- 30 1月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
由 Matt Caswell 提交于
For the psk extension we need to fill in all the lengths of the message so far, even though we haven't closed the WPACKET yet. This provides a function to do that. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
- 06 12月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 09 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Normally WPACKETs will use a BUF_MEM which can grow as required. Sometimes though that may be overkill for what is needed - a static buffer may be sufficient. This adds that capability. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
And use them in the DTLS code Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 11 10月, 2016 1 次提交
-
-
由 David Benjamin 提交于
The prevailing style seems to not have trailing whitespace, but a few lines do. This is mostly in the perlasm files, but a few C files got them after the reformat. This is the result of: find . -name '*.pl' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.c' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.h' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' Then bn_prime.h was excluded since this is a generated file. Note mkerr.pl has some changes in a heredoc for some help output, but other lines there lack trailing whitespace too. Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 30 9月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
A convenience macro was using the wrong underlying function. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
A couple of the WPACKET_sub_memcpy* macros were mis-named. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 29 9月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
WPACKET_allocate_bytes() requires you to know the size of the data you are allocating for, before you create it. Sometimes this isn't the case, for example we know the maximum size that a signature will be before we create it, but not the actual size. WPACKET_reserve_bytes() enables us to reserve bytes in the WPACKET, but not count them as written yet. We then subsequently need to acall WPACKET_allocate_bytes to actually count them as written. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 23 9月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
If the underlying BUF_MEM gets realloc'd then the pointer returned could become invalid. Therefore we should always ensure that the allocated memory is filled in prior to any more WPACKET_* calls. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 9月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
All the other functions that take an argument for the number of bytes use convenience macros for this purpose. We should do the same with WPACKET_put_bytes(). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 14 9月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Don't call WPACKET_sub_memcpy(), WPACKET_sub_allocation_bytes() and WPACKET_start_sub_packet_len() directly. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Updated the construction code to use the new function. Also added some convenience macros for WPACKET_sub_memcpy(). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 9月, 2016 7 次提交
-
-
由 Matt Caswell 提交于
A few style tweaks here and there. The main change is that curr and packet_len are now offsets into the buffer to account for the fact that the pointers can change if the buffer grows. Also dropped support for the WPACKET_set_packet_len() function. I thought that was going to be needed but so far it hasn't been. It doesn't really work any more due to the offsets change. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
The PACKET documentation is already in packet_locl.h so it makes sense to have the WPACKET documentation there as well. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Also added the WPACKET_cleanup() function to cleanup a WPACKET if we hit an error. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
No need to declare an explicit sub-packet. Just start one. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
To avoid confusion with the read PACKET structure. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 03 3月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
1) Simplify code with better PACKET methods. 2) Make broken SNI parsing explicit. SNI was intended to be extensible to new name types but RFC 4366 defined the syntax inextensibly, and OpenSSL has never parsed SNI in a way that would allow adding a new name type. RFC 6066 fixed the definition but due to broken implementations being widespread, it appears impossible to ever extend SNI. 3) Annotate resumption behaviour. OpenSSL doesn't currently handle all extensions correctly upon resumption. Annotate for further clean-up. 4) Send an alert on ALPN protocol mismatch. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 01 2月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
PACKET contents should be read-only. To achieve this, also - constify two user callbacks - constify BUF_reverse. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 03 1月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 30 12月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
SIZE_MAX is a great macro, and does unfortunately not exist everywhere. Since we check against half of it, using bitwise shift to calculate the value of half SIZE_MAX should be safe enough. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 23 12月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add macro ossl_inline for use in public headers where a portable inline is required. Change existing inline to use ossl_inline Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 17 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 21 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Change the sanity check in PACKET_buf_init to check for excessive length buffers, which should catch the interesting cases where len has been cast from a negative value whilst avoiding any undefined behaviour. RT#4094 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 15 10月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 09 10月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Note that this commit constifies a user callback parameter and therefore will break compilation for applications using this callback. But unless they are abusing write access to the buffer, the fix is trivial. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 08 10月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 10月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Move all packet parsing to the beginning of the method. This limits the SSLv2 compatibility soup to the parsing, and makes the rest of the processing uniform. This is also needed for simpler EMS support: EMS servers need to do an early scan for EMS to make resumption decisions. This'll be easier when the entire ClientHello is parsed in the beginning. As a side effect, 1) PACKETize ssl_get_prev_session and tls1_process_ticket; and 2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 23 9月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Get rid of the third field that is no longer needed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 9月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
It's unused, and the same functionality can be achieved with saving a copy of the struct. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
The bookmark API results in a lot of boilerplate error checking that can be much more easily achieved with a simple struct copy. It also lays the path for removing the third PACKET field. Reviewed-by: NRich Salz <rsalz@openssl.org>
-