Matt Caswell
55a9a16f1c
Remove Kerberos support from libssl
...
Remove RFC2712 Kerberos support from libssl. This code and the associated
standard is no longer considered fit-for-purpose.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-13 15:07:57 +01:00
Rich Salz
16f8d4ebf0
memset, memcpy, sizeof consistency fixes
...
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy. Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3
Use safer sizeof variant in malloc
...
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
25aaa98aa2
free NULL cleanup -- coda
...
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Ben Laurie
dc2a1af86a
u_len may be unused.
...
Reviewed-by: Andy Polyakov
2015-05-01 17:46:17 +01:00
Rich Salz
b548a1f11c
free null cleanup finale
...
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Matt Caswell
c826988109
Sanity check EVP_CTRL_AEAD_TLS_AAD
...
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
Matt Caswell
fb45690275
Remove redundant includes from dtls1.h
...
There were a set of includes in dtls1.h which are now redundant due to the
libssl opaque work. This commit removes those includes, which also has the
effect of resolving one issue preventing building on windows (i.e. the
include of winsock.h)
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 11:34:51 +01:00
Viktor Dukhovni
61986d32f3
Code style: space after 'if'
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Matt Caswell
4118dfdcc8
Fix read_ahead issue
...
Fix a "&" that should have been "!" when processing read_ahead.
RT#3793
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-10 16:21:20 +01:00
Matt Caswell
747e16398d
Clean up record layer
...
Fix up various things that were missed during the record layer work. All
instances where we are breaking the encapsulation rules.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-31 14:39:31 +01:00
Matt Caswell
ee3ef9cbe9
Add Record Layer documentation
...
Add some design documentation on how the record layer works to aid future
maintenance.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:28 +00:00
Matt Caswell
6f7ae319df
Fix formatting oddities
...
Fix some formatting oddities in rec_layer_d1.c.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:28 +00:00
Matt Caswell
d2200cafd4
Fix record.h formatting
...
Fix some strange formatting in record.h. This was probably originally
introduced as part of the reformat work.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:26:26 +00:00
Matt Caswell
e5bf62f716
Define SEQ_NUM_SIZE
...
Replace the hard coded value 8 (the size of the sequence number) with a
constant defined in a macro.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 17:25:48 +00:00
Matt Caswell
1711f8de45
Rename record layer source files
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
9e7ba3b2a2
Remove some unneccessary macros
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
c99c4c11a2
Renamed record layer header files
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
44cc35d382
Reorganise header files
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
cca52a844f
Remove last trace of non-record layer code reading and writing sequence
...
numbers directly
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:01 +00:00
Matt Caswell
3bb8f87d2d
Move last_write_sequence from s->d1 to s->rlayer.d.
...
Also push some usage of last_write_sequence out of dtls1_retransmit_message
and into the record layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
14daae5a62
Move ssl3_record_sequence_update into record layer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
24a1e2f2ec
Move buffered_app_data from s->d1 to s->rlayer.d
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
c661ac1689
Move handshake_fragment, handshake_fragment_len, alert_fragment and
...
alert_fragment_len from s->d1 to s->rlayer.d
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
5fb6f80cdf
Fix seg fault in dtls1_new
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
cb2ce7abfd
Moved processed_rcds and unprocessed_rcds from s->d1 to s->rlayer.d
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
91f93f69ef
Move bitmap and next_bitmap from s->d1 to s->rlayer.d.
...
Create dtls_bitmap.h and dtls_bitmap.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
78a39fe735
Move r_epoch and w_epoch from s->d1 to s->rlayer.d
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
40f37188a6
Introduce a DTLS_RECORD_LAYER type for DTLS record layer state
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
bb4203d97e
Move DTLS1_RECORD_DATA into rec_layer.h
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
de07f311ce
Move read_sequence and write_sequence from s->s3 to s->rlayer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
f8caa3c813
Move s->s3->wpend_* to s->rlayer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
4aa7389e6c
Move handshake_fragment, handshake_fragment_len, alert_fragment and
...
alert_fragment_len from s->s3 into s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
e2228d318c
Move s->s3->wnum to s->rlayer.wnum
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
295c3f4111
Move s->rstate to s->rlayer.rstate
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
7a7048aff0
Move s->packet and s->packet_length into s->rlayer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
24a90afd85
Remove unneccessary use of accessor function now code is moved into record
...
layer
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
88c2303948
Make rrec, wrec, rbuf and wbuf fully private to the record layer. Also, clean
...
up some access to them. Now that various functions have been moved into the
record layer they no longer need to use the accessor macros.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
2c60ed0452
Removed dependency on rrec from heartbeat processing
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:02:00 +00:00
Matt Caswell
bd2e3a9512
Introduce macro RECORD_LAYER_setup_comp_buffer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
d5a25ae0de
Move ssl3_pending into the record layer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
c036e210f3
Remove RECORD_LAYER_set_ssl and introduce RECORD_LAYER_init
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
bbcd6d7fe2
Provide RECORD_LAYER_set_data function
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
f161995e0e
Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and
...
RECORD_LAYER_write_pending.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
af9752e5fa
Create RECORD_LAYER_clear function.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
a0682a5e26
Tidy up rec_layer.h. Add some comments regarding which functions should be
...
being used for what purpose.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
999005e493
Moved s3_pkt.c, s23_pkt.c and d1_pkt.c into the record layer.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:59 +00:00
Matt Caswell
02a36fdae8
Move more SSL3_RECORD oriented functions into ssl3_record.c
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 15:01:57 +00:00
Matt Caswell
fe589e6175
Move SSL3_RECORD oriented functions into ssl3_record.c
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:58:51 +00:00
Matt Caswell
7604202070
Move SSL3_BUFFER set up and release code into ssl3_buffer.c
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:56:10 +00:00
Matt Caswell
4e08d4a84c
Move s->s3->wrec to s>rlayer>wrec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
92ffa83d8b
Encapsulate s->s3->wrec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
cd986e5586
Move s->s3->rrec to s->rlayer->rrec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
258f8721a5
Encapsulate s->s3->rrec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
ab97b2cd43
Move s->s3->wbuf to s->rlayer->wbuf
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
db9a32e719
Encapsulate access to s->s3->wbuf
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
33d23b87a0
Move s->s3->rrec into s->rlayer
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
28d59af874
Encapsulate SSL3_BUFFER and all access to s->s3->rbuf.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00
Matt Caswell
52e1d7b152
Create a RECORD_LAYER structure and move read_ahead into it.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 13:53:07 +00:00