| #
cb150cbc |
| 04-Oct-2016 |
Matt Caswell |
Update cookie_len for size_t
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
ec60ccc1 |
| 04-Oct-2016 |
Matt Caswell |
Convert session_id_length and sid_ctx_len to size_t
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
8c1a5343 |
| 03-Oct-2016 |
Matt Caswell |
Convert master_secret_size code to size_t
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Revision tags: OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a |
|
| #
eda75751 |
| 06-Sep-2016 |
Matt Caswell |
Further libssl size_t-ify of reading
Writing still to be done
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
b90506e9 |
| 03-Oct-2016 |
Matt Caswell |
Fix linebreaks in the tls_construct_client_certificate function
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
a15c953f |
| 03-Oct-2016 |
Matt Caswell |
Add a typedef for the construction function
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
6392fb8e |
| 30-Sep-2016 |
Matt Caswell |
Move setting of the handshake header up one more level
We now set the handshake header, and close the packet directly in the
write_state_machine. This is now possible because it is commo
Move setting of the handshake header up one more level
We now set the handshake header, and close the packet directly in the
write_state_machine. This is now possible because it is common for all
messages.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
229185e6 |
| 30-Sep-2016 |
Matt Caswell |
Remove the special case processing for finished construction
tls_construct_finished() used to have different arguments to all of the
other construction functions. It doesn't anymore, so
Remove the special case processing for finished construction
tls_construct_finished() used to have different arguments to all of the
other construction functions. It doesn't anymore, so there is no neeed to
treat it as a special case.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
4a01c59f |
| 30-Sep-2016 |
Matt Caswell |
Harmonise setting the header and closing construction
Ensure all message types work the same way including CCS so that the state
machine doesn't need to know about special cases. Put all
Harmonise setting the header and closing construction
Ensure all message types work the same way including CCS so that the state
machine doesn't need to know about special cases. Put all the special logic
into ssl_set_handshake_header() and ssl_close_construct_packet().
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
5923ad4b |
| 29-Sep-2016 |
Matt Caswell |
Don't set the handshake header in every message
Move setting the handshake header up a level into the state machine code
in order to reduce boilerplate.
Reviewed-by: Rich Salz <
Don't set the handshake header in every message
Move setting the handshake header up a level into the state machine code
in order to reduce boilerplate.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
7cea05dc |
| 29-Sep-2016 |
Matt Caswell |
Move init of the WPACKET into write_state_machine()
Instead of initialising, finishing and cleaning up the WPACKET in every
message construction function, we should do it once in
wri
Move init of the WPACKET into write_state_machine()
Instead of initialising, finishing and cleaning up the WPACKET in every
message construction function, we should do it once in
write_state_machine().
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
a29fa98c |
| 29-Sep-2016 |
Matt Caswell |
Rename ssl_set_handshake_header2()
ssl_set_handshake_header2() was only ever a temporary name while we had
to have ssl_set_handshake_header() for code that hadn't been converted to
W
Rename ssl_set_handshake_header2()
ssl_set_handshake_header2() was only ever a temporary name while we had
to have ssl_set_handshake_header() for code that hadn't been converted to
WPACKET yet. No code remains that needed that so we can rename it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
4a424545 |
| 29-Sep-2016 |
Matt Caswell |
Fix a bug in CKE construction for PSK
In plain PSK we don't need to do anymore construction after the preamble.
We weren't detecting this case and treating it as an unknown cipher.
Fix a bug in CKE construction for PSK
In plain PSK we don't need to do anymore construction after the preamble.
We weren't detecting this case and treating it as an unknown cipher.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
f3b3d7f0 |
| 30-Aug-2016 |
Rich Salz |
Add -Wswitch-enum
Change code so when switching on an enumeration, have case's for all
enumeration values.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
| #
41b42807 |
| 19-Sep-2016 |
Dmitry Belyavsky |
Avoid KCI attack for GOST
Russian GOST ciphersuites are vulnerable to the KCI attack because they use
long-term keys to establish the connection when ssl client authorization is
on.
Avoid KCI attack for GOST
Russian GOST ciphersuites are vulnerable to the KCI attack because they use
long-term keys to establish the connection when ssl client authorization is
on. This change brings the GOST implementation into line with the latest
specs in order to avoid the attack. It should not break backwards
compatibility.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
| #
5a008ff6 |
| 20-Sep-2016 |
Richard Levitte |
Quiet compiler warning about uninitialised variable
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
08029dfa |
| 20-Sep-2016 |
Matt Caswell |
Convert WPACKET_put_bytes to use convenience macros
All the other functions that take an argument for the number of bytes
use convenience macros for this purpose. We should do the same w
Convert WPACKET_put_bytes to use convenience macros
All the other functions that take an argument for the number of bytes
use convenience macros for this purpose. We should do the same with
WPACKET_put_bytes().
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
418a18a2 |
| 20-Sep-2016 |
Matt Caswell |
Style tweaks following review feedback
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
15e6be6c |
| 14-Sep-2016 |
Matt Caswell |
Convert NextProto message construction to WPACKET
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
6400f338 |
| 14-Sep-2016 |
Matt Caswell |
Convert ClientVerify Construction to WPACKET
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
b2b3024e |
| 13-Sep-2016 |
Matt Caswell |
Add a WPACKET_sub_allocate_bytes() function
Updated the construction code to use the new function. Also added some
convenience macros for WPACKET_sub_memcpy().
Reviewed-by: Rich
Add a WPACKET_sub_allocate_bytes() function
Updated the construction code to use the new function. Also added some
convenience macros for WPACKET_sub_memcpy().
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
f1ec23c0 |
| 13-Sep-2016 |
Matt Caswell |
Convert CKE construction to use the WPACKET API
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
de451856 |
| 08-Sep-2016 |
Matt Caswell |
Address WPACKET review comments
A few style tweaks here and there. The main change is that curr and
packet_len are now offsets into the buffer to account for the fact that
the pointe
Address WPACKET review comments
A few style tweaks here and there. The main change is that curr and
packet_len are now offsets into the buffer to account for the fact that
the pointers can change if the buffer grows. Also dropped support for the
WPACKET_set_packet_len() function. I thought that was going to be needed
but so far it hasn't been. It doesn't really work any more due to the
offsets change.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
796a627e |
| 08-Sep-2016 |
Matt Caswell |
Ensure the WPACKET gets cleaned up in the event of an error
Otherwise a mem leak can occur.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
fb790f16 |
| 06-Sep-2016 |
Matt Caswell |
Add WPACKET_sub_memcpy() function
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
