summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Unroll ASN1_ITEM_ref()job2021-09-021-1/+1
| | | | OK @tb
* Change OPENSSL_strdup() to strdup()job2021-09-021-1/+1
| | | | OK tb@
* Change OPENSSL_malloc to calloc()job2021-09-021-1/+2
| | | | OK tb@
* Repair unrolling of static ASN1_ITEM IPAddrBlocks_itjob2021-09-021-0/+11
| | | | | | The conversion tool didn't handle 'static_ASN1_ITEM_TEMPLATE_END' OK tb@
* Make v3_addr and v3_asid extern constjob2021-09-021-2/+2
| | | | OK tb@
* Add err.h for X509error() and friendsjob2021-09-022-0/+2
| | | | OK tb@
* Fix OPENSSL_assert() and assert()job2021-09-022-35/+17
| | | | OK tb@
* Unroll ASN1_EX_TEMPLATE_TYPE IPAddrBlocksjob2021-09-021-4/+7
| | | | OK tb@
* Change the OPENSSL_strdup() to strdup()job2021-09-021-3/+4
| | | | OK beck@ tb@
* Fix header file includesjob2021-09-022-8/+9
| | | | OK tb@
* Move the error put functions from X509V3err() to X509V3error()job2021-09-022-52/+32
| | | | OK tb@
* Unroll ASN1_SEQUENCE() ASN1_CHOICE() ASN1_ITEM_TEMPLATE()job2021-09-022-46/+218
| | | | OK jsing@
* OPENSSL_assert() is not appropriate in this contextjob2021-09-021-2/+3
| | | | | | Feedback from tb@ OK tb@
* Replace ossl_assert()/assert() with OPENSSL_assert()job2021-09-022-14/+14
| | | | OK tb@
* We need to allow for either a CERTIFICATE or CERTIFICATE_STATUS messagebeck2021-09-021-2/+3
| | | | | | here or we break the handshake with BAD_MESSAGE ok tb@
* Replace OPENSSL_free() with free()job2021-09-022-7/+7
| | | | OK tb@
* Unroll IMPLEMENT_ASN1_FUNCTIONS()job2021-09-022-8/+197
| | | | OK jsing@
* Unroll DECLARE_ASN1_FUNCTIONS()job2021-09-021-9/+56
| | | | OK jsing@
* Rename DEFINE_STACK_OF() to DECLARE_STACK_OF()job2021-09-021-4/+4
| | | | OK tb@ jsing@
* Lay groundwork to support X.509 v3 extensions for IP Addresses and AS ↵job2021-09-027-5/+2386
| | | | | | | | | | | Identifiers These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360). Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf) This changeset is a no-op, as there are 10+ issues and at least 2 security issues. Work will continue in-tree. OK tb@, discussed with beck@
* Call the ocsp callback if present and we get no response, instead ofbeck2021-09-021-3/+2
| | | | | | succeeding unconditionally. Makes muststaple work with tls1.3 in nc ok tb@
* Correct the is_server flag in the call to the debug callback to be correct.beck2021-09-021-2/+2
| | | | ok tb@
* RFC 6066 section 8 allows the server MAY choose not send the CertificateStatusbeck2021-09-021-3/+37
| | | | | | | | message, even if it has received a "status_request" extension in the client hello message and has sent a "status_request" extention in the server hello message. Genua found a site that is this broken. This makes it work. ok jsing@
* inet_ntop(3) needs sys/socket.h for AF_INET / AF_INET6 so add the headerclaudio2021-09-012-6/+5
| | | | | to the list. While here remove some of the headers from inet_net_ntop(3) for balance.
* comment out the detailed description of SSL_get_servername(3),schwarze2021-09-011-7/+9
| | | | | | leaving only the basic description in the RETURN VALUES section; tb@ pointed out LibreSSL does not currently provide all those guarantees, and he also OK'ed this diff
* Remove assignment of value that is never read.beck2021-09-011-2/+1
| | | | ok tb@
* Remove some dead code that was missed in an earlier cleanup andtb2021-08-311-4/+3
| | | | | | | | fix a stale comment. Found by mortimer with clang 13's -Wunused-but-set-variable. ok beck
* Defragment DTLS.jsing2021-08-312-123/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In normal TLS, it is possible for record fragments to be sent that contain one byte of alert or handshake message payload. In this case we have to read and collate multiple message fragments before we can decide what to do with the record. However, in the case of DTLS, one record is effectively one packet and while it is possible to send handshake messages across multiple records/packets, the minimum payload is the DTLS handshake message header (plus one byte of data if the handshake message has a payload) - without this, there is insufficient information available to be able to reassemble the handshake message. Likewise, splitting an alert across multiple DTLS records simply does not work, as we have no way of knowing if we're collating the same alert or two different alerts that we lost half of each from (unfortunately, these details are not really specified in the DTLS RFC). This means that for DTLS we can expect to receive a full alert message (a whole two bytes) or a handshake record with at least the handshake message header (12 bytes). If we receive messages with less than these lengths we discard them and carry on (which is what the DTLS code already does). Remove all of the pointless fragment handling code from DTLS, while also fixing an issue where one case used rr->data instead of the handshake fragment. ok inoguchi@ tb@
* Remove a nonsensical s->version == TLS1_VERSION from DTLS code.jsing2021-08-311-6/+1
| | | | ok inoguchi@ tb@ (as part of a larger diff)
* whitespacetb2021-08-312-7/+7
|
* Clean up and simplify info and msg callbacks.jsing2021-08-308-127/+88
