oweals/openssl.git
9 years agobn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple...
Andy Polyakov [Tue, 10 Nov 2015 20:11:24 +0000 (21:11 +0100)]
bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoaesni-sha256-x86_64.pl: fix crash on AMD Jaguar.
Andy Polyakov [Wed, 4 Nov 2015 22:57:06 +0000 (23:57 +0100)]
aesni-sha256-x86_64.pl: fix crash on AMD Jaguar.

It was also found that stich performs suboptimally on AMD Jaguar, hence
execution is limited to XOP-capable and Intel processors.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoExplicit OpenSSL_version_num() implementation prototype
Viktor Dukhovni [Sun, 15 Nov 2015 03:15:45 +0000 (22:15 -0500)]
Explicit OpenSSL_version_num() implementation prototype

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoDocument new functions
Dr. Stephen Henson [Mon, 2 Nov 2015 11:52:01 +0000 (11:52 +0000)]
Document new functions

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoUse accessors for X509_print_ex().
Dr. Stephen Henson [Tue, 22 Sep 2015 22:40:01 +0000 (23:40 +0100)]
Use accessors for X509_print_ex().

Print certificate details using accessor functions.

Since X509_CERT_AUX_print is only used in one place and can't
be used by applications (it uses an internal X509_CERT_AUX structure)
this has been removed and replaced by a function X509_aux_print which
takes an X509 pointer instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoAdd new X509 accessors
Dr. Stephen Henson [Tue, 22 Sep 2015 22:40:43 +0000 (23:40 +0100)]
Add new X509 accessors

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoUpdate and clarify ciphers documentation.
Dr. Stephen Henson [Fri, 13 Nov 2015 23:34:29 +0000 (23:34 +0000)]
Update and clarify ciphers documentation.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoadd -psk option to ciphers command
Dr. Stephen Henson [Fri, 13 Nov 2015 14:57:55 +0000 (14:57 +0000)]
add -psk option to ciphers command

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoadd -tls1_2,-tls1_1 options to ciphers command
Dr. Stephen Henson [Fri, 13 Nov 2015 14:19:59 +0000 (14:19 +0000)]
add -tls1_2,-tls1_1 options to ciphers command

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoAdd "TLSv1.0" cipher alias.
Dr. Stephen Henson [Fri, 13 Nov 2015 14:43:27 +0000 (14:43 +0000)]
Add "TLSv1.0" cipher alias.

This adds a TLSv1.0 cipher alias for ciphersuites requiring
at least TLSv1.0: currently only PSK ciphersuites using SHA256
or SHA384 MAC (SSLv3 only supports SHA1 and MD5 MAC).

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoDon't alow TLS v1.0 ciphersuites for SSLv3
Dr. Stephen Henson [Fri, 13 Nov 2015 14:37:24 +0000 (14:37 +0000)]
Don't alow TLS v1.0 ciphersuites for SSLv3

This disables some ciphersuites which aren't supported in SSL v3:
specifically PSK ciphersuites which use SHA256 or SHA384 for the MAC.

Thanks to the Open Crypto Audit Project for identifying this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoUse SSL_TLSV1 only if at least TLS v1.0 is needed.
Dr. Stephen Henson [Fri, 13 Nov 2015 12:52:51 +0000 (12:52 +0000)]
Use SSL_TLSV1 only if at least TLS v1.0 is needed.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoRT2667: Add IRC support to -starttls
Nathan Phillip Brink [Wed, 13 May 2015 20:00:21 +0000 (16:00 -0400)]
RT2667: Add IRC support to -starttls

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoRT32671: wrong multiple errs TS_check_status_info
Graeme Perrow [Mon, 2 Nov 2015 01:15:23 +0000 (20:15 -0500)]
RT32671: wrong multiple errs TS_check_status_info

Reviewed-by: Tim Hudson <tjh@openssl.org>
Signed-off-by: Rich Salz <rsalz@openssl.org>
9 years agoabsent identity hint should be NULL
Dr. Stephen Henson [Fri, 13 Nov 2015 16:00:29 +0000 (16:00 +0000)]
absent identity hint should be NULL

