![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libtls
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.51 / (download) - annotate - [select for diffs], Tue Mar 26 08:54:48 2024 UTC (2 months, 2 weeks ago) by joshua
Branch: MAIN
CVS Tags: HEAD
Changes since 1.50: +4 -3 lines
Diff to previous 1.50 (colored)
Add TLS_ERROR_INVALID_CONTEXT error code to libtls ok jsing@ beck@
Revision 1.50 / (download) - annotate - [select for diffs], Tue Mar 26 06:24:52 2024 UTC (2 months, 2 weeks ago) by joshua
Branch: MAIN
Changes since 1.49: +34 -20 lines
Diff to previous 1.49 (colored)
Add error code support to libtls This adds tls_config_error_code() and tls_error_code(), which will become public API at a later date. Additional error codes will be added in follow-up commits. ok jsing@ beck@
Revision 1.49 / (download) - annotate - [select for diffs], Sun May 14 07:26:25 2023 UTC (12 months, 4 weeks ago) by op
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.48: +3 -1 lines
Diff to previous 1.48 (colored)
add missing #include <string.h>; ok tb@
Revision 1.48 / (download) - annotate - [select for diffs], Wed Jan 19 11:10:55 2022 UTC (2 years, 4 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.47: +21 -9 lines
Diff to previous 1.47 (colored)
Check function return value in libtls EVP_EncryptInit_ex, EVP_DecryptInit_ex and HMAC_Init_ex are possible to fail and return error. Error from these functions will be fatal for the callback, and I choose to return -1. SSL_CTX_set_tlsext_ticket_key_cb.3 explains the return value of callback. This also could fix Coverity CID 345319. ok jsing@ tb@
Revision 1.47 / (download) - annotate - [select for diffs], Mon Jun 14 03:53:59 2021 UTC (2 years, 11 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
Use SSL_AD_INTERNAL_ERROR One instance of TLS1_AD_* was missed and broke the tree in the recent switch to using only one version of alert defines internally.
Revision 1.46 / (download) - annotate - [select for diffs], Tue Jun 1 19:49:17 2021 UTC (3 years ago) by tb
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
Remove unnecessary cast in free. ok jsing
Revision 1.45 / (download) - annotate - [select for diffs], Mon May 13 22:36:01 2019 UTC (5 years ago) by bcook
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.44: +3 -1 lines
Diff to previous 1.44 (colored)
Acquire mutex before incrementing the refcount. Fixes COV-186144 ok tb@
Revision 1.44 / (download) - annotate - [select for diffs], Mon Mar 19 16:34:47 2018 UTC (6 years, 2 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.43: +4 -1 lines
Diff to previous 1.43 (colored)
Automatically handle library initialisation for libtls. Now that we have tls_init() under pthread_once(), automatically initialise libtls from the entry point functions (tls_config(), tls_client() and tls_server()) - this makes an explicit tls_init() call no longer a requirement. ok bcook@ beck@ inoguchi@
Revision 1.43 / (download) - annotate - [select for diffs], Thu Feb 8 05:56:49 2018 UTC (6 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.42: +1 -38 lines
Diff to previous 1.42 (colored)
Split keypair handling out into its own file - it had already appeared in multiple locations. ok beck@
Revision 1.42 / (download) - annotate - [select for diffs], Wed Sep 20 17:05:17 2017 UTC (6 years, 8 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.41: +5 -1 lines
Diff to previous 1.41 (colored)
Keep track of which keypair is in use by a TLS context. This fixes a bug where by a TLS server with SNI would always only return the OCSP staple for the default keypair, rather than returning the OCSP staple associated with the keypair that was selected via SNI. Issue reported by William Graeber and confirmed by Andreas Bartelt. Fix tested by William Graeber and Andreas Bartelt - thanks!
Revision 1.41 / (download) - annotate - [select for diffs], Thu Aug 10 18:18:30 2017 UTC (6 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.40: +5 -11 lines
Diff to previous 1.40 (colored)
Add a tls_config_set_ecdhecurves() function to libtls, which allows the names of the elliptic curves that may be used during client and server key exchange to be specified. This deprecates tls_config_set_ecdhecurve(), which could only be used to specify a single supported curve. ok beck@
Revision 1.40 / (download) - annotate - [select for diffs], Wed Jul 5 15:38:35 2017 UTC (6 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.39: +9 -3 lines
Diff to previous 1.39 (colored)
RFC 6066 states that IP literals are not permitted in "HostName" for a TLS Server Name extension, however seemingly several clients (including Python, Ruby and Safari) violate the RFC. Given that this is a fairly widespread issue, if we receive a TLS Server Name extension that contains an IP literal, pretend that we did not receive the extension rather than causing a handshake failure. Issue raised by jsg@ ok jsg@
Revision 1.39 / (download) - annotate - [select for diffs], Thu Jun 22 18:03:57 2017 UTC (6 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.38: +3 -2 lines
Diff to previous 1.38 (colored)
Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that we can prevent libcrypto from going behind our back and trying to read passwords from standard input (which we may not be permitted to do). Found by jsg@ with httpd and password protected keys.
