eddb067e | 02-Jun-2022 |
Matt Caswell |
Move some DTLS read code into the read record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl
Move some DTLS read code into the read record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
8124ab56 | 25-May-2022 |
Matt Caswell |
Remove some final references to the SSL object in the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://git
Remove some final references to the SSL object in the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
6366bdd9 | 25-May-2022 |
Matt Caswell |
Remove the separation betweeen enc_read_ctx and enc_write_ctx Similarly with read_hash and write_hash. In the new model we have a separate record layer object for reading and writing. Th
Remove the separation betweeen enc_read_ctx and enc_write_ctx Similarly with read_hash and write_hash. In the new model we have a separate record layer object for reading and writing. Therefore we don't need to distinguish between reading and writing inside the record layer object in the encryption and md ctxs. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
ed0e298f | 25-May-2022 |
Matt Caswell |
Enable the record layer to call the ssl_security callback Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/o
Enable the record layer to call the ssl_security callback Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
3c7b9ef9 | 25-May-2022 |
Matt Caswell |
Use a record layer specific message callback Don't use the message callback from the SSL object. Instead we use a wrapper callback so that the record layer does not need to be aware of t
Use a record layer specific message callback Don't use the message callback from the SSL object. Instead we use a wrapper callback so that the record layer does not need to be aware of the SSL object. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
9dd90232 | 25-May-2022 |
Matt Caswell |
Move early data counting out of the SSL object and into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https
Move early data counting out of the SSL object and into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
0755722c | 24-May-2022 |
Matt Caswell |
Move the sequence number into the OSSL_RECORD_LAYER object This removes some references to the SSL object from the record layer. Reviewed-by: Hugo Landau <hlandau@openssl.org> R
Move the sequence number into the OSSL_RECORD_LAYER object This removes some references to the SSL object from the record layer. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
ffbd6e67 | 23-May-2022 |
Matt Caswell |
Remove use of SSL object for fragment length checking in record layer Pass the max fragment length to the record layer when it is applicable to avoid the need to go through the SSL objec
Remove use of SSL object for fragment length checking in record layer Pass the max fragment length to the record layer when it is applicable to avoid the need to go through the SSL object. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
651216dd | 20-May-2022 |
Matt Caswell |
Remove use of ossl_statem_in_error() from the record layer We remove the dependency on the SSL object. Instead we check if the record layer has already set an alert code. Review
Remove use of ossl_statem_in_error() from the record layer We remove the dependency on the SSL object. Instead we check if the record layer has already set an alert code. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
7f2f0ac7 | 20-May-2022 |
Matt Caswell |
Make the record layer directly aware of EtM We no longer have to go through the SSL object to discover whether EtM has been negotiated. Reviewed-by: Hugo Landau <hlandau@openssl
Make the record layer directly aware of EtM We no longer have to go through the SSL object to discover whether EtM has been negotiated. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
88d61680 | 19-May-2022 |
Matt Caswell |
Remove SSL_USE_EXPLICT_IV() from the record layer methods Instead we introduce RLAYER_USE_EXPLICIT_IV(). This removes a dependency on the SSL object. Reviewed-by: Hugo Landau <h
Remove SSL_USE_EXPLICT_IV() from the record layer methods Instead we introduce RLAYER_USE_EXPLICIT_IV(). This removes a dependency on the SSL object. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
9cd9e097 | 19-May-2022 |
Matt Caswell |
Remove some use of SSL object from record layer Remove SSL_IS_TLS13() and hello_retry_request Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@opens
Remove some use of SSL object from record layer Remove SSL_IS_TLS13() and hello_retry_request Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
ac837d4d | 19-May-2022 |
Matt Caswell |
Update the oqs-provider submodule to a more recent commit Also update the oqsprovider.sh file to not run the preptests.sh script which is no longer required Reviewed-by: Hugo La
Update the oqs-provider submodule to a more recent commit Also update the oqsprovider.sh file to not run the preptests.sh script which is no longer required Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
014baa8a | 18-May-2022 |
Matt Caswell |
Disallow SSL2_VERSION record version in an SSLv3 record header When validate_record_header() gets called it should be able to rely on the fact that an SSLv2 record version means that the
Disallow SSL2_VERSION record version in an SSLv3 record header When validate_record_header() gets called it should be able to rely on the fact that an SSLv2 record version means that the record was received in SSLv2 format. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
976b263d | 18-May-2022 |
Matt Caswell |
Fix some no-comp compilation failures Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/
Fix some no-comp compilation failures Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
359affde | 17-May-2022 |
Matt Caswell |
Add support for moving data from one epoch to the next Sometimes data read by a record layer in one epoch is actually intended for the next epoch. For example in a TLS with read_ahead, t
Add support for moving data from one epoch to the next Sometimes data read by a record layer in one epoch is actually intended for the next epoch. For example in a TLS with read_ahead, the read_ahead data could contain a KeyUpdate message followed by application data encrypted with new keys. Therefore we implement a mechanism for passing this data across the epochs. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
f7565348 | 17-May-2022 |
Matt Caswell |
Add a test for read_ahead data crossing a key change If read_ahead is switched on, it should still work even if the data that is read cross epochs. Reviewed-by: Hugo Landau <hla
Add a test for read_ahead data crossing a key change If read_ahead is switched on, it should still work even if the data that is read cross epochs. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
1853d20a | 12-May-2022 |
Matt Caswell |
Remove unneccesary KTLS code from non-KTLS specific files This also moves other protocol specific code to the protocol specific files. Reviewed-by: Hugo Landau <hlandau@openssl.
Remove unneccesary KTLS code from non-KTLS specific files This also moves other protocol specific code to the protocol specific files. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
5b24990b | 12-May-2022 |
Matt Caswell |
Move ktls.c into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1813
Move ktls.c into the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
7c293999 | 12-May-2022 |
Matt Caswell |
Distinguish between fatal and non-fatal errors when creating a record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from ht
Distinguish between fatal and non-fatal errors when creating a record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
cc110a0a | 10-May-2022 |
Matt Caswell |
Implement KTLS in the new read record layer code Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/op
Implement KTLS in the new read record layer code Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
50023e9b | 09-May-2022 |
Matt Caswell |
Move protocol version specific code into separate files Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/ope
Move protocol version specific code into separate files Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
79eebb08 | 06-May-2022 |
Matt Caswell |
Ensure various SSL options are passed down to the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.
Ensure various SSL options are passed down to the record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
2b891e30 | 29-Apr-2022 |
Matt Caswell |
Convert TLSv1.3 code to use the new read side record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/
Convert TLSv1.3 code to use the new read side record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
10560aed | 28-Apr-2022 |
Matt Caswell |
Convert SSLv3 code to use the new read side record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/op
Convert SSLv3 code to use the new read side record layer Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|