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agomodes/asm/ghash-armv4.pl: extend Apple fix to all clang cases.
Andy Polyakov [Tue, 10 Nov 2015 20:40:51 +0000 (21:40 +0100)]
modes/asm/ghash-armv4.pl: extend Apple fix to all clang cases.
Triggered by RT#3989.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoFix SSL_use_certificate_chain_file
Matt Caswell [Mon, 9 Nov 2015 14:38:59 +0000 (14:38 +0000)]
Fix SSL_use_certificate_chain_file

The new function SSL_use_certificate_chain_file was always crashing in
the internal function use_certificate_chain_file because it would pass a
NULL value for SSL_CTX *, but use_certificate_chain_file would
unconditionally try to dereference it.

Reviewed-by: Stephen Henson <steve@openssl.org>
9 years agoRemove redundant check from tls1_get_curvelist
Matt Caswell [Mon, 9 Nov 2015 16:37:33 +0000 (16:37 +0000)]
Remove redundant check from tls1_get_curvelist

The function tls1_get_curvelist() has an explicit check to see if s->cert
is NULL or not. However the check appears *after* calling the tls1_suiteb
macro which derefs s->cert. In reality s->cert can never be NULL because
it is created in SSL_new(). If the malloc fails then the SSL_new call fails
and no SSL object is created.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoContinue malloc standardisation in engines
Matt Caswell [Fri, 30 Oct 2015 11:22:31 +0000 (11:22 +0000)]
Continue malloc standardisation in engines

Continuing from previous work standardise use of malloc in the engine code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoContinue standardisation of malloc handling in apps
Matt Caswell [Fri, 30 Oct 2015 11:18:04 +0000 (11:18 +0000)]
Continue standardisation of malloc handling in apps

continue on from previous commits but in the apps directory

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoContinue standardising malloc style for libcrypto
Matt Caswell [Fri, 30 Oct 2015 11:12:26 +0000 (11:12 +0000)]
Continue standardising malloc style for libcrypto

Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoStandardise our style for checking malloc failures
Matt Caswell [Fri, 30 Oct 2015 10:05:53 +0000 (10:05 +0000)]
Standardise our style for checking malloc failures

if we have a malloc |x = OPENSSL_malloc(...)| sometimes we check |x|
for NULL and sometimes we treat it as a boolean |if(!x) ...|. Standardise
the approach in libssl.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoRemove redundant check from SSL_shutdown
Matt Caswell [Mon, 9 Nov 2015 15:31:27 +0000 (15:31 +0000)]
Remove redundant check from SSL_shutdown

The SSL object was being deref'd and then there was a later redundant check
to see if it is NULL. We assume all SSL_foo functions pass a non NULL SSL
object and do not check it.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoMake the match for previous cflags a bit more strict
Richard Levitte [Mon, 9 Nov 2015 08:50:56 +0000 (09:50 +0100)]
Make the match for previous cflags a bit more strict

./Configure [target] --strict-warnings -Wno-pedantic-ms-format
would not add '-pedantic' because it matches '-Wno-pedantic-ms-format',
which was added first.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoReplace L suffix with U
Dr. Stephen Henson [Sat, 7 Nov 2015 13:22:54 +0000 (13:22 +0000)]
Replace L suffix with U

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoUse uint32_t and int32_t for SSL_CIPHER structure.
Dr. Stephen Henson [Thu, 5 Nov 2015 16:14:17 +0000 (16:14 +0000)]
Use uint32_t and int32_t for SSL_CIPHER structure.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoFix compilation problems with SCTP
Matt Caswell [Fri, 6 Nov 2015 10:25:08 +0000 (10:25 +0000)]
Fix compilation problems with SCTP

The SCTP code is not compiled by default. This fixes some compilation
problems in that code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoRemove some redundant assignments
Matt Caswell [Fri, 6 Nov 2015 09:54:39 +0000 (09:54 +0000)]
Remove some redundant assignments

We were setting |s->renegotiate| and |s->new_session| to 0 twice in
tls_finish_handshake. This is redundant so now we just do it once!

