Dr. Stephen Henson
224b4e37c0
Don't allow DSA for TLS 1.3
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2840 )
2017-03-03 21:58:33 +00:00
edelangh
dbaa069a5e
use OSSLzu instead of lu format for size_t display
...
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2660 )
2017-03-03 08:04:47 -05:00
Bernd Edlinger
d734582275
Reset executable bits on files where not needed.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2835 )
2017-03-03 09:13:40 +01:00
Pauli
f2bcff43bc
Update the cipher(1) documentation to explicitly state that the RSA cipher
...
string means the same a kRSA.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2821 )
2017-03-02 19:26:47 -05:00
Rich Salz
332dc4fa5e
sh_malloc & sh_free prototype change to match POSIX
...
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2823 )
2017-03-02 19:16:57 -05:00
Matt Caswell
42f50fdf8a
Silence some more clang warnings
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2832 )
2017-03-03 00:05:57 +00:00
Matt Caswell
30d1bab146
Silence some clang warnings
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2831 )
2017-03-02 23:56:36 +00:00
Matt Caswell
83750d9b2b
More early data documentation updates following feedback
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
cd9f7f624e
Update the API documentation for the latest early data changes
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
09f2887482
Update early data API for writing to unauthenticated clients
...
Change the early data API so that the server must use
SSL_write_early_data() to write to an unauthenticated client.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
0665b4edae
Rename SSL_write_early() to SSL_write_early_data()
...
This is for consistency with the rest of the API where all the functions
are called *early_data*.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
f533fbd44a
Rename SSL_read_early() to SSL_read_early_data()
...
This is for consistency with the rest of the API where all the functions
are called *early_data*.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
ef466accdc
Updates to the early data documentation
...
Following on from the latest API changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
ade1e88806
Updates to s_server and s_client for the latest early_data API changes
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
3eaa417095
Make SSL_write_early_finish() an internal only function
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
5f9820380f
Add early_data tests
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
f7e393be47
Various fixes required to allow SSL_write/SSL_read during early data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
d7f8783ff9
Enable the server to call SSL_write() without stopping the ability to call SSL_read_early()
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
564547e482
Enable the client to call SSL_read() without stopping the ability to call SSL_write_early()
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
4004ce5f6c
Introduce a new early_data state in the state machine
...
Also simplifies the state machine a bit.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
bc908c679b
Improve the early data sanity check in SSL_do_handshake()
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
6437b802f1
Add documentation for the new s_client and s_server early_data options
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
0a5ece5bd2
Tighten sanity checks when calling early data functions
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
fd6c102520
Add documentation for the early data functions
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
f5b519c416
Make SSL_get_early_data_status() take a const
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:16 +00:00
Matt Caswell
46dcb9457e
Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a const
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
fcc4757823
Add a SSL_SESSION_get_max_early_data() function
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
7daf7156d8
Don't attempt to write more early_data than we know the server will accept
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
f637004037
Only accept early_data if the negotiated ALPN is the same
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
a832b5ef7a
Skip early_data if appropriate after a HelloRetryRequest
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
38df5a4527
Don't accept early_data if we are going to issue a HelloRetryRequest
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
538bea6c81
Add extra validation parsing the server-to-client early_data extension
...
Check that we actually resumed the session, and that we selected the first
identity.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
329114f91f
Remove some TLSv1.3 TODOs that are no longer relevant
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
2c604cb9af
Validate the ticket age for resumed sessions
...
If the ticket age calcualtions do not check out then we must not accept
early data (it could be a replay).
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
6746648c42
Ensure the max_early_data option to s_server can be 0
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
bfa9a9afe8
Provide a default value for max_early_data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
70ef40a05e
Check max_early_data against the amount of early data we actually receive
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
67f78eadd0
Make sure we reset the read sequence when skipping records
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
10109364bf
Disallow handshake messages in the middle of early_data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
c117af6765
Fix seg fault when sending early_data using CCM ciphersuites
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
576eb3958c
Get s_client to report on whether early data was accepted or not
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
b2cc7f313e
Implement client side parsing of the early_data extension
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
e0655186f9
Add a "-early_data" option to s_server
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
fe5e20fd26
Fix changing of the cipher state when dealing with early data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
1ea4d09a3c
Construct the server side early_data extension
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
d781d247d1
Provide an SSL_read_early() function for reading early data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
6cb422654d
Change the cipher state when sending early data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
d49e23ec58
Implement the early data changes required in tls13_change_cipher_state()
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
923ac8271b
Add an option to s_client to send early_data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00
Matt Caswell
0a87d0ac62
Parse the early_data extension
...
We also skip any early_data that subsequently gets sent. Later commits will
process it if we can.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737 )
2017-03-02 17:44:15 +00:00