Commit graph

281 commits

Author SHA1 Message Date
Matt Caswell
e4731f76e2 Fix typo setting up certificate masks
The certificate masks are used to select which ciphersuite we are going to
use. The variables |emask_k| and |emask_a| relate to export grade key
exchange and authentication respecitively. The variables |mask_k| and
|mask_a| are the equivalent versions for non-export grade. This fixes an
instance where the two usages of export/non-export were mixed up. In
practice it makes little difference since it still works!

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit fdfe8b06ae)
2015-05-23 00:01:48 +01:00
Matt Caswell
edc2a76ade Check sk_SSL_CIPHER_new_null return value
If sk_SSL_CIPHER_new_null() returns NULL then ssl_bytes_to_cipher_list()
should also return NULL.

Based on an original patch by mrpre <mrpre@163.com>.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 14def5f537)
2015-05-11 11:53:50 +01:00
David Woodhouse
3edf1b98e0 Add DTLS to SSL_get_version
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 504e643e09)

Conflicts:
	ssl/ssl_lib.c
2015-03-20 12:06:12 +00:00
Matt Caswell
83975c80bb Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

This commit is for the 1.0.2 changes

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:31:48 +00:00
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:31:38 +00:00
Matt Caswell
65a6a1ff45 indent has problems with comments that are on the right hand side of a line.
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Conflicts:
	crypto/bn/bn.h
	crypto/ec/ec_lcl.h
	crypto/rsa/rsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl.h
	ssl/ssl3.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:26:44 +00:00
Matt Caswell
e19d4a99b8 Further comment amendments to preserve formatting prior to source reformat
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)

Conflicts:
	crypto/x509v3/pcy_tree.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:23:50 +00:00
Emilia Kasper
ed736ddd74 Only inherit the session ID context in SSL_set_SSL_CTX if the existing
context was also inherited (matches that of the existing SSL_CTX).

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit ac8e9cbe14)
2015-01-06 23:10:03 +01:00
Adam Langley
d9b277e085 Ensure that the session ID context of an SSL* is updated
when its SSL_CTX is updated.

From BoringSSL commit
https://boringssl.googlesource.com/boringssl/+/a5dc545bbcffd9c24cebe65e9ab5ce72d4535e3a

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 61aa44ca99)
2015-01-05 17:33:02 +01:00
Piotr Sikora
7b0194db42 Fix building with no-srtp
RT3638

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Conflicts:
	ssl/t1_lib.c
2015-01-05 14:28:40 +00:00
Richard Levitte
cd387d21da Clear warnings/errors within CIPHER_DEBUG code sections
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-12-17 14:17:54 +01:00
Matt Caswell
a38ae11c48 Add OPENSSL_NO_ECDH guards
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit af6e2d51bf)
2014-12-16 14:17:12 +00:00
Matt Caswell
9809ab965b Fix memory leak in SSL_new if errors occur.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 76e6509085)
2014-12-08 16:44:09 +00:00
Matt Caswell
05e769f269 Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)
and instead use the value provided by the underlying BIO. Also provide some
new DTLS_CTRLs so that the library user can set the mtu without needing to
know this constant. These new DTLS_CTRLs provide the capability to set the
link level mtu to be used (i.e. including this IP/UDP overhead). The previous
DTLS_CTRLs required the library user to subtract this overhead first.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 59669b6abf)

Conflicts:
	ssl/d1_both.c
2014-12-03 09:31:35 +00:00
Dr. Stephen Henson
1ce95f1960 Copy negotiated parameters in SSL_set_SSL_CTX.
SSL_set_SSL_CTX is used to change the SSL_CTX for SNI, keep the
supported signature algorithms and raw cipherlist.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 14e14bf696)
2014-10-24 14:01:01 +01:00
Bodo Moeller
d60de314f4 When processing ClientHello.cipher_suites, don't ignore cipher suites
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-10-21 22:32:09 +02:00
Bodo Moeller
a46c705214 Support TLS_FALLBACK_SCSV.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15 04:04:55 +02:00
Dr. Stephen Henson
0a4fe37fc6 Custom extension revision.
Use the same structure for client and server custom extensions.

Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit ecf4d66090)

Conflicts:

	ssl/ssl_lib.c
	ssl/ssl_locl.h
	ssl/t1_lib.c
2014-08-28 18:09:05 +01:00
Dr. Stephen Henson
da67a0ae34 Revision of custom extension code.
Move custom extension structures from SSL_CTX to CERT structure.

This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit b83294fe30)

Conflicts:

	ssl/ssl.h
	ssl/ssl_cert.c
	ssl/ssl_locl.h
2014-08-28 17:06:50 +01:00
Dr. Stephen Henson
22db480daf Remove all RFC5878 code.
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs.
2014-07-04 13:42:05 +01:00
Dr. Stephen Henson
e3beef1e1b Remove experimental DANE code.
Remove experimental DANE/dnssec code: not ready for use in an
official release yet.
2014-06-10 14:59:10 +01:00
Kurt Roeckx
1f5bce2dce Check sk_SSL_CIPHER_num() after assigning sk. 2014-05-12 22:59:11 +01:00
Günther Noack
8571902e23 Avoid out-of-bounds write in SSL_get_shared_ciphers
PR: 3317
2014-05-11 23:55:06 +01:00
Dr. Stephen Henson
58b86e4235 Option to set current cert to server certificate.
(cherry picked from commit daddd9a950)
2014-02-23 13:49:21 +00:00
Ben Laurie
a466be6243 Fix typo. 2014-02-23 11:21:39 +00:00
Andy Polyakov
6b3b6beaa1 ssl/ssl_cert.c: DANE update. 2014-02-21 12:12:25 +01:00
Ben Laurie
8acf1ff4b4 More cleanup.
(cherry picked from commit 5eda213ebe)
Conflicts:
	apps/s_client.c
	apps/s_server.c
2014-02-09 08:07:04 -08:00
Scott Deboy
038bec784e Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.

(cherry picked from commit 36086186a9)
Conflicts:
	Configure
	apps/s_client.c
	apps/s_server.c
	ssl/ssl.h
	ssl/ssl3.h
	ssl/ssltest.c
2014-02-08 16:12:15 -08:00
Dr. Stephen Henson
c4f01c533b Add new function SSL_CTX_get_ssl_method().
Partial fix for PR#3183.
(cherry picked from commit ba168244a1)
2014-01-16 14:08:42 +00:00
Dr. Stephen Henson
bf4863b3f5 Verify parameter retrieval functions.
New functions to retrieve internal pointers to X509_VERIFY_PARAM
for SSL_CTX and SSL structures.
2013-12-13 15:29:26 +00:00
Dr. Stephen Henson
2a1b7bd380 New functions to retrieve certificate from SSL_CTX
New functions to retrieve current certificate or private key
from an SSL_CTX.

Constify SSL_get_private_key().
(cherry picked from commit a25f9adc77)
2013-11-18 18:59:18 +00:00
Piotr Sikora
edc687ba0f Fix compilation with no-nextprotoneg.
PR#3106
2013-11-14 01:20:58 +00:00
Ben Laurie
63fe322160 Merge remote-tracking branch 'agl/1.0.2alpn' into agl-alpn
Conflicts:
	ssl/ssl3.h
	ssl/t1_lib.c
2013-10-01 12:20:02 +01:00
Dr. Stephen Henson
1b6ab411d3 Use enc_flags when deciding protocol variations.
Use the enc_flags field to determine whether we should use explicit IV,
signature algorithms or SHA256 default PRF instead of hard coding which
versions support each requirement.
(cherry picked from commit cbd64894ec)

Conflicts:

	ssl/ssl_locl.h
2013-09-18 13:46:02 +01:00
Adam Langley
b0d6f3c58f Support ALPN.
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF
blessed version of NPN and we'll be supporting both ALPN and NPN for
some time yet.

Cherry-picked from 6f017a8f9d.

[1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00
2013-09-13 11:27:22 -04:00
Dr. Stephen Henson
5b430cfc44 Make no-ec compilation work.
(cherry picked from commit 14536c8c9c)
2013-08-19 14:13:38 +01:00
Trevor
355a6236be Cosmetic touchups. 2013-07-31 16:38:43 +01:00
Trevor
e27711cfdd Trying cherrypick:
Add support for arbitrary TLS extensions.