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
9 years agoDon't finish the handshake twice
Matt Caswell [Fri, 6 Nov 2015 09:47:18 +0000 (09:47 +0000)]
Don't finish the handshake twice

We finish the handshake when we move into the TLS_ST_OK state. At various
points we were also unnecessarily finishing it when we were reading/writing
the Finished message. It's much simpler just to do it in TLS_ST_OK, so
remove the other calls.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
9 years agoRebuild error source files.
Dr. Stephen Henson [Tue, 3 Nov 2015 14:09:18 +0000 (14:09 +0000)]
Rebuild error source files.

Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agofix discrepancy
Dr. Stephen Henson [Tue, 3 Nov 2015 14:00:41 +0000 (14:00 +0000)]
fix discrepancy

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRead function names from C source files.
Dr. Stephen Henson [Tue, 3 Nov 2015 13:52:45 +0000 (13:52 +0000)]
Read function names from C source files.

In mkerr.pl read parse functions names in C source files and use
them for translation and sanity checks.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoEnsure the dtls1_get_*_methods work with DTLS_ANY_VERSION
Matt Caswell [Fri, 30 Oct 2015 16:28:50 +0000 (16:28 +0000)]
Ensure the dtls1_get_*_methods work with DTLS_ANY_VERSION

The various dtls1_get*_methods did not handle the DTLS_ANY_VERSION case,
so this needed to be added.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoMinor EVP_SignInit_ex doc fix
Matt Caswell [Mon, 2 Nov 2015 15:37:45 +0000 (15:37 +0000)]
Minor EVP_SignInit_ex doc fix

EVP_SignInit_ex was missing from the NAME section of its man page so
typing "man EVP_SignInit_ex" failed to load the page.

Reviewed-by: Stephen Henson <steve@openssl.org>
9 years agoFix usage of BIO_ctrl_set_connected
Richard Levitte [Mon, 2 Nov 2015 20:18:34 +0000 (21:18 +0100)]
Fix usage of BIO_ctrl_set_connected

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoRemove the state parameter from BIO_ctrl_set_connected
Richard Levitte [Mon, 2 Nov 2015 15:48:53 +0000 (16:48 +0100)]
Remove the state parameter from BIO_ctrl_set_connected

The actual implementation has the state of the connection being
controlled with the peer parameter, non-NULL meaning connected and
NULL meaning connected.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoBIO_s_datagram() ctrl doesn't support SEEK/TELL, so don't pretend it does
Richard Levitte [Mon, 2 Nov 2015 15:43:28 +0000 (16:43 +0100)]
BIO_s_datagram() ctrl doesn't support SEEK/TELL, so don't pretend it does

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoCorrect or add comments indicating what controls belong to what
Richard Levitte [Sun, 1 Nov 2015 14:56:21 +0000 (15:56 +0100)]
Correct or add comments indicating what controls belong to what

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoRemove PROXY controls that aren't used anywhere
Richard Levitte [Sun, 1 Nov 2015 14:48:58 +0000 (15:48 +0100)]
Remove PROXY controls that aren't used anywhere

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoRemove dummy argument from BIO_get_bind_mode
Richard Levitte [Sun, 1 Nov 2015 14:47:41 +0000 (15:47 +0100)]
Remove dummy argument from BIO_get_bind_mode

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoDocument how BIO_get_conn_ip and BIO_get_conn_int_port actually work
Richard Levitte [Sun, 1 Nov 2015 14:45:49 +0000 (15:45 +0100)]
Document how BIO_get_conn_ip and BIO_get_conn_int_port actually work

No dummy arguments.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoHave BIO_get_conn_int_port use BIO_ctrl instead BIO_int_ctrl
Richard Levitte [Sun, 1 Nov 2015 14:42:04 +0000 (15:42 +0100)]
Have BIO_get_conn_int_port use BIO_ctrl instead BIO_int_ctrl

BIO_int_ctrl isn't made for the purpose BIO_get_conn_int_port used it
for.

