| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The bounded attribute leads to failing regress compilation with gcc due
to a test passing a negative length to exercise a chck.
noticed and fixed suggested by claudio
|
| | |
|
| |
|
|
|
|
| |
and manpages and add restrict qualifiers.
ok millert@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only thing it does is error because of a check added in sockargs() in
uipc_syscalls r1.155. As guenther pointed out, this may have been added
because of a misreading of the last sentence of the first paragraph of the
connect(2) manual.
Instead of erroring, this will keep listening if -k is given and otherwise
it will close the socket and exit with success.
ok guenther jeremy
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
memmem(3) was also added. Update #include visibility and manpages
and add restrict qualifiers.
"never thought I'd see this day" millert@
|
| |
|
|
|
|
| |
adjust #include visibility and update the reallocarray(3) manpage
ok millert@
|
| |
|
|
|
|
| |
Unbreaks ssh's t-agent-pkcs11-cert regress reported by anton.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
rust-openssl tests do something weird and need lots of ex data (one index
for each registered callback, for example). This makes the regress pass
again.
noticed by anton
ok jsing
|
| |
|
|
|
|
|
|
|
| |
It's a double pointer, so we should allocate a pointer size, not the entire
struct. This saves roughly 500B per class.
CID 507397
ok jsing
|
| |
|
|
| |
From Kenjiro Nakayama
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSL_CTX_set_cert_store() should have been called SSL_CTX_set0_cert_store()
since it takes ownership of the store argument. Apparently a few people ran
into the issue of not bumping the refcount themselves, leading to use after
frees about 10 years ago. This is a quite rarely used API and there are no
misuses in the ports tree, but since someone did the work of writing a diff,
we can still add it.
Needless to say that SSL_CTX_get_cert_store() obviously has the exact same
issue and nobody seems to have thought of adding a get0 or get1 version to
match...
Fixes https://github.com/libressl/openbsd/issues/71
From Kenjiro Nakayama
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
| |
Arguably the want_protocol entries in various of these tests are incorrect
but I'll leave that for another day.
|
| |
|
|
|
| |
This mostly reverts what was done by beck in Tallinn and adjust tlstest
to add new test cases and now failing connection tests.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Redefining TLS_PROTOCOL_TLSv1_0 and TLS_PROTOCOL_TLSv1_1 to be the same
as TLS_PROTOCOL_TLSv1_2 had undesired side effects, as witnessed in the
accompanying regress tests. The protocol string all:tlsv1.0 would disable
TLSv1.2 (so only enable TLSv1.3) and tlsv1.2:!tlsv1.1 would disable all
protocols.
It makes more sense to ignore any setting of TLSv1.0 and TLSv1.1, so if
you request 'tlsv1.1' you get no protocol, but 'all:!tlsv1.1' will enable
the two supported protocols TLSv1.3 and TLSv1.2.
Restore the defines to their original values and adjust the parsing code
to set/unset them.
Issue reported by Kenjiro Nakayama
Fixes https://github.com/libressl/openbsd/issues/151
with/ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CRYPTO_EX_DATA exists as a way to allow an application to attach data to
various components in libcrypto and libssl. The general idea is that there
are various "classes" (e.g. RSA) and an application can get an "index"
(which can have new/dup/free functions provided). The application can then
use the index to store a pointer to some form of data within that class,
for later retrieval.
However, even by OpenSSL standards, this is an insane API. The current
implementation allows for data to be set without calling new, indexes
can be used without allocation, new can be called without actually getting
an index and dup can be called either after new or without new (see regress
and RSA_get_ex_new_index(3)/CRYPTO_set_ex_data(3) for more details). On
top of this, the previous "overhaul" of the code was written to be
infinitely extensible.
For now, the rewrite intends to maintain the existing behaviour - once we
bed this down we can attempt to ratchet the API requirements and require
some sort of sensible sequence. The only intentional change is that there
is now a hard limit on the number of indexes that can be allocated
(previously there was none, relying only on ENOMEM).
ok tb@
|
| |
|
|
| |
systems. Use a proper sleep using usleep(100) instead.
|
| | |
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
| |
These are (not so) thin wrappers around the stack API and only make
things unreadable by adding an unneccesary layer of indirection and
repeating checks already present in the stack API. X509at_delete_attr()
is a masterpiece.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Inline the get_cipher implementation (including the special handling
for DTLS) in ssl_cipher_collect_ciphers() (the only consumer), remove
the get_cipher member of SSL_METHOD and mop up dtls1_get_cipher().
ssl3_get_cipher() has always had a strange property of being a reverse
index, which is relied on by the cipher list ordering code, since it
currently assumes that high cipher suite values are preferable. Rather
than complicating ssl3_get_cipher() (and regress), change the iteration
order in ssl_cipher_collect_ciphers() to match what it requires. Lastly,
rename ssl3_get_cipher() to be more descriptive.
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL has had the concept of cipher IDs, which were a way of working
around overlapping cipher suite values between SSLv2 and SSLv3. Given
that we no longer have to deal with this issue, replace the use of IDs
with cipher suite values. In particular, this means that we can stop
mapping back and forth between the two, simplifying things considerably.
While here, remove the 'valid' member of the SSL_CIPHER. The ssl3_ciphers[]
table is no longer mutable, meaning that ciphers cannot be disabled at
runtime (and we have `#if 0' if we want to do it at compile time).
Clean up the comments and add/update RFC references for cipher suites.
ok tb@
|
| |
|
|
| |
extracted from a diff by Kenjiro Nakayama
|
| | |
|
| |
|
|
|
|
|
| |
This uses the same language in most manuals mentioning the obsolete
ENGINE parameters. Make it clear that it is always ignored and that
NULL should be passed. Always call it engine instead of a mix of e
pe, impl, eng.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
(why is it always me who gets to clean up this shit?)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a long time SSL_SESSION has had both a cipher ID and a pointer to
an SSL_CIPHER (and not both are guaranteed to be populated). There is also
a pointer to an SSL_CIPHER in the SSL_HANDSHAKE that denotes the cipher
being used for this connection. Some code has been using the cipher from
SSL_SESSION and some code has been using the cipher from SSL_HANDSHAKE.
Remove cipher from SSL_SESSION and use the version in SSL_HANDSHAKE
everywhere. If resuming from a session then we need to use the SSL_SESSION
cipher ID to set the SSL_HANDSHAKE cipher. And we still need to ensure that
we update the cipher ID in the SSL_SESSION whenever the SSL_HANDSHAKE
cipher changes (this only occurs in a few places).
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
SSL_SESSION has a 'ciphers' member which contains a list of ciphers
that were advertised by the client. Move this from SSL_SESSION to
SSL_HANDSHAKE and rename it to match reality.
ok tb@
|
| | |
|
| |
|
|
| |
Turns out this is already linked statically.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
The handshake MAC needs to be upgraded when TLSv1.0 and TLSv1.1
ciphersuites are used with TLSv1.2. Since we no longer support TLSv1.0
and TLSv1.1, we can simply upgrade the handshake MAC in the ciphersuite
table and remove the various defines/macros/code that existed to handle
the upgrade.
ok tb@
|
