| Commit message (Collapse) | Author | Files | Lines |
|---|
|
if it fails, free the object we were about to push.
Factor error handling to avoid having four copies of about the same code.
ok guenther@
|
|
on a stack; if the latter fails, we need to free the object before returning
failure.
ok guenther@
|
|
ok guenther@
|
|
Tweaks and ok guenther@
|
|
ok deraadt@ guenther@
|
|
ok deraadt@ guenther@
|
|
ok miod
|
|
ssl_add_clienthello_tlsext() and ssl_add_serverhello_tlsext(), rather than
the current generic naming.
ok miod@
|
|
hand rolling the same code.
ok miod@
|
|
return the client format list if the client_formats flag is specified.
Use tls1_get_formatlist()/tls1_get_curvelist() in tls1_check_ec_key(),
simplifying the code.
ok miod@
|
|
|
|
|
|
While there are no additional symbols, there is an additional command that
clients will potentially depend on.
|
|
if you're careful, cert only verification can be useful.
always enable both though, to avoid accidentally leaving one off.
ok jsing
|
|
default. This enables automatic handling of ephemeral EC keys.
Discussed with reyk@ and tedu@
|
|
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
|
ok tedu@, miod@
|
|
- don't define default_bits, allowing the compiled-in default (now 2048
bits) to take priority.
- add commented-out default_md line in case somebody needs an easy way
to change this.
- remove some sample sections which aren't really useful in the default
file (/etc/examples is the place for a more descriptive config, this
file should be barebones).
Help/OK jsing@. OKs on earlier diff (openssl.cnf only) from phessler@ aja@.
|
|
keys by default (instead of SHA1/3DES) and update documentation to match.
Another way to do this is s/NID_sha1/NID_sha256/ in src/crypto/rsa/rsa_ameth.c
("case ASN1_PKEY_CTRL_DEFAULT_MD_NID") but going with the more targetted method
above that only affects "openssl req" for now.
Help/OK jsing@. OKs on earlier diffs changing openssl.cnf from phessler@ aja@
|
|
The existing code reaches around into various internals of EC, which it
should not know anything about. Replace this with a set of functions that
that can correctly extract the necessary details and handle the
comparisions.
Based on a commit to OpenSSL, with some inspiration from boringssl.
ok miod@
|
|
if a NULL stack was passed as argument. Fix this by returning NULL early in
that case.
|
|
so that applies to both the ressl client and server.
|
|
configured.
Discussed with several.
ok bcook@
|
|
than rerolling our own key clearing code.
ok tedu@
|
|
X509_STORE_CTX_init(): do not free the X509_STORE_CTX * parameter upon
failure, for we did not allocate it and it might not come from the heap,
such as in check_crl_path() in this very same file where X509_STORE_CTX_init()
gets invoked with a stack address.
ok bcook@
|
|
memcpy().
ok bcook@
|
|
parameter, correctly set param->name to NULL after having freed it.
ok bcook@
|
|
|
|
ok jsing@ miod@
|
|
Now that ressl config takes copies of the keys passed to it, the keys need
to be explicitly cleared. While this can be done by calling the appropriate
functions with a NULL pointer, it is simpler and more obvious to call one
function that does this for you.
ok tedu@
|
|
read the PEM-encoded certificate chain from memory instead of a file.
This idea is derived from an older implementation in relayd that was
needed to use the function with a privep'ed process in a chroot. Now
it is time to get it into LibreSSL to make the API more privsep-
friendly and to make it available for other programs and the ressl
library.
ok jsing@ miod@
|
|
ok bcook@
|
|
for it may be NULL. Do not leak memory upon error.
ok bcook@
|
|
manual field fiddling to create an ASN1_INTEGER object, instead of using
M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes.
That person had probably never looked into malloc(3) and never heard of
allocation size rounding.
Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by
ASN1_INTEGER_set(), to achieve a similar result, without the need for
/* version == 0 */ comments.
ok bcook@
|
|
caller worrying about leaks or lifetimes.
after feedback from jsing
|
|
fixed.
|
|
the 64-bit code has to be disabled under OpenBSD/hppa.
|
|
cases and breaks TLS 1.2; crank libcrypto.so minor version out of safety and
to be able to tell broken versions apart easily.
|
|
ok miod@
|
|
Based on OpenSSL.
ok miod@
|
|
ok tedu@
|
|
X509_STORE_get1_certs(), X509_STORE_get1_crls(): check the result of
allocations.
ok tedu@
|
|
the first EVP block.
ok tedu@
|
|
ok tedu@
|
|
for the server hello.
From OpenSSL.
ok miod@
|
|
strdup() to allocated directory list components.
ok jsing@
|
|
effectively built two "static" data structures - instead of doing this,
just use static data structures to start with.
From OpenSSL (part of a larger commit).
ok miod@
|
|
ssl3_send_finished(). While this previously checked against a zero return
value (which could occur on failure), we may as well test against the
expected length, since we already know what that is.
|
|
end up with a value of zero, primarily since ssl3_take_mac() fails to check
the return value from the final_finish_mac() call. This would then mean that
an SSL finished message with a zero-byte payload would successfully match
against the calculated finish MAC.
Avoid this by checking the length of peer_finish_md_len and the SSL
finished message payload, against the known length already stored in
the SSL3_ENC_METHOD finish_mac_length field (making use of a previously
unused field).
ok miod@ (a little while back)
|
|
From OpenSSL.
|
