Commit graph

262 commits

Author SHA1 Message Date
Matt Caswell
a3680c8f9c Version negotiation rewrite cleanup
Following the version negotiation rewrite all of the previous code that was
dedicated to version negotiation can now be deleted - all six source files
of it!!

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-05-16 09:20:38 +01:00
Matt Caswell
32ec41539b Server side version negotiation rewrite
This commit changes the way that we do server side protocol version
negotiation. Previously we had a whole set of code that had an "up front"
state machine dedicated to the negotiating the protocol version. This adds
significant complexity to the state machine. Historically the justification
for doing this was the support of SSLv2 which works quite differently to
SSLv3+. However, we have now removed support for SSLv2 so there is little
reason to maintain this complexity.

The one slight difficulty is that, although we no longer support SSLv2, we
do still support an SSLv3+ ClientHello in an SSLv2 backward compatible
ClientHello format. This is generally only used by legacy clients. This
commit adds support within the SSLv3 code for these legacy format
ClientHellos.

Server side version negotiation now works in much the same was as DTLS,
i.e. we introduce the concept of TLS_ANY_VERSION. If s->version is set to
that then when a ClientHello is received it will work out the most
appropriate version to respond with. Also, SSLv23_method and
SSLv23_server_method have been replaced with TLS_method and
TLS_server_method respectively. The old SSLv23* names still exist as
macros pointing at the new name, although they are deprecated.

Subsequent commits will look at client side version negotiation, as well of
removal of the old s23* code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-05-16 09:19:56 +01:00
Matt Caswell
55a9a16f1c Remove Kerberos support from libssl
Remove RFC2712 Kerberos support from libssl. This code and the associated
standard is no longer considered fit-for-purpose.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-13 15:07:57 +01:00
Rich Salz
9a555706a3 Make COMP_CTX and COMP_METHOD opaque
Since COMP_METHOD is now defined in comp_lcl.h, it is no
longer possible to create new TLS compression methods without
using the OpenSSL source.  Only ZLIB is supported by default.
Also, since the types are opaque, #ifdef guards to use "char *"
instead of the real type aren't necessary.

The changes are actually minor.  Adding missing copyright to some
files makes the diff misleadingly big.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-05-12 10:24:48 -04:00
Matt Caswell
c427570e50 Sanity check the return from final_finish_mac
The return value is checked for 0. This is currently safe but we should
really check for <= 0 since -1 is frequently used for error conditions.
Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
Matt Caswell
c99c4c11a2 Renamed record layer header files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
44cc35d382 Reorganise header files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
3bb8f87d2d Move last_write_sequence from s->d1 to s->rlayer.d.
Also push some usage of last_write_sequence out of dtls1_retransmit_message
and into the record layer.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
14daae5a62 Move ssl3_record_sequence_update into record layer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
24a1e2f2ec Move buffered_app_data from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
c661ac1689 Move handshake_fragment, handshake_fragment_len, alert_fragment and
alert_fragment_len from s->d1 to s->rlayer.d

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
cb2ce7abfd Moved processed_rcds and unprocessed_rcds from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
91f93f69ef Move bitmap and next_bitmap from s->d1 to s->rlayer.d.
Create dtls_bitmap.h and dtls_bitmap.c

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
78a39fe735 Move r_epoch and w_epoch from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
bb4203d97e Move DTLS1_RECORD_DATA into rec_layer.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
de07f311ce Move read_sequence and write_sequence from s->s3 to s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
f8caa3c813 Move s->s3->wpend_* to s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
4aa7389e6c Move handshake_fragment, handshake_fragment_len, alert_fragment and
alert_fragment_len from s->s3 into s->rlayer

