#
1.108 |
|
03-Feb-2024 |
beck |
Remove GOST and STREEBOG support from libssl.
This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful.
At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here.
This removes it from libssl in preparation for it's removal from libcrypto with a future major bump
ok tb@
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.107 |
|
08-Jul-2023 |
beck |
Hide all public symbols in libssl
With the guentherizer 9000
ok tb@
|
#
1.106 |
|
26-May-2023 |
tb |
Move verified_chain from SSL to SSL_HANDSHAKE
This is a better version of the fix for the missing pointer invalidation but a bit larger, so errata got the minimal fix.
tested by jcs ok jsing
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.105 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.104 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.107 |
|
08-Jul-2023 |
beck |
Hide all public symbols in libssl
With the guentherizer 9000
ok tb@
|
#
1.106 |
|
26-May-2023 |
tb |
Move verified_chain from SSL to SSL_HANDSHAKE
This is a better version of the fix for the missing pointer invalidation but a bit larger, so errata got the minimal fix.
tested by jcs ok jsing
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.105 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.104 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.106 |
|
26-May-2023 |
tb |
Move verified_chain from SSL to SSL_HANDSHAKE
This is a better version of the fix for the missing pointer invalidation but a bit larger, so errata got the minimal fix.
tested by jcs ok jsing
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.105 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.104 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.105 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.104 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.104 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.103 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.102 |
|
02-Jul-2022 |
jsing |
Call certificate variables cert and certs, rather than x and sk
ok tb@
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.101 |
|
29-Jun-2022 |
tb |
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
|
#
1.100 |
|
29-Jun-2022 |
tb |
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
|
#
1.99 |
|
29-Jun-2022 |
tb |
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
|
#
1.98 |
|
29-Jun-2022 |
tb |
Make sure the verifier checks the security level in cert chains
ok beck jsing
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.97 |
|
28-Jun-2022 |
tb |
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
|
#
1.96 |
|
28-Jun-2022 |
tb |
Set up the default callback in SSL_CERT
ok beck jsing sthen
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.95 |
|
05-Feb-2022 |
jsing |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed.
ok inoguchi@ tb@
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.94 |
|
28-Jan-2022 |
inoguchi |
Error check for sk_push in libssl
CID 118976 118979
ok tb@
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.93 |
|
08-Jan-2022 |
jsing |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
|
#
1.92 |
|
08-Jan-2022 |
jsing |
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.
Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency.
ok inoguchi@ tb@
|
#
1.91 |
|
07-Jan-2022 |
jsing |
Rename dh_tmp to dhe_params.
Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality.
ok inoguchi@ tb@
|
#
1.90 |
|
07-Jan-2022 |
jsing |
Stop attempting to duplicate the public and private key of dh_tmp.
Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL.
ok inoguchi@ tb@
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.89 |
|
06-Jan-2022 |
jsing |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.88 |
|
29-Nov-2021 |
tb |
Stop using BIO_s_file_inernal() in libssl.
BIO_s_file_internal() should never have leaked out of libcrypto, but it did. As a first step of getting rid of it, stop using it internally.
ok jsing
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.87 |
|
26-Nov-2021 |
tb |
Stop reaching into EVP_PKEY in the rest of libssl.
ok inoguchi jsing
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.86 |
|
23-Oct-2021 |
beck |
Add SSL_get0_verified_chain - needed by some new stuff
symbol will be exposed with tb@'s forthcoming bump
ok tb@
|
#
1.85 |
|
23-Oct-2021 |
tb |
Unhandroll X509_up_ref()
ok beck jsing
|
#
1.84 |
|
23-Oct-2021 |
tb |
Change ssl_verify_cert_chain() for compatibility with opaque X509_STORE_CTX and use accessors instead of reaching directly into the struct.
ok jsing
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.83 |
|
11-Jun-2021 |
jsing |
Indent all labels with a single space.
This ensures that diff reports the correct function prototype.
Prompted by tb@
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.82 |
|
21-Apr-2021 |
jsing |
Clean up TLSv1.2 certificate request handshake data.
