summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Convert ssl3_send_certificate_request() to CBB.jsing2017-08-113-63/+73
| | | | ok beck@ doug@
* new sentence, new line;jmc2017-08-111-3/+4
|
* Add doug@'s copyright since he just added code to these two files.jsing2017-08-112-2/+4
|
* Bump minor due to symbol addition.jsing2017-08-111-1/+1
| | | | Prompted by jsg@, since I apparently left it sitting in my tree...
* Rewrite the ECPointFormats TLS extension handling using CBB/CBS and thedoug2017-08-114-147/+125
| | | | | | new extension framework. input + ok jsing@
* Add a tls_config_set_ecdhecurves() function to libtls, which allows thejsing2017-08-107-34/+108
| | | | | | | | | | names of the elliptic curves that may be used during client and server key exchange to be specified. This deprecates tls_config_set_ecdhecurve(), which could only be used to specify a single supported curve. ok beck@
* Clean up the EC key/curve configuration handling.jsing2017-08-107-120/+54
| | | | | | | | | | | | | | | | | | | | | | Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...). We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op. ok beck@ doug@
* Pull out the code that identifies if we have an ECC cipher in the cipherjsing2017-08-093-34/+52
| | | | | | | list or if we are negotiating an ECC cipher in the handshake. This dedups some of the existing code and will make the EC extension rewrites easier. ok doug@
* Don't use tls_cert_hash for the hashing used by the engine offloading magicclaudio2017-08-093-11/+24
| | | | | | | | for the TLS privsep code. Instead use X509_pubkey_digest() because only the key should be used as identifier. Relayd is rewriting certificates and then the hash would change. Rename the hash is struct tls_keypair to pubkey_hash to make clear what this hash is about. With input and OK jsing@
* Consistently return from each SSL/SSL_CTX control case, rather thanjsing2017-08-091-33/+27
| | | | breaking from some and returning from others.
* Split out the remaining SSL_CTX controls into individual functions.jsing2017-08-091-40/+88
|
* Start splitting out SSL_CTX controls into individual functions, so thatjsing2017-08-091-71/+92
| | | | they can eventually be exposed as direct functions/symbols.
* Be consistent and return from each SSL control case, rather than breakingjsing2017-08-091-18/+10
| | | | from some.
* Split out the remaining SSL controls into individual functions.jsing2017-08-091-46/+93
|
* Split more controls into individual functions.jsing2017-08-091-64/+91
|
* Start splitting out controls into individual functions, so that they canjsing2017-08-091-29/+63
| | | | eventually be exposed as direct functions/symbols.
* Remove unnecessary curly braces and unindent. Also add a few blank linesjsing2017-08-091-11/+13
| | | | for readability.
* Fix conditionals for DH controls.jsing2017-08-091-3/+3
|
* add missing and correct misspelled names, most in NAME sections;schwarze2017-08-0110-33/+45
| | | | | found with regress/usr.bin/mandoc/db/dbm_dump; OK jmc@
* correct function name;jmc2017-08-011-3/+3
| | | | from carlos cardenas
* as noted by Hanno Boeck, using the *check_private_key functions isbenno2017-07-251-6/+22
| | | | | | tricky, especially since the manpage is full of lies. Try to make readers think twice before using them. With oks and help from schwarze@, tedu@, sthen@, jmc@
* Rewrite and move the last remnants of the ServerHello SNI handling intojsing2017-07-242-29/+25
| | | | | | | | tlsext_sni_serverhello_parse(). This also adds a check to ensure that if we have an existing session, the name matches what we specified via SNI. ok doug@
* Rewrite the TLS Renegotiation Indication extension handling using CBB/CBSjsing2017-07-246-346/+161
| | | | | | | | and the new extension framework. Feedback from doug@ ok inoguchi@
* Hook the TLS extension parsing framework into the serverhello parsing.jsing2017-07-231-1/+6
| | | | Missed in the original commit.
