Commit graph

10615 commits

Author SHA1 Message Date
Bodo Moeller
8c149cfd83 Sync with version from master. 2013-09-17 09:55:27 +02:00
Trevor Perrin
6da498991c Various custom extension fixes.
Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.

Conflicts:
	ssl/t1_lib.c
2013-09-16 18:40:53 +01:00
Rob Stradling
86a66deb7e Update CHANGES. 2013-09-16 14:03:22 +01:00
Rob Stradling
9409e18179 Tidy up comments. 2013-09-16 14:03:21 +01:00
Rob Stradling
6a0b803fc0 Use TLS version supplied by client when fingerprinting Safari. 2013-09-16 14:03:21 +01:00
Rob Stradling
5fa3b54788 Fix compilation with no-ec and/or no-tlsext. 2013-09-16 14:03:21 +01:00
Rob Stradling
07df5018be Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-16 14:03:21 +01:00
Bodo Moeller
1b9a59c36a Sync CHANGES and NEWS files. 2013-09-16 14:54:34 +02:00
Bodo Moeller
8f89c33451 Merge branch 'OpenSSL_1_0_2-stable' of /usr/local/google/home/bmoeller/openssl/openssl into OpenSSL_1_0_2-stable 2013-09-16 14:51:10 +02:00
Bodo Moeller
485d7d5904 Fix overly lenient comparisons:
- EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-09-16 14:50:48 +02:00
Bodo Moeller
e3720888c7 Fix overly lenient comparisons:
- EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-09-16 13:06:30 +02:00
Andy Polyakov
d75e384ff8 Extend OPENSSL_ia32cap_P (backport from HEAD). 2013-09-15 22:13:54 +02:00
Andy Polyakov
c340c7a88c crypto/armcap.c: fix typo in rdtsc subroutine.
PR: 3125
Submitted by: Kyle McMartin
(cherry picked from commit 8e52a9063a)
2013-09-15 22:10:49 +02:00
Dr. Stephen Henson
9ecf6e93af add -badsig option to corrupt CRL signatures for testing too
(cherry picked from commit 139cd16cc5)
2013-09-14 13:53:44 +01:00
Dr. Stephen Henson
a41735288c Add missing code from SSL_CONF backport. 2013-09-14 13:53:44 +01:00
Scott Deboy
8ae78c6bd9 Initialize next_proto in s_server - resolves incorrect attempts to free
Cherry pick of b0d27cb902.
2013-09-13 11:31:39 -04:00
Adam Langley
cb3cec4adf Add tests for ALPN functionality.
Cherry-picked from a898936218.
2013-09-13 11:27:26 -04:00
Adam Langley
b0d6f3c58f Support ALPN.
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF
blessed version of NPN and we'll be supporting both ALPN and NPN for
some time yet.

Cherry-picked from 6f017a8f9d.

