summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Rewrite and move the last remnants of the ServerHello SNI handling intojsing2017-07-242-29/+25
| | | | | | | | tlsext_sni_serverhello_parse(). This also adds a check to ensure that if we have an existing session, the name matches what we specified via SNI. ok doug@
* Rewrite the TLS Renegotiation Indication extension handling using CBB/CBSjsing2017-07-246-346/+161
| | | | | | | | and the new extension framework. Feedback from doug@ ok inoguchi@
* Hook the TLS extension parsing framework into the serverhello parsing.jsing2017-07-231-1/+6
| | | | Missed in the original commit.
* zap trailing whitespace;jmc2017-07-221-2/+2
|
* rework the page a bit, clarify a few things, maybe better wordingtedu2017-07-221-8/+13
|
* Allow leading . in nameConstraints. from openssl via jabberwock. ok jsingtedu2017-07-201-2/+2
|
* Check the return value of CBB_init_fixed(), since it can fail.jsing2017-07-191-3/+5
|
* Start rewriting TLS extension handling.jsing2017-07-164-141/+328
| | | | | | | | | | | | | | | | Introduce a TLS extension handling framework that has per-extension type functions to determine if an extension is needed, to build the extension data and parse the extension data. This is somewhat analogous to BoringSSL, however these build and parse functions are intentionally symetrical. The framework is hooked into the existing TLS handling code in such a way that we can gradual convert the extension handling code. Convert the TLS Server Name Indication extension to the new framework, while rewriting it to use CBB/CBS and be more strict in the process. Discussed with beck@ ok inoguchi@
* Remove unused variable.jsing2017-07-151-3/+3
| | | | Reported by <dravion at ht-foss dot net>
* remove misc. depend and yacc nits that no longer matter.espie2017-07-101-2/+1
| | | | okay millert@
* one more instance of the previous commit; also initialize ->offset to aotto2017-07-101-2/+3
| | | | definite value in the size == 0 case
* update the little endian processor list to give it a chance of matchingtedu2017-07-082-6/+6
| | | | what the reader is using.
* Only access offset if canaries are enabled *and* size > 0, otherwise offsetotto2017-07-071-2/+2
| | | | is not initialized. Problem spotted by Carlin Bingham; ok phessler@ tedu@
* Document tls_config_set_crl_file() and tls_config_set_crl_mem().jsing2017-07-061-3/+30
| | | | Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks!
* Bump minor due to symbol addition.jsing2017-07-061-1/+1
|
* Add support for providing CRLs to libtls - once a CRL is provided wejsing2017-07-065-4/+67
| | | | | | | | enable CRL checking for the full certificate chain. Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks! Discussed with beck@
* The 0x (or 0X) prefix in base 16 is optional so only skip over themillert2017-07-066-18/+18
| | | | | | prefix if the character following it is a valid hex char. The C99 standard is clear that given the string "0xy" zero should be returned and endptr set to point to the "x". OK deraadt@ espie@
* fix broken cross references; found with mandoc -Tlintschwarze2017-07-063-43/+8
|
* RFC 6066 states that IP literals are not permitted in "HostName" for ajsing2017-07-051-3/+9
| | | | | | | | | | | | TLS Server Name extension, however seemingly several clients (including Python, Ruby and Safari) violate the RFC. Given that this is a fairly widespread issue, if we receive a TLS Server Name extension that contains an IP literal, pretend that we did not receive the extension rather than causing a handshake failure. Issue raised by jsg@ ok jsg@
* nits about trailing punctuation found with mandoc -Tlintschwarze2017-07-051-4/+4
|
* void functions don't return 0tb2017-07-051-6/+2
| | | | From Klemens Nanni
* fix cross references to self; found with mandoc -Tlintschwarze2017-07-054-13/+12
|
* .init stub creation doesn't need a jmp + .align to reach a branch target,deraadt2017-06-281-3/+0
| | | | | | | just fall into the code. The .align created a FILL zone in the .init section, which on i386 was filled with a NOP-sled, something we want to get away from. discussed with kettenis and tom
* Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatjsing2017-06-224-11/+14
| | | | | | | we can prevent libcrypto from going behind our back and trying to read passwords from standard input (which we may not be permitted to do). Found by jsg@ with httpd and password protected keys.
* Fix incorrect indentation.jsing2017-06-221-2/+2
|
* Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.jsing2017-06-221-1/+3
|
* Remove dead code that has remained hiding since ressl.c r1.14!jsing2017-06-221-4/+1
|
* Use the standard `rv' idiom in tls_keypair_load_cert(), rather thanjsing2017-06-221-5/+4
| | | | duplicating clean up code.
