summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Convert ssl_parse_serverhello_renegotiate_ext to CBS.doug2015-06-202-19/+21
| | | | ok miod@ jsing@
* Handle NIST curve names.jsing2015-06-201-2/+4
| | | | | | From OpenSSL. ok miod@ (a while ago)
* Have ECPKParameters_print() include the NIST curve name, if known.jsing2015-06-201-1/+10
| | | | | | From OpenSSL. ok miod@ (a while ago).
* Provide EC_curve_nid2nist() and EC_curve_nist2nid().jsing2015-06-202-2/+57
| | | | | | | | From OpenSSL. Rides libcrypto bump. ok miod@ (a while ago)
* Make SSL_OP_ALL readable.jsing2015-06-201-2/+9
| | | | ok deraadt@ doug@ millert@ miod@ sthen@
* Put CRYPTO_memcmp() under #ifndef LIBRESSL_INTERNAL.jsing2015-06-201-1/+3
| | | | ok doug@ deraadt@
* Replace remaining CRYPTO_memcmp() calls with timingsafe_memcmp().jsing2015-06-203-6/+6
| | | | ok doug@ deraadt@
* Convert ssl_parse_clienthello_renegotiate_ext to CBS.doug2015-06-202-15/+14
| | | | ok miod@, tweak + ok jsing@
* Replace internal call to CRYPTO_memcmp with timingsafe_memcmp.doug2015-06-201-2/+2
| | | | | | Suggested by jsing@. ok jsing@ miod@
* Fix warning on vax due to old gcc.doug2015-06-201-4/+4
| | | | | | | Old gcc warns when parameters have the same names as functions. Noticed by deraadt@. ok deraadt@ jsing@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-2022-534/+26
| | | | ok deraadt@ jsing@ miod@
* Return the failing engine ID in the error stack.bcook2015-06-191-2/+4
| | | | | Noted by doug@ in an earlier revision of the dynamic engine removal patch, but I had forgotten to include it in the latest version.
* Disable ENGINE_load_dynamic (dynamic engine support).bcook2015-06-194-517/+11
| | | | | | | We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@
* Convert tls1_alpn_handle_client_hello() to CBS.doug2015-06-191-20/+14
| | | | tweak + ok miod@ jsing@
* Add CBS_dup() to initialize a new CBS with the same values.doug2015-06-192-2/+14
| | | | | | | This is useful for when you need to check the data ahead and then continue on from the same spot. input + ok jsing@ miod@
* Extend the input types for CBB_add_*() to help catch bugs.doug2015-06-182-13/+25
| | | | | | | | | While the previous types were correct, they can silently accept bad data via truncation or signed conversion. We now take size_t as input for CBB_add_u*() and do a range check. discussed with deraadt@ input + ok jsing@ miod@
* Remove Microsoft Server Gated Crypto.doug2015-06-188-132/+26
| | | | | | | | | Another relic due to the old US crypto policy. From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and 95275599399e277e71d064790a1f828a99fc661a. ok jsing@ miod@
* Change DTLS client cert request code to match TLS.doug2015-06-181-6/+6
| | | | | | | | DTLS currently doesn't check whether a client cert is expected. This change makes the logic in dtls1_accept() match that from ssl3_accept(). From OpenSSL commit c8d710dc5f83d69d802f941a4cc5895eb5fe3d65 input + ok jsing@ miod@
* Clean up alert codes and add references.jsing2015-06-171-21/+29
|
* Keep alerts sorted by alert code.jsing2015-06-173-9/+10
|
* Remove pointless comments.jsing2015-06-171-7/+3
|
* Convert ssl_next_proto_validate to CBS.doug2015-06-171-11/+12
| | | | ok miod@, tweak + ok jsing@
* Convert tls1_check_curve to CBS.doug2015-06-171-4/+10
| | | | ok miod@ jsing@
* KNF whitespace.doug2015-06-172-17/+19
| | | | ok miod@ jsing@
* Use explicit int in bs_cbs.c.doug2015-06-172-22/+24
| | | | ok miod@ jsing@
* Use explicit int in bs_ber.c.doug2015-06-171-8/+8
| | | | ok miod@ jsing@
* Add CBS_write_bytes() to copy the remaining CBS bytes to the caller.doug2015-06-172-2/+24
| | | | | | This is a common operation when dealing with CBS. ok miod@ jsing@
* Add a new function CBS_offset() to report the current offset in the data.doug2015-06-172-2/+15
| | | | "why not" miod@, sure jsing@
* Cleanup SSL_OP_* compat flags in ssl.h.doug2015-06-171-31/+24
| | | | | | | | | | | | | | | | | | | | | These were recently removed and are now set to 0: SSL_OP_NETSCAPE_CA_DN_BUG SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG SSL_OP_SSLEAY_080_CLIENT_DH_BUG The code associated with these was deleted in the past at some point and these are also now 0: SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_EPHEMERAL_RSA SSL_OP_MICROSOFT_SESS_ID_BUG SSL_OP_NETSCAPE_CHALLENGE_BUG SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG The SSL_OP_ALL macro has been updated to reflect the removals. ok miod@ jsing@
* Be more strict about BER and DER terminology.doug2015-06-162-28/+33
| | | | | | | | bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like encoding with one violation (indefinite form) to strict DER. Rename the functions to reflect this. ok miod@ jsing@
* Simplify cbs_get_any_asn1_element_internal based on comments from jsing@doug2015-06-162-17/+13
|
* Make CBS_get_any_asn1_element() more compliant with DER encoding.doug2015-06-153-28/+86
| | | | | | | | | | | | | | | | | CBS_get_any_asn1_element violates DER encoding by allowing indefinite form. All callers except bs_ber.c expect DER encoding. The callers must check to see if it was indefinite or not. Rather than exposing all callers to this behavior, cbs_get_any_asn1_element_internal() allows specifying whether you want to allow the normally forbidden indefinite form. This is used by CBS_get_any_asn1_element() for strict DER encoding and by a new static function in bs_ber.c for the relaxed version. While I was here, I added comments to differentiate between ASN.1 restrictions and CBS limitations. ok miod@
* Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days.doug2015-06-154-53/+20
| | | | | | | This commit matches the OpenSSL removal in commit 3c33c6f6b10864355553961e638514a6d1bb00f6. ok deraadt@
* Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG.doug2015-06-152-26/+5
| | | | | This was imported into OpenSSL from SSLeay. It was recently deleted in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9
* Remove 1997's compat hack SSL_OP_SSLEAY_080_CLIENT_DH_BUG.doug2015-06-152-11/+8
| | | | This is a hack for an old version of SSLeay which predates OpenSSL.
* Update SSL_OP_* to remove ancient hacks that are no longer enabled.doug2015-06-151-13/+11
|
* Split up the logic in CBB_flush to separately handle the lengths.doug2015-06-131-21/+32
| | | | | | Also, add comments about assuming short-form. ok miod@, tweak + ok jsing@
* Explain the ASN.1 restriction that requires extra logic for encoding.doug2015-06-131-2/+18
| | | | ok miod@ jsing@
* When initial capacity is 0, always use NULL buffer.doug2015-06-131-7/+8
| | | | | | | malloc(0) is implementation defined and there's no reason to introduce that ambiguity here. Added a few cosmetic changes in sizeof and free. ok miod@ jsing@
* Add comments about how the CBS constants are constructed.doug2015-06-131-12/+43
| | | | | | Also, introduce a few more #defines to make it obvious. ok miod@ jsing@
* Reject long-form tags in CBS_peek_asn1_tag.doug2015-06-131-1/+8
| | | | | | Currently, CBS only handles short-form tags. ok miod@ jsing@
* Fix bad indenting in LibreSSL.doug2015-06-135-12/+12
| | | | | | | | | jsg@ noticed that some of the lines in libssl and libcrypto are not indented properly. At a quick glance, it looks like it has a different control flow than it really does. I checked the history in our tree and in OpenSSL to make sure these were simple mistakes. ok miod@ jsing@
* Avoid an infinite loop that can occur when verifying a message with anjsing2015-06-111-2/+2
| | | | | | | | | | unknown hash function OID. Diff based on OpenSSL. Fixes CVE-2015-1792 (however, this code is not enabled/built in LibreSSL). ok doug@ miod@
* Avoid a potential out-of-bounds read in X509_cmp_time(), due to missingjsing2015-06-111-4/+27
| | | | | | | | | | length checks. Diff based on changes in OpenSSL. Fixes CVE-2015-1789. ok doug@
* Avoid an infinite loop that can be triggered by parsing an ASN.1jsing2015-06-111-3/+8
| | | | | | | | | | | ECParameters structure that has a specially malformed binary polynomial field. Issue reported by Joseph Barr-Pixton and fix based on OpenSSL. Fixes CVE-2015-1788. ok doug@ miod@
* Add OPENSSL_NO_EGD to opensslfeatures.h.bcook2015-05-261-0/+1
| | | | | | | Since RAND_egd has been removed from LibreSSL, simplify porting software that relies on it. See https://github.com/libressl-portable/openbsd/pull/34 from Bernard Spil, ok deraadt@
* Make SSL_CIPHER_get_bits() report ChaCha20-Poly1305 ciphers as usingguenther2015-05-251-4/+4
| | | | | | | 256bit keys problem noted by Tim Kuijsten (info (at) netsend.nl) ok deraadt@ miod@ bcook@
* Maximilian dot Fillinger at uni-duesseldorf dot deschwarze2015-05-241-72/+0
| | | | | | starts helping with the pod2mdoc(1)-based conversion of LibreSSL crypto manuals from perlpod(1) to mdoc(7). Here comes the first file, slightly tweaked by me.
* bump to version 2.2bcook2015-05-231-2/+2
| | | | ok deraadt@
* No need to check the return value of memcpy() if you actually checked thismiod2015-05-201-3/+2
| | | | pointer for NULL the line above; ok doug@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.