summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/ssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove the libssl/src directorybeck2016-09-0350-40406/+0
|
* Be more strict when parsing TLS extensions.jsing2016-08-271-17/+37
| | | | | | Based on a diff from Kinichiro Inoguchi. ok beck@
* Limit the support of the "backward compatible" ssl2 handshake to only bebeck2016-07-161-1/+9
| | | | | used if TLS 1.0 is enabled. Sugessted/discussed with jsing@ and bcook@. ok guenther@ sthen@
* zero the read buffer after copying data to user so it doesn't linger.tedu2016-07-101-1/+2
| | | | ok beck
* deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.beck2016-05-302-4/+4
| | | | | | | 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
* Implement the IETF ChaCha20-Poly1305 cipher suites.jsing2016-04-285-46/+168
| | | | | | | | | Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix, effectively replaces the original Google implementation. We continue to support both the IETF and Google versions, however the existing names now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04. Feedback from doug@
* Rename EVP_aead_chacha20_poly1305() to EVP_aead_chacha20_poly1305_old()jsing2016-04-281-2/+2
| | | | | | | and replace with EVP_aead_chacha20_poly1305_ietf(). The IETF version will become the standard version. Discussed with many.
* Merge a memleak fix from BoringSSL 6b6e0b2:mmcc2016-03-271-1/+3
| | | | | | https://boringssl.googlesource.com/boringssl/+/6b6e0b20893e2be0e68af605a60ffa2cbb0ffa64%5E!/#F0 ok millert@, beck@
* " the the " -> " the ", or in a couple of cases replace the superfluouskrw2016-03-201-2/+2
| | | | | | "the" with the obviously intended word. Started with a "the the" spotted by Mihal Mazurek.
* X509_free(3) is NULL-safe, so remove NULL checks before its calls.mmcc2016-03-117-45/+27
| | | | ok doug@
* http -> https for a few more IETF URLs in comments or man pagesmmcc2016-03-101-2/+2
|
* http -> https for IETF/IANA URLs in commentsmmcc2016-03-071-4/+4
|
* Make sure stdio functions don't end up in the library, from miod@beck2016-03-063-7/+17
| | | | ok doug@ bcook@
* remove NULL checks for pqueue_free()mmcc2016-02-291-11/+6
| | | | ok doug@
* deprecate SSL_OP_SINGLE_DH_USEbeck2016-01-272-37/+6
| | | | ok jsing@
* decipher comment. ok bcook@mmcc2015-12-121-2/+2
|
* Sort the obsolete flags.doug2015-10-251-6/+6
|
* Mark SSL_OP_NO_{COMPRESSION,SSLv2,SSLv3} as obsolete.doug2015-10-251-5/+4
| | | | | | For backward compatibility, the flags are redefined as 0. ok jsing@
* Remove last vestige of SSL_OP_NO_SSLv3 support.doug2015-10-251-4/+1
| | | | | | No part of LibreSSL checks for this flag any longer. ok jsing@
* Simplify ssl23_get_client_hello error handling.doug2015-10-251-26/+26
| | | | | | | | | | ssl23_get_client_hello sets type=1 on error and continues processing. It should return an error immediately to simplify things. This also allows us to start removing the last of SSL_OP_NO_SSL*. Added extra paranoia for s->version to make sure it is set properly. ok jsing@
* free rbio before wbiobeck2015-10-191-7/+7
| | | | ok jsing@
* Fix use of pointer value after BIO_free, and remove senseless NULL checks.beck2015-10-161-7/+8
| | | | ok bcook@
* include <sys/time.h> for gettimeofday(2)bcook2015-10-071-1/+2
|
* SSL_new(): fix ref counting and memory leak in error path.doug2015-10-031-8/+3
| | | | | | | | | | Rather than a half-hearted attempt to free up resources and fix ref counting at the SSL_CTX level, let SSL_free() do its job. This diff got lost in the shuffle somewhere. It's from last year. Ref counting error reported by Parakleta in github ticket #51. Thanks! ok jsing@, beck@
* s/ssl3_client_kex/ssl3_send_client_kex/ for consistency with the caller.jsing2015-10-021-9/+11
|
* convert "last_time" to a time_t, to handle beyond Y2038deraadt2015-09-291-7/+7
| | | | ok guenther miod
* Stop generating private keys in a network buffer.jsing2015-09-131-29/+29
