- 30 10月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
This is the first drop of the new state machine code. The rewrite has the following objectives: - Remove duplication of state code between client and server - Remove duplication of state code between TLS and DTLS - Simplify transitions and bring the logic together in a single location so that it is easier to validate - Remove duplication of code between each of the message handling functions - Receive a message first and then work out whether that is a valid transition - not the other way around (the other way causes lots of issues where we are expecting one type of message next but actually get something else) - Separate message flow state from handshake state (in order to better understand each) - message flow state = when to flush buffers; handling restarts in the event of NBIO events; handling the common flow of steps for reading a message and the common flow of steps for writing a message etc - handshake state = what handshake message are we working on now - Control complexity: only the state machine can change state: keep all the state changes local to a file This builds on previous state machine related work: - Surface CCS processing in the state machine - Version negotiation rewrite Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
The function ssl3_get_message gets a whole message from the underlying bio and returns it to the state machine code. The new state machine code will split this into two discrete steps: get the message header and get the message body. This commit splits the existing function into these two sub steps to facilitate the state machine implementation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 10月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Old API for use with OpenSSL-0.9.6. Remove it. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 24 10月, 2015 1 次提交
-
-
由 Alessandro Ghedini 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 12 10月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 09 10月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
Note that this commit constifies a user callback parameter and therefore will break compilation for applications using this callback. But unless they are abusing write access to the buffer, the fix is trivial. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Adam Eijdenberg 提交于
Original authors: Rob Stradling <rob@comodo.com> Dr. Stephen Henson <steve@openssl.org> Reviewed-by: NEmilia Kasper <emilia@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 10月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
mkdef.pl was getting confused by: # ifdef OPENSSL_NO_RMD160 # error RIPEMD is disabled. # endif Changing RIPEMD to RMD160 solves it. Fix suggested by Steve Henson. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 06 10月, 2015 3 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dmitry Belyavskiy 提交于
This change introduces short names and NIDs for Russian GOST ciphers according to GOST R 34.13-2015 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Move all packet parsing to the beginning of the method. This limits the SSLv2 compatibility soup to the parsing, and makes the rest of the processing uniform. This is also needed for simpler EMS support: EMS servers need to do an early scan for EMS to make resumption decisions. This'll be easier when the entire ClientHello is parsed in the beginning. As a side effect, 1) PACKETize ssl_get_prev_session and tls1_process_ticket; and 2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 10月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
When a decoding error in ASN.1 occurs only free up the partial structure at the top level. This simplifies embedded handling and fixes freeing up of structures when presented with malformed input. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 10月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 10月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
This reverts commit 3aabc1dd. Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Dmitry Belyavskiy 提交于
Add some custom ctrls for Engine specific use. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
This patch updates the "DEFAULT" cipherstring to be "ALL:!COMPLEMENTOFDEFAULT:!eNULL". COMPLEMENTOFDEFAULT is now defined internally by a flag on each ciphersuite indicating whether it should be excluded from DEFAULT or not. This gives us control at an individual ciphersuite level as to exactly what is in DEFAULT and what is not. Finally all DES, RC4 and RC2 ciphersuites are added to COMPLEMENTOFDEFAULT and hence removed from DEFAULT. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 30 9月, 2015 3 次提交
-
-
由 Rich Salz 提交于
Looks like someone forgot to do a "make update" since crypto/ts/Makefile keeps changing. So include that. Second is that the declare_dh_bn macro fools the libeay.num script. The declarations are only needed in one file (dh_rfc5114) so remove them from the header and put the "raw" declarations directly into that file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 David Woodhouse 提交于