Revision 1.38 / (download) - annotate - [select for diffs], Thu Jun 22 17:34:25 2017 UTC (6 years, 11 months ago) by jsing
Branch: MAIN
Changes since 1.37: +4 -5 lines
Diff to previous 1.37 (colored)
Use the standard `rv' idiom in tls_keypair_load_cert(), rather than duplicating clean up code.
Revision 1.37 / (download) - annotate - [select for diffs], Sat May 6 20:59:28 2017 UTC (7 years, 1 month ago) by jsing
Branch: MAIN
Changes since 1.36: +3 -1 lines
Diff to previous 1.36 (colored)
Perform reference counting for tls_config. This allows tls_config_free() to be called as soon as it has been passed to the final tls_configure() call, simplifying lifetime tracking for the application. Requested some time ago by tedu@. ok beck@
Revision 1.36 / (download) - annotate - [select for diffs], Mon Apr 10 17:11:13 2017 UTC (7 years, 2 months ago) by jsing
Branch: MAIN
Changes since 1.35: +8 -3 lines
Diff to previous 1.35 (colored)
Rework name verification code so that a match is indicated via an argument, rather than return codes. More strictly follow RFC 6125, in particular only check the CN if there are no SAN identifiers present in the certificate (per section 6.4.4). Previous behaviour questioned by Daniel Stenberg <daniel at haxx dot se>. ok beck@ jca@
Revision 1.35 / (download) - annotate - [select for diffs], Tue Jan 31 15:57:43 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.34: +3 -1 lines
Diff to previous 1.34 (colored)
Disable client-initiated renegotiation for libtls servers. ok beck@ reyk@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Jan 26 12:56:37 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.33: +3 -1 lines
Diff to previous 1.33 (colored)
Use a flag to track when we need to call SSL_shutdown(). This avoids an issue where by calling tls_close() on a TLS context that has not attempted a handshake, results in an unexpected failure. Reported by Vinay Sajip. ok beck@
Revision 1.33 / (download) - annotate - [select for diffs], Tue Jan 24 01:48:05 2017 UTC (7 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.32: +86 -10 lines
Diff to previous 1.32 (colored)
Introduce ticket support. To enable them it is enough to set a positive lifetime with tls_config_set_session_lifetime(). This enables tickets and uses an internal automatic rekeying mode for the ticket keys. If multiple processes are involved the following functions can be used to make tickets work accross all instances: - tls_config_set_session_id() sets the session identifier - tls_config_add_ticket_key() adds an encryption and authentication key For now only the last 4 keys added will be used (unless they are too old). If tls_config_add_ticket_key() is used the caller must ensure to add new keys regularly. It is best to do this 4 times per session lifetime (which is also the ticket key lifetime). Since tickets break PFS it is best to minimize the session lifetime according to needs. With a lot of help, input and OK beck@, jsing@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Jan 12 16:15:58 2017 UTC (7 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.31: +2 -4 lines
Diff to previous 1.31 (colored)
If tls_set_cbs() fails an error will already be specified, so do not replace it with a less specific one.
Revision 1.31 / (download) - annotate - [select for diffs], Sun Nov 6 16:55:16 2016 UTC (7 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
Set the callback on the correct ssl_ctx for the SNI case, instead of the master only. ok jsing@
Revision 1.30 / (download) - annotate - [select for diffs], Sat Nov 5 15:13:26 2016 UTC (7 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.29: +7 -1 lines
Diff to previous 1.29 (colored)
Add support for server side OCSP stapling to libtls. Add support for server side OCSP stapling to netcat.