| | | | | | | | | The info and msg callbacks result in duplication - both for code that refers to the function pointers and for the call sites. Avoid this by providing typedefs for the function pointers and pulling the calling sequences into their own functions. ok inoguchi@ tb@
* Replace DTLS r_epoch with the read epoch from the TLSv1.2 record layer.jsing2021-08-305-27/+26
| | | | ok inoguchi@ tb@
* Move to an AEAD nonce allocated in the TLSv1.2 record layer.jsing2021-08-301-45/+36
| | | | | | | | There is little to gain by mallocing and freeing the AEAD nonce for each record - move to an AEAD nonce allocated for the record layer, which matches what we do for TLSv1.3. ok inoguchi@ tb@
* sync with OpenSSL 1.1.1, which is still under a free license;schwarze2021-08-301-15/+107
| | | | | | | in particular, this includes new text by Matt Caswell from OpenSSL commit 721eb8f6 Nov 28 12:03:00 2019 +0000 and corrects a wrong argument type that i introduced into the SYNOPSIS; requested by tb@
* Ignore warning alert returns from servername callback in TLSv1.3tb2021-08-301-3/+7
| | | | | | | | | | | | | | | | If a servername callback returns SSL_TLSEXT_ERR_ALERT_WARNING, this results in a fatal error in TLSv1.3 since alert levels are implicit in the alert type and neither close_notify nor user_canceled make sense in this context. OpenSSL chose to ignore this, so we need to follow suit. Found via a broken servername callback in p5-IO-Socket-SSL which returns a Boolean instead of SSL_TLSEXT_ERR_*. This happened to have worked before TLSv1.3 since warning alerts are often ignored. This "fixes" sni.t and sni-verify.t in p5-IO-Socket-SSL. ok beck jsing
* Revert previous change that changed our default return for unable tobeck2021-08-301-11/+5
| | | | | | | | find leaf cert issuers. This breaks perl and ruby regress, as noticed by tb that "we tried this before". Jan's regress that cares about 21 vs 20 needs to change ok tb@
* Fix Jan's regress in openssl/x509 to do what it says it does,beck2021-08-301-5/+11
| | | | | | | | then fix the only thing it still has complaints about which is that we don't return the leaf version of the error code when we can't verify the leaf (as opposed to the rest of the chain) ok jan@ tb@
* Don't call the verify callback twice on success.beck2021-08-291-2/+1
| | | | | | | This fixes a problem in the perl regress where it notices the callback is called twice and complains. ok tb@ bluhm@
* Get rid of historical code to extract the roots in the legacy case.beck2021-08-283-78/+33
| | | | | | | | Due to the need to support by_dir, we use the get_issuer stuff when running in x509_vfy compatibility mode amyway - so just use it any time we are doing that. Removes a bunch of yukky stuff and a "Don't Look Ethel" ok tb@ jsing@
* Clean up and simplify ssl3_dispatch_alert() and ssl3_send_alert().jsing2021-08-281-30/+32
| | | | ok inoguchi@ tb@
* Zap blanks before tabs.tb2021-08-281-4/+4
|
* Remove the "dump_chain" flag and code. This was a workaround for a problem wherebeck2021-08-282-16/+4
| | | | | | | roots were not checked correctly before intermediates that has since been fixed and is no longer necessary. It is regress checked by case 2c in regress/lib/libcrypto/x509/verify.c ok jsing@ tb@
* Remove unused #include <assert.h>.tb2021-08-271-2/+1
| | | | | | | This is from upstream where there is an assert() that EVP_MD_size(digest) matches the length returned by HMAC(). We avoid asserts in our libraries. From Martin Vahlensieck
* Fix various read buffer overflow when printing ASN.1 strings (which aretb2021-08-244-14/+20
| | | | | | | | not necessarily NUL terminated). Same as schwarze's fix in t_x509a.c r1.9. From David Benjamin and Matt Caswell (part of the fixes in OpenSSL 1.1.1l) ok inoguchi
* Pull roots out of the trust store in the legacy xsc when building chainsbeck2021-08-193-8/+26
| | | | | | | to handly by_dir and fun things correctly. - fixes dlg@'s case and by_dir regress in openssl-ruby ok jsing@
* Import initial code for the SM2 ciphertb2021-08-187-0/+1870
| | | | | | | | | | | | | | | | | This adds the SM2 algorithm defined in the Chinese standards GB/T 32918.1-2016, GB/T 32918.2-2016, GB/T 32918.3-2016, GB/T 32918.4-2016 and GB/T 32918.5-2017. This is an ISC licensed implementation contributed by Ribose.inc, based on the same code that was contributed to OpenSSL by Jack Lloyd. The port to LibreSSL was done by Ronald Tse and Nickolay Olshevsky. Github PR #105 I made quite a few cleanup passes on this, but more is needed, some of which will happen in-tree before this is linked to the build. ok deraadt inoguchi (a long time ago), jsing
* Add a check_trust call to the legacy chain validation on chain add, rememberingbeck2021-08-181-2/+10
| | | | | | | | | the result in order to return the same errors as OpenSSL users expect to override the generic "Untrusted cert" error. This fixes the openssl-ruby timestamp test. ok tb@
* Refactor the legacy chain validation from the chain adding code into itsbeck2021-08-181-52/+70
| | | | | | own function, in preparation for subesquent change. No functional change. ok tb@
* typo in commenttb2021-08-161-2/+2
|
* link X509_STORE_get_by_subject(3) and X509_ocspid_print(3) to the build,schwarze2021-08-061-1/+3
| | | | forgotten in earlier commits
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-06 05:07:23 +0000