| Age | Commit message (Collapse) | Author |
|---|
|
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push()
fails, name is leaked. The entire function is trying to be clever
and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
|
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
|
Note that this is not the full chain, as the leaf certificate currently
remains in the x509 member of CERT_PKEY. Unfortunately we've got to
contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf
certificate while others include it...
ok beck@ tb@
|
|
In TLSv1.2, if the client does not send a signature algorithms extension
then for RSA key exchange a signature algorithm of {sha1,rsa} is implied.
The MD5+SHA1 hash only applies to older versions of TLS, which do not
support sigalgs.
|
|
sigalg for MD5_SHA1 and using it as the non sigalgs default
ok jsing@
|
|
just keep the sigalg around so we can remember what we actually
decided to use.
ok jsing@
|
|
ok beck@ tb@
|
|
ok bluhm@ tb@
|
|
our libssl functions match theirs wrt const, except for BIO_f_ssl(3)
which will be fixed in a later step.
this went through a i386 bulk by sthen
ok jsing
|
|
back.
ok guenther@
|
|
Over the years OpenSSL grew multiple ways of being able to specify EC keys
(and/or curves) for use with ECDH and ECDHE key exchange. You could specify
a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and
generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via
a callback that was provided with insufficient information
(SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation
of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to
problems (like ECDHE not being enabled) and potential weird configuration
(like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE
ciphers from the cipher list. As such, permanently enable automatic EC
curve selection and generation, effectively disabling all of the
configuration knobs. The only exception is the
SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous
behaviour by configuring the curve of the given EC key as the only curve
being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
|
Make a table of "function codes" which maps the internal state of the SSL *
to something like a useful name so in a typical error in the connection you
know in what sort of place in the handshake things happened. (instead of
by arcane function name).
Add SSLerrorx() for when we don't have an SSL *
ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
|
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
|
line wraps that resulted
|
|
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
|
|
|
|
|
|
ok jsing@
|
|
known to be in use.
ok beck@
|
|
ok jsing@
|
|
internal.
ok beck@
|
|
known to be used by ports.
ok beck@
|
|
Testing of an earlier revision by naddy@.
ok beck@
|
|
ok doug@
|
|
ok "flensing knife"
|
|
(POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos MartÃn Nieto (cmn (at) dwim.me)
no -portable concerns bcook@
|
|
|
|
the two ciphersuites that use it. GOST94 public/private keys have been
long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
|
the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC
violations. The export cipher suites have already been removed and
previous cleanup means that we will never send ServerKeyExchange messages
from the server side for RSA.
|
|
This causes a libssl major version bump as this affects the layout of some
internal-but-unfortunately-made-visible structs.
|
|
|
|
This allows an SSL server to enable DHE ciphers with a single setting,
which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
|
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively
a standards violation) and for RSA sign-only, should only be possible if
you are using an export cipher and have an RSA private key that is more
than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
|
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
|
places
ok jsing@
|
|
ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
|
OK from miod@
|
|
|
|
do some other clean up while here.
ok deraadt@
|
|
before calling it.
|
|
implicit NULL checks, so there is no point ensuring that the pointer is
non-NULL before calling them.
|
|
|
|
a not quite appropriate data structure. ok jsing
|
|
that does not.
"fire bomb" tedu@
|
|
ok deraadt jsing
|
|
#if 1 /* new with openssl 0.9.4 */
current code;
#else
obsolete code;
#endif
|
|
empty define) and an OPENSSL_EXTERN (which is defined as, well... extern).
The use of OPENSSL_EXTERN is already inconsistent since the lines above
and below just use plain old "extern". Expand the two uses of these macros
and stop including e_os2.h in libssl.
ok miod@
|
|
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c
where it was being called with the incorrect number of arguments and
using random things off the stack as addresses of strings.
ok krw@, jsing@
|
|
|
|
|
