#
5b24990b |
| 12-May-2022 |
Matt Caswell |
Move ktls.c into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1813
Move ktls.c into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
#
50023e9b |
| 09-May-2022 |
Matt Caswell |
Move protocol version specific code into separate files Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/ope
Move protocol version specific code into separate files Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
#
4840c2a5 |
| 19-Apr-2022 |
Matt Caswell |
Move Record layer methods code into a sub-directory Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl
Move Record layer methods code into a sub-directory Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
#
34a4068c |
| 07-Apr-2022 |
Matt Caswell |
Add a skeleton TLS record method It doesn't yet do anything. This is a placeholder which will be filled in by susbsequent commits. Reviewed-by: Hugo Landau <hlandau@openssl.org>
Add a skeleton TLS record method It doesn't yet do anything. This is a placeholder which will be filled in by susbsequent commits. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
#
e6be47e4 |
| 10-May-2022 |
Pauli |
ssl: implement an event queue Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18345)
|
#
d6bfdf67 |
| 10-May-2022 |
Pauli |
ssl: expose the get time function internally Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/
ssl: expose the get time function internally Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
show more ...
|
#
4bb1fdf7 |
| 12-Nov-2021 |
Pauli |
build.info changes for priority queue Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18
build.info changes for priority queue Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
show more ...
|
#
99e1cc7b |
| 13-May-2022 |
Tomas Mraz |
Add empty implementations of quic method functions Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/ope
Add empty implementations of quic method functions Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18307)
show more ...
|
#
416d0a63 |
| 23-May-2022 |
Hugo Landau |
QUIC wire format support Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18382)
|
#
eaa39eb6 |
| 11-Jun-2021 |
Tomas Mraz |
Do not duplicate symbols between libcrypto and libssl in static builds Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from http
Do not duplicate symbols between libcrypto and libssl in static builds Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15714)
show more ...
|
#
407820c0 |
| 31-May-2021 |
Pauli |
tls: remove TODOs Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
848af5e8 |
| 06-May-2021 |
Richard Levitte |
Drop libimplementations.a libimplementations.a was a nice idea, but had a few flaws: 1. The idea to have common code in libimplementations.a and FIPS sensitive helper funct
Drop libimplementations.a libimplementations.a was a nice idea, but had a few flaws: 1. The idea to have common code in libimplementations.a and FIPS sensitive helper functions in libfips.a / libnonfips.a didn't catch on, and we saw full implementation ending up in them instead and not appearing in libimplementations.a at all. 2. Because more or less ALL algorithm implementations were included in libimplementations.a (the idea being that the appropriate objects from it would be selected automatically by the linker when building the shared libraries), it's very hard to find only the implementation source that should go into the FIPS module, with the result that the FIPS checksum mechanism include source files that it shouldn't To mitigate, we drop libimplementations.a, but retain the idea of collecting implementations in static libraries. With that, we not have: libfips.a Includes all implementations that should become part of the FIPS provider. liblegacy.a Includes all implementations that should become part of the legacy provider. libdefault.a Includes all implementations that should become part of the default and base providers. With this, libnonfips.a becomes irrelevant and is dropped. libcommon.a is retained to include common provider code that can be used uniformly by all providers. Fixes #15157 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15171)
show more ...
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
#
f5a46ed7 |
| 12-Nov-2020 |
Richard Levitte |
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be removed when those functions are finally removed. This also reduces include/openssl/kdferr.h to include cryptoerr_legacy.h, moves the declaration of ERR_load_ERR_strings() from include/openssl/err.h to include/openssl/cryptoerr_legacy.h, and finally removes the declaration of ERR_load_DSO_strings(), which was entirely internal anyway. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
show more ...
|
Revision tags: openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
d7e498ac |
| 04-Oct-2020 |
Richard Levitte |
Deprecate RSA harder This deprecates all functions that deal with the types RSA and RSA_METHOD Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/open
Deprecate RSA harder This deprecates all functions that deal with the types RSA and RSA_METHOD Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13096)
show more ...
