summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/ssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Convert dtls1_get_record to CBS.doug2015-07-181-21/+28
| | | | ok miod@, input + ok jsing@
* Remove repeated code in dtls1_get_record.doug2015-07-181-40/+16
| | | | | | | | The "if" is a bit ugly, but this does remove a lot of repetitive code. This will be converted to CBS later as well. ok miod@ jsing@ roughly ok with it after seeing the CBS version
* Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER workaround.doug2015-07-184-27/+9
| | | | | | This was a hack to work around problems on IE 6 with SSLv3. ok miod@ bcook@
* Remove support for the SSL_OP_TLS_D5_BUG compat hack from SSLeay.doug2015-07-182-11/+6
| | | | | | | | This is a 17 year old workaround from SSLeay 0.9.0b. It was for clients that send RSA client key exchange in TLS using SSLv3 format (no length prefix). ok jsing@
* Convert ssl_parse_serverhello_use_srtp_ext to CBS.doug2015-07-172-12/+17
| | | | ok miod@ jsing@
* Remove compat hack that disabled ECDHE-ECDSA on OS X.doug2015-07-174-101/+9
| | | | | | | | | For a few old releases, ECDHE-ECDSA was broken on OS X. This option cannot differentiate between working and broken OS X so it disabled ECDHE-ECDSA support on all OS X >= 10.6. 10.8-10.8.3 were the faulty releases but these are no longer relevant. Tested on OS X 10.10 by jsing. ok jsing@
* Remove workaround for TLS padding bug from SSLeay days.doug2015-07-175-34/+7
| | | | | | | | | OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@
* check n before cbs_init, coverity - ID 125063beck2015-07-151-3/+9
| | | | ok bcook@ miod@
* test for n<0 before use in CBS_init - mostly to shut up coverity.beck2015-07-153-11/+33
| | | | reluctant ok miod@
* Flense out dead code, we don't do ecdhe_clnt_cert.beck2015-07-152-187/+75
| | | | | coverity ID's 21691 21698 ok miod@, "Fry it" jsing@
* Partially convert ssl3_get_message to CBS.doug2015-07-141-6/+15
| | | | | | | | Unlike the other conversions, this only partially converts the function for now. This is the second to last function which still uses the n2l3 macro. That macro is deprecated since we're using CBS. ok miod@ jsing@
* Convert dtls1_get_hello_verify to CBS.doug2015-07-141-17/+23
| | | | ok miod@ jsing@
* Convert ssl3_get_cipher_by_char to CBS.doug2015-07-141-2/+8
| | | | ok miod@ jsing@
* Convert ssl3_get_client_certificate to CBS.doug2015-07-141-15/+19
| | | | ok miod@ jsing@
* Convert ssl3_get_finished to CBS.doug2015-07-141-6/+9
| | | | ok miod@ jsing@
* Convert ssl_parse_clienthello_use_srtp_ext to CBS.doug2015-07-142-42/+25
| | | | ok miod@ jsing@
* Convert ssl3_get_cert_status to CBS.doug2015-07-141-17/+26
| | | | ok miod@ jsing@
* Convert ssl3_get_server_certificate to CBS.doug2015-07-141-17/+18
| | | | ok miod@
* Convert ssl_bytes_to_cipher_list to CBS.doug2015-06-282-10/+20
| | | | | | | Link in the new 'unit' regress and expand the invalid tests to include some that would fail before the CBS conversion. input + ok miod@ jsing@
* Stop using BUF_memdup() within the LibreSSL code base - it is correctlyjsing2015-06-242-6/+7
| | | | | | spelt malloc+memcpy, which is what is used in all except two places. ok deraadt@ doug@
* Change CBS_dup() to also sync the offset.doug2015-06-231-1/+2
| | | | | | | Previously, CBS_dup() had its own offset. However, it is more consistent to copy everything. ok miod@ jsing@
* Check for failure with CBB_init() in bs_ber.c.doug2015-06-211-2/+3
| | | | From BoringSSL commit 3fa65f0f05f67615d9daf48940e07f84d094ac6e.
