summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* crank libssl majortb2024-03-021-1/+1
| | | | same bump as libcrypto; symbol removal and addition
* Remove SSL_debugtb2024-03-024-13/+3
| | | | | | | The garbage truck is quite full by now. Collect the last symbol straggler for this bump. ok jsing
* Garbage collect TLS1_FLAGS_SKIP_CERT_VERIFYtb2024-03-021-2/+1
| | | | | | And here goes another weird-ass thing of dubious pedigree. ok jsing
* Make {SSL3,TLS}_CT_* internaltb2024-03-023-28/+8
| | | | | | | | And here goes a bunch of unused macros that just had to be in two headers so they could get out of sync. Three of these constants are used in a single function... ok jsing
* Remove SSL_CIPHER_get_by_{id,value}()tb2024-03-024-23/+3
| | | | | | | | | While this undocumented API would have been much nicer and saner than SSL_CIPHER_find(), nothing used this except for the exporter test. Let's get rid of it again. libssl uses ssl3_get_cipher_by_{id,value}() directly. ok jsing
* Export SSL_get_{peer_,}signature_type_nid()tb2024-03-025-8/+13
| | | | | | | | | Also move the prototypes to the correct header. Oversight reported by Frank Lichtenheld, thanks! Fixes https://github.com/libressl/openbsd/issues/147 ok jsing
* Of course libssl also has a few missing voidtb2024-02-042-4/+4
| | | | From Christian Andersen
* Rework the exit path of tls13_handshake_recv_action()tb2024-02-031-12/+14
| | | | | | | | | | | | | If an error occurs in action->recv() for a handshake that needs to downgrade to legacy TLS, the artistic exit path led to hiding the error under TLS13_IO_USE_LEGACY. Rework the exit path to be easier to follow, preserving behavior except that the error can no longer be masked. Detailed analysis and initial diff by Masaru Masuda. Fixes https://github.com/libressl/openbsd/issues/146 ok beck
* Remove last peeking at TLS1_FLAGS_SKIP_CERT_VERIFYtb2024-02-031-7/+1
| | | | | | | This was used for some GOST weirdness. The flag is unused in ports and there is no user in Debian's codesearch. ok beck
* Zap a trailing blank that snuck into ssl3_get_client_hello()tb2024-02-031-2/+2
|
* Remove GOST and STREEBOG support from libssl.beck2024-02-0316-675/+32
| | | | | | | | | | | | | | | | | | This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
* Restore SSL_shutdown() two step sequence.jsing2024-01-301-1/+3
| | | | | | | | | | | Change SSL_shutdown() such that it will return 0 after sending a close-notify, before potentially returning 1 (indicating that a close-notify has been sent and received) on a subsequent call. Some software depends on this behaviour, even though there are cases where the first call could immediately return 1 (for example, when the peer has already sent a close-notify prior to SSL_shutdown() being called). ok tb@
* Rework tls13_legacy_shutdown() to match the legacy stack behaviour.jsing2024-01-271-18/+19
| | | | | | | | Respect the ssl->shutdown flags rather than what has actually happened, return -1 for all EOF errors and completely ignore the return value when attempting to read a close-notify from the wire. ok tb@
* Make tls13_legacy_return_code() static.jsing2024-01-272-4/+3
|
* Add message callbacks for alerts in the TLSv1.3 stack.jsing2024-01-273-10/+49
| | | | | | | | This will make it easier to regress test shutdown behaviour in the TLSv1.3 stack. Additionally, `openssl -msg` now shows alerts for TLSv1.3 connections. ok tb@
* Stop fiddling with hash table internals from lhash doall callers.jsing2024-01-241-6/+3
| | | | | | | | It is now safe to call delete from an lhash doall callback - stop fiddling wit hash table internals from lhash doall callers that previously has to workaround this themselves. ok tb@
* Switch from EVP_CIPHER_type() to EVP_CIPHER_nid()tb2024-01-181-2/+2
| | | | | | | | EVP_CIPHER_type() will never return NID_gost89_cnt since it has no associated ASN1_OBJECT. Switching to EVP_CIPHER_nid() has a slight chance of working. Do that before beck applies the flensing knife. ok beck
* Remove mention of a refcount bugtb2024-01-131-18/+1
| | | | | | Said bug was fixed in OpenSSL 1.0.0, released 14 years ago. It is of course unsurprising that you may accidentally increment the refcount if your idiom for decrementing it is CRYPTO_add(&bio-references, -1, CRYPTO_LOCK_BIO)).
