#
5ea4d764 |
| 18-Jun-2021 |
Pauli |
ssl: replace tabs with spaces Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1582
ssl: replace tabs with spaces Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15824)
show more ...
|
#
407820c0 |
| 31-May-2021 |
Pauli |
tls: remove TODOs Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
#
3f987381 |
| 20-May-2021 |
Dmitry Belyavskiy |
Cleanup the peer point formats on regotiation Fixes #14875 Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.co
Cleanup the peer point formats on regotiation Fixes #14875 Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15383)
show more ...
|
#
efe0f315 |
| 30-Mar-2021 |
Benjamin Kaduk |
Improve RFC 8446 PSK key exchange mode compliance It's a MUST-level requirement that if the client sends a pre_shared_key extension not accompanied by a psk_key_exchange_modes extension,
Improve RFC 8446 PSK key exchange mode compliance It's a MUST-level requirement that if the client sends a pre_shared_key extension not accompanied by a psk_key_exchange_modes extension, the server must abort the handshake. Prior to this commit the server would continue on. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14749)
show more ...
|
#
650c6687 |
| 26-Mar-2021 |
Randall S. Becker |
Corrected missing definitions from NonStop SPT build. This change includes swapping the PUT and SPT configuration, includes of sys/stat.h and sys/types.h in the correct scope to be p
Corrected missing definitions from NonStop SPT build. This change includes swapping the PUT and SPT configuration, includes of sys/stat.h and sys/types.h in the correct scope to be picked up by SPT definitions. Fixes: #14698 Fixes: #14734 CLA: The author has the permission to grant the OpenSSL Team the right to use this change. Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14736)
show more ...
|
#
39a14059 |
| 18-Mar-2021 |
Matt Caswell |
Ensure buffer/length pairs are always in sync Following on from CVE-2021-3449 which was caused by a non-zero length associated with a NULL buffer, other buffer/length pairs are updated t
Ensure buffer/length pairs are always in sync Following on from CVE-2021-3449 which was caused by a non-zero length associated with a NULL buffer, other buffer/length pairs are updated to ensure that they too are always in sync. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
show more ...
|
#
02b1636f |
| 15-Mar-2021 |
Peter Kaestle |
ssl sigalg extension: fix NULL pointer dereference As the variable peer_sigalgslen is not cleared on ssl rehandshake, it's possible to crash an openssl tls secured server remotely by sen
ssl sigalg extension: fix NULL pointer dereference As the variable peer_sigalgslen is not cleared on ssl rehandshake, it's possible to crash an openssl tls secured server remotely by sending a manipulated hello message in a rehandshake. On such a manipulated rehandshake, tls1_set_shared_sigalgs() calls tls12_shared_sigalgs() with the peer_sigalgslen of the previous handshake, while the peer_sigalgs has been freed. As a result tls12_shared_sigalgs() walks over the available peer_sigalgs and tries to access data of a NULL pointer. This issue was introduced by c589c34e61 (Add support for the TLS 1.3 signature_algorithms_cert extension, 2018-01-11). Signed-off-by: Peter Kästle <peter.kaestle@nokia.com> Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com> CVE-2021-3449 CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
#
d38b6ae9 |
| 02-Mar-2021 |
Pauli |
ssl: support params arguments to init functions Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
|
#
462f4f4b |
| 15-Jan-2021 |
Matt Caswell |
Remove OPENSSL_NO_EC guards from libssl Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
|
#
ddf8f1ce |
| 13-Jan-2021 |
Matt Caswell |
Ensure default supported groups works even with no-ec and no-dh The default supported groups code was disabled in the event of a build with no-ec and no-dh. However now that providers ca
Ensure default supported groups works even with no-ec and no-dh The default supported groups code was disabled in the event of a build with no-ec and no-dh. However now that providers can add there own groups (which might not fit into either of these categories), this is no longer appropriate. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
show more ...