This also changes BIO_C_GET_CONNECT to actually return the port
instead of assigning it to a pointer that was never returned back to
the caller.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoClarify the preferred way of creating patch files
Matt Caswell [Sun, 1 Nov 2015 14:41:29 +0000 (14:41 +0000)]
Clarify the preferred way of creating patch files

Clarify that git format-patch output is preferred for creating patch files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove a reachable assert from ssl3_write_bytes
Matt Caswell [Fri, 30 Oct 2015 17:01:01 +0000 (17:01 +0000)]
Remove a reachable assert from ssl3_write_bytes

A buggy application that call SSL_write with a different length after a
NBIO event could cause an OPENSSL_assert to be reached. The assert is not
actually necessary because there was an explicit check a little further
down that would catch this scenario. Therefore remove the assert an move
the check a little higher up.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoRemove an OPENSSL_assert which could fail
Matt Caswell [Fri, 30 Oct 2015 16:50:17 +0000 (16:50 +0000)]
Remove an OPENSSL_assert which could fail

An OPENSSL_assert was being used which could fail (e.g. on a malloc
failure).

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoRemove a trivially true OPENSSL_assert
Matt Caswell [Fri, 30 Oct 2015 16:39:29 +0000 (16:39 +0000)]
Remove a trivially true OPENSSL_assert

This OPENSSL_assert in (d)tls1_hearbeat is trivially always going to be
true because it is testing the sum of values that have been set as
constants just a few lines above and nothing has changed them. Therefore
remove this.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoFixed typo in rsautl.pod
Soheil Rashidi [Wed, 28 Oct 2015 22:31:06 +0000 (02:01 +0330)]
Fixed typo in rsautl.pod

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoPR1279: Clean up CONTRIBUTING
Rich Salz [Sun, 1 Nov 2015 13:34:13 +0000 (08:34 -0500)]
PR1279: Clean up CONTRIBUTING

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoVarious README updates
Rich Salz [Thu, 29 Oct 2015 16:06:06 +0000 (12:06 -0400)]
Various README updates

Close GH Issue 69
Close GH PR 457
Some other updates

By Rich Salz, Alessandro Ghedini, Steve Marquess, Collin Anderson

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
9 years agoRemove des_ver.h; broke build.
Rich Salz [Sun, 1 Nov 2015 13:09:57 +0000 (08:09 -0500)]
Remove des_ver.h; broke build.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoReplace "SSLeay" in API with OpenSSL
Rich Salz [Tue, 27 Oct 2015 19:11:48 +0000 (15:11 -0400)]
Replace "SSLeay" in API with OpenSSL

All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove some SSLv2 references
Matt Caswell [Thu, 29 Oct 2015 14:50:40 +0000 (14:50 +0000)]
Remove some SSLv2 references

There were a few remaining references to SSLv2 support which are no longer
relevant now that it has been removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAdd SRP and PSK to disallowed CertificateRequest ciphersuites
Matt Caswell [Mon, 26 Oct 2015 23:11:44 +0000 (23:11 +0000)]
Add SRP and PSK to disallowed CertificateRequest ciphersuites

There was a discrepancy between what ciphersuites we allowed to send a
CertificateRequest, and what ciphersuites we allowed to receive one. So
add PSK and SRP to the disallowed ones.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove the inline keyword
Matt Caswell [Mon, 26 Oct 2015 14:08:22 +0000 (14:08 +0000)]
Remove the inline keyword

Some functions were marked as inline in statem_srvr.c where they probably
didn't need to be, so remove it.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove superfluous check
Matt Caswell [Mon, 26 Oct 2015 14:05:43 +0000 (14:05 +0000)]
Remove superfluous check

|tls_process_finished| was checking that |peer_finish_md_len| was
non-negative. However neither |tls1_final_finish_mac| or
|ssl3_final_finish_mac| can ever return a negative value, so the check is
superfluous.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoChange SSL_state_string return strings to start with a T
Matt Caswell [Mon, 26 Oct 2015 12:21:40 +0000 (12:21 +0000)]
Change SSL_state_string return strings to start with a T

Due the rest of the state machine changes it makes sense to change the
SSL_state_string return strings from 3* to T*. They are not SSL3 specific