* Distinguish between self-issued certificates and self-signed certificates.jsing2017-06-222-30/+40
| | | | | | | | | | | | | | The certificate verification code has special cases for self-signed certificates and without this change, self-issued certificates (which it seems are common place with openvpn/easyrsa) were also being included in this category. Based on BoringSSL. Thanks to Dale Ghent <daleg at elemental dot org> for assisting in identifying the issue and testing this fix. ok inoguchi@
* port the RBT code to userland by making it part of libc.dlg2017-06-191-10/+11
| | | | | | | | | | | | | | src/lib/libc/gen/tree.c is a copy of src/sys/kern/subr_tree.c, but with annotations for symbol visibility. changes to one should be reflected in the other. the malloc debug code that uses RB code is ported to RBT. because libc provides the RBT code, procmap doesn't have to reach into the kernel and build subr_tree.c itself now. mild enthusiasm from many ok guenther@
* mark files as BUILDFIRST, or write explicit dependencies, so that mostespie2017-06-161-1/+2
| | | | | programs will build even without a make depend first. okay tb@ millert@
* fix broken markup of callback arguments; found with mandoc -Tlintschwarze2017-06-102-11/+8
|
* repair broken markup of callback argument; found with mandoc -Tlintschwarze2017-06-101-5/+3
|
* Don't fall back to heapsort() if we would otherwise switch tomillert2017-05-301-7/+7
| | | | insertion sort (when the number of elements is < 7).
* Randomize link-order of libcrypto as we do with libc. This libraryderaadt2017-05-291-1/+2
| | | | | | | | | | | | | | has many small functions without significant local storage, therefore less tail protection from -fstack-protector-strong to prevent their use as ROP gadgets. It is used in security contexts. Also many functions dribble pointers onto the stack, allowing discovery of gadgets via the fixed relative addresses, so let's randomly bias those. ok tedu jsing The rc script will soon need a strategy for skipping this step on machines with poor IO performance. Or maybe do it less often? However, I don't see many more libraries we'll do this with, these are the two most important ones.
* Avoid a potential NULL pointer dereference in d2i_ECPrivateKey().jsing2017-05-261-1/+7
| | | | | | Reported by Robert Swiecki, who found the issue using honggfuzz. ok bcook@
* Add definitions for three OIDs used in EV certificates.jsing2017-05-252-0/+9
| | | | From Kyle J. McKay <mackyle at gmail dot com>
* Support swapping 32-bit aligned elements on 64-bit platforms.millert2017-05-241-22/+63
| | | | | Previously they would be swapped a byte at a time when sizeof(int) != sizeof(long). Idea from FreeBSD.
* Document that qsort falls back to heapsort() if the recursion depthmillert2017-05-201-3/+13
| | | | exceeds 2 lg N and add a reference to the introsort paper.
* Use David Musser's introsort algorithm to fall back to heapsort(3)millert2017-05-202-14/+45
| | | | | | when the recursion depth reaches 2*lg(n + 1). This avoids quicksort's quadratic behavior for pathological input without appreciably changing the average run time.
* The BSD qsort() performs tail recursion elimination on the secondmillert2017-05-171-10/+25
| | | | | | | | side of the array being partitioned to save on stack space. Greater savings can be gained by choosing recursion for the smaller side of the partition and eliminating recursion for the larger side. This also results in a small but measurable performance gain. OK otto@ schwarze@
* Plug a memory leak. The main_cert needs to be X509_free()ed sinceclaudio2017-05-161-0/+2
| | | | | | SSL_get_peer_certificate() increases the ref count whereas extra_certs do not because SSL_get_peer_cert_chain() won't increase ref counts. OK beck@
* Typo: freezeo -> freezerotb2017-05-151-3/+3
| | | | From "fenderq" on freenode via tj@
* - fix bug wrt posix_memalign(3) of blocks between half a page and a pageotto2017-05-132-8/+18
| | | | | - document posix_memalign() does not play nice with reacallocarray(3) and freezero(3)
* Fix a problem introduced in freezero() conversion and usejsg2017-05-111-2/+2
| | | | | | | | | | sizeof(struct) not sizeof(pointer). otto@ points out that on OpenBSD currently freezero() would have still zeroed the entire allocation, but this is not documented behaviour and may change in future. ok tom@
* BUF_MEM_grow_clean() returns an int, not a size_t. Humourously, on successjsing2017-05-081-3/+3
| | | | it returns "len", which is a size_t value, as an int...
* Drop cipher suites with DSS authentication - there is no good reason tojsing2017-05-071-197/+1
| | | | | | keep these around. ok beck@
* Instead of starting a 'zero-sized' CBB at the size of the first additionjsing2017-05-071-5/+8
| | | | | | | | to the CBB, then doubling, start with an initial size of 64 bytes. Almost all uses will exceed this size and we avoid multiple small recallocarray() calls during the initial usage. ok beck@
* Move state from ssl->internal to the handshake structure.beck2017-05-0715-256/+267
| | | | | | | while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
* Ensure that a client context has been connected before attempting tojsing2017-05-072-4/+12
| | | | complete a TLS handshake.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 19:54:56 +0000