Currently cert_req is used by clients and cert_request is used by servers. Replace this by a single cert_request used by either client or server. Remove the certificate types as they are currently unused. This also fixes a bug whereby if the number of certificate types exceeds SSL3_CT_NUMBER the number of bytes read in is insufficient, which will break decoding.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.81 |
|
27-Mar-2021 |
tb |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted in hilarious mishandling of previous_{client,server}_finished. Indeed, both client and server would first store the client's verify_data in previous_server_finished and later overwrite it with the server's verify_data. Consequently, renegotiation has been completely broken for more than a year. In fact, server side renegotiation was broken during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous behavior of SSL_get_client_CA_list(). Server side renegotiation will be fixed in a later commit.
ok jsing
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.80 |
|
20-Nov-2020 |
tb |
fix another misleading line break and indent
|
#
1.79 |
|
20-Nov-2020 |
tb |
fix confusing line break and indent
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.78 |
|
05-Jun-2020 |
jsing |
Handle GOST in ssl_cert_dup().
Add missing case entry for SSL_PKEY_GOST01.
Diff from Dmitry Baryshkov <dbaryshkov@gmail.com>
Sponsored by ROSA Linux
ok inoguchi@ tb@
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.77 |
|
19-May-2020 |
jsing |
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the intention of handling RSA sign only certificates... this incomplete code had the following comment:
/* check to see if this is a signing only certificate */ /* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.76 |
|
15-May-2019 |
bcook |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead.
ok jsing@
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.75 |
|
13-Apr-2019 |
tb |
Avoid leak in SSL_dup_CA_list()
In the case that X509_NAME_dup() succeeds, but sk_X509_NAME_push() fails, name is leaked. The entire function is trying to be clever and therefore hard to follow. Let's do it the stupid but safe way.
ok jsing
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.74 |
|
25-Mar-2019 |
jsing |
Strip out all of the pkey to sigalg and sigalg to pkey linkages.
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
#
1.73 |
|
25-Mar-2019 |
jsing |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it...
ok beck@ tb@
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.72 |
|
19-Nov-2018 |
jsing |
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.71 |
|
16-Nov-2018 |
beck |
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy sigalg for MD5_SHA1 and using it as the non sigalgs default ok jsing@
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.70 |
|
10-Nov-2018 |
beck |
Stop keeping track of sigalgs by guessing it from digest and pkey, just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.69 |
|
08-Nov-2018 |
jsing |
Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.
ok beck@ tb@
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.68 |
|
05-Nov-2018 |
jsing |
Mop up ecdh_tmp, since it is no longer used.
ok bluhm@ tb@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
#
1.67 |
|
25-Apr-2018 |
tb |
OpenSSL started adding const to functions all over the place. Make all our libssl functions match theirs wrt const, except for BIO_f_ssl(3) which will be fixed in a later step.
this went through a i386 bulk by sthen ok jsing
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.66 |
|
12-Aug-2017 |
jsing |
Remove support for DSS/DSA, since we removed the cipher suites a while back.
ok guenther@
|
#
1.65 |
|
10-Aug-2017 |
jsing |
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op.
ok beck@ doug@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.64 |
|
07-Feb-2017 |
beck |
Change SSLerror() back to taking two args, with the first one being an SSL *. Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
|
#
1.63 |
|
29-Jan-2017 |
beck |
Send the function codes from the error functions to the bit bucket, as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
|
#
1.62 |
|
26-Jan-2017 |
beck |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly line wraps that resulted
|
#
1.61 |
|
26-Jan-2017 |
beck |
Send the error function codes to rot in the depths of hell where they belong We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
|
#
1.60 |
|
24-Jan-2017 |
jsing |
sk_free() checks for NULL so do not bother doing it from the callers.
|
#
1.59 |
|
24-Jan-2017 |
jsing |
sk_pop_free() checks for NULL so do not bother doing it from the callers.
|
#
1.58 |
|
23-Jan-2017 |
beck |
Move a large part of ssl_st into internal, so we can see what squeals. ok jsing@
|
#
1.57 |
|
23-Jan-2017 |
jsing |
Move most of the fields in SSL_CTX to internal - the ones that remain are known to be in use.
