| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok doug@
|
| | |
|
| |
|
|
|
|
| |
certificate validity checking.
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
| |
Make tls_read(3)/tls_write(3) follow read(2)/write(2) like semantics and
return 0 on EOF with and without close-notify. However, if we saw an EOF
from the underlying file descriptors without getting a close-notify, save
this and make it visible when tls_close(3) is called. This keeps the
semantics we want, but makes it possible to detect truncation at higher
layers, if necessary.
ok beck@ guenther@
|
| |
|
|
|
|
| |
for which they are not valid operations.
ok beck@
|
| |
|
|
|
| |
we can indicate an EOF properly on tls_read and tls_write
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
at handshake time. change accessors to return const char * to remove need
for caller to free memory.
ok jsing@
|
| |
|
|
|
|
|
|
|
|
| |
that we will pass the result through tls_ssl_error() on failure. Otherwise
we can end up reporting spurious errors due to their being unrelated errors
already on the error stack.
Spotted by Marko Kreen.
ok beck@
|
| |
|
|
|
|
| |
handshake. Free the reference when we reset the TLS context.
ok beck@
|
| |
|
|
| |
tls_configure_ssl_verify(). Also tweak an error message and unwrap a line.
|
| |
|
|
| |
ok deraadt@ jsing@
|
| |
|
|
|
|
|
| |
to make it more clear to users of this api what needs to be done in these error
cases.
Discussed extensively with bluhm@ and jsing@ and others.
ok jsing@
|
| |
|
|
|
|
|
|
| |
match read() and write() semantics to make porting existing code using
read/write easier.. requested by bluhm@ who convinced jsing and I to break
the api
ok jsing@ bluhm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tls_accept/tls_connect functions can be guaranteed to succeed or fail and
will no longer return TLS_READ_AGAIN/TLS_WRITE_AGAIN. This also resolves
the semantics of tls_accept_*.
The tls_handshake() function now does I/O and can return
TLS_READ_AGAIN/TLS_WRITE_AGAIN. Calls to tls_read() and tls_write() will
trigger the handshake if it has not already completed, meaning that in many
cases existing code will continue to work.
Discussed over many coffees at l2k15.
ok beck@ bluhm@
|
| |
|
|
| |
Requested by bluhm@
|
| |
|
|
|
| |
ride upcoming minor bump
ok jsing@
|
| |
|
|
|
|
|
| |
this avoids the problem of people checking for return values < 0
and then checking for errno before checking for TLS_READ_AGAIN
TLS_WRITE_AGAIN - since we can not guarantee what errno will be
set to from the underlying library calls
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The tls_set_error() function previously stored the errno but did nothing
with it. Change tls_set_error() to append the strerror(3) of the stored
errno so that we include useful information regarding failures.
Provide a tls_set_errorx() function that does not store the errno or
include strerror(3) in the error message. Call this function instead of
tls_set_error() for errors where the errno value has no useful meaning.
With feedback from and ok doug@
|
| |
|
|
|
|
|
|
|
|
|
| |
ensure that the temporary state flags get cleared in tls_reset(). Fixes a
bug spotted by Marko Kreen whereby TLS_CONNECTING could remain on reset.
While here, also move the TLS_STATE_CONNECTING check to after the
TLS_CLIENT check - if TLS_STATE_CONNECTING was ever set on any other
context type it would allow a bypass.
ok bluhm@
|
| |
|
|
|
|
| |
broken by r1.4.
Spotted by Marko Kreen.
|
| |
|
|
|
|
|
| |
in libtls. This gives tls_write() a similar short write semantics
as write(2). So implementing daemons with libevent buffers will
be easier and workarounds in syslogd and httpd can be removed.
OK tedu@ beck@ reyk@
|
| |
|
|
|
|
|
| |
ensure that outlen is set to zero so that tls_read() has read(2) like
semantics for EOF.
Spotted by doug@
|
| |
|
|
|
|
|
|
|
|
|
| |
from the other side and only return TLS_READ_AGAIN/TLS_WRITE_AGAIN if we
failed to send a close notify on a non-blocking socket.
Otherwise be more forceful and always shutdown/close the socket regardless
of other failures. Also do not consider ENOTCONN or ECONNRESET to be a
shutdown failure, since there are various situations where this can occur.
ok doug@ guenther@
|
| |
|
|
|
|
| |
close the connection. Also correctly handle the error on failure.
Diff from cookieandscream via github.
|
| |
|
|
|
|
|
| |
for the server, rather than on the context for the connection. This makes
more sense than the current behaviour does.
Issue reported by Tim van der Molen.
|
| |
|
|
|
|
|
| |
dance handling code. This means that we get slightly useful messages when
a TLS connection or accept fails.
Requested by reyk@
|
| |
|
|
|
|
| |
failures return something that is actually useful to the caller.
ok reyk@
|
| |
|
|
|
| |
As discussed with beck@ jsing@ and others
OK beck@
|
| |
|
|
|
|
|
|
|
|
| |
libtls accepts size_t for lengths but libssl accepts int. This verifies
that the input does not exceed INT_MAX. It also avoids truncating size_t
when comparing with int and adds printf-style attributes for
tls_set_error().
with input from deraadt@ and tedu@
ok tedu@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove direct calls to printf from the tls_check_hostname() path. This allows
NUL byte error messages to bubble up to the caller, to be logged in a
program-appropriate way. It also removes non-portable calls to getprogname().
The semantics of tls_error() are changed slightly: the last error message is
not necessarily preserved between subsequent calls into the library.
When the previous call to libtls succeeds, client programs should treat the
return value of tls_error() as undefined.
ok tedu@
|
|
|
distinguish between LibreSSL (the project) and libressl (the library).
Discussed with many.
|
