In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records. Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Their only reason to exist was that they didn't exist in VMS before
version 7.0. We do not support such old versions any more.
However, for the benefit of systems that don't get strings.h included
by string.h, we include the former in e_os.h.
RT#4458
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
It is up to the caller of SSL_dane_tlsa_add() to take appropriate
action when no records are added successfully or adding some records
triggers an internal error (negative return value).
With this change the caller can continue with PKIX if desired when
none of the TLSA records are usable, or take some appropriate action
if DANE is required.
Also fixed the internal ssl_dane_dup() function to properly initialize
the TLSA RR stack in the target SSL handle. Errors in ssl_dane_dup()
are no longer ignored.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Travis identified a problem with freeing the ex_data locks which wasn't
quite right in ff2344052. Trying to fix it identified a further problem:
the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called
explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to
CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data
lock already freed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
libssl needs to have access to some internal libcrypto symbols.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
There was a lot of naming inconsistency, so we try and standardise on
one form.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
CONF_modules_free() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
BIO_sock_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
ERR_free_strings() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
COMP_zlib_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Move the the BIO_METHOD and BIO structures into internal header files,
provide appropriate accessor methods and update all internal code to use
the new accessors where appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Also tweak some of the code in demos/bio, to enable interactive
testing of BIO_s_accept's use of SSL_dup. Changed the sconnect
client to authenticate the server, which now exercises the new
SSL_set1_host() function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Add macro ossl_inline for use in public headers where a portable inline
is required. Change existing inline to use ossl_inline
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
There are header files in crypto/ that are used by the rest of
OpenSSL. Move those to include/internal and adapt the affected source
code, Makefiles and scripts.
The header files that got moved are:
crypto/constant_time_locl.h
crypto/o_dir.h
crypto/o_str.h
Reviewed-by: Matt Caswell <matt@openssl.org>
Having the INTxx_MIN et al macros defined in a public header is
unnecessary and risky. Also, it wasn't done for all platforms that
might need it.
So we move those numbers to an internal header file, do the math
ourselves and make sure to account for the integer representations we
know of.
This introduces include/internal, which is unproblematic since we
already use -I$(TOP)/include everywhere. This directory is different
from crypto/include/internal, as the former is more general internal
headers for all of OpenSSL, while the latter is for libcrypto only.
Reviewed-by: Matt Caswell <matt@openssl.org>
