
* Detect zero-length encrypted session data early, instead of when malloc(0)guenther2016-10-021-2/+2
| | | | | | | fails or the HMAC check fails. Noted independently by jsing@ and Kurt Cancemi (kurt (at) x64architecture.com) ok bcook@
* Improve on code from the previous commit.jsing2016-09-221-7/+5
| | | | ok bcook@
* Avoid unbounded memory growth, which can be triggered by a clientjsing2016-09-221-9/+20
| | | | | | repeatedly renegotiating and sending OCSP Status Request TLS extensions. Fix based on OpenSSL.
* Check for packet with truncated DTLS cookie.guenther2016-09-221-12/+17
| | | | | | | | | | | Flip pointer comparison logic to avoid beyond-end-of-buffer pointers to make it less likely a compiler will decide to screw you. Based on parts of openssl commits 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 and 89c2720298f875ac80777da2da88a64859775898 ok jsing@
* Improve ticket validity checking when tlsext_ticket_key_cb() callbackguenther2016-09-221-4/+25
| | | | | | | | | | | chooses a different HMAC algorithm. Avert memory leaks if the callback preps the HMAC in some way. Based on openssl commit 1bbe48ab149893a78bf99c8eb8895c928900a16f but retaining a pre-callback length check to guarantee the callback is provided the buffer that the API claims. ok bcook@ jsing@
* Avoid selecting weak digests for (EC)DH when using SNI.bcook2016-09-201-3/+12
| | | | | | | | | | | from OpenSSL: SSL_set_SSL_CTX is normally called for SNI after ClientHello has received and the digest to use for each certificate has been decided. The original ssl->cert contains the negotiated digests and is now copied to the new ssl->cert. noted by David Benjamin and Kinichiro Inoguchi
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-23 19:26:43 +0000