[openssl/openssl] e38112: Adds initial dtls 1.3 structs and definitions
fwh-dc
noreply at github.com
Tue Apr 23 11:08:51 UTC 2024
Branch: refs/heads/feature/dtls-1.3
Home: https://github.com/openssl/openssl
Commit: e38112066fa67e85efb387ea9fe2fbc2867af73d
https://github.com/openssl/openssl/commit/e38112066fa67e85efb387ea9fe2fbc2867af73d
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M include/openssl/prov_ssl.h
M include/openssl/ssl.h.in
M ssl/d1_lib.c
M ssl/methods.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/tls13_meth.c
M ssl/ssl_local.h
Log Message:
-----------
Adds initial dtls 1.3 structs and definitions
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22259)
Commit: 03148562b401cf5a9706e79837cb04a3cf4d7cf6
https://github.com/openssl/openssl/commit/03148562b401cf5a9706e79837cb04a3cf4d7cf6
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/methods.c
Log Message:
-----------
Remove compile guards for dtls1.3 method implementations
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22259)
Commit: b0aa6081e20fda6dae415f7719739e80aad0d849
https://github.com/openssl/openssl/commit/b0aa6081e20fda6dae415f7719739e80aad0d849
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M apps/include/opt.h
M apps/lib/s_cb.c
M apps/s_client.c
M apps/s_server.c
Log Message:
-----------
Integrate dtls1.3 in s_client and s_server
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: 580612f38d600b2796a3c55e5ffe5b0c5e4a2b54
https://github.com/openssl/openssl/commit/580612f38d600b2796a3c55e5ffe5b0c5e4a2b54
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M doc/man1/openssl-s_client.pod.in
M doc/man1/openssl-s_server.pod.in
M doc/man1/openssl.pod
M doc/perlvars.pm
Log Message:
-----------
Adds DTLS 1.3 functionality to s_client and s_server documentation.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: a37a32b1508a93054d9eff6ee512939c0b46df1c
https://github.com/openssl/openssl/commit/a37a32b1508a93054d9eff6ee512939c0b46df1c
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M apps/s_client.c
Log Message:
-----------
Print session ticket for dtls 1.3 as well.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: 9fc5ec8e6be1179161177fda96352283057b24a0
https://github.com/openssl/openssl/commit/9fc5ec8e6be1179161177fda96352283057b24a0
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
Log Message:
-----------
Support TLS1.3 extensions with DTLS1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22261)
Commit: 0445518928c901887dabcbf3c455687307e48215
https://github.com/openssl/openssl/commit/0445518928c901887dabcbf3c455687307e48215
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/tls13_enc.c
Log Message:
-----------
Use dtls1.3 cryptographic label prefix as dictated by RFC 9147 section 5.9
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22416)
Commit: 65e93084a67c9130fb83af924e8da9ad95754f3f
https://github.com/openssl/openssl/commit/65e93084a67c9130fb83af924e8da9ad95754f3f
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/tls13_enc.c
Log Message:
-----------
Determine which label prefix to use based on if the connection is dtls
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22416)
Commit: f03867e41cc5b6a6d38b1741d8821fcce8fc546e
https://github.com/openssl/openssl/commit/f03867e41cc5b6a6d38b1741d8821fcce8fc546e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_conf.c
M ssl/t1_trce.c
M test/helpers/ssl_test_ctx.c
M test/ssl_old_test.c
Log Message:
-----------
Adds DTLS1.3 to ssl protocol to text structs
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: 7b941560d76b45b67fe72ac3e548f863e4e63d44
https://github.com/openssl/openssl/commit/7b941560d76b45b67fe72ac3e548f863e4e63d44
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_lib.c
Log Message:
-----------
Add dtls1.3 to ssl_protocol_to_string()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: d58372517cfe99ff70d735a7a086a94b3d8cc927
https://github.com/openssl/openssl/commit/d58372517cfe99ff70d735a7a086a94b3d8cc927
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_conf.c
Log Message:
-----------
Fix protocol list for cmd_Protocol()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: e758f33cb038e01a896faf38e278bda021b5e644
https://github.com/openssl/openssl/commit/e758f33cb038e01a896faf38e278bda021b5e644
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/statem.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Update tls state machine logic to support dtls1.3 alongside tls1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Updated the logic in ssl_cipher_list_to_bytes to take account of the changes
from PR#24161
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24226)
Commit: 2496f91d4ee71220a4e5f87075c17c23d92890a7
https://github.com/openssl/openssl/commit/2496f91d4ee71220a4e5f87075c17c23d92890a7
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/statem_clnt.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Fix sending session ids in DTLS-1.3