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
#
42141197 |
| 02-Nov-2020 |
anupamam13 |
Fix for negative return value from `SSL_CTX_sess_accept()` Fixes #13183 From the original issue report, before this commit, on master and on 1.1.1, the issue can be detected wit
Fix for negative return value from `SSL_CTX_sess_accept()` Fixes #13183 From the original issue report, before this commit, on master and on 1.1.1, the issue can be detected with the following steps: - Start with a default SSL_CTX, initiate a TLS 1.3 connection with SNI, "Accept" count of default context gets incremented - After servername lookup, "Accept" count of default context gets decremented and that of SNI context is incremented - Server sends a "Hello Retry Request" - Client sends the second "Client Hello", now again "Accept" count of default context is decremented. Hence giving a negative value. This commit fixes it by adding a check on `s->hello_retry_request` in addition to `SSL_IS_FIRST_HANDSHAKE(s)`, to ensure the counter is moved only on the first ClientHello. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13297)
show more ...
|
#
a7e6a3d8 |
| 01-Dec-2020 |
Pauli |
tag unused function arguments as ossl_unused Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13577)
|
#
c48ffbcc |
| 04-Nov-2020 |
Richard Levitte |
SSL: refactor all SSLfatal() calls Since SSLfatal() doesn't take a function code any more, we drop that argument everywhere. Also, we convert all combinations of SSLfatal() and ERR_
SSL: refactor all SSLfatal() calls Since SSLfatal() doesn't take a function code any more, we drop that argument everywhere. Also, we convert all combinations of SSLfatal() and ERR_add_data() to an SSLfatal_data() call. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13316)
show more ...
|
#
d8652be0 |
| 24-Sep-2020 |
Matt Caswell |
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged fro
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
show more ...
|
#
e6623cfb |
| 03-Sep-2020 |
Matt Caswell |
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/1
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
show more ...
|
#
6f0bd6ca |
| 11-Aug-2020 |
Matt Caswell |
Ensure libssl creates libctx aware MAC keys Convert various mac key creation function calls to use the _with_libctx variants. Reviewed-by: Paul Dale <paul.dale@oracle.com> (
Ensure libssl creates libctx aware MAC keys Convert various mac key creation function calls to use the _with_libctx variants. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12637)
show more ...
|
#
0ab18e79 |
| 26-Jul-2020 |
Shane Lontis |
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884)
show more ...
|
#
11d3235e |
| 04-Jun-2020 |
Tomas Mraz |
Do not allow dropping Extended Master Secret extension on renegotiaton Abort renegotiation if server receives client hello with Extended Master Secret extension dropped in comparison to
Do not allow dropping Extended Master Secret extension on renegotiaton Abort renegotiation if server receives client hello with Extended Master Secret extension dropped in comparison to the initial session. Fixes #9754 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12045)
show more ...
|
#
852c2ed2 |
| 19-Dec-2019 |
Rich Salz |
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
show more ...
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
#
fc69f32c |
| 12-Mar-2020 |
Matt Caswell |
Use EVP_DigestSignInit_ex and EVP_DigestVerifyInit_ex in libssl We need to make sure we use the correct libctx for all operations in libssl. Reviewed-by: Ben Kaduk <kaduk@mit.ed
Use EVP_DigestSignInit_ex and EVP_DigestVerifyInit_ex in libssl We need to make sure we use the correct libctx for all operations in libssl. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11401)
show more ...
|
#
cd624ccd |
| 02-Dec-2019 |
Matt Caswell |
Don't acknowledge a servername following warning alert in servername cb If the servername cb decides to send back a warning alert then the handshake continues, but we should not signal t
Don't acknowledge a servername following warning alert in servername cb If the servername cb decides to send back a warning alert then the handshake continues, but we should not signal to the client that the servername has been accepted. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/10018)
show more ...
|
#
7955c1f1 |
| 25-Sep-2019 |
Matt Caswell |
Fix SSL_get_servername() and SNI behaviour The SNI behaviour for TLSv1.3 and the behaviour of SSL_get_servername() was not quite right, and not entirely consistent with the RFC.
Fix SSL_get_servername() and SNI behaviour The SNI behaviour for TLSv1.3 and the behaviour of SSL_get_servername() was not quite right, and not entirely consistent with the RFC. The TLSv1.3 RFC explicitly says that SNI is negotiated on each handshake and the server is not required to associate it with the session. This was not quite reflected in the code so we fix that. Additionally there were some additional checks around early_data checking that the SNI between the original session and this session were consistent. In fact the RFC does not require any such checks, so they are removed. Finally the behaviour of SSL_get_servername() was not quite right. The behaviour was not consistent between resumption and normal handshakes, and also not quite consistent with historical behaviour. We clarify the behaviour in various scenarios and also attempt to make it match historical behaviour as closely as possible. Fixes #8822 Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/10018)
show more ...
|