openssl

mirror of https://github.com/openssl/openssl.git synced 2025-02-05 14:10:53 +08:00

Author	SHA1	Message	Date
Hugo Landau	29fbdfafaf	QUIC CHANNEL, LCIDM: Factor duplicate CID generation function Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	4760116f5a	QUIC CHANNEL: Finish cleanup of LCIDM integration Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	5f86ae32c2	QUIC CHANNEL: Finish moving SRT handling to SRTM Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	da15093a31	QUIC DEMUX: Remove legacy routing code Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	ef95d8ddca	QUIC QRX: Remove legacy DEMUX-QRX routing code Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	52dfe6f1c1	QUIC CHANNEL: Phase out use of QRX-DEMUX routing in favour of PORT-LCIDM routing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:12:00 +00:00
Hugo Landau	cce6fccd4e	QUIC CHANNEL: Keep a reference to our LCIDM Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	0df897321d	QUIC PORT: Enable injection of incoming URXEs into a channel via default handler rather than DEMUX routing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	d743afe7e8	QUIC DEMUX: Allow parsed DCID to be learnt in default packet handler Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	bbae4bb325	QUIC PORT: Create a LCIDM Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	6107619899	QUIC PORT: Partially move stateless reset handling to port Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	a4be37b8ce	QUIC PORT: Add SRTM wiring Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	073e5bc781	QUIC CHANNEL: Remove legacy calls for functionality moved to QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	632b0c7e8c	QUIC PORT, CHANNEL: Move ticking code into QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	4ed6b48d9d	QUIC PORT, CHANNEL: Move DEMUX and default packet handling out of CHANNEL Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	2d80e45901	QUIC PORT: Make QUIC_PORT responsible for creation of all channels Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	2954287041	QUIC PORT: Record a SSL_CTX for use when creating handshake layer objects Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	ce503f5c85	QUIC PORT: Keep a list of all child channels Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	f98bc5c95b	QUIC CHANNEL, PORT: Abstract time retrieval Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	34fa182e1d	QUIC CHANNEL, TSERVER: Move to using libctx/propq/mutex/now_cb via QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	496f0beb99	QUIC CHANNEL: Make a QUIC_PORT mandatory Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	167e5f34c8	QUIC TSERVER: Provide a TSERVER's QUIC_CHANNEL with a currently unused QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	f767101225	QUIC APL: Provide the QUIC_CHANNEL with a currently unused QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	12ab8afceb	QUIC CHANNEL: Keep a reference to a QUIC_PORT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	154131da11	QUIC PORT: Add basic unwired QUIC_PORT object Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
Hugo Landau	e801455446	QUIC CHANNEL: Consolidate forward object declarations in a single header Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)	2023-12-21 08:11:59 +00:00
lan1120	e8e95f20a9	Make SSL_clear_options pass new options to record layer Signed-off-by: lan1120 <lanming@huawei.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23045)	2023-12-20 13:38:45 +00:00
Tomas Mraz	430dcbd046	Consolidate raising errors in SSL_CONF_cmd() Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23048)	2023-12-19 12:03:02 +01:00
Tomas Mraz	69c067ffbc	Always apply all configuration settings from the ssl section Even if some configuration entry is incorrect, do not skip the remaining ones. Fixes #20789 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23048)	2023-12-19 12:03:02 +01:00
Matt Caswell	e07b5e1a0a	Ensure the default length calculation includes the content type byte TLSv1.3 includes an extra byte after the payload for the content type. We should incorporate that in the calculation of the default buffer length. Fixes #23015 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23021)	2023-12-19 10:47:29 +00:00
Frederik Wedel-Heinen	78ef740999	Remove redundant logic for DTLS server version selection Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22989)	2023-12-18 09:56:34 +00:00
Frederik Wedel-Heinen	f4ad7c2f73	Handle tls and dtls server version selection similarly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22989)	2023-12-18 09:56:34 +00:00
Hugo Landau	708b4fb708	QUIC LCIDM: Fix usage of LHASH Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22981)	2023-12-13 15:26:59 +00:00
Matt Caswell	e46a6b1a5d	Remove some redundant code We remove a function that was left behind and is no longer called after the record layer refactor Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22864)	2023-12-12 16:06:54 +00:00
Matt Caswell	afcc12c41a	Don't attempt to set provider params on an ENGINE based cipher If an ENGINE has been loaded after the SSL_CTX has been created then the cipher we have cached might be provider based, but the cipher we actually end up using might not be. Don't try to set provider params on a cipher that is actually ENGINE based. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22864)	2023-12-12 16:06:54 +00:00
Hugo Landau	4c62c56648	QUIC LCIDM: Minor updates in response to feedback Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	2773749772	QUIC LCIDM: Make robust against LHASH failures Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	e6cf72c525	QUIC LCIDM: Always use lcid_obj to refer to QUIC_LCID Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	935aa14344	QUIC LCIDM: Minor fixes Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	1f2958536e	QUIC LCIDM: Add debug calls Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	a35956b2f7	QUIC LCIDM: Enforce and document ODCID peculiarities Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	3d7f83ebdc	QUIC LCIDM: Add fuzzer Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Hugo Landau	8489a0a1f2	QUIC LCIDM: Add LCIDM Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)	2023-12-06 10:40:11 +00:00
Markus Minichmayr	f290663148	Fix implementation of `PreferNoDHEKEX` option. `tls_parse_ctos_key_share()` didn't properly handle the option. Avoid the need to deal with the option in multiple places by properly handling it in `tls_parse_ctos_psk_kex_modes()`. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22844)	2023-11-30 18:40:44 +01:00
Viktor Dukhovni	f636e7e6bd	Fix freshly introduced double-free. We don't need the decoded X.509 Full(0) certificate for the EE usages 1 and 3, because the leaf certificate is always part of the presented chain, so the certificate is only validated as well-formed, and then discarded, but the TLSA record is of course still used after the validation step. Added DANE test cases for: 3 0 0, 3 1 0, 1 0 0, and 1 1 0 Reported by Claus Assmann. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22821)	2023-11-29 10:31:42 +01:00
Bernd Edlinger	a435d78604	Fix a possible memory leak in ct_move_scts Instead of trying to move the doomed sct back to the src stack, which may fail as well, simply free the sct object, as the src list will be deleted anyway. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22762)	2023-11-28 19:42:32 +01:00
Hugo Landau	eadebcc863	QUIC TSERVER: Fix erroneously static variable Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)	2023-11-27 07:57:32 +00:00
Hugo Landau	c30aee71f9	Make scsv read-only Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)	2023-11-27 07:55:55 +00:00
Hugo Landau	3392a5690b	Make nid_to_group read-only Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)	2023-11-27 07:52:54 +00:00
Hugo Landau	a87b6d1377	Make bitmask table read only Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)	2023-11-27 07:52:24 +00:00

1 2 3 4 5 ...

5238 Commits