Commit graph

13203 commits

Author SHA1 Message Date
Matt Caswell
1b34e25c17 Fix record layer "make clean"
The "clean" target in libssl has been updated to handle the new record
layer sub-directory.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-31 14:39:14 +01:00
Richard Levitte
8bf5b8ab22 Fix some faults in util/mk1mf.pl
When building on Unix, there are times when the 'EX_LIB' MINFO variable
contains valuable information.  Make sure to take care of it.

fixrules in util/pl/unix.pl was previously changed with a simpler fix of
rules, with a comment claiming that's compatible with -j.  Unfortunately,
this breaks multiline rules and doesn't change anything for single line
rules.  While at it, do not prefix pure echo lines with a 'cd $(TEST_D) &&',
as that's rather silly.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-31 15:21:18 +02:00
Dr. Stephen Henson
e93c8748ab Remove duplicate code.
Update code to use ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence
instead of performing the same operation manually.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
22f5bd3dd2 New ASN1_TYPE SEQUENCE functions.
Add new functions ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence:
these encode and decode ASN.1 SEQUENCE using an ASN1_TYPE structure.

Update ordinals.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
94f4b4b313 Rewrite X509_PKEY_new to avoid old ASN1. macros.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:31 +01:00
Dr. Stephen Henson
3a1f43023a Remove unnecessary asn1_mac.h includes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-30 22:01:30 +01:00
Richard Levitte
06affe3dac Initialised 'ok' and redo the logic.
The logic with how 'ok' was calculated didn't quite convey what's "ok",
so the logic is slightly redone to make it less confusing.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-30 05:31:58 +02:00
Andy Polyakov
b1a5d1c652 sha/asm/sha512-armv4.pl: adapt for use in Linux kernel context.
Follow-up to sha256-armv4.pl in cooperation with Ard Biesheuvel
(Linaro) and Sami Tolvanen (Google).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-29 15:24:20 +02:00
Andy Polyakov
51f8d09556 sha/asm/sha256-armv4.pl: fix compile issue in kernel
and eliminate little-endian dependency.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-29 15:22:03 +02:00
Richard Levitte
6a919b44f7 Have a shared library version thats reasonable with our version scheme
The FAQ says this:

    After the release of OpenSSL 1.0.0 the versioning scheme changed. Letter
    releases (e.g. 1.0.1a) can only contain bug and security fixes and no
    new features. Minor releases change the last number (e.g. 1.0.2) and
    can contain new features that retain binary compatibility. Changes to
    the middle number are considered major releases and neither source nor
    binary compatibility is guaranteed.

With such a scheme (and with the thinking that it's nice if the shared
library version stays on track with the OpenSSL version), it's rather
futile to keep the minor release number in the shared library version.
The deed already done with OpenSSL 1.0.x can't be changed, but with
1.x.y, x=1 and on, 1.x as shared library version is sufficient.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-29 09:42:58 +02:00
Dr. Stephen Henson
79a578b902 Add private/public key conversion tests
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-29 03:26:12 +01:00
Dr. Stephen Henson
b1f3442857 Remove d2i_X509_PKEY and i2d_X509_PKEY
Remove partially implemented d2i_X509_PKEY and i2d_X509_PKEY: nothing
uses them and they don't work properly. Update ordinals.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 15:39:18 +00:00
Andy Polyakov
f0e6871df2 ec/asm/ecp_nistz256-x86_64.pl: update commentary with before-after performance data.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:59:27 +01:00
Rich Salz
c5ba2d9904 free NULL cleanup
EVP_.*free; this gets:
        EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
        EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
        EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 10:54:15 -04:00
Andy Polyakov
33b188a8e8 Engage vpaes-armv8 module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:42:12 +01:00
Andy Polyakov
2779c08436 Add vpaes-amrv8.pl module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:41:50 +01:00
Andy Polyakov
1818572d83 Configure: remove unused variables.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:36:40 +01:00
Dr. Stephen Henson
23dc1706e8 Make asn1_ex_i2c, asn1_ex_c2i static.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 12:08:48 +00:00
Dr. Stephen Henson
ee9d76371a Remove combine option from ASN.1 code.
Remove the combine option. This was used for compatibility with some
non standard behaviour in ancient versions of OpenSSL: specifically
the X509_ATTRIBUTE and DSAPublicKey handling. Since these have now
been revised it is no longer needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 22:04:15 +00:00
Dr. Stephen Henson
ea6b07b54c Simplify DSA public key handling.
DSA public keys could exist in two forms: a single Integer type or a
SEQUENCE containing the parameters and public key with a field called
"write_params" deciding which form to use. These forms are non standard
and were only used by functions containing "DSAPublicKey" in the name.