[1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00
2013-09-13 11:27:22 -04:00
Ben Laurie
0338648426 Constification. 2013-09-10 17:58:44 +01:00
Andy Polyakov
c7dc404188 crypto/modes/asm/aesni-gcm-x86_64.pl: minor optimization.
Avoid occasional up to 8% performance drops.
(cherry picked from commit 7a1a12232a)
2013-09-09 21:46:02 +02:00
Andy Polyakov
08853158b6 crypto/bn/asm/x86_64-mont.pl: minor optimization.
(cherry picked from commit 72a158703b)
2013-09-09 21:42:48 +02:00
Andy Polyakov
74e0187663 Revert "x86cpuid.pl: fix extended feature flags detection."
This reverts commit 514f1a7835.
2013-09-09 21:35:15 +02:00
Dr. Stephen Henson
bb4aa95c81 Remove ancient PATENTS section and FAQ reference.
(cherry picked from commit ce4555967e)
2013-09-08 21:25:38 +01:00
Dr. Stephen Henson
5117d50b7e Partial path fix.
When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.
(cherry picked from commit 52073b7675)
2013-09-08 21:25:10 +01:00
Dr. Stephen Henson
593605d3ec Document supported curve functions.
(cherry picked from commit c3eb33763b)
2013-09-03 15:43:59 +01:00
Dr. Stephen Henson
c9ea4df8f9 Document -force_pubkey option.
(cherry picked from commit b093a06866bf632a97a9a0286e2d08f69c3cf7dd)
2013-08-21 13:41:17 +01:00
Dr. Stephen Henson
89ff56faf1 Correct ECDSA example.
(cherry picked from commit 3a918ea2bbf4175d9461f81be1403d3781b2c0dc)
2013-08-20 17:30:16 +01:00
Dr. Stephen Henson
9855026c43 fix printout of expiry days if -enddate is used in ca
(cherry picked from commit f7ac0ec89d)
2013-08-19 21:55:07 +01:00
Dr. Stephen Henson
904348a492 Time difference functions.
Backport of ASN1_TIME_diff and OPENSSL_gmtime_diff functions from master
branch.
2013-08-19 21:55:07 +01:00
Dr. Stephen Henson
aaaa18392d new command line option -stdname to ciphers utility
(cherry picked from commit 51b9115b6d)
2013-08-19 20:25:39 +01:00
Dr. Stephen Henson
8c33e40d2e Add new test option set the version in generated certificates: this
is needed to test some profiles/protocols which reject certificates
with unsupported versions.
(cherry picked from commit df316fd43c)
2013-08-19 18:10:04 +01:00
Dr. Stephen Henson
0d04af1e72 option to output corrupted signature in certificates for testing purposes
(cherry picked from commit 96cfba0fb4)
2013-08-19 18:09:44 +01:00
Dr. Stephen Henson
8f17495800 update usage messages
(cherry picked from commit 7c8ac50504)
2013-08-19 18:09:26 +01:00
Dr. Stephen Henson
95c1a24853 add -naccept <n> option to s_server to automatically exit after <n> connections
(cherry picked from commit b5cadfb564)
2013-08-19 17:42:02 +01:00
Dr. Stephen Henson
08374de10f with -rev close connection if client sends "CLOSE"
(cherry picked from commit 685755937a)
2013-08-19 14:14:05 +01:00
Dr. Stephen Henson
506e70a216 Add simple external session cache to s_server. This serialises sessions
just like a "real" server making it easier to trace any problems.

(manually applied from commit 35b0ea4efe)
2013-08-19 14:13:56 +01:00
Dr. Stephen Henson
0cca92cdd3 Remove commented out debug line. 2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
5b430cfc44 Make no-ec compilation work.
(cherry picked from commit 14536c8c9c)
2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
171c4da568 Add -rev test option to s_server to just reverse order of characters received
by client and send back to server. Also prints an abbreviated summary of
the connection parameters.
(cherry picked from commit 4f3df8bea2)
2013-08-19 14:13:38 +01:00
Dr. Stephen Henson
04611fb0f1 Add -brief option to s_client and s_server to summarise connection details.
New option -verify_quiet to shut up the verify callback unless there is
an error.

(manually applied from commit 2a7cbe77b3)
2013-08-19 14:13:24 +01:00
Dr. Stephen Henson
df430489cf Add documentation.
Preliminary documentation for chain and verify stores and certificate chain
setting functions.
(cherry picked from commit eeb15452a0)
2013-08-18 13:53:32 +01:00
Dr. Stephen Henson
5085e57fb5 Return 1 when setting ECDH auto mode.
(cherry picked from commit 42082eda6f)
2013-08-18 13:53:00 +01:00
Michael Tuexen
75b81247a0 DTLS message_sequence number wrong in rehandshake ServerHello
This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
(cherry picked from commit b62f4daac0)
2013-08-13 18:55:16 +01:00
Michael Tuexen
2c1a5c1039 DTLS handshake fix.
Reported by: Prashant Jaikumar <rmstar@gmail.com>

Fix handling of application data received before a handshake.
(cherry picked from commit 0c75eeacd3)
2013-08-08 13:31:54 +01:00
Dr. Stephen Henson
71c34b7f2d Fix verify loop with CRL checking.
PR #3090
Reported by: Franck Youssef <fry@open.ch>

If no new reason codes are obtained after checking a CRL exit with an
error to avoid repeatedly checking the same CRL.

This will only happen if verify errors such as invalid CRL scope are
overridden in a callback.
(cherry picked from commit 4b26645c1a)
2013-08-06 16:08:04 +01:00
Kaspar Brand
b0cfaf58ad Fix for PEM_X509_INFO_read_bio.
PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
(cherry picked from commit 5ae8d6bcba)
2013-08-06 16:04:52 +01:00
Andy Polyakov
9dc07f04c3 crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
2013-08-03 17:09:37 +02:00
Andy Polyakov
f15c16200b crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.
(cherry picked from commit fd8ad019e1)
2013-08-03 16:30:40 +02:00
Andy Polyakov
4e09add6f8 crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.
(cherry picked from commit 006784378d)
2013-07-31 23:52:21 +02:00
Trevor
355a6236be Cosmetic touchups. 2013-07-31 16:38:43 +01:00