ok beck@
|
#
1.56 |
|
23-Jan-2017 |
beck |
move the callbacks from ssl_st to internal ok jsing@
|
#
1.55 |
|
23-Jan-2017 |
jsing |
Move callback function pointers and argument pointers from SSL_CTX to internal.
ok beck@
|
#
1.54 |
|
22-Jan-2017 |
jsing |
Move most of the SSL3_STATE fields to internal - the ones that remain are known to be used by ports.
ok beck@
|
#
1.53 |
|
21-Dec-2016 |
jsing |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
|
#
1.52 |
|
11-Mar-2016 |
mmcc |
X509_free(3) is NULL-safe, so remove NULL checks before its calls.
ok doug@
|
#
1.51 |
|
11-Sep-2015 |
jsing |
Nuke ssl_set_peer_cert_type().
ok "flensing knife"
|
#
1.50 |
|
06-Apr-2015 |
guenther |
readdir() is thread-safe when DIR handles aren't shared, so delete the lock. (POSIX is fixing its description: readdir_r() was a botch)
Patch from Carlos Mart�n Nieto (cmn (at) dwim.me) no -portable concerns bcook@
|
#
1.49 |
|
14-Dec-2014 |
jsing |
Remove trailing whitespace.
|
#
1.48 |
|
10-Dec-2014 |
jsing |
Remove support for GOST R 34.10-94 signature authentication, along with the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
|
#
1.47 |
|
06-Dec-2014 |
jsing |
Remove client handling of RSA in ServerKeyExchange messages, along with the associated peer_rsa_tmp goop.
This was only needed for export cipher handling and intentional RFC violations. The export cipher suites have already been removed and previous cleanup means that we will never send ServerKeyExchange messages from the server side for RSA.
|
#
1.46 |
|
18-Nov-2014 |
miod |
Update the GOST code in libssl, as contributed by Dmitry Eremin-Solenikov.
This causes a libssl major version bump as this affects the layout of some internal-but-unfortunately-made-visible structs.
|
#
1.45 |
|
16-Nov-2014 |
jsing |
Sort and group includes.
|
#
1.44 |
|
31-Oct-2014 |
jsing |
Add support for automatic DH ephemeral keys.
This allows an SSL server to enable DHE ciphers with a single setting, which results in an DH key being generated based on the server key length.
Partly based on OpenSSL.
|
#
1.43 |
|
31-Oct-2014 |
jsing |
Remove support for ephemeral/temporary RSA private keys.
The only use for these is via SSL_OP_EPHEMERAL_RSA (which is effectively a standards violation) and for RSA sign-only, should only be possible if you are using an export cipher and have an RSA private key that is more than 512 bits in size (however we no longer support export ciphers).
ok bcook@ miod@
|
#
1.42 |
|
03-Oct-2014 |
jsing |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
|
#
1.41 |
|
10-Jul-2014 |
guenther |
branches: 1.41.4; KNF comments, reflowing and moving out of the middle of argument lists in places
ok jsing@
|
#
1.40 |
|
09-Jul-2014 |
jsing |
tedu the SSL export cipher handling - since we do not have enabled export ciphers we no longer need the flags or code to support it.
ok beck@ miod@
|
#
1.39 |
|
21-Jun-2014 |
logan |
Fix memory leak in error path.
OK from miod@
|
#
1.38 |
|
12-Jun-2014 |
deraadt |
tags as requested by miod and tedu
|
#
1.37 |
|
08-Jun-2014 |
jsing |
No, we will not be building with OPENSSL_NO_X509_VERIFY. Nuke it and do some other clean up while here.
ok deraadt@
|
#
1.36 |
|
07-Jun-2014 |
jsing |
BIO_free has an implicit NULL check, so do not bother checking for NULL before calling it.
|
#
1.35 |
|
07-Jun-2014 |
jsing |
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
|
#
1.34 |
|
07-Jun-2014 |
jsing |
More KNF.
