summaryrefslogtreecommitdiffstats
path: root/ssl
AgeCommit message (Collapse)Author
2023-06-16QUIC CHANNEL: Optimise key update using ACKsHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC: Add internal APIs for white-box testing of key updateHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC CHANNEL: Enforce the RX packet forgery limitHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC RXDP: Strictly enforce ACK PNs with regard to TX key epochsHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC CHANNEL: Ensure new packets aren't enforced with old keysHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC CHANNEL: Handle key updates correctlyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC TXP: Make TXP use time callback correctlyHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC APL: Correct implementation of time callback overrideHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC RX: Support reporting the key epoch a packet was received withHugo Landau
This is needed to support key update validation on the receive side. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC TXP: Allow callbacks on ACK transmissionHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC TXP: Allow next PN to be used to be queriedHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC RX: Refactor key update callback to provide PNHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC TXP: Remove TX key update handling from TXPHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC TXP: Refactor status output to use an extensible structureHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC ACKM: Allow largest acked PN to be queriedHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16QUIC WIRE: Utility function to determine if PN is in an ACK frameHugo Landau
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-15Fix typos found by codespellDimitri Papadopoulos
Typos in doc/man* will be fixed in a different commit. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20910)
2023-06-14Only take note of the ack deadline if we can actually issue an ackMatt Caswell
When determining the next tick deadline we cannot actually issue an ack if the CC will not let us, or the enc_level is not yet provisioned. This avoids a bug where we can end up in a busy loop because the next event deadline is reported as "now" because we want to send an ack, but we can't actually send anything yet. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21181)
2023-06-06Add SSL_get0_group_name() to get name of the group used for KEXAlex Bozarth
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20866)
2023-06-02[feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes ↵Jairus Christensen
it available Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20248)
2023-06-01QUIC: CID conformancePauli
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21078)
2023-05-30ssl/statem_srvr.c: clean up handling of EVP_PKEY_decrypt() outlenDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17354)
2023-05-29SSL_handle_events(): Minor fixes to documentationHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-29QUIC APL: Allow DTLSv1 APIs to be used for compatibilityHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-29QUIC APL: Change SSL_get_event_timeout API designHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-29QUIC: Rename SSL_tick, SSL_get_tick_timeoutHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-24Create internal/ssl.hMatt Caswell
We create the internal/ssl.h header file and move the typedef for ossl_msg_cb. This is needed by both the QUIC code (which generally doesn't include ssl_local.h) and the rest of libssl. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Rename msg_callback_s to msg_callback_ssl for greater clarityMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Use the %llu format specifier for uint64_tMatt Caswell
We change to use %llu when printing uint64_t types for consistency with what we've done elsewhere. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Create setter functions for the msg_callback and msg_callback_argMatt Caswell
We create setter functions for the msg_callback and msg_callback_arg so that these values can be properly propagated to the QRX/QTX/TXP even after the channel has been created. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Fix an SSL_trace bugMatt Caswell
Ensure that SSL_trace can print certificate data even with a non-default libctx. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Add more trace details for the remaining frame typesMatt Caswell
Prior to this commit we were just printing the fact that we had received or sent a frame of a particular type. We now provide more details about those frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Properly handling stream/crypto frames while tracingMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Enable tracing of datagrams we have sentMatt Caswell
Extend the tracing capability to also trace when we have a datagram to the peer. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Enable tracing of packets that have been sentMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Extend tracing of frames to transmitted framesMatt Caswell
Previously we were only doing tracing of frames received from the peer. Now we do that for transmitted frames as well. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Support trace for QUIC FramesMatt Caswell
Extend the existing QUIC tracing capability for frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Support trace for QUIC PacketsMatt Caswell
We enable SSL_trace support for when we receive QUIC Packets. This is called after header protection is removed, but before the packet is decrypted. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Support trace for QUIC datagramsMatt Caswell
Extend SSL_trace so that it knows how to dump information about the receipt of a QUIC datagram. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24Add initial QUIC support for the msg_callbackMatt Caswell
At this stage we just support msg_callback on receipt of a datagram. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24QUIC APL: Unlock mutex before freeing (clang tsan error)Hugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC: Fix bugs where threading is disabledHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC APL: Make SSL_get_error per-stream, error raising refactorHugo Landau
This refactors the error raising code in the APL to automatically raise errors in the correct SSL object, either a QCSO or QSSO depending on the circumstances. The QCTX structure's responsibilities are expanded to facilitate this. This further drives towards a unified mechanism for generic dispatch precondition checking and error raising. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC RXDP: Ensure all stream-related frames autocreate a streamHugo Landau
RFC requirement. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC FC: Correct operation of stream count modeHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC QSM: Correct the logic for determining stream count limitsHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC QSM: Allow QSM to know if we are in the server roleHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24QUIC TSERVER: Allow detection of new incoming streamsHugo Landau
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-17Add test for handling NEW_CONNECTION_ID frameTomas Mraz
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20892)
2023-05-17quic_tserver: Add possibility to change the connection idTomas Mraz
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20892)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-18 23:21:38 +0000