#
54bd1f24 |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: Validate preferred_addr transport parameter Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@o
QUIC CONFORMANCE: Validate preferred_addr transport parameter Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
5cc73695 |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: RFC 9000 s. 19.15: NEW_CONNECTION_ID frames Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@o
QUIC CONFORMANCE: RFC 9000 s. 19.15: NEW_CONNECTION_ID frames Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
212616ed |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: RFC 9000 s. 17.2.5.1 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged
QUIC CONFORMANCE: RFC 9000 s. 17.2.5.1 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
fd0d5932 |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: RFC 9000 s. 17.2.2: Enforce no initial token from server Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul
QUIC CONFORMANCE: RFC 9000 s. 17.2.2: Enforce no initial token from server Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
08cb9a83 |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: Enforce packet header reserved bits Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.o
QUIC CONFORMANCE: Enforce packet header reserved bits Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
5a1b1d2b |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN Limit Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN Limit Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
dfe5e7fa |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression Make sure PN duplicate suppression is side-channel safe by doing the duplicate test after AEAD verification. Reviewe
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression Make sure PN duplicate suppression is side-channel safe by doing the duplicate test after AEAD verification. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
0911cb4a |
| 06-Jun-2023 |
Hugo Landau |
QUIC CONFORMANCE: Packet handling fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merge
QUIC CONFORMANCE: Packet handling fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
2f018d14 |
| 06-Jun-2023 |
Hugo Landau |
QUIC QSM/STREAM: Refactor to use RFC stream states Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
QUIC QSM/STREAM: Refactor to use RFC stream states Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
9c3ea4e1 |
| 30-May-2023 |
Tomas Mraz |
QUIC err handling: Save and restore error state We save the error state from the thread that encountered a permanent error condition caused by system or internal error to the QUIC_CH
QUIC err handling: Save and restore error state We save the error state from the thread that encountered a permanent error condition caused by system or internal error to the QUIC_CHANNEL. Then we restore it whenever we are returning to a user call when protocol is shutdown. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21087)
show more ...
|
#
5c3474ea |
| 26-May-2023 |
Tomas Mraz |
QUIC err handling: Properly report network errors We return SSL_ERROR_SYSCALL when network error is encountered. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Lan
QUIC err handling: Properly report network errors We return SSL_ERROR_SYSCALL when network error is encountered. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21087)
show more ...
|
#
db2f98c4 |
| 03-Jul-2023 |
Hugo Landau |
Rework options handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://g
Rework options handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20061)
show more ...
|
#
9280d26a |
| 16-Jan-2023 |
Hugo Landau |
QUIC: Implement SSL_has_pending Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from h
QUIC: Implement SSL_has_pending Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20061)
show more ...
|
#
6ba2edb7 |
| 28-Jun-2023 |
Tomas Mraz |
Cleanse also the send stream data with SSL_OP_CLEANSE_PLAINTEXT QUIC differs from TLS in this regard because it buffers the data to be sent. TLS just encrypts the data to send in place.
Cleanse also the send stream data with SSL_OP_CLEANSE_PLAINTEXT QUIC differs from TLS in this regard because it buffers the data to be sent. TLS just encrypts the data to send in place. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21311)
show more ...
|
#
27195689 |
| 13-Jun-2023 |
Matt Caswell |
Before we do anything the ping deadline is infinite Needed for tserver so that it the deadline isn't immediate before we've accepted a connection. Reviewed-by: Tomas Mraz <tomas
Before we do anything the ping deadline is infinite Needed for tserver so that it the deadline isn't immediate before we've accepted a connection. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21204)
show more ...
|
#
a02571a0 |
| 12-Jun-2023 |
Tomas Mraz |
Support SSL_OP_CLEANSE_PLAINTEXT on QUIC streams Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/opens
Support SSL_OP_CLEANSE_PLAINTEXT on QUIC streams Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21182)
show more ...
|
#
692a3cab |
| 12-Jun-2023 |
Hugo Landau |
QUIC: Minor fixups Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github
QUIC: Minor fixups Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
29a541fe |
| 23-May-2023 |
Hugo Landau |
QUIC CHANNEL: Inform the ACKM when the handshake is confirmed Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@o
QUIC CHANNEL: Inform the ACKM when the handshake is confirmed Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
37ba2bc7 |
| 23-May-2023 |
Hugo Landau |
QUIC CHANNEL: Optimise key update using ACKs Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (
QUIC CHANNEL: Optimise key update using ACKs Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
16f3b542 |
| 23-May-2023 |
Hugo Landau |
QUIC: Add internal APIs for white-box testing of key update Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@ope
QUIC: Add internal APIs for white-box testing of key update Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
48120ea5 |
| 23-May-2023 |
Hugo Landau |
QUIC CHANNEL: Enforce the RX packet forgery limit Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
QUIC CHANNEL: Enforce the RX packet forgery limit Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
c93f7668 |
| 23-May-2023 |
Hugo Landau |
QUIC RXDP: Strictly enforce ACK PNs with regard to TX key epochs Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul
QUIC RXDP: Strictly enforce ACK PNs with regard to TX key epochs Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
54fb0072 |
| 23-May-2023 |
Hugo Landau |
QUIC CHANNEL: Ensure new packets aren't enforced with old keys Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@
QUIC CHANNEL: Ensure new packets aren't enforced with old keys Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
8a65e7a5 |
| 23-May-2023 |
Hugo Landau |
QUIC CHANNEL: Handle key updates correctly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Me
QUIC CHANNEL: Handle key updates correctly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|
#
a3a51d6e |
| 23-May-2023 |
Hugo Landau |
QUIC TXP: Refactor status output to use an extensible structure Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli
QUIC TXP: Refactor status output to use an extensible structure Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
show more ...
|