| Age | Commit message (Collapse) | Author |
|---|
|
With the guentherizer 9000
ok tb@
|
|
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
|
ok jsing
|
|
Now that session_id_length is a size_t, we can pass it directly to
CBS_write_bytes() instead of using a temporary variable.
ok jsing
|
|
Now that master_key_length is a size_t, we no longer have to fiddle with
data_len. We can rather pass a pointer to it to CBS_write_bytes().
ok jsing
|
|
SSLv2 remnants.
ok jsing
|
|
The 'peer' member of SSL_SESSION is the leaf/end-entity certificate
provided by our peer. Rename it since 'peer' on its own is unhelpful.
ok inoguchi@ tb@
|
|
Now that SSL_SESSION is opaque, change tlsext_tick_lifetime_hint from long
to uint32_t (matching RFC4507), rather than continuing to work around an
inappropriate type choice.
ok tb@
|
|
Consistently include local headers in the same location, using the same
grouping/sorting across all files.
|
|
|
|
The original code did a crazy encode/malloc/encode/decode/modify/encode
dance, in order to encode a session in the form needed to encrypt then add
to a session ticket. By modifying the encoding functions slightly, we can
do this entire dance as a single encode.
Inspired by similar changes in BoringSSL.
ok inoguchi@ tb@
|
|
Spotted by Coverity, although reported as a different issue.
|
|
|
|
previous code was safe since data would always be NULL if data_len was
uninitialised, however compilers cannot know this.
|
|
|
|
have been relaxed.
|
|
Back this out while we investigate and implement a solution.
Found the hard way by sthen@
|
|
In this case the memory allocated can also be significant, in which case
freezero() will have less overhead than explicit_bzero() (munmap instead
of touching all of the memory to write zeros).
|
|
Make a table of "function codes" which maps the internal state of the SSL *
to something like a useful name so in a typical error in the connection you
know in what sort of place in the handshake things happened. (instead of
by arcane function name).
Add SSLerrorx() for when we don't have an SSL *
ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
|
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
|
|
unintentionally changed during the CBS/CBB rewrite.
Issue reported by jeremy@ due to failing ruby tests.
Analysis and near identical diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
at the end of the buffer.
Issue identified by and diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
slightly rewriting some code and changing the type of an array.
ok bcook@ doug@
|
|
Simply return since there is nothing more to do.
Spotted by coverity. ok jsing@ beck@
|
|
addresses two 2038 related issues and also adds support for allocation in
the i2d function, which will allow for simplification in the callers.
ok beck@ miod@
|
|
ok doug@
|
|
|
|
Modified version of patch from Dmitry Eremin-Solenikov.
==28360== 98 bytes in 2 blocks are definitely lost in loss record 7 of 7
==28360== at 0x402AC54: realloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==28360== by 0x40E2D2C: ASN1_STRING_set (asn1_lib.c:393)
==28360== by 0x40EC22C: asn1_ex_c2i (tasn_dec.c:959)
==28360== by 0x40EC632: asn1_d2i_ex_primitive (tasn_dec.c:824)
==28360== by 0x40ED2E6: ASN1_item_ex_d2i (tasn_dec.c:230)
==28360== by 0x40ED421: ASN1_item_d2i (tasn_dec.c:133)
==28360== by 0x40F0335: d2i_ASN1_OCTET_STRING (tasn_typ.c:75)
==28360== by 0x405FD6D: d2i_SSL_SESSION (ssl_asn1.c:367)
==28360== by 0x405DD6E: ssl3_send_newsession_ticket (s3_srvr.c:2743)
==28360== by 0x405EA48: ssl3_accept (s3_srvr.c:665)
==28360== by 0x4067C34: SSL_accept (ssl_lib.c:922)
==28360== by 0x404E97B: ssl23_get_client_hello (s23_srvr.c:573)
ok miod@ beck@
|
|
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.
|
|
Requested by miod@
|
|
M_ASN1_D2I_begin macro.
|
|
|
|
asn1_mac.h macros. This still needs a lot of improvement, but immediately
becomes readable.
ok miod@ (sight unseen!)
|
|
ok deraadt@
|
|
|
|
horrific macros from asn1_mac.h.
This is a classic example of using macros to obfuscate code, in an attempt
to reduce the line count. The end result is so ridiculously convoluted that
it is completely unreadable and it takes hours to deconstruct the macros
and figure out what is actually going on behind the scenes.
ok miod@
|
|
|
|
OpenSSL trunk.
|
|
baggage.
ok miod@ jsing@
|
|
|
|
|
|
OPENSSL_NO_TLSEXT.
ok tedu@
|
|
all on their own and we can't effectively maintain them without using them,
which we don't. If the need arises, the code can be resurrected.
|
|
APIs that pass times as longs will have to change at some point...
Bump major on both libcrypto and libssl.
ok tedu@
|
|
|
|
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
|
|
|
|
|
|
the SSLv23_* client code. The server continues to accept it. It
also kills the bits for SSL2 SESSIONs; even when the server gets
an SSLv2-style compat handshake, the session that it creates has
the correct version internally.
ok tedu@ beck@
|
