FdaSilvaYY [Tue, 23 Aug 2022 18:37:03 +0000 (20:37 +0200)]
crypto/*: Fix various typos, repeated words, align some spelling to LDP.
partially revamped from #16712
- fall thru -> fall through
- time stamp -> timestamp
- host name -> hostname
- ipv6 -> IPv6
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19059)
FdaSilvaYY [Tue, 23 Aug 2022 18:33:58 +0000 (20:33 +0200)]
crypto: Fix various typos, repeated words, align some spelling to LDP.
partially revamped from #16712
- fall thru -> fall through
- time stamp -> timestamp
- file name -> filename
- host name -> hostname
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19059)
Richard Levitte [Fri, 7 Oct 2022 06:24:59 +0000 (08:24 +0200)]
Align util/libcrypto.num with the openssl-3.0 branch
OPENSSL_strcasecmp() and OPENSSL_strncasecmp() appeared in OpenSSL 3.0.3,
and were assigned numbers in util/libcrypto.num. These numbers must be
transported up to the master branch as long as development of OpenSSL 3.x
is going on there (as indicated by the version info found in VERSION.dat).
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/19357)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/19262)
James Muir [Tue, 4 Oct 2022 14:48:43 +0000 (10:48 -0400)]
set MGF1 digest correctly
Fixes #19290
update rsa_set_ctx_params() so that the digest function used in the
MGF1 construction is set correctly. Add a test for this to
evp_extra_test.c based on the code scaro-axway provided in #19290.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19342)
Matt Caswell [Fri, 30 Sep 2022 09:50:53 +0000 (10:50 +0100)]
Partial revert and reimplement "Enable brainpool curves for TLS1.3"
This partially reverts commit 0a10825a0 in order to reimplement it in a
simpler way in the next commit. The reverted aspects are all related to
the TLSv1.3 brainpool curves in the supported_groups extension. Rather
than special casing the handling of these curves we simply add new entries
to the groups table to represent them. They can then be handled without
any additional special casing. This makes the code simpler to maintain.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19315)
Richard Levitte [Fri, 7 Oct 2022 08:23:17 +0000 (10:23 +0200)]
Fix crypto/dso/dso_vms.c
In the "Stop raising ERR_R_MALLOC_FAILURE in most places" commit, some
fixes of this file weren't done quite right, leading to a symbol being
undeclared depending on building circumstances.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19360)
Richard Levitte [Wed, 5 Oct 2022 15:52:46 +0000 (17:52 +0200)]
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch
3.1 has been decided to be a FIPS 140-3 release, springing from the branch
openssl-3.0, and the master branch to continue with the development of
OpenSSL 3.2.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19350)
Richard Levitte [Mon, 3 Oct 2022 05:22:52 +0000 (07:22 +0200)]
Rename ossl_sleep calls to OSSL_sleep everywhere
Also, remove inclusions of internal/e_os.h where it seems no longer
necessary.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19330)
Richard Levitte [Mon, 3 Oct 2022 05:10:34 +0000 (07:10 +0200)]
Rename ossl_sleep() to OSSL_sleep() and make it public
ossl_sleep() was implemented as a static inline function in internal/e_os.h,
using usleep() on Unix and Sleep() on Windows. So far well and good.
However, it also has a fallback implementation for systems that do not have
usleep() or Sleep(), and that implementation happens to use ossl_time_now(),
which is a normal function, private to libcrypto, and is judged to be too
complex to sanely make into a static inline function.
This fallback creates a problem, because we do use ossl_sleep() in apps/ and
a few test programs in test/, and when they are linked with libcrypto in
shared library form, ossl_time_now() can't be found, since it's not publicly
exposed.
Something needs to give, and the easiest, and hopefully sanest answer is to
make ossl_sleep() a publicly exposed function, which requires a slight name
change.
