| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Fix some tests that fail with obscure error messages on 'make' if the
required package (either version of OpenSSL or Botan 2) isn't installed.
This can be avoided by doing 'make regress' instead. I'll try to adjust
my finger memory for the many tests outside the LibreSSL tree that have
the same "problem". The fix here is unintrusive and I've been wasting
enough time with this to want to change it.
ok bluhm
|
| | |
|
| |
|
|
| |
Suggested by and discussed with beck
|
| |
|
|
|
|
|
| |
context. This is what is returned in SSL_get_verify_result().
Spotted and initial diff from jeremy; discussed with jsing
ok beck
|
| |
|
|
|
|
| |
ctx->xsc->error. Will be needed in an upcoming diff.
from beck
|
| |
|
|
|
|
| |
and testing purposes.
ok beck inoguchi jsing
|
| |
|
|
|
|
|
| |
In x509.h r1.70 (2018/08/24) I turned some macros into actual functions
to follow what OpenSSL is doing since 1.1.0. The documentation still
claims that they are implemented as macros. Update a doc sync commit
hash while there.
|
| |
|
|
|
|
|
|
| |
syscall. So whenever we pass a bad address we get a SIGSEGV instead of
EFAULT. POSIX explicitly allows this behaviour. So adjust the test
to deal with this case.
ok deraadt@, millert@, guenther@
|
| |
|
|
|
|
| |
(typically) doesn't implement support for these.
ok patrick@, drahn@
|
| |
|
|
| |
optional and isn't implemented on most hardware.
|
| |
|
|
|
| |
Two functions missed (void) in their declaration which made gcc whine
"warning: function declaration isn't a prototype".
|
| |
|
|
|
| |
gcc emits a signed vs unsigned comparison warning which breaks the build
due to -Werror.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
and add the ability to parse a port in the specified ocsp url.
Since this will now pass them, enable regress tests previously
committed for ocspcheck.
mostly by me with some cleanup by tb after an obvious yak was found
to shave in the OCSP routines in libcrypto
ok tb@
|
| |
|
|
|
|
|
|
|
| |
Provide a BIO that can drop specific messages in order to trigger and test
DTLS timeouts and retransmissions. Note that the SSL buffering BIO (bbio)
has to be removed to ensure that handshake messages are sent individually.
This would have detected the recent DTLS breakage with retransmissions for
a flight that includes a CCS.
|
| |
|
|
|
|
|
|
|
|
| |
When retransmitting a flight that includes a CCS, the record protection
from the previous epoch has to be used to send the messages up to and
including the CCS, with messages after the CCS using record protection
from the current epoch. The code that restores the record protection state
failed to work correctly with the new TLSv1.2 record layer.
ok tb@
|
| |
|
|
|
| |
In particular, ensure we clear events when the client or server side has
completed and fix timeouts to ensure we use a non-zero timeout if present.
|
| | |
|
| |
|
|
|
|
| |
Garbage collect the now unused SSL_IS_DTLS macro.
ok tb@
|
| |
|
|
|
|
|
| |
For now this is #ifdef LIBRESSL_INTERNAL and will be exposed during the
next library bump.
ok tb@
|
| |
|
|
|
|
|
|
| |
Rather than inferring DTLS from the method version, add a field that marks
a method as specifically being DTLS. Have SSL_IS_DTLS condition on this
rather than on version.
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
Test the operation of a DTLS client and server, with and without cookies,
using the default MTU and a specifically lowered MTU.
Further regress tests will be built on this to exercise other parts of the
DTLS code base (such as retransmission, fragmentation and reassembly).
|
| | |
|
| |
|
|
|
|
|
| |
Otherwise each run of the s_client leaks 16k of memory. This hurts
in interactive mode.
ok inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
While OCSP uses HTTP/1.0 where a host header is optional, some widely
used OCSP responders will return 400 bad request if it is missing. Add
such a header unless it's already provided in the user's custom headers.
OpenSSL did something similar in ff4a9394a23 and 76e0cd12f68
(both commits are under the old license)
ok inoguchi
|
| |
|
|
| |
ok guenther tb millert
|
| | |
|
| |
|
|
| |
suggested by tb@
|
| |
|
|
|
|
| |
deprecated methods to a separate table. Simplify and shorten the
surrounding verbiage.
Joint work with tb@.
|
| |
|
|
|
|
|
| |
and *_client_method(3). Adjust the documentation.
While here, delete most of the verbiage regarding the deprecated
functions SSLv23_*(3) and add the missing entry to RETURN VALUES.
OK tb@
|
| |
|
|
|
|
|
| |
with #defines for the per-version initializers instead of extern
globals. Add SSL_USE_SHA256_PRF() to complete the abstraction.
ok tb@ jsing@
|
| |
|
|
|
|
|
|
| |
This condition previously existed for DTLS BAD_VER, which has long been
removed. Furthermore, conditioning on DTLS1_VERSION means this is broken
for any newer DTLS version. While here roll up two assertions into one.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When transitioning from the TLSv1.3 stack to the legacy stack, grow
init_buf before stashing the handshake message. The TLSv1.3 stack has
already received the handshake message (potentially from multiple TLS
records) and validated its size, however the default allocation is only
for a single plaintext record, which can result in the handshake message
failing to fit in certain cases.
Issue noted by tb@ via tlsfuzzer.
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
There is no reason (and there never was any) for profile_name to be
non-const, it was always just passed to strncmp(). Changing this
allows removing an ugly instance of casting away const.
ok guenther jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Historically, OpenSSL has had client and server specific methods - the only
difference between these is that the .ssl_connect or .ssl_accept function
pointer is set to ssl_undefined_function, with the intention of reducing
code size for a statically linked binary that was only a client or server.
These days the difference is minimal or non-existant in many cases and
we can reduce the amount of code and complexity by having single method.
Internally remove all of the client and server specific methods,
simplifying code in the process. The external client/server specific API
remain, however these now return the same thing as TLS_method() does.
ok tb@
|
| | |
|
| |
|
|
| |
ok tb@ jsing@
|
| |
|
|
|
|
| |
.data.rel.ro and .rodata respectively.
ok tb@ jsing@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On success, OCSP_request_add0_id() transfers ownership of cid to
either 'one' or 'req' depending on whether the latter is NULL or
not. On failure, the caller can't tell whether OCSP_ONEREQ_new()
failed (in which case cid needs to be freed) or whether it was a
failure to allocate memory in sk_insert() (in which case cid must
not be freed).
The caller is thus faced with the choice of leaving either a leak
or a potential double free. Fix this by transferring ownership
only at the end of the function.
Found while reviewing an upcoming diff by beck.
ok jsing
|
| |
|
|
|
| |
So redo previous commit properly:
Use random value for canary bytes; ok tb@.
|
| |
|
|
| |
ok inoguchi@ tb@ deraadt@
|
| |
|
|
|
| |
documenting that SSL_set_bio(3) cannot fail. A similar commit was
made by schwarze a while ago for a few functions in libcrypto.
|
| | |
|
| |
|
|
|
|
|
|
| |
chain. It only takes a few dozens of ms to read it, but doing this 7290
times adds up to a few minutes run time. This way, the test completes in
a handful of seconds.
Diagnosed by jsing, ok beck
|
| | |
|
| | |
|
| | |
|