* Convert ssl3_get_new_session_ticket to CBS.doug2015-06-201-24/+24
| | | | tweak + ok miod@ jsing@
* Convert ssl3_get_next_proto to CBS.doug2015-06-201-14/+19
| | | | tweak + ok miod@ jsing@
* Convert ssl_parse_serverhello_renegotiate_ext to CBS.doug2015-06-202-19/+21
| | | | ok miod@ jsing@
* Make SSL_OP_ALL readable.jsing2015-06-201-2/+9
| | | | ok deraadt@ doug@ millert@ miod@ sthen@
* Convert ssl_parse_clienthello_renegotiate_ext to CBS.doug2015-06-202-15/+14
| | | | ok miod@, tweak + ok jsing@
* Replace internal call to CRYPTO_memcmp with timingsafe_memcmp.doug2015-06-201-2/+2
| | | | | | Suggested by jsing@. ok jsing@ miod@
* Convert tls1_alpn_handle_client_hello() to CBS.doug2015-06-191-20/+14
| | | | tweak + ok miod@ jsing@
* Add CBS_dup() to initialize a new CBS with the same values.doug2015-06-192-2/+14
| | | | | | | This is useful for when you need to check the data ahead and then continue on from the same spot. input + ok jsing@ miod@
* Extend the input types for CBB_add_*() to help catch bugs.doug2015-06-182-13/+25
| | | | | | | | | While the previous types were correct, they can silently accept bad data via truncation or signed conversion. We now take size_t as input for CBB_add_u*() and do a range check. discussed with deraadt@ input + ok jsing@ miod@
* Remove Microsoft Server Gated Crypto.doug2015-06-185-101/+17
| | | | | | | | | Another relic due to the old US crypto policy. From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and 95275599399e277e71d064790a1f828a99fc661a. ok jsing@ miod@
* Change DTLS client cert request code to match TLS.doug2015-06-181-6/+6
| | | | | | | | DTLS currently doesn't check whether a client cert is expected. This change makes the logic in dtls1_accept() match that from ssl3_accept(). From OpenSSL commit c8d710dc5f83d69d802f941a4cc5895eb5fe3d65 input + ok jsing@ miod@
* Clean up alert codes and add references.jsing2015-06-171-21/+29
|
* Keep alerts sorted by alert code.jsing2015-06-173-9/+10
|
* Remove pointless comments.jsing2015-06-171-7/+3
|
* Convert ssl_next_proto_validate to CBS.doug2015-06-171-11/+12
| | | | ok miod@, tweak + ok jsing@
* Convert tls1_check_curve to CBS.doug2015-06-171-4/+10
| | | | ok miod@ jsing@
* KNF whitespace.doug2015-06-172-17/+19
| | | | ok miod@ jsing@
* Use explicit int in bs_cbs.c.doug2015-06-172-22/+24
| | | | ok miod@ jsing@
* Use explicit int in bs_ber.c.doug2015-06-171-8/+8
| | | | ok miod@ jsing@
* Add CBS_write_bytes() to copy the remaining CBS bytes to the caller.doug2015-06-172-2/+24
| | | | | | This is a common operation when dealing with CBS. ok miod@ jsing@
* Add a new function CBS_offset() to report the current offset in the data.doug2015-06-172-2/+15
| | | | "why not" miod@, sure jsing@
* Cleanup SSL_OP_* compat flags in ssl.h.doug2015-06-171-31/+24
| | | | | | | | | | | | | | | | | | | | | These were recently removed and are now set to 0: SSL_OP_NETSCAPE_CA_DN_BUG SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG SSL_OP_SSLEAY_080_CLIENT_DH_BUG The code associated with these was deleted in the past at some point and these are also now 0: SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_EPHEMERAL_RSA SSL_OP_MICROSOFT_SESS_ID_BUG SSL_OP_NETSCAPE_CHALLENGE_BUG SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG The SSL_OP_ALL macro has been updated to reflect the removals. ok miod@ jsing@
* Be more strict about BER and DER terminology.doug2015-06-162-28/+33
| | | | | | | | bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like encoding with one violation (indefinite form) to strict DER. Rename the functions to reflect this. ok miod@ jsing@
* Simplify cbs_get_any_asn1_element_internal based on comments from jsing@doug2015-06-162-17/+13
|
* Make CBS_get_any_asn1_element() more compliant with DER encoding.doug2015-06-153-28/+86
| | | | | | | | | | | | | | | | | CBS_get_any_asn1_element violates DER encoding by allowing indefinite form. All callers except bs_ber.c expect DER encoding. The callers must check to see if it was indefinite or not. Rather than exposing all callers to this behavior, cbs_get_any_asn1_element_internal() allows specifying whether you want to allow the normally forbidden indefinite form. This is used by CBS_get_any_asn1_element() for strict DER encoding and by a new static function in bs_ber.c for the relaxed version. While I was here, I added comments to differentiate between ASN.1 restrictions and CBS limitations. ok miod@
* Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days.doug2015-06-153-48/+16
| | | | | | | This commit matches the OpenSSL removal in commit 3c33c6f6b10864355553961e638514a6d1bb00f6. ok deraadt@
* Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG.doug2015-06-151-24/+1
| | | | | This was imported into OpenSSL from SSLeay. It was recently deleted in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9
* Remove 1997's compat hack SSL_OP_SSLEAY_080_CLIENT_DH_BUG.doug2015-06-151-9/+4
| | | | This is a hack for an old version of SSLeay which predates OpenSSL.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.