Documentation and 'make update' result included.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19330)
Matt Caswell [Thu, 15 Sep 2022 15:03:02 +0000 (16:03 +0100)]
Enable the ability to query the COMP_METHOD being used in the record layer
We also convert to passing COMP_METHOD rather than SSL_COMP to the record
layer. The former is a public type while the latter is internal only - and
the only thing we need from SSL_COMP is the method.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19217)
Tomas Mraz [Thu, 29 Sep 2022 11:00:45 +0000 (13:00 +0200)]
Fix regression in i2d_re_X509_REQ_tbs()
This fixes regression from commit 8e39049. There is also no point
in setting the modified flag after just calling i2d.
Fixes #19297
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19299)
Richard Levitte [Thu, 29 Sep 2022 11:57:34 +0000 (13:57 +0200)]
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
Tomas Mraz [Mon, 3 Oct 2022 13:23:05 +0000 (15:23 +0200)]
CRYPTO_THREAD_lock_new(): Avoid infinite recursion on allocation error
Fixes #19334
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19335)
Tomas Mraz [Mon, 3 Oct 2022 08:40:40 +0000 (10:40 +0200)]
err_set_debug(): Prevent possible recursion on malloc failure
Fixes #19331
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19332)
Detection of this feature is unreliable so only use it if requested.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18852)
Daniel Fiala [Tue, 27 Sep 2022 04:01:25 +0000 (06:01 +0200)]
Disable printf format checking on MinGW
Fixes openssl#19185
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19292)
Richard Levitte [Sat, 1 Oct 2022 09:18:57 +0000 (11:18 +0200)]
VMS: use selective search when linking with shareable images
VMS linking complains a lot about multiply defined symbols unless told
otherwise, especially when shareable images are involved. For example, this
involves the legacy provider, where there are overriding implementations of
certain ERR functions.
To quiet the linker down, we need to say that symbols should be searched
selectively in shareable images.
However, that's not quite enough. The order in which the VMS linker
processes files isn't necessarily top to bottom as given on the command line
or the option file(s), which may result in some symbols appearing undefined,
even though they are. To remedy that, it's necessary to explicitly include
all object files and object libraries into a cluster, thus ensuring that
they will be processed first. This allows the search for remaining symbol
references to be done in the as desired in the shareable images that follow.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19327)
BN_check_prime() is supposed to return 0 for a composite number and -1
on error. Properly translate the return value of the internal function
ossl_bn_miller_rabin_is_prime(), where 0 means an error.
The confusion prevented BN_GENCB callbacks from aborting the primality
test or key generation routines utilizing this.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19314)
Steven Collison [Sat, 18 Jun 2022 15:26:20 +0000 (08:26 -0700)]
s_client: Support interactive reconnect command
This change adds the 'C' command character to allow a user to drop the
current session and reconnect to the server. It has the same behavior as
the `-reconnect` option except this allows reconnect to be triggered at
an arbitrary point in the session.
The primary use case for this change is to provide a way for the user to
probe a server for TLS1.3 session resumption support. This is not
currently reliably supported by the `-reconnect` option.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18683)
Matt Caswell [Wed, 10 Aug 2022 14:31:00 +0000 (15:31 +0100)]
Fix usage of custom EVP_CIPHER objects
If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it
should be used in preference to a fetched cipher.
We also fix a possible NULL pointer deref in the same code for digests.
If the custom cipher passed to EVP_CipherInit() happens to use NID_undef
(which should be a discouraged practice), then in the previous
implementation this could result in the NULL cipher being fetched and
hence NULL encryption being unexpectedly used.
CVE-2022-3358
Fixes #18970
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19300)
References: draft-ietf-sidrops-signed-tal
Title: "RPKI Signed Object for Trust Anchor Key"
OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19221)
The IRIX mips64-cpu, n32-abi configurations include SIXTY_FOUR_BIT in bn_ops,
but it is missing from mips64*-linux-*abin32 (which OpenSSL calls
"linux-mips64"). This causes heap corruption when verifying TLS certificates
(which tend to be RSA-signed) with openssl 1.1.1q:
Applying this patch and recompiling produces the expected output instead of a
crash.