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
e2228d318c Move s->s3->wnum to s->rlayer.wnum
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
295c3f4111 Move s->rstate to s->rlayer.rstate
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
7a7048aff0 Move s->packet and s->packet_length into s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
2c60ed0452 Removed dependency on rrec from heartbeat processing
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
d5a25ae0de Move ssl3_pending into the record layer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
999005e493 Moved s3_pkt.c, s23_pkt.c and d1_pkt.c into the record layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
c103c7e266 Split out non record layer functions out of s3_pkt.c and d1_pkt.c into
the new files s3_msg.c and s1_msg.c respectively.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
02a36fdae8 Move more SSL3_RECORD oriented functions into ssl3_record.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:57 +00:00
Matt Caswell
fe589e6175 Move SSL3_RECORD oriented functions into ssl3_record.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:58:51 +00:00
Matt Caswell
7604202070 Move SSL3_BUFFER set up and release code into ssl3_buffer.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:56:10 +00:00
Matt Caswell
4e08d4a84c Move s->s3->wrec to s>rlayer>wrec
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
cd986e5586 Move s->s3->rrec to s->rlayer->rrec
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
258f8721a5 Encapsulate s->s3->rrec
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
ab97b2cd43 Move s->s3->wbuf to s->rlayer->wbuf
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
33d23b87a0 Move s->s3->rrec into s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
28d59af874 Encapsulate SSL3_BUFFER and all access to s->s3->rbuf.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
52e1d7b152 Create a RECORD_LAYER structure and move read_ahead into it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
17dd65e6e1 Resolve swallowed returns codes
The recent updates to libssl to enforce stricter return code checking, left
a small number of instances behind where return codes were being swallowed
(typically because the function they were being called from was declared as
void). This commit fixes those instances to handle the return codes more
appropriately.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 18:52:13 +00:00
Matt Caswell
77d514c5a0 ssl3_set_handshake_header returns
Change ssl_set_handshake_header from return void to returning int, and
handle error return code appropriately.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-23 15:23:24 +00:00
Matt Caswell
4bcdb4a601 Check libssl function returns
Mark most functions returning a result defined in any libssl header file
with __owur to warn if they are used without checking the return value.
Use -DUNUSED_RETURN compiler flag with gcc to activate these warnings.
Some functions returning a result are skipped if it is common and valid to
use these functions without checking the return value.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-23 15:23:00 +00:00
Kurt Roeckx
2c3823491d Remove ssl_cert_inst()
It created the cert structure in SSL_CTX or SSL if it was NULL, but they can
never be NULL as the comments already said.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-03-15 12:15:08 +01:00
Rich Salz
10bf4fc2c3 Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
Suggested by John Foley <foleyj@cisco.com>.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-11 09:29:37 -04:00
Matt Caswell
75ea3632bd Make tlsext_tick_lifetime_hint an unsigned long (from signed long).
From RFC4507:
"The ticket_lifetime_hint field contains a hint from the server about how
long the ticket should be stored.  The value indicates the lifetime in
seconds as a 32-bit unsigned integer in network byte order."

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-10 22:53:24 +00:00
Dr. Stephen Henson
c660ec63a8 Rewrite ssl3_send_client_key_exchange to support extms.
Rewrite ssl3_send_client_key_exchange to retain the premaster secret
instead of using it immediately.

This is needed because the premaster secret is used after the client key
exchange message has been sent to compute the extended master secret.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-02-03 14:50:07 +00:00
Dr. Stephen Henson
48fbcbacd2 Utility function to retrieve handshake hashes.
Retrieve handshake hashes in a separate function. This tidies the existing
code and will be used for extended master secret generation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-02-03 14:50:07 +00:00
Dr. Stephen Henson
6f152a15d4 Add flags field to SSL_SESSION.
Add a "flags" field to SSL_SESSION. This will contain various flags
such as encrypt-then-mac and extended master secret support.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-02-03 14:50:07 +00:00
Matt Caswell
b6ba401497 Make libssl opaque. Move all structures that were previously protected by
OPENSSL_NO_SSL_INTERN into internal header files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-31 18:06:45 +00:00
Rich Salz
63c574f6a6 OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS
Remove OPENSSL_NO_BUF_FREELISTS. This was turned on by default,
so the work here is removing the 'maintain our own freelist' code.
Also removed a minor old Windows-multibyte/widechar conversion flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-27 16:43:53 -05:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
68d39f3ce6 Move more comments that confuse indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00