Revision 1.29 / (download) - annotate - [select for diffs], Fri Nov 4 19:01:29 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.28: +3 -3 lines
Diff to previous 1.28 (colored)
Avoid shadowing the socket global. ok miod@
Revision 1.28 / (download) - annotate - [select for diffs], Wed Sep 14 11:34:37 2016 UTC (7 years, 8 months ago) by bcook
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
Set callbacks on the right tls ctx on accept. From Tobias Pape
Revision 1.27 / (download) - annotate - [select for diffs], Sun Sep 4 13:20:56 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.26: +4 -4 lines
Diff to previous 1.26 (colored)
Maintain consistency with function naming.
Revision 1.26 / (download) - annotate - [select for diffs], Sun Sep 4 12:26:43 2016 UTC (7 years, 9 months ago) by bcook
Branch: MAIN
Changes since 1.25: +50 -10 lines
Diff to previous 1.25 (colored)
Add callback-based interface to libtls. This allows working with buffers and callback functions instead of directly on sockets or file descriptors. Original patch from Tobias Pape <tobias_at_netshed.de>. ok beck@
Revision 1.25 / (download) - annotate - [select for diffs], Mon Aug 22 14:51:37 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.24: +133 -1 lines
Diff to previous 1.24 (colored)
Create contexts for server side SNI - these include the additional SSL_CTX that is required for certificate switching with libssl and the certificate itself so that we can match against the subject and SANs. Hook up the servername callback and switch to the appropriate SSL_CTX if we find a matching certificate. ok beck@
Revision 1.24 / (download) - annotate - [select for diffs], Thu Aug 18 15:52:03 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.23: +37 -19 lines
Diff to previous 1.23 (colored)
Split out the TLS server SSL_CTX allocation and configuration code, so that it can be reused to allocate the additional SSL_CTXs needed for SNI. ok reyk@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Aug 15 14:04:23 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.22: +5 -4 lines
Diff to previous 1.22 (colored)
Explicitly pass in an SSL_CTX * to the functions that operate on one, instead of assuming that they should use the one associated with the TLS context. This allows these functions to be used with the additional SSL contexts that are needed to support server-side SNI. Also rename tls_configure_keypair() to tls_configure_ssl_keypair(), so that these functions have a common prefix. ok reyk@
Revision 1.22 / (download) - annotate - [select for diffs], Fri Aug 12 15:10:59 2016 UTC (7 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.21: +19 -1 lines
Diff to previous 1.21 (colored)
Add ALPN support to libtls. ok beck@ doug@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Aug 2 07:47:11 2016 UTC (7 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.20: +1 -19 lines
Diff to previous 1.20 (colored)
Revert previous since it adds new symbols. Requested by deraadt@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Aug 1 17:32:19 2016 UTC (7 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.19: +19 -1 lines
Diff to previous 1.19 (colored)
Add ALPN support to libtls. ok beck@ doug@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Apr 28 17:05:59 2016 UTC (8 years, 1 month ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Factor our the keypair handling in libtls. This results in more readable and self-contained code, while preparing for the ability to handle multiple keypairs. Also provide two additional functions that allow a public certificate and private key to be set with a single function call. ok beck@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Sep 29 10:17:04 2015 UTC (8 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
clean some ugly intendation warts
Revision 1.17 / (download) - annotate - [select for diffs], Sat Sep 12 19:54:31 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.16: +3 -1 lines
Diff to previous 1.16 (colored)
Ensure that we clear the libssl error stack before we make a function call that we will pass the result through tls_ssl_error() on failure. Otherwise we can end up reporting spurious errors due to their being unrelated errors already on the error stack. Spotted by Marko Kreen. ok beck@
Revision 1.16 / (download) - annotate - [select for diffs], Fri Sep 11 08:31:26 2015 UTC (8 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)
actually set return value to 0 on success. ok jsing@ who wears the cone of shame.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Sep 10 10:14:20 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.14: +46 -30 lines
Diff to previous 1.14 (colored)
Split tls_handshake() out from tls_accept/tls_connect. By doing this the tls_accept/tls_connect functions can be guaranteed to succeed or fail and will no longer return TLS_READ_AGAIN/TLS_WRITE_AGAIN. This also resolves the semantics of tls_accept_*. The tls_handshake() function now does I/O and can return TLS_READ_AGAIN/TLS_WRITE_AGAIN. Calls to tls_read() and tls_write() will trigger the handshake if it has not already completed, meaning that in many cases existing code will continue to work. Discussed over many coffees at l2k15. ok beck@ bluhm@