Note that Gentoo (and to my knowledge all other other distributions which
support mips64n32) use the `linux-generic32` configuration, which uses only
32-bit arithmetic (rather than full 64-bit arithmetic) and lacks assembler
implementations for the SHA hash functions:
For support in nixpkgs we would like to use the full 64-bit integer registers
and perlasm routines, so I'm submitting this upstream as well.
Fixes #19319
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19320)
Graham Woodward [Tue, 27 Sep 2022 12:21:10 +0000 (13:21 +0100)]
Fix missing null check
Don't add 1 if strchr returns NULL
PR update
Fixes #19279
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19282)
ERR: replace remnant ECerr() and EVPerr() calls in crypto/
except those throwing ERR_R_MALLOC_FAILURE
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19302)
Makefile: Add check-format target, operating on all .c sources and crypto+ssl headers
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15913)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15913)
Makefile: Exclude dummy header asn1_mac.h from CRYPTOHEADERS
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15913)
Makefile: Update but disable 'lint' target, using splint with some quirks
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15913)
Makefile: Add SRCS list of all .c (and any .cc and .cpp) files
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15913)
80-test_cmp_http.t: some generalizations and minor improvements of diagnostic output
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18895)
Richard Levitte [Tue, 27 Sep 2022 16:51:57 +0000 (18:51 +0200)]
OpenSSL::config: Fix trivial bugs
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19285)
Richard Levitte [Tue, 27 Sep 2022 16:57:35 +0000 (18:57 +0200)]
OpenSSL::config: Fix VMS guesses
The MACHINE value from POSIX::uname() isn't trustworthy at all.
MACHINE names like this has been seen:
_HP__VMM___(1.67GHz/9.0MB)
Perl's `$Config{archname}` is much more trustworthy, especially since
VMS isn't a multiarch operating system, at least yet.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19285)
Richard Levitte [Tue, 27 Sep 2022 16:31:15 +0000 (18:31 +0200)]
OpenSSL::config: determine the MSVC target architecture by asking cl
Since cl knows what architecture it builds fore, all depending on what
the user set up, it makes sense to ask it, and use that result primarly,
and only use the POSIX::uname() MACHINE value as a fallback.
Also, this does indeed determine if cl is present or not.
We drop the explicit names in .github/workflows/windows.yml as proof
of concept.
Fixes #19281
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19285)
We don't have <complex.h> on djgpp, so this entire test can be skipped.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19286)
djgpp: Set TZ=UTC to convert UTC timestamp to time_t
Since djgpp has neither a timezone variable or timegm(), this horrible
method must be used. It is the only one I could find that produces
accurate results, and is recommended as portable alternative to
timegm() by the GNU libc manual. Reference:
This works due to the fact that mktime() populates the tm_gmtoff and
tm_isdst fields in the source timestamp. It is accurate everywhere in
the world, *except* on Lord Howe Island, Australia, where a 30 minute
DST offset is used.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19274)
djgpp: Define WATT32_NO_OLDIES before including socket headers
If this macro is left undefined, Watt-32 will "helpfully" declare some
typedefs such as 'byte' and 'word' in the global namespace. This broke
compilation of apps/s_client.c.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19274)
This part failed to compile due to a circular dependency between
internal/e_os.h and internal/time.h, when ossl_sleep() falls back to a
busy wait. However, djgpp has a usleep function, so it can use the
regular Unix version of ossl_sleep().
It's not great though. The resolution is only ~55ms, and it may break
when a user program hooks the timer interrupt without periodically
updating BIOS time. A high-resolution alternative is uclock(), but
that is generally less desirable since it reprograms the system timer.
The circular dependency is still there and may still cause trouble for
other platforms.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19274)
Build failed on djgpp due to missing config vars 'AR' and 'ARFLAGS'.