|
#
301fcb28 |
| 14-Oct-2020 |
Matt Caswell |
Concentrate deprecated libssl API usage in one file We create a new file ssl/tls_depr.c to contain functions that need to call deprecated APIs in libssl. This enables us to remove OP
Concentrate deprecated libssl API usage in one file We create a new file ssl/tls_depr.c to contain functions that need to call deprecated APIs in libssl. This enables us to remove OPENSSL_SUPPRESS_DEPRECATED from a number of other libssl files. The deprecated API usage is either related to ENGINEs and is needed to continue to support applications that use such ENGINEs. Or they are needed to support some deprecated public libssl APIs. One other file remains in libssl that still uses deprecated APIs: s3_cbc.c This is needed to support the deprecated SSLv3. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13135)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
5c97eeb7 |
| 06-Sep-2020 |
Pauli |
TLS fixes for CBC mode and no-deprecated Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961)
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
3fddbb26 |
| 30-Jul-2020 |
Matt Caswell |
Add an HMAC implementation that is TLS aware The TLS HMAC implementation should take care to calculate the MAC in constant time in the case of MAC-Then-Encrypt where we have a variable
Add an HMAC implementation that is TLS aware The TLS HMAC implementation should take care to calculate the MAC in constant time in the case of MAC-Then-Encrypt where we have a variable amount of padding. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12732)
show more ...
|
#
c7b46b54 |
| 27-Jul-2020 |
John Baldwin |
Move KTLS inline functions only used by libssl into ssl/ktls.c. These functions are a bit large to inline and are not usable outside of libssl. Reviewed-by: Tomas Mraz <tmraz@fe
Move KTLS inline functions only used by libssl into ssl/ktls.c. These functions are a bit large to inline and are not usable outside of libssl. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12111)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
e71fd827 |
| 27-May-2020 |
Matt Caswell |
Add provider support for TLS CBC padding and MAC removal The previous commits separated out the TLS CBC padding code in libssl. Now we can use that code to directly support TLS CBC paddi
Add provider support for TLS CBC padding and MAC removal The previous commits separated out the TLS CBC padding code in libssl. Now we can use that code to directly support TLS CBC padding and MAC removal in provided ciphers. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12288)
show more ...
|
#
ebacd57b |
| 10-Jun-2020 |
Matt Caswell |
Split the padding/mac removal functions out into a separate file We split these functions out into a separate file because we are preparing to make this file shared between libssl and pr
Split the padding/mac removal functions out into a separate file We split these functions out into a separate file because we are preparing to make this file shared between libssl and providers. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12288)
show more ...
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
d9542276 |
| 12-Aug-2019 |
Matt Caswell |
If we are multiblock capable make sure we use it Recent changes to the assembler defines meant that they weren't being set for libssl code. This resulted in the multiblock code never bei
If we are multiblock capable make sure we use it Recent changes to the assembler defines meant that they weren't being set for libssl code. This resulted in the multiblock code never being used. Fixes #9571 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9574)
show more ...
|
#
0d345f0e |
| 07-Jun-2019 |
Matt Caswell |
Make the PACKET/WPACKET code available to both libcrypto and libssl Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9111)
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
b443c845 |
| 04-Apr-2017 |
Matt Caswell |
Move ssl/t1_ext.c to ssl/statem/extensions_cust.c Brings all the extensions code together. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/ope
Move ssl/t1_ext.c to ssl/statem/extensions_cust.c Brings all the extensions code together. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3139)
show more ...
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
#
6dd083fd |
| 25-Nov-2016 |
Matt Caswell |
Move client parsing of ServerHello extensions into new framework Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: Rich Salz <rsalz@o
Move client parsing of ServerHello extensions into new framework Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL-fips-2_0_15 |
|
#
25670f3e |
| 24-Nov-2016 |
Matt Caswell |
Split extensions code into core extensions and server extensions code Later we will have client extensions code too. Perl changes reviewed by Richard Levitte. Non-perl changes revie
Split extensions code into core extensions and server extensions code Later we will have client extensions code too. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|