generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,324 Commits 16 Branches 258 Tags 86 MiB
68dc682499
Commit Graph

97 Commits

Author SHA1 Message Date
Viktor Dukhovni
61986d32f3 Code style: space after 'if' 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-04-16 13:44:59 -04:00
Matt Caswell
14daae5a62 Move ssl3_record_sequence_update into record layer 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 15:02:00 +00:00
Matt Caswell
de07f311ce Move read_sequence and write_sequence from s->s3 to s->rlayer 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 15:02:00 +00:00
Matt Caswell
bd2e3a9512 Introduce macro RECORD_LAYER_setup_comp_buffer 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 15:01:59 +00:00
Matt Caswell
02a36fdae8 Move more SSL3_RECORD oriented functions into ssl3_record.c 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 15:01:57 +00:00
Matt Caswell
92ffa83d8b Encapsulate s->s3->wrec 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 13:53:07 +00:00
Matt Caswell
258f8721a5 Encapsulate s->s3->rrec 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-26 13:53:07 +00:00
Rich Salz
ca3a82c3b3 free NULL cleanup 
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-03-25 11:31:18 -04:00
Matt Caswell
69f6823748 Fix missing return value checks 
Ensure that all functions have their return values checked where
appropriate. This covers all functions defined and called from within
libssl.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-23 15:23:11 +00:00
Matt Caswell
c9dd49a751 Cleanse buffers 
Cleanse various intermediate buffers used by the PRF.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-11 10:40:44 +00:00
Matt Caswell
35a1cc90bc More comment realignment 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Matt Caswell
e636e2acd7 Fix source where indent will not be able to cope 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:06 +00:00
Matt Caswell
23a22b4cf7 More comments 
Conflicts:
	crypto/dsa/dsa_vrf.c
	crypto/ec/ec2_smpl.c
	crypto/ec/ecp_smpl.c

Conflicts:
	demos/bio/saccept.c
	ssl/d1_clnt.c

Conflicts:
	bugs/dggccbug.c
	demos/tunala/cb.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:06 +00:00
Jonas Maebe
bf8e7047aa ssl3_digest_cached_records: check for NULL after allocating s->s3->handshake_dgst 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-10 18:35:17 +01:00
Dr. Stephen Henson
00b4ee7664 Remove some unnecessary OPENSSL_FIPS references 
FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS
capable.
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:18:43 +00:00
Kurt Roeckx
45f55f6a5b Remove SSLv2 support 
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-04 11:55:03 +01:00
Matt Caswell
fe78f08d15 Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 
PR#1767

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-11-27 21:39:47 +00:00
Bodo Moeller
cf6da05304 Support TLS_FALLBACK_SCSV. 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-10-15 04:03:28 +02:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements 
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 11:49:16 -04:00
Matt Caswell
687721a7dc Fixed incorrect return code handling in ssl3_final_finish_mac. 
Based on an original patch by Joel Sing (OpenBSD) who also originally identified the issue.
 2014-06-13 15:36:20 +01:00
Matt Caswell
043fd64689 Revert "Fixed incorrect return code handling in ssl3_final_finish_mac" 
This reverts commit 2f1dffa88e.

Missing attribution.
 2014-06-13 15:35:20 +01:00
Matt Caswell
2f1dffa88e Fixed incorrect return code handling in ssl3_final_finish_mac 2014-06-10 23:31:50 +01:00
Dr. Stephen Henson
5e3ff62c34 Experimental encrypt-then-mac support. 
Experimental support for encrypt then mac from
draft-gutmann-tls-encrypt-then-mac-02.txt

To enable it set the appropriate extension number (0x10 for the test server)
using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10

For non-compliant peers (i.e. just about everything) this should have no
effect.
 2013-09-08 13:14:03 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Andy Polyakov
dd7e60bd70 ssl/*: revert "remove SSL_RECORD->orig_len" and merge "fix IV". 
Revert is appropriate because binary compatibility is not an issue
in 1.1.
 2013-02-08 10:20:48 +01:00
Andy Polyakov
2aec073a52 ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 
Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c659f)
 2013-02-06 14:19:10 +00:00
Ben Laurie
e33ac0e71d Update DTLS code to match CBC decoding in TLS. 
This change updates the DTLS code to match the constant-time CBC
behaviour in the TLS.
(cherry picked from commit 9f27de170d)
 2013-02-06 14:19:07 +00:00
Ben Laurie
93cab6b319 Don't crash when processing a zero-length, TLS >= 1.1 record. 
The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
(cherry picked from commit 6cb19b7681)
 2013-02-06 14:19:07 +00:00
Ben Laurie
2acc020b77 Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bcc)
 2013-02-06 14:19:07 +00:00
Dr. Stephen Henson
81f57e5a69 oops, typo 2012-08-28 23:19:25 +00:00
Dr. Stephen Henson
1cf218bcaa New compile time option OPENSSL_SSL_TRACE_CRYPTO, when set this passes 
all derived keys to the message callback.

Add code to SSL_trace to include support for printing out keys.
 2012-08-28 23:17:28 +00:00
Dr. Stephen Henson
27dfffd5b7 Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 23:16:15 +00:00
Dr. Stephen Henson
8f119a0357 set FIPS permitted flag before initalising digest 2011-05-31 16:24:19 +00:00
Dr. Stephen Henson
f37f20ffd3 PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2011-05-20 14:56:29 +00:00
Dr. Stephen Henson
086e32a6c7 Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:09:02 +00:00
Dr. Stephen Henson
7409d7ad51 Initial incomplete TLS v1.2 support. New ciphersuites added, new version 
checking added, SHA256 PRF support added.

At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.
 2011-04-29 22:56:51 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
220bd84911 Updates from 1.0.0-stable 2009-04-06 15:22:01 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Ben Laurie
85e878f224 Die earlier if hash is NULL. (Coverity IDs 137 & 138). 2008-12-29 11:54:56 +00:00
Ben Laurie
0e941da6fa Die earlier if we have no hash function. 2008-12-29 11:46:44 +00:00
Ben Laurie
6ba71a7173 Handle the unlikely event that BIO_get_mem_data() returns -ve. 2008-12-27 02:00:38 +00:00
Dr. Stephen Henson
8164032a2e Fix warnings: computed value not use, incompatible pointer initialization 
and cast from pointer to int of different size (linux-x86_64 and align).
 2007-09-07 13:03:25 +00:00
Dr. Stephen Henson
81025661a9 Update ssl code to support digests other than MD5+SHA1 in handshake. 
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
 2007-08-31 12:42:53 +00:00
Dr. Stephen Henson
b948e2c59e Update ssl library to support EVP_PKEY MAC API. Include generic MAC support. 2007-06-04 17:04:40 +00:00
Bodo Möller
52b8dad8ec Reorganize the data used for SSL ciphersuite pattern matching. 
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).

In some cases the ciphersuite list generated from a given string is
affected by this change.  I hope this is just in those cases where the
previous behaviour did not make sense.
 2007-02-17 06:45:38 +00:00
Nils Larsch
cc684e330b ensure that the EVP_CIPHER_CTX object is initialized 
PR: 1490
 2007-02-16 20:34:15 +00:00
Nils Larsch
ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00