|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
2bb83824 |
| 20-Feb-2021 |
FdaSilvaYY |
ssl: rework "e_os.h" inclusions
- Remove e_os.h include from "ssl_local.h"
- Added e_os.h into the files that need it now.
- Move e_os.h to be the very first include
Review
ssl: rework "e_os.h" inclusions
- Remove e_os.h include from "ssl_local.h"
- Added e_os.h into the files that need it now.
- Move e_os.h to be the very first include
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
| #
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
|
| #
125719ba |
| 04-Apr-2024 |
Frederik Wedel-Heinen |
Remove SSL_ENC_FLAG_EXPLICIT_IV which is only set and never read.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github
Remove SSL_ENC_FLAG_EXPLICIT_IV which is only set and never read.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24036)
show more ...
|
| #
a091bc60 |
| 09-Nov-2023 |
Matt Caswell |
Move freeing of an old record layer to dtls1_clear_sent_buffer
When we are clearing the sent messages queue we should ensure we free any
old write record layers that are no longer in use
Move freeing of an old record layer to dtls1_clear_sent_buffer
When we are clearing the sent messages queue we should ensure we free any
old write record layers that are no longer in use. Previously this logic
was in dtls1_hm_fragment_free() - but this can end up freeing the current
record layer under certain error conditions.
Fixes #22664
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22679)
show more ...
|
| #
5f79670f |
| 02-Oct-2023 |
Frederik Wedel-Heinen |
Print record version for DTLSv1_listen()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull
Print record version for DTLSv1_listen()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22241)
show more ...
|
| #
bbaeadb0 |
| 16-Jul-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
"foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tom
"foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
show more ...
|
| #
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
|
| #
24a32254 |
| 20-Feb-2021 |
FdaSilvaYY |
dtls: code cleanup and refactorization
- factorize BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT calls.
- simplify a return type
- style nits
Reviewed-by: Todd Short <todd.short@me.com>
dtls: code cleanup and refactorization
- factorize BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT calls.
- simplify a return type
- style nits
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20602)
show more ...
|
| #
3f9175c7 |
| 14-Nov-2022 |
Matt Caswell |
Extend the new_record_layer function
Add the ability to pass the main secret and length, as well as the
digest used for the KDF.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Extend the new_record_layer function
Add the ability to pass the main secret and length, as well as the
digest used for the KDF.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)
show more ...
|
| #
7ccccb26 |
| 21-Oct-2022 |
Daniel Fiala |
Fix coverity 1516101 deadcode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from htt
Fix coverity 1516101 deadcode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19464)
show more ...
|
| #
b92fc4ae |
| 17-Oct-2022 |
Matt Caswell |
Remove some redundant code
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged f
Remove some redundant code
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
show more ...
|
| #
e158ada6 |
| 17-Oct-2022 |
Matt Caswell |
Remove the old buffer management code
We no longer use the old buffer management code now that it has all been
moved to the new record layer.
Reviewed-by: Richard Levitte <levit
Remove the old buffer management code
We no longer use the old buffer management code now that it has all been
moved to the new record layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
show more ...
|
| #
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
| #
f0131dc0 |
| 29-Aug-2022 |
Pauli |
ssl: modify libssl so that it uses OSSL_TIME
This is instead of time_t and struct timeval. Some public APIs mandate a
presence of these two types, but they are converted to OSSL_TIME in
ssl: modify libssl so that it uses OSSL_TIME
This is instead of time_t and struct timeval. Some public APIs mandate a
presence of these two types, but they are converted to OSSL_TIME internally.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19082)
show more ...
|
| #
cffafb5f |
| 22-Jul-2022 |
Matt Caswell |
Move some fields out of the SSL object and into the record layer object
Fields such as rrlmethod and rrl are entirely related to the record layer,
and so should be in that object.
Move some fields out of the SSL object and into the record layer object
Fields such as rrlmethod and rrl are entirely related to the record layer,
and so should be in that object.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
81c9ebd9 |
| 19-Jul-2022 |
Matt Caswell |
Remove some unnecessary function pointers from OSSL_RECORD_METHOD
We had some temporary function pointers in OSSL_RECORD_METHOD which were
only necessary during the process of refactorin
Remove some unnecessary function pointers from OSSL_RECORD_METHOD
We had some temporary function pointers in OSSL_RECORD_METHOD which were
only necessary during the process of refactoring the read record layer.
These are no longer required so can be removed.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
222cf410 |
| 08-Jun-2022 |
Matt Caswell |
Remove reliance on the SSL object from the DTLS read record layer code
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https:/
Remove reliance on the SSL object from the DTLS read record layer code
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
eddb067e |
| 02-Jun-2022 |
Matt Caswell |
Move some DTLS read code into the read record layer
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl
Move some DTLS read code into the read record layer
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
aedbb71b |
| 18-Apr-2022 |
Matt Caswell |
Move the TLS1.0/1.1/1.2 record crypto code into the new record layer
Only done for the read side so far. Still need to do TLS1.3 and SSL3.0.
Also need to separate out KTLS.
Revi
Move the TLS1.0/1.1/1.2 record crypto code into the new record layer
Only done for the read side so far. Still need to do TLS1.3 and SSL3.0.
Also need to separate out KTLS.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
e2d5742b |
| 07-Apr-2022 |
Matt Caswell |
Transfer the functionality from ssl3_read_n to the new record layer
This transfers the low level function ssl3_read_n to the new record layer.
We temporarily make the read_n function a t
Transfer the functionality from ssl3_read_n to the new record layer
This transfers the low level function ssl3_read_n to the new record layer.
We temporarily make the read_n function a top level record layer function.
Eventually, in later commits in this refactor, we will remove it as a top
level function and it will just be called from read_record.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
| #
38b051a1 |
| 20-Jun-2022 |
Tomas Mraz |
SSL object refactoring using SSL_CONNECTION object
Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented
SSL object refactoring using SSL_CONNECTION object
Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented a QUIC stream.
It requires adding if after every SSL_CONNECTION_FROM_SSL() call
which itself has to be added to almost every public SSL_ API call.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18612)
show more ...
|
| #
d6bfdf67 |
| 10-May-2022 |
Pauli |
ssl: expose the get time function internally
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/
ssl: expose the get time function internally
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18274)
show more ...
|
| #
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
|
| #
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal
Including e_os.h with a path from a header file doesn't work well on
certain exotic platform. It simply fails to build.
Since we don't seem to b
Move e_os.h to include/internal
Including e_os.h with a path from a header file doesn't work well on
certain exotic platform. It simply fails to build.
Since we don't seem to be able to stop ourselves, the better move is
to move e_os.h to an include directory that's part of the inclusion
path given to the compiler.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
| #
b5557666 |
| 25-Jul-2021 |
yangyangtiantianlonglong |
Fix dtls timeout dead code
Delete dtls timeout dead code in dtls1_handle_timeout
Fix: #15559
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@
Fix dtls timeout dead code
Delete dtls timeout dead code in dtls1_handle_timeout
Fix: #15559
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/16151)
show more ...
|