|
#
1.33 |
|
30-May-2014 |
tedu |
remove some #if 0 code. we don't need any more reminders that we're using a not quite appropriate data structure. ok jsing
|
#
1.32 |
|
29-May-2014 |
beck |
Any sane platform has stdio. Stop pretending we will ever use a platform that does not. "fire bomb" tedu@
|
#
1.31 |
|
29-May-2014 |
tedu |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. ok deraadt jsing
|
#
1.30 |
|
26-May-2014 |
miod |
We don't really to keep history in constructs such as:
#if 1 /* new with openssl 0.9.4 */ current code; #else obsolete code; #endif
|
#
1.29 |
|
22-May-2014 |
jsing |
There are two actual uses of e_os2.h in libssl - an OPENSSL_GLOBAL (an empty define) and an OPENSSL_EXTERN (which is defined as, well... extern). The use of OPENSSL_EXTERN is already inconsistent since the lines above and below just use plain old "extern". Expand the two uses of these macros and stop including e_os2.h in libssl.
ok miod@
|
#
1.28 |
|
26-Apr-2014 |
beck |
Replace all use of ERR_add_error_data with ERR_asprintf_error_data. This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
|
#
1.27 |
|
21-Apr-2014 |
deraadt |
more malloc/realloc/calloc cleanups; ok beck kettenis
|
#
1.26 |
|
19-Apr-2014 |
guenther |
More KNF and style consistency tweaks
|
#
1.25 |
|
17-Apr-2014 |
tedu |
always build in RSA and DSA. ok deraadt miod
|
#
1.24 |
|
17-Apr-2014 |
deraadt |
kill REF_PRINT/REF_CHECK debugging framework noone would use ok miod
|
#
1.23 |
|
17-Apr-2014 |
beck |
Change library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
|
#
1.22 |
|
15-Apr-2014 |
beck |
o_dir.c had a very funny odor. all users of this now use standard functions. consign it to the Attic. ok deraadt@
|
#
1.21 |
|
14-Apr-2014 |
beck |
convert the use of OPENSSL_DIR_XXX functions to opendir() and frends. ok deraadt@
|
#
1.20 |
|
14-Apr-2014 |
jsing |
First pass at applying KNF to the OpenSSL code, which almost makes it readable. This pass is whitespace only and can readily be verified using tr and md5.
|
#
1.19 |
|
13-Apr-2014 |
beck |
Remove vms support stuff. ok deraadt@
|
#
1.18 |
|
13-Apr-2014 |
mpi |
Do not include "e_os.h" anymore. Simply pull in the necessary headers.
ok miod@, deraadt@
|
#
1.17 |
|
13-Apr-2014 |
miod |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
|
#
1.16 |
|
13-Oct-2012 |
djm |
resolve conflicts
|
#
1.15 |
|
01-Oct-2010 |
djm |
resolve conflicts, fix local changes
|
#
1.14 |
|
06-Sep-2008 |
djm |
resolve conflicts
|
#
1.13 |
|
27-Jun-2006 |
djm |
resolve conflicts
|
#
1.12 |
|
29-Apr-2005 |
djm |
resolve conflicts
|
#
1.11 |
|
08-Apr-2004 |
markus |
merge 0.9.7d
|
#
1.10 |
|
12-May-2003 |
markus |
merge 0.9.7b with local changes; crank majors for libssl/libcrypto
|
#
1.9 |
|
21-May-2002 |
beck |
Merge openssl-0.9.7-stable-SNAP-20020519
|
#
1.8 |
|
15-May-2002 |
beck |
OpenSSL 0.9.7 stable 2002 05 08 merge
|
#
1.7 |
|
22-Jun-2001 |
beck |
openssl-engine-0.9.6a merge
|
#
1.6 |
|
15-Dec-2000 |
beck |
openssl-engine-0.9.6 merge
|
#
1.5 |
|
16-Oct-2000 |
beck |
fix missing closedir() that could allow apacheSSL to leak fd's, from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
|
#
1.4 |
|
15-Apr-2000 |
beck |
OpenSSL 0.9.5a merge
|
#
1.3 |
|
19-Mar-2000 |
beck |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
#
1.2 |
|
29-Sep-1999 |
beck |
OpenSSL 0.9.4 merge
|
#
1.1 |
|
05-Oct-1998 |
ryker |
branches: 1.1.1; Initial revision
|