| | | | | | | | | | The current client key exchange code generates DH and ECDH keys into the same buffer that we use to send data to the network - stop doing this and malloc() a new buffer, which we explicit_bzero() and free() on return. This also benefits from ASLR and means that the keys are no longer generated in a well known location. ok beck@
* Use ECDH_size() instead of rolling our own.jsing2015-09-132-12/+11
| | | | ok beck@
* Switch to miod's shiny new OPENSSL_cpu_caps() and we can now also enablejsing2015-09-131-3/+3
| | | | | | the AES acceleration checking for i386. ok beck@ miod@
* The *_accept() functions increment in_handshake at the start of the function,jsing2015-09-132-19/+30
| | | | | | | | then decrement it and call a callback on exit from the function. As such, these functions should not return in the middle, otherwise in_handshake is never decremented and the callback never called. ok beck@ "with many sighs" miod@
* If we have hardware acceleration for AES, prefer AES as a symmetric cipherjsing2015-09-131-7/+30
| | | | | | over CHACHA20. Otherwise, prefer CHACHA20 with AES second. ok beck@ miod@
* Split ssl3_send_client_key_exchange() (387 lines of code) into fivejsing2015-09-121-327/+351
| | | | | | | | | functions. The original was written as a huge if/else if chain - split out the handling for each key exchange type. This allows us to reduce two levels of indentation, make the code far more readable and have single return paths so that we can simplify clean up. ok beck@
* Fix function name.jsing2015-09-121-2/+2
|
* Sync handling of cached record digests with s3_srvr.c.jsing2015-09-121-1/+23
|
* explicit_bzero() the GOST premaster secret.jsing2015-09-121-2/+7
| | | | ok miod@
* Unwrap a bunch of lines.jsing2015-09-121-37/+19
|
* Remove most of the SSLv3 version checks and a few TLS v1.0.doug2015-09-127-118/+57
| | | | | | | We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and DTLS1_BAD_VER support was removed. "reads ok" miod@
* Uncopy and unpaste dtls1_send_newsession_ticket() - another 111 lines ofjsing2015-09-122-111/+3
| | | | code deduped.
* Move handshake message header length determination into a separatejsing2015-09-124-23/+27
| | | | | | | ssl3_handshake_msg_hdr_len() function. Use this to correct several places that have magic numbers with header lengths hardcoded as '4'. ok beck@
* Uncopy and unpaste dtls1_send_certificate_request() - removes another 80jsing2015-09-122-80/+3
| | | | lines of code, while gaining SIGALGs support.
* Uncopy and unpaste dtls1_send_server_key_exchange(). Removes another 329jsing2015-09-122-329/+3
| | | | lines of code, while gaining bug fixes and SIGALGs support.
* Uncopy and unpaste dtls1_send_server_done().jsing2015-09-122-18/+3
|
* Uncopy and unpaste dtls1_send_server_hello().jsing2015-09-122-68/+3
|
* Uncopy and unpaste dtls1_send_hello_request().jsing2015-09-122-18/+3
|
* Convert the rest of the server handshake functions to ssl3_handshake_msg_*.jsing2015-09-121-44/+35
| | | | ok beck@
* Uncopy and unpaste dtls1_send_client_verify() - thejsing2015-09-122-74/+3
| | | | | ssl3_send_client_verify() is different, but it correctly supports things like SIGALGS. Another 74 lines of code bites the dust.
* Uncopy and unpaste dtls1_send_client_key_exchange() - thejsing2015-09-122-269/+5
| | | | | | | | ssl3_send_client_key_exchange() is effectively identical, in fact it has a number of bug fixes and improvements that never got merged into the DTLS copy of the code. Flenses another 264 lines of code. ok beck@
* Use explicit_bzero() instead of memset() when clearing private keys.jsing2015-09-121-3/+4
| | | | ok bcook@ beck@ miod@
* Pull variable assignment out from function call, fix indentation and setjsing2015-09-121-8/+7
| | | | state after calling ssl3_handshake_msg_finish().
* style(9) and whitespace cleanups.jsing2015-09-121-29/+25
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.