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoChange snprintf to memcpy
Matt Caswell [Mon, 26 Oct 2015 12:00:00 +0000 (12:00 +0000)]
Change snprintf to memcpy

There was a few uses of snprintf in the DTLS SCTP code which made more
sense to be a memcpy.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAdd ossl_statem prefix to various functions
Matt Caswell [Mon, 26 Oct 2015 11:54:17 +0000 (11:54 +0000)]
Add ossl_statem prefix to various functions

Add the ossl_statem prefix to various funtions to avoid name clashes.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoConvert enums to typedefs
Matt Caswell [Mon, 26 Oct 2015 11:46:33 +0000 (11:46 +0000)]
Convert enums to typedefs

Various enums were introduced as part of the state machine rewrite. As a
matter of style it is preferred for these to be typedefs.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMake dtls1_link_min_mtu static
Matt Caswell [Mon, 26 Oct 2015 11:13:56 +0000 (11:13 +0000)]
Make dtls1_link_min_mtu static

The function dtls1_link_min_mtu() was only used within d1_lib.c so make
it static.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix a bogus clang warning
Matt Caswell [Thu, 22 Oct 2015 14:13:20 +0000 (15:13 +0100)]
Fix a bogus clang warning

Clang with --strict-warnings was complaining about an uninitalised
variable. In reality it will never be used uninitialised but clang can't
figure out the logic, so just init it anyway to silence the warning.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix empty NewSessionTicket processing
Matt Caswell [Thu, 22 Oct 2015 14:02:14 +0000 (15:02 +0100)]
Fix empty NewSessionTicket processing

Rebasing the state machine code introduced a problem with empty
NewSessionTicket processing. The return value from the
tls_process_new_session_ticket() is supposed to be an enum, but a bare
integer was being used. Unfortunately this is valid C so the compiler
doesn't pick it up.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix uninitialised variable
Matt Caswell [Thu, 22 Oct 2015 13:34:33 +0000 (14:34 +0100)]
Fix uninitialised variable

Fix another instance of |al| being unitialised in certain error scenarios.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agomake update
Matt Caswell [Thu, 22 Oct 2015 13:13:40 +0000 (14:13 +0100)]
make update

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix various error codes
Matt Caswell [Thu, 22 Oct 2015 13:02:46 +0000 (14:02 +0100)]
Fix various error codes

A number of error codes were wrong due to a rebase of the state machine
code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMove in_handshake into STATEM
Matt Caswell [Thu, 22 Oct 2015 12:57:18 +0000 (13:57 +0100)]
Move in_handshake into STATEM

The SSL variable |in_handshake| seems misplaced. It would be better to have
it in the STATEM structure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix unitialised variable problem
Matt Caswell [Thu, 22 Oct 2015 12:31:20 +0000 (13:31 +0100)]
Fix unitialised variable problem

tls_process_client_hello() failed to initialise the |al| variable in some
(error) scenarios. This could cause issues with creating the alert.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix DTLSv1_listen following state machine changes
Matt Caswell [Thu, 22 Oct 2015 11:18:45 +0000 (12:18 +0100)]
Fix DTLSv1_listen following state machine changes

Adding the new state machine broke the DTLSv1_listen code because
calling SSL_in_before() was erroneously returning true after DTLSv1_listen
had successfully completed. This change ensures that SSL_in_before returns
false.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAdd a function to get the info_callback
Matt Caswell [Mon, 5 Oct 2015 10:28:51 +0000 (11:28 +0100)]
Add a function to get the info_callback

Remove repeated blocks of checking SSL and then SSL_CTX for the
info_callback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove the old state defines
Matt Caswell [Mon, 5 Oct 2015 10:17:08 +0000 (11:17 +0100)]
Remove the old state defines

Remove all the defines for the old state machines states. Mapping old to new
is probably going to cause more problems than it solves so it is probably
better to just remove them.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoChange SUB_STATE_RETURN into a typedef
Matt Caswell [Mon, 5 Oct 2015 10:03:27 +0000 (11:03 +0100)]
Change SUB_STATE_RETURN into a typedef

