#
1.28 |
|
09-May-2024 |
tb |
Plug a "leak" in ssl_security_group()
The way the CBB API is used, CBB_add_u16() and CBB_finish() can't actually fail here, but if they could, cbb->base would leak. Rewrite this code with the proper idioms to make it look right.
ok jsing
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.27 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.26 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.25 |
|
17-Aug-2022 |
tb |
Provide ssl_security_shared_group()
Refactor ssl_security_supported_group() into a wrapper of a new internal ssl_security_group() which takes a secop as an argument. This allows adding ssl_security_shared_group() which will be needed in upcoming commits.
ok jsing
|
#
1.24 |
|
30-Jul-2022 |
tb |
update copyright years
|
#
1.23 |
|
19-Jul-2022 |
tb |
Disallow MD5 and SHA-1 HMACs depending on the security level
Ciphers using an MD5 HMAC are not allowed on security levels >= 1 and using a SHA-1 HMAC is disallowed on security levels >= 4. This disables RC4-MD5 by default.
ok jsing
|
#
1.22 |
|
07-Jul-2022 |
tb |
Use a local bits variable to avoid ugly line break due to nested function calls.
ok jsing
|
#
1.21 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.20 |
|
05-Jul-2022 |
tb |
Use secop instead of op everywhere
|
#
1.19 |
|
05-Jul-2022 |
tb |
Pull setting of is_ee out of the function calls to appease scan-build
|
#
1.18 |
|
03-Jul-2022 |
tb |
Reword a comment
|
#
1.17 |
|
03-Jul-2022 |
tb |
Unwrap a line
|
#
1.16 |
|
02-Jul-2022 |
tb |
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes.
ok beck jsing
|
#
1.15 |
|
02-Jul-2022 |
tb |
Rename uses 'curve' to 'group' and rework tls1 group API.
This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent.
Based on a suggestion by jsing
ok jsing
|
#
1.14 |
|
30-Jun-2022 |
tb |
Check security level for supported groups.
ok jsing
|
#
1.13 |
|
30-Jun-2022 |
tb |
Rename variable from tls_version to version since it could also be a DTLS version at this point.
|
#
1.12 |
|
30-Jun-2022 |
tb |
Add checks to ensure we do not initiate or negotiate handshakes with versions below the minimum required by the security level.
input & ok jsing
|
#
1.11 |
|
30-Jun-2022 |
tb |
Remove obj_mac.h include. Requested by jsing
|
#
1.10 |
|
29-Jun-2022 |
tb |
Don't check the signature if a cert is self signed.
ok beck jsing
|
#
1.9 |
|
29-Jun-2022 |
tb |
Add functions that check security level in certs and cert chains.
ok beck jsing
|
#
1.8 |
|
29-Jun-2022 |
tb |
missing blank line
|
#
1.7 |
|
29-Jun-2022 |
tb |
Also check the security level of the 'tmp dh'
ok beck jsing
|
#
1.6 |
|
29-Jun-2022 |
tb |
Check the security of DH key shares
ok beck, looks good to jsing
|
#
1.5 |
|
28-Jun-2022 |
tb |
Add a period to a comment
Pointed out by jsing
|
#
1.4 |
|
28-Jun-2022 |
tb |
Security level >= 3 requires a ciphersuite with PFS
ok beck jsing sthen
|
#
1.3 |
|
28-Jun-2022 |
tb |
Add a secop handler for tmp_dh
This disallows DHE keys weaker than 1024 bits at level 0 to match OpenSSL behavior.
ok beck jsing sthen
|
#
1.2 |
|
28-Jun-2022 |
tb |
Implement ssl{,_ctx}_security()
ok beck jsing sthen
|
#
1.1 |
|
28-Jun-2022 |
tb |
Implement the default security level callback
And here is where the fun starts. The tentacles will grow everywhere.
ok beck jsing sthen
|
#
1.27 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.26 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.25 |
|
17-Aug-2022 |
tb |
Provide ssl_security_shared_group()
Refactor ssl_security_supported_group() into a wrapper of a new internal ssl_security_group() which takes a secop as an argument. This allows adding ssl_security_shared_group() which will be needed in upcoming commits.
ok jsing
|
#
1.24 |
|
30-Jul-2022 |
tb |
update copyright years
|
#
1.23 |
|
19-Jul-2022 |
tb |
Disallow MD5 and SHA-1 HMACs depending on the security level
Ciphers using an MD5 HMAC are not allowed on security levels >= 1 and using a SHA-1 HMAC is disallowed on security levels >= 4. This disables RC4-MD5 by default.
ok jsing
|
#
1.22 |
|
07-Jul-2022 |
tb |
Use a local bits variable to avoid ugly line break due to nested function calls.
ok jsing
|
#
1.21 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.20 |
|
05-Jul-2022 |
tb |
Use secop instead of op everywhere
|
#
1.19 |
|
05-Jul-2022 |
tb |
Pull setting of is_ee out of the function calls to appease scan-build
|
#
1.18 |
|
03-Jul-2022 |
tb |
Reword a comment
|
#
1.17 |
|
03-Jul-2022 |
tb |
Unwrap a line
|
#
1.16 |
|
02-Jul-2022 |
tb |
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes.
ok beck jsing
|
#
1.15 |
|
02-Jul-2022 |
tb |
Rename uses 'curve' to 'group' and rework tls1 group API.
This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent.