* BIO_f_ssl.3: Remove explicit library initializationtb2024-01-131-8/+2
|
* Remove last external call to EVP_PKEY_meth_find()tb2024-01-041-5/+6
| | | | | | | | | In order to determine whether GOST is properly enabled, libssl has various weird dances. In this specific case, it calls EVP_PKEY_meth_find() to see whether the relevant cipher is around. Check the same thing with an #ifdef instead. ok jsing
* Fix two more unchecked EVP_PKEY_assign() callstb2023-12-301-17/+25
| | | | | | | | | In SSL{_CTX}_use_RSAPrivateKey() switch from EVP_PKEY_assign_RSA() to EVP_PKEY_set1_RSA() and hold on to the reference of the the pkey for the duration of ssl_set_pkey(). Use single exit and other minor style cleanups. ok joshua jsing
* Neuter the SSL_set_debug(3) APItb2023-12-294-21/+5
| | | | | | | | | | | The TLSv1.3 stack didn't support this in the first place, and in the legacy stack it only added some dubious BIO_flush(3) calls. The sleep call between SSL_read(3) and SSL_write(3) advertised in the comment next to the flag has been a sleep call in the s_server since time immemorial, nota bene between calls to BIO_gets(3). Anyway. This can all go and what remains will go with the next major bump. ok jsing
* Convert ssl3_cipher_by_id() to bsearch()tb2023-11-293-39/+19
| | | | | | | | | | | | | | | | | This was previously the only user of OBJ_bsearch_ssl_cipher_id(), which in turn is the one remaining user of OBJ_bsearch_() outside of libcrypto. OBJ_bsearch_() is OpenSSL's idiosyncratic reimplementation of ANSI C89's bsearch(). Since this used to be hidden behind macro insanity, the result was three inscrutable layers of comparison functions. It is much simpler and cleaner to use the standard API. Move all the code to s3_lib.c, since it's ony used there. In a few further diffs, OBJ_bsearch_() will be removed from libcrypto. Unfortunately, we'll need to keep OBJ_bsearch_ex(), because it is exposed via sk_find_ex(), which is exposed by M2Crypto... ok jsing
* Use a long for id in ssl3_get_cipher_by_id()tb2023-11-292-4/+4
| | | | | | | | | While the cipher id is effectively a 32-bit value, someone decided that it should be represented by a long in various internal structs, whose mameber is passed as id. So use a long because of this and also to make an upcoming diff simpler. ok jsing
* Switch to legacy method late in tls13_use_legacy_stack()tb2023-11-281-3/+7
| | | | | | | | | | | | | | If memory allocation of s->init_buf fails in ssl3_setup_init_buffer() during downgrade to the legacy stack, the legacy state machine would resume with an incorrectly set up SSL, resulting in a NULL dereference. The fix is to switch to the legacy method only after the SSL is fully set up. There is a second part to this fix, which will be committed once we manage to agree on the color of the bikeshed. Detailed analysis and patch from Masaru Masuda, many thanks! https://github.com/libressl/openbsd/issues/146 ok jsing
* Move ssl_cipher_id_cmp() next to its only callertb2023-11-252-15/+14
| | | | | | It was left alone and forlorn in the middle of other nonsense. Since there is only one caller (the OBJ_bsearch_ stupidity), it can be static and there is no need to prototype it in ssl_local.h.