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRename STATEM to OSSL_STATEM
Matt Caswell [Mon, 5 Oct 2015 09:58:52 +0000 (10:58 +0100)]
Rename STATEM to OSSL_STATEM

Add an OSSL_ prefix onto STATEM

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove SSL_state and SSL_set_state
Matt Caswell [Mon, 5 Oct 2015 09:49:15 +0000 (10:49 +0100)]
Remove SSL_state and SSL_set_state

SSL_state has been replaced by SSL_get_state and SSL_set_state is no longer
supported.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMove |no_cert_verify| into state machine
Matt Caswell [Mon, 5 Oct 2015 09:44:41 +0000 (10:44 +0100)]
Move |no_cert_verify| into state machine

The |no_cert_verify| should be in the state machine structure not in SSL

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove extraneous parens
Matt Caswell [Mon, 5 Oct 2015 09:41:13 +0000 (10:41 +0100)]
Remove extraneous parens

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoChange statem prefix to ossl_statem
Matt Caswell [Mon, 5 Oct 2015 09:39:54 +0000 (10:39 +0100)]
Change statem prefix to ossl_statem

Change various state machine functions to use the prefix ossl_statem
instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoDon't depend on SSL structure internals
Matt Caswell [Mon, 5 Oct 2015 09:21:11 +0000 (10:21 +0100)]
Don't depend on SSL structure internals

The macros SSL_in_connect_init() and SSL_in_accept_init() inadvertently
depended on SSL structure internals. This fixes it to use public API calls
instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoChange HANDSHAKE_STATE to OSSL_HANDSHAKE_STATE
Matt Caswell [Mon, 5 Oct 2015 09:18:06 +0000 (10:18 +0100)]
Change HANDSHAKE_STATE to OSSL_HANDSHAKE_STATE

Rename the enum HANDSHAKE_STATE to OSSL_HANDSHAKE_STATE to ensure there are
no namespace clashes, and convert it into a typedef.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix some client side transition logic
Matt Caswell [Mon, 14 Sep 2015 14:06:37 +0000 (15:06 +0100)]
Fix some client side transition logic

Fixed some issues in the logic for determining whether an SKE should be
expected or not. In particular only allow an SKE for RSA if its export and
the key size is not allowed. Also fix the ephemeral ciphersuite checks and
add in a missing call to ssl3_check_cert_and_algorithm().

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMinor documentation tweak
Matt Caswell [Fri, 11 Sep 2015 12:39:04 +0000 (13:39 +0100)]
Minor documentation tweak

Update the return type for SSL_state in the documentation.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoUpdate CHANGES
Matt Caswell [Fri, 11 Sep 2015 12:36:42 +0000 (13:36 +0100)]
Update CHANGES

Update the CHANGES file for the state machine rewrite

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove a call to SSL_set_state from s_server
Matt Caswell [Fri, 11 Sep 2015 12:11:37 +0000 (13:11 +0100)]
Remove a call to SSL_set_state from s_server

s_server was (ab)using SSL_set_state to force a renegotiation. This is a
bad way to do things and does not work with the new state machine code, so
we need to do it a different way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix a comment
Matt Caswell [Fri, 11 Sep 2015 11:11:39 +0000 (12:11 +0100)]
Fix a comment

Fix an out of date reference to old state machine code in a comment

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove some unused variables
Matt Caswell [Fri, 11 Sep 2015 10:56:48 +0000 (11:56 +0100)]
Remove some unused variables

The next_state variable is no longer needed in the new state machine.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAdd a state machine README
Matt Caswell [Fri, 11 Sep 2015 10:51:20 +0000 (11:51 +0100)]
Add a state machine README

Add some documentation on the thinking behind the state machine.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agomake update
Matt Caswell [Fri, 11 Sep 2015 10:28:24 +0000 (11:28 +0100)]
make update

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMore state machine reorg
Matt Caswell [Fri, 11 Sep 2015 10:23:20 +0000 (11:23 +0100)]
More state machine reorg