Based on a suggestion by jsing
ok jsing
|
#
1.14 |
|
30-Jun-2022 |
tb |
Check security level for supported groups.
ok jsing
|
#
1.13 |
|
30-Jun-2022 |
tb |
Rename variable from tls_version to version since it could also be a DTLS version at this point.
|
#
1.12 |
|
30-Jun-2022 |
tb |
Add checks to ensure we do not initiate or negotiate handshakes with versions below the minimum required by the security level.
input & ok jsing
|
#
1.11 |
|
30-Jun-2022 |
tb |
Remove obj_mac.h include. Requested by jsing
|
#
1.10 |
|
29-Jun-2022 |
tb |
Don't check the signature if a cert is self signed.
ok beck jsing
|
#
1.9 |
|
29-Jun-2022 |
tb |
Add functions that check security level in certs and cert chains.
ok beck jsing
|
#
1.8 |
|
29-Jun-2022 |
tb |
missing blank line
|
#
1.7 |
|
29-Jun-2022 |
tb |
Also check the security level of the 'tmp dh'
ok beck jsing
|
#
1.6 |
|
29-Jun-2022 |
tb |
Check the security of DH key shares
ok beck, looks good to jsing
|
#
1.5 |
|
28-Jun-2022 |
tb |
Add a period to a comment
Pointed out by jsing
|
#
1.4 |
|
28-Jun-2022 |
tb |
Security level >= 3 requires a ciphersuite with PFS
ok beck jsing sthen
|
#
1.3 |
|
28-Jun-2022 |
tb |
Add a secop handler for tmp_dh
This disallows DHE keys weaker than 1024 bits at level 0 to match OpenSSL behavior.
ok beck jsing sthen
|
#
1.2 |
|
28-Jun-2022 |
tb |
Implement ssl{,_ctx}_security()
ok beck jsing sthen
|
#
1.1 |
|
28-Jun-2022 |
tb |
Implement the default security level callback
And here is where the fun starts. The tentacles will grow everywhere.
ok beck jsing sthen
|
#
1.26 |
|
02-Oct-2022 |
jsing |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back into SSL.
Prompted by tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.25 |
|
17-Aug-2022 |
tb |
Provide ssl_security_shared_group()
Refactor ssl_security_supported_group() into a wrapper of a new internal ssl_security_group() which takes a secop as an argument. This allows adding ssl_security_shared_group() which will be needed in upcoming commits.
ok jsing
|
#
1.24 |
|
30-Jul-2022 |
tb |
update copyright years
|
#
1.23 |
|
19-Jul-2022 |
tb |
Disallow MD5 and SHA-1 HMACs depending on the security level
Ciphers using an MD5 HMAC are not allowed on security levels >= 1 and using a SHA-1 HMAC is disallowed on security levels >= 4. This disables RC4-MD5 by default.
ok jsing
|
#
1.22 |
|
07-Jul-2022 |
tb |
Use a local bits variable to avoid ugly line break due to nested function calls.
ok jsing
|
#
1.21 |
|
07-Jul-2022 |
tb |
Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workarounds that are no longer needed now that libcrypto exposes the necessary security-bits API.
ok jsing
|
#
1.20 |
|
05-Jul-2022 |
tb |
Use secop instead of op everywhere
|
#
1.19 |
|
05-Jul-2022 |
tb |
Pull setting of is_ee out of the function calls to appease scan-build
|
#
1.18 |
|
03-Jul-2022 |
tb |
Reword a comment
|
#
1.17 |
|
03-Jul-2022 |
tb |
Unwrap a line
|
#
1.16 |
|
02-Jul-2022 |
tb |
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes.
ok beck jsing
|
#
1.15 |
|
02-Jul-2022 |
tb |
Rename uses 'curve' to 'group' and rework tls1 group API.
This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent.
Based on a suggestion by jsing
ok jsing
|
#
1.14 |
|
30-Jun-2022 |
tb |
Check security level for supported groups.
ok jsing
|
#
1.13 |
|
30-Jun-2022 |
tb |
Rename variable from tls_version to version since it could also be a DTLS version at this point.
|
#
1.12 |
|
30-Jun-2022 |
tb |
Add checks to ensure we do not initiate or negotiate handshakes with versions below the minimum required by the security level.
input & ok jsing
|
#
1.11 |
|
30-Jun-2022 |
tb |
Remove obj_mac.h include. Requested by jsing
|
#
1.10 |
|
29-Jun-2022 |
tb |
Don't check the signature if a cert is self signed.
ok beck jsing
|
#
1.9 |
|
29-Jun-2022 |
tb |
Add functions that check security level in certs and cert chains.
ok beck jsing
|
#
1.8 |
|
29-Jun-2022 |
tb |
missing blank line
|
#
1.7 |
|
29-Jun-2022 |
tb |
Also check the security level of the 'tmp dh'
ok beck jsing
|
#
1.6 |
|
29-Jun-2022 |
tb |
Check the security of DH key shares
ok beck, looks good to jsing
|
#
1.5 |
|
28-Jun-2022 |
tb |
Add a period to a comment
Pointed out by jsing
|
#
1.4 |
|
28-Jun-2022 |
tb |
Security level >= 3 requires a ciphersuite with PFS
ok beck jsing sthen
|
#
1.3 |
|
28-Jun-2022 |
tb |
Add a secop handler for tmp_dh
This disallows DHE keys weaker than 1024 bits at level 0 to match OpenSSL behavior.
ok beck jsing sthen
|
#
1.2 |
|
28-Jun-2022 |
tb |
Implement ssl{,_ctx}_security()
ok beck jsing sthen
|
#
1.1 |
|
28-Jun-2022 |
tb |
Implement the default security level callback
And here is where the fun starts. The tentacles will grow everywhere.
ok beck jsing sthen
|