summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Collapse)Author
2023-09-28Copyright year updatesMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-09-25Remove a spurious inclusion of the sparse array header fileMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22174)
2023-09-22Ensure we free all the BIOs in a chain for QUIC like we do in TLSMatt Caswell
An application may pass in a whole BIO chain via SSL_set_bio(). When we free the BIO we should be using BIO_free_all() not BIO_free() like we do with TLS. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22157)
2023-09-20QUIC APL: Wire SSL_get_[rw]poll_descriptor for TLS/DTLSHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21979)
2023-09-20QUIC: Wire SSL_net_(read|write)_desired for TLS/DTLSHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21979)
2023-09-18Enhance code safety and readability in SSL_get_shared_ciphers()Sumitra Sharma
This commit introduces two key improvements: 1. Improve code safety by replacing the conditional statement with `if (n >= size)` and using OPENSSL_strnlen() instead of strlen(). This change ensures proper buffer size handling and adheres to secure coding practices. 2. Enhance code readability by substituting `strcpy(p, c->name)` with `memcpy(p, c->name, n)`. This adjustment prioritizes code clarity and maintenance, even while mitigating a minimal buffer overflow risk. These enhancements bolster the code's robustness and comprehensibility, aligning with secure coding principles and best practices. Fixes #19837 Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21934)
2023-09-18Fix new typos found by codespellDimitri Papadopoulos
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22098)
2023-09-13QUIC CHANNEL: Add missing duplicate TPARAM handling casesHugo Landau
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22039)
2023-09-13Ensure QUIC-TLS errors raised during channel start are available to callerMatt Caswell
TLS misconfiguration errors should be shown to the application to enable diagnosis of the problem. Otherwise you just get a generical "internal error" message. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22066)
2023-09-13Fix typos found by codespellDimitri Papadopoulos
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22063)
2023-09-12Fix the SSL_CIPHER_find() function when used with a QCSOMatt Caswell
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22011)
2023-09-12Add a test for using a PSK with QUICMatt Caswell
Check that we can set and use a PSK when establishing a QUIC connection. Fixes openssl/project#83 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22011)
2023-09-11"foo * bar" should be "foo *bar"Dimitri Papadopoulos
Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11Remove repeated wordsDimitri Papadopoulos
Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-07Copyright year updatesMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-09-04Include #include "internal/numbers.h" in ssl/quic/quic_cfq.cRichard Levitte
It's needed for platforms that don't define UINT64_MAX and similar macros Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21951)
2023-09-02Replace ssl3_get_message() with tls_get_message_header() and/or ↵Sumitra Sharma
tls_get_message_body() Update commit messages that previously used ssl3_get_message() to now use tls_get_message_header() and tls_get_message_body() due to the split in OpenSSL 1.1.0. CLA: trivial Fixes #21582 Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21886)
2023-09-02Handle non IO based retry errors in QUICMatt Caswell
SSL_get_error() may respond with some retry errors that are not IO related. In particular SSL_ERROR_WANT_RETRY_VERIFY and SSL_ERROR_WANT_X509_LOOKUP. These can occur during a TLS handshake. If they occur when a QUIC Connection is performing a TLS handshake then we need to propagate these up to the QCSO. We also handle SSL_ERROR_WANT_CLIENT_HELLO_CB. This one will only ever occur on the server side which we don't currently support. However adding the handling for it now is identical to all the other handling so including it is no cost, and will be needed when we do add server support. We are not concerned with SSL_ERROR_WANT_ASYNC or SSL_ERROR_WANT_ASYNC_JOB since we do not support async operation with QUIC. Fixes openssl/project#199 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21922)
2023-09-01QUIC APL: Implement SSL_wantHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915)
2023-09-01QUIC APL: Revise I/O error setting so that the last error is set on successHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915)
2023-09-01QUIC APL: Adjust expect_quic_conn_onlyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915)
2023-09-01QUIC RXDP: Reuse allocations between ACK frame processingHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917)
2023-09-01QUIC WIRE: When peeking at number of ACK ranges, ensure enough data is availableHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917)
2023-09-01Minor fixesHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01Fix after rebaseHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01QUIC APL: Report that we do not support SSL_clear correctlyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01QUIC API: Revise SSL_get_conn_close_info to use a flags fieldHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01QUIC APL: Allow stream origin to be queriedHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01Minor fixesHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01Minor updatesHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01Minor fixesHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC APL: Introduce addressed v. non-addressed mode handlingHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC CHANNEL: Introduce concept of (non-)addressed modeHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC APL: Refactor blocking configuration to allow late blocking support ↵Hugo Landau
detection Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC CHANNEL: Cleanup poll descriptor managementHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC REACTOR: Move can-poll flags into reactorHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC APL: Autoconfigure BIOs as non-blockingHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01BIO_ssl: Make helper functions configure BIOs for QUIC correctlyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC APL: Better error reportingHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC CHANNEL: Only handle the first protocol error raisedHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01QUIC TLS: Better error message when ALPN not usedHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01Removed unnecessary brace in ktls_configure_cryptoAbhirup Manna
CLA: trivial Fixes #21498 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21908)
2023-08-30QUIC APL: Determine if an error is an I/O error dynamicallyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21829)
2023-08-30QUIC MULTISTREAM TEST: Test WAIT_PEERHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30QUIC APL: Support waiting for peer-initiated shutdownHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30QUIC APL: Implement backpressure on stream creationHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-29Removed unused struct ssl3_comp_stFrederik Wedel-Heinen
Fixes #21731 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21803)
2023-08-29Removed unused member read_iv of ossl_record_layer_stFrederik Wedel-Heinen
Fixes #21732 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21804)
2023-08-29QUIC RXDP: Handle PING correctlyHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21764)
2023-08-29QUIC QRX: Initialise all RXE fields properly for non-encrypted packetsHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21764)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-17 15:14:40 +0000