| Age | Commit message (Collapse) | Author |
|---|
|
Now that DTLS1_STATE is opaque, fold DTLS1_STATE_INTERNAL back into
DTLS1_STATE and remove D1I() usage.
ok tb@
|
|
ok jsing
|
|
ok inoguchi@ tb@
|
|
When DTLS handshake records are received from the next epoch, we will
potentially queue them on the unprocessed_rcds queue - this is usually
a Finished message that has been received without the ChangeCipherSuite
(CCS) message (which may have been dropped or reordered).
After the epoch increments (due to the CCS being received), the current
code processes all records on the unprocessed queue and immediate queues
them on the processed queue, which dtls1_get_record() then pulls from.
This form of processing only adds more complexity and another queue.
Instead, once the epoch increments, pull a single record from the
unprocessed queue and process it, allowing the contents to be consumed
by the caller. We repeat this process until the unprocessed queue is
empty, at which point we go back to consuming messages from the wire.
ok inoguchi@ tb@
|
|
Now that SSL_METHOD is opaque and in internal headers, we can remove
SSL_METHOD_INTERNAL by merging it back into SSL_METHOD.
ok tb@
|
|
This allows for regress to test edge cases for epoch handling.
ok tb@
|
|
Currently these only get correctly initialised when
dtls1_process_buffered_records() is called - while this works it is more
accidental than intentional.
ok tb@
|
|
Now that the DTLS structs are opaque, add a dtls_locl.h header and move
internal-only structs from dtls1.h, along with prototypes from ssl_locl.h.
Only pull this header in where DTLS code actually exists.
ok inoguchi@ tb@
|
|
ok tb@
|
|
|
|
DTLSv1 is TLSv1.1 over datagrams - there is no need for a separate
SSL3_ENC_METHOD struct, just use TLSv1_1_enc_data and remove
DTLSv1_enc_data entirely.
ok tb@
|
|
Currently dtls1_drain_fragments() has a incomplete handrolled version of
dtls1_hm_fragment_free(), which has the potential to leak memory. Replace
the handrolled free with a call to dtls1_hm_fragment_free().
ok inoguchi@ tb@
|
|
Allocate into the appropriate structures and call dtls1_free() on failure,
rather than allocating into local variables and then remembering to free
various things on failure.
ok tb@
|
|
An upcoming cleanup diff by jsing needs dtls1_clear_queues() to be
able to handle NULL pqueues. While one can easily add a NULL check
to pqueue_pop(), this does not really fit in with the rest of the
code. There are two kinds of while loops in dtls1_clear_queues that
drain pqueues, so add two helper functions with a NULL check each.
ok jsing
|
|
Provide a ssl3_release_buffer() function that correctly frees a buffer
and call it from the appropriate locations. While here also change
ssl3_release_{read,write}_buffer() to void since they cannot fail and
no callers check the return value currently.
ok beck@ inoguchi@ tb@
|
|
ssl_version is completely unused and get_timeout is the same everywhere.
ok beck@ inoguchi@ tb@
|
|
SSL3_BUFFER, SSL3_RECORD and DTLS1_RECORD_DATA are currently still in
public headers, even though their usage is internal. This moves to
using _INTERNAL suffixed versions that are in internal headers, which
then allows us to change them without any potential public API fallout.
ok inoguchi@ tb@
|
|
The enc function pointers do not serve any purpose these days - remove
a layer of indirection and call dtls1_enc()/tls1_enc() directly.
ok inoguchi@ tb@
|
|
ok inoguchi@ tb@
|
|
explicit_bzero()/free(). Less code and potentially less overhead.
|
|
Make a table of "function codes" which maps the internal state of the SSL *
to something like a useful name so in a typical error in the connection you
know in what sort of place in the handshake things happened. (instead of
by arcane function name).
Add SSLerrorx() for when we don't have an SSL *
ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
|
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
|
|
and defines since they are the same everywhere.
ok beck@
|
|
flag in the encryption methods. We can do this since there is currently
only one DTLS version. This makes upcoming changes easier.
ok beck@
|
|
Discussed with beck@
|
|
ok jsing@
|
|
This change adds an internal opaque struct for each of the significant
publically visible structs. The opaque struct is then allocated and
attached to the publically visible struct when the appropriate *_new()
function is called, then cleared and freed as necessary.
This will allow for changes to be made to the internals of libssl, without
requiring a major bump each time the publically visible structs are
modified.
ok beck@
|
|
ok jsing@ beck@
|
|
ok doug@
|
|
|
|
incomplete implementations just so that we can interoperate with products
from vendors who have not bothered to fix things in the last ~10 years.
ok bcook@ miod@
|
|
ok miod@
|
|
This mimics free()'s behavior which makes error handling simpler.
ok bcook@ miod@
|
|
These include:
CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
CVE-2015-0287 - ASN.1 structure reuse memory corruption
CVE-2015-0289 - PKCS7 NULL pointer dereferences
Several other issues did not apply or were already fixed.
Refer to https://www.openssl.org/news/secadv_20150319.txt
joint work with beck, doug, guenther, jsing, miod
|
|
OpenBSD does not have SCTP support and it sees little use in the wild.
OPENSSL_NO_SCTP is already specified via opensslfeatures.h, hence this
is a code removal only and symbols should remain unchanged.
ok beck@ miod@ tedu@
|
|
|
|
|
|
|
|
DTLS1_RECORD_DATA, not hm_fragment.
OpenSSL PR #3286 via OpenSSL trunk.
|
|
Also remove unused des_ver.h, which exports some of these strings, but is not installed.
ok miod@ tedu@
|
|
to avoid duplication. Also use fewer magic numbers.
ok miod@
|
|
7 years ago and never made it into an RFC. That code wasn't compiled in
anyway unless one would define the actual on-the-wire extension id bytes;
crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
|
|
|
(From Jonas Maebe)
OK from beck@
|
|
by adding an enc_flags field to the ssl3_enc_method, specifying four flags
that are used with this field and providing macros for evaluating these
conditions. Currently the version requirements are identified by
continually checking the version number and other criteria.
This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2,
since they have different enc_flags from TLS v1.
Based on changes in OpenSSL head.
No objection from miod@
|
|
since free already does this for us. Also remove some pointless NULL
assignments, where the result from malloc(3) is immediately assigned to the
same variable.
ok miod@
|
|
|
|
ok miod@
|
|
actually needs it. Instead, just include it in the files where it is
actually necessary.
Also remove standard includes from pqueue.h so that they are not available
as a side effect. Just add the two includes that are needed to pqueue.c.
ok miod@
|
|
|