Additionally, '-lz' was not added to 'lflags' when zlib support was
enabled. Inheriting configuration variables from BASE_unix solves both
these issues.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19274)
Juergen Christ [Mon, 29 Aug 2022 15:05:41 +0000 (17:05 +0200)]
apps/speed.c: Lock buffer in memory
Lock the buffers used for throughput measurements into memory. This removes
some side effects of paging.
Errors from the memory locking functions are ignored since they are not
critical to the application.
This feature is limited to Linux and Windows.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19091)
test/trace_api_test.c: fix gcc error on -Werror=strict-prototypes
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19277)
Tomas Mraz [Tue, 27 Sep 2022 15:50:35 +0000 (17:50 +0200)]
dgram_pair_read_inner(): Do not move buf pointer if it is NULL
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19284)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19284)
Tomas Mraz [Tue, 27 Sep 2022 15:39:01 +0000 (17:39 +0200)]
A static const variable is implicitly zero initialized
Older clang versions complain about the explicit initializer
because the first member of the struct is a struct.
But it is not necessary to explicitly initialize it anyway.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19284)
Newly computed traffic secrets are now logged upon key update
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19241)
The IKM was not respected by the s390x specific implementations of X25519 and
X448 keygen. This caused test failures and wrong results if the PCC
instruction was actually available and supported X25519 and/or X448.
Fixes: 78c44b05945b ("Add HPKE DHKEM provider support for EC, X25519 and X448.") Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19278)
Hugo Landau [Mon, 22 Aug 2022 14:32:16 +0000 (15:32 +0100)]
QUIC Flow Control
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19040)
Todd Short [Wed, 21 Sep 2022 18:06:23 +0000 (14:06 -0400)]
Add documentation for the OPENSSL_gmtime functions
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19257)
Richard Levitte [Tue, 6 Sep 2022 12:08:15 +0000 (14:08 +0200)]
Modify test/quic_record_test.c to also depacketize
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
Richard Levitte [Mon, 22 Aug 2022 06:45:26 +0000 (08:45 +0200)]
Implement packet type checks in the RX Depacketizer
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
Richard Levitte [Mon, 22 Aug 2022 06:11:10 +0000 (08:11 +0200)]
Extend the RX Depacketizer frame table with what packet types they are valid in
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
Richard Levitte [Thu, 21 Jul 2022 08:54:48 +0000 (10:54 +0200)]
Implement the RX Depacketizer
Implements the design doc/designs/quic-design/rx-depacketizer.md.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
Richard Levitte [Tue, 6 Sep 2022 11:59:25 +0000 (13:59 +0200)]
Move the QUIC_CONNECTION typedef to internal headers
Also add internal functionality to get a QUIC_CONNECTION pointer from
an SSL pointer, and setters / getters for the GQX and ACKM fields.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
Matt Caswell [Tue, 13 Sep 2022 17:01:18 +0000 (18:01 +0100)]
Fix a record layer mem leak
Make sure we free the record layer before we free the connection BIOs
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Mon, 12 Sep 2022 14:50:26 +0000 (15:50 +0100)]
Restructure the write code
Move the multiblock code into a separate file and introduce the usage of
record_functions_st for some write functions.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Mon, 12 Sep 2022 14:02:14 +0000 (15:02 +0100)]
Remove some outstanding TODOs
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 9 Sep 2022 15:14:37 +0000 (16:14 +0100)]
Ensure that prefix records use a small buffer
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 9 Sep 2022 14:53:40 +0000 (15:53 +0100)]
Move the pipelining code into the record layer
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 9 Sep 2022 14:34:52 +0000 (15:34 +0100)]
Resove some outstanding TODOs
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 9 Sep 2022 12:26:50 +0000 (13:26 +0100)]
Re-enable the multiblock code and move it into the record layer
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Wed, 31 Aug 2022 20:03:22 +0000 (21:03 +0100)]
Make sure we call get_max_records() in the record layer code
We use the returned data to decide how to split the data we want to write
into records.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Wed, 31 Aug 2022 16:37:48 +0000 (17:37 +0100)]
Convert the write record layer to supply proper return values