DTLS 1.3 session id must not be sent by client unless
it has a cached id. And DTLS 1.3 servers must not echo
a session id from a client.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: 1bd689ab650137ca3d48e8fc590c7e8c3531ab68
https://github.com/openssl/openssl/commit/1bd689ab650137ca3d48e8fc590c7e8c3531ab68
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_local.h
M ssl/statem/statem.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Do DTLS13 and TLS13 connection version check in one macro
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: e0490029c1db05a1772a05664aef3458d590df3f
https://github.com/openssl/openssl/commit/e0490029c1db05a1772a05664aef3458d590df3f
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/statem_srvr.c
Log Message:
-----------
Fix wrong dtls 1 and 1.2 version check
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: 2ccbedf08152aa12cb2edf87942d4cc0d40aa022
https://github.com/openssl/openssl/commit/2ccbedf08152aa12cb2edf87942d4cc0d40aa022
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M providers/common/capabilities.c
M ssl/s3_lib.c
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
M ssl/t1_lib.c
Log Message:
-----------
Support TLS 1.3 kexs and groups with DTLS 1.3
SSL_CONNECTION_IS_VERSION13 macro is used where appropriate.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22364)
Commit: c1440548fd6a42261d8d2eddcaa0610195b1a0d8
https://github.com/openssl/openssl/commit/c1440548fd6a42261d8d2eddcaa0610195b1a0d8
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M util/perl/TLSProxy/Record.pm
M util/perl/TLSProxy/ServerHello.pm
Log Message:
-----------
Adds dtls 1.3 support in TLS::Proxy
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23375)
Commit: a49ffb7c4c68478ae88e30cd2e6b2d5d11bf89cc
https://github.com/openssl/openssl/commit/a49ffb7c4c68478ae88e30cd2e6b2d5d11bf89cc
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M apps/include/s_apps.h
Log Message:
-----------
Don't allow renegotiation for DTLS 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22362)
Commit: 8f184672419a7d3555acc24e8bd18db33e9c7c25
https://github.com/openssl/openssl/commit/8f184672419a7d3555acc24e8bd18db33e9c7c25
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/record/rec_layer_d1.c
Log Message:
-----------
Make dtls1.3 changes to dtls1_read_bytes and do_dtls1_write which matches ssl3_read_bytes and ssl3_write_bytes
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: 0aae70fc384cce08b7760c7fb560b9d733d86595
https://github.com/openssl/openssl/commit/0aae70fc384cce08b7760c7fb560b9d733d86595
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/record/methods/dtls_meth.c
Log Message:
-----------
Adds some more changes dtls specific functions to make them more in sync with their tls counterparts.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: c88ec0c693be00c21b7c4ca962adf9dec4107590
https://github.com/openssl/openssl/commit/c88ec0c693be00c21b7c4ca962adf9dec4107590
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
Make similar changes to dtls1_do_write() for dtls1.3 as in ssl3_do_write() for tls1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: cd8226fbbf0197a432a55c45e80bbaedd99ff795
https://github.com/openssl/openssl/commit/cd8226fbbf0197a432a55c45e80bbaedd99ff795
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/record/rec_layer_d1.c
Log Message:
-----------
Handle alerts similarly in dtls1_read_bytes() as done in ssl3_read_bytes()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: d9b01b9a669e1fc246a183fa39d3ff6feb834a0d
https://github.com/openssl/openssl/commit/d9b01b9a669e1fc246a183fa39d3ff6feb834a0d
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/t1_lib.c
Log Message:
-----------
Support TLS1.3 sigalg logic in DTLS1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22380)
Commit: 00ff4b9a7e1005adb5925a38eaa569587f39fd29
https://github.com/openssl/openssl/commit/00ff4b9a7e1005adb5925a38eaa569587f39fd29
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
Removes an mtu assertion that fails
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22401)
Commit: 988952dd3feeeef9815a305310af2efb101460c4
https://github.com/openssl/openssl/commit/988952dd3feeeef9815a305310af2efb101460c4
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_sess.c
M ssl/t1_lib.c
M ssl/t1_trce.c
Log Message:
-----------
Update session id and ticket logic for dtls13
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22936)
Commit: 553fcfbff65f782d55b463852d052fc9e2208491
https://github.com/openssl/openssl/commit/553fcfbff65f782d55b463852d052fc9e2208491
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M ssl/ssl_txt.c
Log Message:
-----------
Fix session print for dtls1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22936)
Compare: https://github.com/openssl/openssl/compare/fbea037a2a8e...553fcfbff65f
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list