* Unhook and remove the now even more useless ssl_algs.c than it was before.tb2023-11-222-68/+1
| | | | ok jsing
* Make SSL_library_init() a wrapper of OPENSSL_init_ssl()tb2023-11-222-61/+9
| | | | | | | | | | | This way it doesn't do nonsensical work for all those who cargo culted an init sequence. There's no point in having SSL_library_init() as a cheaper version of OPENSSL_init_ssl(): once you do crypto, you'll init crypto... Also move the now trivial implementation to ssl_init.c which has a good license. ok jsing
* Stop calling SSL_library_init() from OPENSSL_init_ssl_internal()tb2023-11-221-2/+1
| | | | | | | | It's pointless: all the ciphers and digests added by SSL_library_init() are already added by OPENSSL_init_crypto(), which was already called at that point. ok jsing
* Move SSL_library_init() next to OPENSSL_init_ssl()tb2023-11-221-3/+2
| | | | | | | Its current position makes no sense and it will become a wrapper of the latter in a subsequent commit. ok jsing
* Unifdef OPENSSL_NO_ENGINE in libssltb2023-11-195-69/+5
| | | | | | As usual, a few manual fixes to avoid duplicate lines. ok jsing
* Manually unifdef OPENSSL_NO_ENGINE in ssl_clnt.ctb2023-11-191-17/+4
| | | | | | This allows us to simplify ssl_do_client_cert_cb() a bit. ok jsing
* Check for negative EVP_CIPHER_CTX_iv_length() return in libssltb2023-11-182-9/+13
| | | | ok beck
* Mention a subtle difference between PEM_def_callback(3) and the example.schwarze2023-09-191-2/+9
| | | | | | | | It's relevant not only for the example, but also because the functions documented here use PEM_def_callback(3) by default, and that exhibits surprising and potentially dangerous behaviour by not NUL-terminating. OK tb@
* Remove the duplicate documentation of pem_password_cb(3).schwarze2023-09-191-56/+94
| | | | | | | | | | | | | | | | | | | While here, also: * Avoid the misleading term "default password callback" because none of the functions in SSL_CTX_use_certificate(3) support overriding it. * Do not talk about "storing", "writing", and "encryption" since the cb passed to SSL_CTX_set_default_passwd_cb(3) is never used for any of that. * List the functions using cb. * Document what happens by default. * Remove the misleading words "which must be provided by the application" because all this is actually optional. * Make several wordings more precise. * Below EXAMPLES, fix argument naming to agree with pem_password_cb(3), clarify the description of what the example does, and, as suggested by tb@, use strlcpy(3). OK tb@
* More 0/NULL confusions in SSL_CTX_new()tb2023-09-191-8/+8
|
* Fix some NULL/0 misspellings in SSL_CTX_new()tb2023-09-191-5/+5
|
* Also remove ecdh.h use from libssltb2023-07-281-2/+1
|
* bump libcrypto, libssl, libtls majorstb2023-07-281-1/+1
|
* Set OPENSSL_NO_ENGINE, remove engine codetb2023-07-282-3/+1
| | | | | | | | | | ENGINE was special. It's horrible code even by the low standards of this library. Some ports may now try to use the stubs which will fail, but the fallout from this should be minimal. Of course there are various language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE by default will likely help fixing this at some point. ok jsing
* Fix two aliases in libcrypto spotted by the new symbols testtb2023-07-192-3/+4
| | | | ok jsing
* Remove old workaround for F5tb2023-07-111-13/+2
| | | | | | | | | | | F5 is well-known for needing workaround (go read RFC 8446). In this particular case, it required implementation sending CHs larger than 255 bytes to 0x0300 otherwise their server would hang. This is the same hang that required the CH padding extension which broke other implementations. The CH padding extension was removed ~6 years ago, so hopefully this kludge will no longer needed either. ok jsing
* fix comment to unbreak things that care about warningsbeck2023-07-081-2/+2
| | | | ok tb@ krw@
* Hide all public symbols in libsslbeck2023-07-0821-33/+828
| | | | | | With the guentherizer 9000 ok tb@
* Enable reading RSA-PSS certificatestb2023-07-071-1/+2
| | | | ok beck jsing
* unifdef the LIBRESSL_HAS_TLS1_3_[CLIENT|SERVER] goobeck2023-07-063-54/+3
| | | | | And remove the tendrils. This was useful for transition but we are now well past this.
* upstream hidden file #include_next workaround for MS C compilersbcook2023-07-051-1/+5
| | | | ok beck@, tb@
* Simplify allocation checkstb2023-07-021-11/+11
| | | | | | | | | | Instead of attempting to allocate a few times and only then check all the returned pointers for NULL, allocate and check one after the othre. This is easier on the eyes and what we usually do. Prompted by a report by Ilya Shipitsin ok beck
* Disable TLS 1.0 and TLS 1.1 in libsslbeck2023-07-022-12/+4
| | | | | | | | | | | | Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols. For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them. ok jsing@ tb@
* Switch from get_rfc*() to BN_get_rfc*()tb2023-06-271-7/+7
| | | | | | | | The existence of the public get_rfc*() API is a historic curiosity that may soon be corrected. We inherited its use and it survived in libssl until now. Switch to the better named BN_get_rfc*() wrappers. ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 18:12:56 +0000