This also means we can convert SSLfatal calls to RLAYERfatal
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Wed, 31 Aug 2022 15:45:55 +0000 (16:45 +0100)]
Remove some miscellaneous references to SSL_CONNECTION
There were a small number of references to the SSL_CONNECTION that can
be removed easily and replaced with record layer equivalents.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Wed, 31 Aug 2022 15:39:36 +0000 (16:39 +0100)]
Move the record block_padding capability fully into the record layer
Previously we were referencing the block_padding value through the
SSL_CONNECTION. Now it is held within OSSL_RECORD_LAYER.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Wed, 31 Aug 2022 14:41:16 +0000 (15:41 +0100)]
Move the record padding callback fully into the record layer
We wrap the callback and pass it to the record layer via the dispatch
array, in order to avoid accessing it directly via SSL_CONNECTION.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Tue, 30 Aug 2022 16:15:25 +0000 (17:15 +0100)]
Remove use of SSL_CONNECTION_TREAT_AS_TLS13() from the record layer
In all cases we should be able to replace this with a simple check
against rl->version.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Tue, 30 Aug 2022 15:26:33 +0000 (16:26 +0100)]
Move need_empty_fragments inside the record layer
This flag can now be managed entirely by the new record layer code so we
move it into ossl_record_layer_st.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Tue, 30 Aug 2022 15:04:31 +0000 (16:04 +0100)]
Remove empty_fragment_done
Now that we are no longer recursively addinng the prefix record this
doesn't seem necessary any more. We always add it every time we do
tls_write_records.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 26 Aug 2022 16:34:40 +0000 (17:34 +0100)]
Move logic for figuring out the record version out of record layer
This calculation is based on lots of information from state machine and
elsewhere that the record layer cannot access. In reality it is sufficient
to simply tell the record layer what version to use.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Thu, 25 Aug 2022 16:34:48 +0000 (17:34 +0100)]
Move numwpipes in the write record layer
We retain a numwpipes for now in the old record layer structure for use
by DTLS. This will eventually be removed when DTLS moves over to the new
way of doing things.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Thu, 25 Aug 2022 14:05:13 +0000 (15:05 +0100)]
Move write buffer management into the write record layer
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Mon, 22 Aug 2022 15:09:23 +0000 (16:09 +0100)]
Replace references to s->wbio with rl->bio
We use the record layer reference to the BIO rather than the SSL object
reference. This removes an unneeded SSL object usage.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Mon, 22 Aug 2022 15:03:41 +0000 (16:03 +0100)]
Use the record layer msg_callback not the SSL object msg_callback
This removes unnecessary usage of the SSL object from the record layer.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Mon, 22 Aug 2022 14:49:53 +0000 (15:49 +0100)]
Move checking for alerts to dispatch out of the record layer
This isn't a record layer responsibility so should be removed from
write_records.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 19 Aug 2022 15:54:09 +0000 (16:54 +0100)]
Create the write record layer method and object and use it
Make sure we set the write record layer method and create the object
where appropriate. Move the newly restructured writing code into the
record layer object.
For now we are cheating and still accessing the underlying SSL_CONNECTION
object. This will be removed in subsequent commits.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
Matt Caswell [Fri, 12 Aug 2022 08:51:51 +0000 (09:51 +0100)]
Move initial TLS write record layer code into new structure
The new write record layer architecture splits record writing into
a "write_records" call and a "retry_write_records" call - where multiple
records can be sent to "write_records" in one go. We restructure the code
into that format in order that future commits can move these functions into
the new record layer more easily.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)
ASYNC_init_thread() will be called automatically by ASYNC_start_job(),
so ASYNC_cleanup_thread() must be called at last, otherwise it will
cause memory leak.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16703)
Tomas Mraz [Tue, 20 Sep 2022 14:48:59 +0000 (16:48 +0200)]
Maximum return value of BIO_ctrl_(w)pending is SIZE_MAX
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19240)
projects / thirdparty / openssl.git / log