Much related/similar work also done by Ivan Nestlerode <ivan.nestlerode@sonos.com> +Replace FILE BIO's with dummy ops that fail. +Include <stdio.h> for sscanf() even with no-stdio (since the declaration is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment variable, since it can be larger than a 'long'. And we don't rely on the availability of strtoull(). +Remove OPENSSL_stderr(); not used. +Make OPENSSL_showfatal() do nothing (currently without stdio there's nothing we can do). +Remove file-based functionality from ssl/. The function prototypes were already gone, but not the functions themselves. +Remove unviable conf functionality via SYS_UEFI +Add fallback definition of BUFSIZ. +Remove functions taking FILE * from header files. +Add missing DECLARE_PEM_write_fp_const +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out, so remove its prototype. +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid(). +Eliminate SRP_VBASE_init() and supporting functions. Users will need to build the verifier manually instead. +Eliminate compiler warning for unused do_pk8pkey_fp(). +Disable TEST_ENG_OPENSSL_PKEY. +Disable GOST engine as is uses [f]printf all over the place. +Eliminate compiler warning for unused send_fp_chars(). Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
On Windows OPENSSL_EXPORT_VAR_AS_FUNCTION is defined and in a sense this modification simply harmonizes it with "VAR_AS_VAR". Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 29 9月, 2015 1 次提交
-
-
由 Nicholas Cooper 提交于
Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 25 9月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Previously you could only set both the default path and file locations together. This adds the ability to set one without the other. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 23 9月, 2015 6 次提交
-
-
由 Matt Caswell 提交于
The existing implementation of DTLSv1_listen() is fundamentally flawed. This function is used in DTLS solutions to listen for new incoming connections from DTLS clients. A client will send an initial ClientHello. The server will respond with a HelloVerifyRequest containing a unique cookie. The client the responds with a second ClientHello - which this time contains the cookie. Once the cookie has been verified then DTLSv1_listen() returns to user code, which is typically expected to continue the handshake with a call to (for example) SSL_accept(). Whilst listening for incoming ClientHellos, the underlying BIO is usually in an unconnected state. Therefore ClientHellos can come in from *any* peer. The arrival of the first ClientHello without the cookie, and the second one with it, could be interspersed with other intervening messages from different clients. The whole purpose of this mechanism is as a defence against DoS attacks. The idea is to avoid allocating state on the server until the client has verified that it is capable of receiving messages at the address it claims to come from. However the existing DTLSv1_listen() implementation completely fails to do this. It attempts to super-impose itself on the standard state machine and reuses all of this code. However the standard state machine expects to operate in a stateful manner with a single client, and this can cause various problems. A second more minor issue is that the return codes from this function are quite confused, with no distinction made between fatal and non-fatal errors. Most user code treats all errors as non-fatal, and simply retries the call to DTLSv1_listen(). This commit completely rewrites the implementation of DTLSv1_listen() and provides a stand alone implementation that does not rely on the existing state machine. It also provides more consistent return codes. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
Add the ability to peek at a message from the DTLS read BIO. This is needed for the DTLSv1_listen rewrite. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
Fix comment, add another overflow check, tidy style Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Alessandro Ghedini 提交于
BUF_strndup was calling strlen through BUF_strlcpy, and ended up reading past the input if the input was not a C string. Make it explicitly part of BUF_strndup's contract to never read more than |siz| input bytes. This augments the standard strndup contract to be safer. The commit also adds a check for siz overflow and some brief documentation for BUF_strndup(). Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 22 9月, 2015 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 20 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 9月, 2015 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the structure is not allocated: it is part of the parent. That is instead of FOO *x; it must be: FOO x; This reduces memory fragmentation and make it impossible to accidentally set a mandatory field to NULL. This currently only works for SEQUENCE and since it is equivalent to ASN1_SIMPLE it cannot be tagged, OPTIONAL, SET OF or SEQUENCE OF. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alessandro Ghedini 提交于
When OPENSSL_EXPORT_VAR_AS_FUNCTION is defined, the static_ASN1_ITEM_start macro doesn't exist so the build fails. This problem was introduced in commit df2ee0e2. Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#3920. Reviewed-by: NRich Salz <rsalz@openssl.org>
-