* zap trailing whitespace;jmc2017-07-221-2/+2
|
* rework the page a bit, clarify a few things, maybe better wordingtedu2017-07-221-8/+13
|
* Allow leading . in nameConstraints. from openssl via jabberwock. ok jsingtedu2017-07-201-2/+2
|
* Check the return value of CBB_init_fixed(), since it can fail.jsing2017-07-191-3/+5
|
* Start rewriting TLS extension handling.jsing2017-07-164-141/+328
| | | | | | | | | | | | | | | | Introduce a TLS extension handling framework that has per-extension type functions to determine if an extension is needed, to build the extension data and parse the extension data. This is somewhat analogous to BoringSSL, however these build and parse functions are intentionally symetrical. The framework is hooked into the existing TLS handling code in such a way that we can gradual convert the extension handling code. Convert the TLS Server Name Indication extension to the new framework, while rewriting it to use CBB/CBS and be more strict in the process. Discussed with beck@ ok inoguchi@
* Remove unused variable.jsing2017-07-151-3/+3
| | | | Reported by <dravion at ht-foss dot net>
* remove misc. depend and yacc nits that no longer matter.espie2017-07-101-2/+1
| | | | okay millert@
* one more instance of the previous commit; also initialize ->offset to aotto2017-07-101-2/+3
| | | | definite value in the size == 0 case
* update the little endian processor list to give it a chance of matchingtedu2017-07-082-6/+6
| | | | what the reader is using.
* Only access offset if canaries are enabled *and* size > 0, otherwise offsetotto2017-07-071-2/+2
| | | | is not initialized. Problem spotted by Carlin Bingham; ok phessler@ tedu@
* Document tls_config_set_crl_file() and tls_config_set_crl_mem().jsing2017-07-061-3/+30
| | | | Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks!
* Bump minor due to symbol addition.jsing2017-07-061-1/+1
|
* Add support for providing CRLs to libtls - once a CRL is provided wejsing2017-07-065-4/+67
| | | | | | | | enable CRL checking for the full certificate chain. Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks! Discussed with beck@
* The 0x (or 0X) prefix in base 16 is optional so only skip over themillert2017-07-066-18/+18
| | | | | | prefix if the character following it is a valid hex char. The C99 standard is clear that given the string "0xy" zero should be returned and endptr set to point to the "x". OK deraadt@ espie@
* fix broken cross references; found with mandoc -Tlintschwarze2017-07-063-43/+8
|
* RFC 6066 states that IP literals are not permitted in "HostName" for ajsing2017-07-051-3/+9
| | | | | | | | | | | | TLS Server Name extension, however seemingly several clients (including Python, Ruby and Safari) violate the RFC. Given that this is a fairly widespread issue, if we receive a TLS Server Name extension that contains an IP literal, pretend that we did not receive the extension rather than causing a handshake failure. Issue raised by jsg@ ok jsg@
* nits about trailing punctuation found with mandoc -Tlintschwarze2017-07-051-4/+4
|
* void functions don't return 0tb2017-07-051-6/+2
| | | | From Klemens Nanni
* fix cross references to self; found with mandoc -Tlintschwarze2017-07-054-13/+12
|
* .init stub creation doesn't need a jmp + .align to reach a branch target,deraadt2017-06-281-3/+0
| | | | | | | just fall into the code. The .align created a FILL zone in the .init section, which on i386 was filled with a NOP-sled, something we want to get away from. discussed with kettenis and tom
* Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatjsing2017-06-224-11/+14
| | | | | | | we can prevent libcrypto from going behind our back and trying to read passwords from standard input (which we may not be permitted to do). Found by jsg@ with httpd and password protected keys.
* Fix incorrect indentation.jsing2017-06-221-2/+2
|
* Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.jsing2017-06-221-1/+3
|
* Remove dead code that has remained hiding since ressl.c r1.14!jsing2017-06-221-4/+1
|
* Use the standard `rv' idiom in tls_keypair_load_cert(), rather thanjsing2017-06-221-5/+4
| | | | duplicating clean up code.
* Distinguish between self-issued certificates and self-signed certificates.jsing2017-06-222-30/+40
| | | | | | | | | | | | | | The certificate verification code has special cases for self-signed certificates and without this change, self-issued certificates (which it seems are common place with openvpn/easyrsa) were also being included in this category. Based on BoringSSL. Thanks to Dale Ghent <daleg at elemental dot org> for assisting in identifying the issue and testing this fix. ok inoguchi@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-03 23:02:53 +0000