Move some function definitions around within the state machine to make sure
they are in the correct files. Also create a statem_locl.h header for stuff
entirely local to the state machine code and move various definitions into
it.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoReorganise state machine files
Matt Caswell [Fri, 11 Sep 2015 09:48:59 +0000 (10:48 +0100)]
Reorganise state machine files

Pull out the state machine into a separate sub directory. Also moved some
functions which were nothing to do with the state machine but were in state
machine files. Pulled all the SSL_METHOD definitions into one place...most
of those files had very little left in them any more.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove ssl_get_message from ssl_method_st
Matt Caswell [Thu, 10 Sep 2015 09:43:22 +0000 (10:43 +0100)]
Remove ssl_get_message from ssl_method_st

ssl_get_message is no longer used so it should be removed from
ssl_method_st

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMove PACKET creation into the state machine
Matt Caswell [Thu, 10 Sep 2015 09:22:30 +0000 (10:22 +0100)]
Move PACKET creation into the state machine

Previously each message specific process function would create its own
PACKET structure. Rather than duplicate all of this code lots of times we
should create it in the state machine itself.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove the SSL state variable
Matt Caswell [Thu, 10 Sep 2015 08:23:34 +0000 (09:23 +0100)]
Remove the SSL state variable

The SSL structure contained a "state" variable that kept track of the state
machine in the old code. The new state machine does not use this so it can
be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove the type variable
Matt Caswell [Thu, 10 Sep 2015 08:19:53 +0000 (09:19 +0100)]
Remove the type variable

The SSL structure contained a "type" variable that was set to either
SSL_ST_ACCEPT or SSL_ST_CONNECT depending on whether we are the server or
the client. This duplicates the capability of the "server" variable and was
actually rarely used.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoConvert DTLSv1_listen to use new state machine code
Matt Caswell [Thu, 22 Oct 2015 09:45:29 +0000 (10:45 +0100)]
Convert DTLSv1_listen to use new state machine code

The DTLSv1_listen code set the state value explicitly to move into init.
Change to use state_set_in_init() instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRedefine old state values
Matt Caswell [Thu, 10 Sep 2015 08:11:41 +0000 (09:11 +0100)]
Redefine old state values

ssl.h and ssl3.h have a number of defines for the various states in the old
state machine code. Since this is public API it is not desirable to just
remove them. Instead redefine them to the closest equivalent state in the
new state machine code. If an application calls SSL_state then the return
value can still be compared against these old values if necessary. However
not all values have an equivalent state in the new code, so these are just
redefined to a dummy value.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove redundant code
Matt Caswell [Tue, 8 Sep 2015 08:13:50 +0000 (09:13 +0100)]
Remove redundant code

Clean up and remove lots of code that is now no longer needed due to the
move to the new state machine.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMove server side DTLS to new state machine
Matt Caswell [Fri, 4 Sep 2015 12:51:49 +0000 (13:51 +0100)]
Move server side DTLS to new state machine

Implement all of the necessary changes to make DTLS on the server work
with the new state machine code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMove server side TLS to new state machine
Matt Caswell [Tue, 8 Sep 2015 08:19:22 +0000 (09:19 +0100)]
Move server side TLS to new state machine

Implement all of the necessary changes for moving TLS server side
processing into the new state machine code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoSplit TLS server functions
Matt Caswell [Tue, 8 Sep 2015 08:38:08 +0000 (09:38 +0100)]
Split TLS server functions

Split the TLS server ssl3_get_* and ssl3_send_* functions into two ready
for the migration to the new state machine code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoDelete unused functions
Matt Caswell [Wed, 12 Aug 2015 18:58:29 +0000 (19:58 +0100)]
Delete unused functions

Remove all the functions and dead code that is now no longer required as
a result of the DTLS client move into the new state machine code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoImplement DTLS client move to new state machine
Matt Caswell [Mon, 7 Sep 2015 21:00:36 +0000 (22:00 +0100)]
Implement DTLS client move to new state machine

Move all DTLS client side processing into the new state machine code. A
subsequent commit will clean up the old dead code.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>