Contributed by Trevor Perrin.

Conflicts:

	CHANGES
	ssl/ssl.h
	ssl/ssltest.c
	test/testssl

Fix compilation due to #endif.

Cherrypicking more stuff.

Cleanup of custom extension stuff.

serverinfo rejects non-empty extensions.

Omit extension if no relevant serverinfo data.

Improve error-handling in serverinfo callback.

Cosmetic cleanups.

s_client documentation.

s_server documentation.

SSL_CTX_serverinfo documentation.

Cleaup -1 and NULL callback handling for custom extensions, add tests.

Cleanup ssl_rsa.c serverinfo code.

Whitespace cleanup.

Improve comments in ssl.h for serverinfo.

Whitespace.

Cosmetic cleanup.

Reject non-zero-len serverinfo extensions.

Whitespace.

Make it build.

Conflicts:

	test/testssl
2013-07-03 11:53:30 +01:00
Andy Polyakov
e815d72b1f RFC6689 support: add missing commit (git noob alert). 2013-05-15 20:41:51 +02:00
Dr. Stephen Henson
e14b8410ca Disable compression for DTLS.
The only standard compression method is stateful and is incompatible with
DTLS.
2013-03-19 13:46:57 +00:00
Dr. Stephen Henson
50b5966e57 Add support for broken protocol tests (backport from master branch) 2013-01-15 16:18:13 +00:00
Dr. Stephen Henson
49ef33fa34 add SSL_CONF functions and documentation (backport from HEAD) 2012-12-29 13:30:56 +00:00
Dr. Stephen Henson
1520e6c084 Add ctrl and utility functions to retrieve raw cipher list sent by client in
client hello message. Previously this could only be retrieved on an initial
connection and it was impossible to determine the cipher IDs of any uknown
ciphersuites.
(backport from HEAD)
2012-12-26 16:25:06 +00:00
Dr. Stephen Henson
67d9dcf003 perform sanity checks on server certificate type as soon as it is received instead of waiting until server key exchange
(backport from HEAD)
2012-12-26 16:22:19 +00:00
Dr. Stephen Henson
ccf6a19e2d Add three Suite B modes to TLS code, supporting RFC6460.
(backport from HEAD)
2012-12-26 16:17:40 +00:00
Dr. Stephen Henson
6660baee66 Make tls1_check_chain return a set of flags indicating checks passed
by a certificate chain. Add additional tests to handle client
certificates: checks for matching certificate type and issuer name
comparison.

Print out results of checks for each candidate chain tested in
s_server/s_client.
(backport from HEAD)
2012-12-26 15:27:44 +00:00
Dr. Stephen Henson
b28fbdfa7d New function ssl_set_client_disabled to set masks for any ciphersuites
that are disabled for this session (as opposed to always disabled by
configuration).
(backport from HEAD)
2012-12-26 14:55:46 +00:00
Dr. Stephen Henson
731abd3bd7 new function SSL_is_server to which returns 1 is the corresponding SSL context is for a server
(backport from HEAD)
2012-12-26 14:45:46 +00:00
Dr. Stephen Henson
623a5e24cb Add certificate callback. If set this is called whenever a certificate
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria: for example
supported signature algorithms. Add very simple example to s_server.
This fixes many of the problems and restrictions of the existing client
certificate callback: for example you can now clear existing certificates
and specify the whole chain.
(backport from HEAD)
2012-12-26 14:43:51 +00:00
Dr. Stephen Henson
484f876235 Add new "valid_flags" field to CERT_PKEY structure which determines what
the certificate can be used for (if anything). Set valid_flags field
in new tls1_check_chain function. Simplify ssl_set_cert_masks which used
to have similar checks in it.

Add new "cert_flags" field to CERT structure and include a "strict mode".
This enforces some TLS certificate requirements (such as only permitting
certificate signature algorithms contained in the supported algorithms
extension) which some implementations ignore: this option should be used
with caution as it could cause interoperability issues.
(backport from HEAD)
2012-12-26 14:26:53 +00:00