| Age | Commit message (Collapse) | Author |
|---|
|
MEDIUM.
ok beck@ bcook@
|
|
this.
ok beck@ bcook@
|
|
ok beck@
|
|
and more importantly they do not provide PFS (if you want to use ECDH, use
ECDHE instead).
With input from guenther@.
ok deraadt@ guenther@
|
|
Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix,
effectively replaces the original Google implementation. We continue to
support both the IETF and Google versions, however the existing names
now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04.
Feedback from doug@
|
|
ok jsing@
|
|
We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and
DTLS1_BAD_VER support was removed.
"reads ok" miod@
|
|
ssl3_handshake_msg_hdr_len() function. Use this to correct several places
that have magic numbers with header lengths hardcoded as '4'.
ok beck@
|
|
ssl3_ prefix.
ok beck@
|
|
ok "flensing knife"
|
|
ok "flensing knife"
|
|
ok miod@
|
|
This is the first wave of SSLv3 removal which removes the main SSLv3
functions. Future commits will remove the rest of the SSLv3 support.
Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@,
sthen@, naddy@, and deraadt@.
ok jsing@, beck@
|
|
Libtls is riding this crank.
ok miod@ bcook@
|
|
For a few old releases, ECDHE-ECDSA was broken on OS X. This option
cannot differentiate between working and broken OS X so it disabled
ECDHE-ECDSA support on all OS X >= 10.6. 10.8-10.8.3 were the faulty
releases but these are no longer relevant. Tested on OS X 10.10 by jsing.
ok jsing@
|
|
ok miod@ jsing@
|
|
256bit keys
problem noted by Tim Kuijsten (info (at) netsend.nl)
ok deraadt@ miod@ bcook@
|
|
SHA256 in ssl_get_algorithm2().
From OpenSSL HEAD; ok jsing@
|
|
ssl3_get_cipher_by_value() in other parts of the code where it simplifies
things.
ok doug@
|
|
retrieved via its cipher suite value. A corresponding SSL_CIPHER_by_value()
function returns the cipher suite value for a given SSL_CIPHER. These
functions should mean that software does not need to resort to
put_cipher_by_char()/get_cipher_by_char() in order to locate a cipher.
Begrudgingly also provide a SSL_CIPHER_get_by_id() function that locates a
cipher via the internal cipher identifier. Unfortunately these have already
been leaked outside the library via SSL_CIPHER_by_id() and the various
SSL3_CK_* and TLS1_CK_* defines in the ssl3.h/tls1.h headers.
ok beck@ miod@
|
|
This API was intended to be an internal only, however like many things in
OpenSSL, it is exposed externally and parts of the software ecosystem are
now using it since there is no real alternative within the public API.
ok doug@, tedu@ and reluctantly miod@
|
|
the Camellia ciphersuites for TLS 1.2 introduced in RFC 5932. From OpenSSL HEAD.
|
|
messages. This will allow for removal of repeated/duplicated code.
Additionally, DTLS was written by wholesale copying of the SSL/TLS code,
with some DTLS specifics being added to the duplicated code. Since these
SSL handshake message functions know how to handle both SSL/TLS and DTLS,
upon conversion the duplicate versions will become identical (or close to),
at which point the DTLS versions can be removed and the SSL/TLS versions
used for both protocols.
Partially based on similar changes in OpenSSL.
ok miod@
|
|
|
|
mazes in libssl. NPN is being replaced by ALPN, however it is still going
to be around for a while yet.
ok miod@
|
|
the two ciphersuites that use it. GOST94 public/private keys have been
long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
|
Based on OpenSSL and BoringSSL.
ok bcook@
|
|
This causes a libssl major version bump as this affects the layout of some
internal-but-unfortunately-made-visible structs.
|
|
This allows an SSL server to enable DHE ciphers with a single setting,
which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
|
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively
a standards violation) and for RSA sign-only, should only be possible if
you are using an export cipher and have an RSA private key that is more
than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
|
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
|
The existing code reaches around into various internals of EC, which it
should not know anything about. Replace this with a set of functions that
that can correctly extract the necessary details and handle the
comparisions.
Based on a commit to OpenSSL, with some inspiration from boringssl.
ok miod@
|
|
nor do we plan on supporting them.
ok guenther@
|
|
ssl3_cipher_get_value() helper function, which returns the cipher suite
value for the given cipher.
ok miod@
|
|
currently).
From Dmitry Eremin-Solenikov.
|
|
ssl3_get_cipher_by_id().
ok bcook@
|
|
up by their ID. For one, this avoids an ugly mess in ssl_sess.c, where the
cipher value is manually written into a buffer, just so the cipher can be
located using ssl3_get_cipher_by_char().
ok bcook@ miod@
|
|
|
|
the cipher list. This reduces code size, saves data segment space and
prevents them from being turned back on at runtime by flipping a bit in
memory.
ok guenther@
|
|
to only apply to s23_srvr.c.
|
|
saying that you expect it to return that value and compare it against zero
because it is supposedly faster, for this leads to bugs (especially given the
high rate of sloppy cut'n'paste within ssl3 and dtls1 routines in this
library).
Instead, compare for the exact value it ought to return upon success.
ok deraadt@
|
|
intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@
|
|
Based on changes to OpenSSL trunk.
ok beck@ miod@
|
|
baggage.
ok miod@ jsing@
|
|
|
|
ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
|
Also remove unused des_ver.h, which exports some of these strings, but is not installed.
ok miod@ tedu@
|
|
mind should be using them.
ok deraadt@ miod@
|
|
ok deraadt@ miod@
|
|
ok deraadt@ miod@
|