Revision 1.14 / (download) - annotate - [select for diffs], Thu Sep 10 09:10:42 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.13: +5 -1 lines
Diff to previous 1.13 (colored)
Add support for preferring the server's cipher list or the client's cipher list. Prefer the server's cipher list by default. Based on a diff from Kyle Thompson <jmp at giga dot moe>. ok beck@ bcook@
Revision 1.13 / (download) - annotate - [select for diffs], Wed Sep 9 19:49:07 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
Indent labels with a space so that diff -p is more friendly. Requested by bluhm@
Revision 1.12 / (download) - annotate - [select for diffs], Wed Sep 9 19:23:04 2015 UTC (8 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.11: +9 -2 lines
Diff to previous 1.11 (colored)
Add client certificate support. Still needs a few tweaks but this will ride upcoming minor bump ok jsing@
Revision 1.11 / (download) - annotate - [select for diffs], Wed Sep 9 14:32:06 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.10: +2 -8 lines
Diff to previous 1.10 (colored)
Only take ownership of a socket if we allocated it within libtls. If we are passed a socket then the caller is responsible for closing it. ok bcook@
Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 27 15:26:50 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.9: +9 -9 lines
Diff to previous 1.9 (colored)
Improve libtls error messages. The tls_set_error() function previously stored the errno but did nothing with it. Change tls_set_error() to append the strerror(3) of the stored errno so that we include useful information regarding failures. Provide a tls_set_errorx() function that does not store the errno or include strerror(3) in the error message. Call this function instead of tls_set_error() for errors where the errno value has no useful meaning. With feedback from and ok doug@
Revision 1.9 / (download) - annotate - [select for diffs], Sat Aug 22 14:52:39 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)
Unify error message between client and server.
Revision 1.8 / (download) - annotate - [select for diffs], Sat Aug 22 14:51:34 2015 UTC (8 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.7: +5 -3 lines
Diff to previous 1.7 (colored)
SSL_set_app_data is a macro for SSL_set_ex_data(), which is a wrapper around CRYPTO_set_ex_data(), which can fail. Since this is the case, check the return value of CRYPTO_set_ex_data^WSSL_set_ex_data^WSSL_set_app_data.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Mar 31 14:03:38 2015 UTC (9 years, 2 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.6: +16 -5 lines
Diff to previous 1.6 (colored)
Provide a tls_accept_fds() function, which allows a TLS connection to be accepted via an existing pair of file descriptors. Based on a diff from Jan Klemkow.
Revision 1.6 / (download) - annotate - [select for diffs], Tue Mar 31 12:21:27 2015 UTC (9 years, 2 months ago) by jsing
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Store errors that occur during a tls_accept_socket() call on the context for the server, rather than on the context for the connection. This makes more sense than the current behaviour does. Issue reported by Tim van der Molen.
Revision 1.5 / (download) - annotate - [select for diffs], Sat Feb 7 09:50:09 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.4: +6 -11 lines
Diff to previous 1.4 (colored)
Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL error dance handling code. This means that we get slightly useful messages when a TLS connection or accept fails. Requested by reyk@
Revision 1.4 / (download) - annotate - [select for diffs], Sat Feb 7 06:19:26 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.3: +10 -5 lines
Diff to previous 1.3 (colored)
Add tls_config_set_dheparams() to allow specification of the parameters to use for DHE. This enables the use of DHE cipher suites. Rename tls_config_set_ecdhcurve() to tls_config_set_ecdhecurve() since it is only used to specify the curve for ephemeral ECDH. Discussed with reyk@
Revision 1.3 / (download) - annotate - [select for diffs], Fri Jan 30 14:25:37 2015 UTC (9 years, 4 months ago) by bluhm
Branch: MAIN
Changes since 1.2: +2 -3 lines
Diff to previous 1.2 (colored)
Make the TLS connect and accept error messages consistent. OK jsing@
Revision 1.2 / (download) - annotate - [select for diffs], Fri Jan 16 14:34:51 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.1: +13 -1 lines
Diff to previous 1.1 (colored)
The SSL/TLS session Id context is limited to 32 bytes. Instead of using the name of relayd relay or smtpd pki, use a 32 byte arc4random buffer that should be unique for the context. This fixes an issue in OpenSMTPD when a long pki name could break the configuration. OK gilles@ benno@
Revision 1.1 / (download) - annotate - [select for diffs], Fri Oct 31 13:46:17 2014 UTC (9 years, 7 months ago) by jsing
Branch: MAIN
Rename libressl to libtls to avoid confusion and to make it easier to distinguish between LibreSSL (the project) and libressl (the library). Discussed with many.