Simplify code to only use the parameter form and encode the public key
component directly in the DSA public key method.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 22:04:15 +00:00
Dr. Stephen Henson
dd14f91171 ASN1_TYPE documentation.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 21:59:17 +00:00
Matt Caswell
ee3ef9cbe9 Add Record Layer documentation
Add some design documentation on how the record layer works to aid future
maintenance.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:28 +00:00
Matt Caswell
6f7ae319df Fix formatting oddities
Fix some formatting oddities in rec_layer_d1.c.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:28 +00:00
Matt Caswell
d2200cafd4 Fix record.h formatting
Fix some strange formatting in record.h. This was probably originally
introduced as part of the reformat work.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:26 +00:00
Matt Caswell
e5bf62f716 Define SEQ_NUM_SIZE
Replace the hard coded value 8 (the size of the sequence number) with a
constant defined in a macro.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:25:48 +00:00
Matt Caswell
3497ac5d33 Fix compilation on windows for record layer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
1711f8de45 Rename record layer source files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
9e7ba3b2a2 Remove some unneccessary macros
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
c99c4c11a2 Renamed record layer header files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
44cc35d382 Reorganise header files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
cca52a844f Remove last trace of non-record layer code reading and writing sequence
numbers directly

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
3bb8f87d2d Move last_write_sequence from s->d1 to s->rlayer.d.
Also push some usage of last_write_sequence out of dtls1_retransmit_message
and into the record layer.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
14daae5a62 Move ssl3_record_sequence_update into record layer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
24a1e2f2ec Move buffered_app_data from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
c661ac1689 Move handshake_fragment, handshake_fragment_len, alert_fragment and
alert_fragment_len from s->d1 to s->rlayer.d

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
5fb6f80cdf Fix seg fault in dtls1_new
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
cb2ce7abfd Moved processed_rcds and unprocessed_rcds from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
91f93f69ef Move bitmap and next_bitmap from s->d1 to s->rlayer.d.
Create dtls_bitmap.h and dtls_bitmap.c

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
78a39fe735 Move r_epoch and w_epoch from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
40f37188a6 Introduce a DTLS_RECORD_LAYER type for DTLS record layer state
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
bb4203d97e Move DTLS1_RECORD_DATA into rec_layer.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
de07f311ce Move read_sequence and write_sequence from s->s3 to s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
f8caa3c813 Move s->s3->wpend_* to s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
4aa7389e6c Move handshake_fragment, handshake_fragment_len, alert_fragment and
alert_fragment_len from s->s3 into s->rlayer

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
e2228d318c Move s->s3->wnum to s->rlayer.wnum
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
295c3f4111 Move s->rstate to s->rlayer.rstate
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
7a7048aff0 Move s->packet and s->packet_length into s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
24a90afd85 Remove unneccessary use of accessor function now code is moved into record
layer

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
88c2303948 Make rrec, wrec, rbuf and wbuf fully private to the record layer. Also, clean
up some access to them. Now that various functions have been moved into the
record layer they no longer need to use the accessor macros.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
2c60ed0452 Removed dependency on rrec from heartbeat processing
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00