[openssl/openssl] e1e6b7: Adds initial dtls 1.3 structs and definitions
fwh-dc
noreply at github.com
Thu Jun 27 14:12:58 UTC 2024
Branch: refs/heads/feature/dtls-1.3
Home: https://github.com/openssl/openssl
Commit: e1e6b7cefae3cd455cc42b897b58c3a38f46202d
https://github.com/openssl/openssl/commit/e1e6b7cefae3cd455cc42b897b58c3a38f46202d
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M include/openssl/prov_ssl.h
M include/openssl/ssl.h.in
M ssl/d1_lib.c
M ssl/methods.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/tls13_meth.c
M ssl/ssl_local.h
Log Message:
-----------
Adds initial dtls 1.3 structs and definitions
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22259)
Commit: ecf5bdde53536526e17dd8b55adb20121c94b00c
https://github.com/openssl/openssl/commit/ecf5bdde53536526e17dd8b55adb20121c94b00c
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/methods.c
Log Message:
-----------
Remove compile guards for dtls1.3 method implementations
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22259)
Commit: 79b63cf535aa2844e3516409222061793afa933b
https://github.com/openssl/openssl/commit/79b63cf535aa2844e3516409222061793afa933b
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M apps/include/opt.h
M apps/lib/s_cb.c
M apps/s_client.c
M apps/s_server.c
Log Message:
-----------
Integrate dtls1.3 in s_client and s_server
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: a503dbd5d2d4879b9f878303870b85fe0be18493
https://github.com/openssl/openssl/commit/a503dbd5d2d4879b9f878303870b85fe0be18493
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M doc/man1/openssl-s_client.pod.in
M doc/man1/openssl-s_server.pod.in
M doc/man1/openssl.pod
M doc/perlvars.pm
Log Message:
-----------
Adds DTLS 1.3 functionality to s_client and s_server documentation.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: a0211fbd2fe318cb4e1191cb18aed13ecf93df41
https://github.com/openssl/openssl/commit/a0211fbd2fe318cb4e1191cb18aed13ecf93df41
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M apps/s_client.c
Log Message:
-----------
Print session ticket for dtls 1.3 as well.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22260)
Commit: 3429dacf90ca0c11d908d39675d05c52b4d82150
https://github.com/openssl/openssl/commit/3429dacf90ca0c11d908d39675d05c52b4d82150
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
Log Message:
-----------
Support TLS1.3 extensions with DTLS1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22261)
Commit: a3fe116338ea7c276461faaa197e7794597e31dc
https://github.com/openssl/openssl/commit/a3fe116338ea7c276461faaa197e7794597e31dc
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/tls13_enc.c
Log Message:
-----------
Use dtls1.3 cryptographic label prefix as dictated by RFC 9147 section 5.9
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22416)
Commit: 5e70e3ca645978ce9b7d4f5384e7345e42b4ed73
https://github.com/openssl/openssl/commit/5e70e3ca645978ce9b7d4f5384e7345e42b4ed73
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/tls13_enc.c
Log Message:
-----------
Determine which label prefix to use based on if the connection is dtls
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22416)
Commit: 40577a047c6fcdd67a8c69ab7e162cee3754e0ce
https://github.com/openssl/openssl/commit/40577a047c6fcdd67a8c69ab7e162cee3754e0ce
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_conf.c
M ssl/t1_trce.c
M test/helpers/ssl_test_ctx.c
M test/ssl_old_test.c
Log Message:
-----------
Adds DTLS1.3 to ssl protocol to text structs
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: 47513b7160d4a32f9f2579f3c547527379374c8d
https://github.com/openssl/openssl/commit/47513b7160d4a32f9f2579f3c547527379374c8d
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_lib.c
Log Message:
-----------
Add dtls1.3 to ssl_protocol_to_string()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: 2001d9be626e9420217067042178c751c066e53d
https://github.com/openssl/openssl/commit/2001d9be626e9420217067042178c751c066e53d
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_conf.c
Log Message:
-----------
Fix protocol list for cmd_Protocol()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22273)
Commit: 30d45f06508bea41a7038314f04093409e43be75
https://github.com/openssl/openssl/commit/30d45f06508bea41a7038314f04093409e43be75
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Update tls state machine logic to support dtls1.3 alongside tls1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Updated the logic in ssl_cipher_list_to_bytes to take account of the changes
from PR#24161
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24226)
Commit: 70f0ce0e8f53789dff01bafb5a962f3d4567f386
https://github.com/openssl/openssl/commit/70f0ce0e8f53789dff01bafb5a962f3d4567f386
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_clnt.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Fix sending session ids in DTLS-1.3
DTLS 1.3 session id must not be sent by client unless
it has a cached id. And DTLS 1.3 servers must not echo
a session id from a client.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: 631fa077942380493fd3a7b973c7f68b8591580b
https://github.com/openssl/openssl/commit/631fa077942380493fd3a7b973c7f68b8591580b
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_local.h
M ssl/statem/statem.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Do DTLS13 and TLS13 connection version check in one macro
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: 90322daa19545c8b3dcbed2cace881252e9769ad
https://github.com/openssl/openssl/commit/90322daa19545c8b3dcbed2cace881252e9769ad
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_srvr.c
Log Message:
-----------
Fix wrong dtls 1 and 1.2 version check
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22366)
Commit: 8388a7d5f226e54413de77f650941262419fe223
https://github.com/openssl/openssl/commit/8388a7d5f226e54413de77f650941262419fe223
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M providers/common/capabilities.c
M ssl/s3_lib.c
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
M ssl/t1_lib.c
Log Message:
-----------
Support TLS 1.3 kexs and groups with DTLS 1.3
SSL_CONNECTION_IS_VERSION13 macro is used where appropriate.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22364)
Commit: 1a1925710d865b72727a44e7c9311e733f6ed03e
https://github.com/openssl/openssl/commit/1a1925710d865b72727a44e7c9311e733f6ed03e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M util/perl/TLSProxy/Record.pm
M util/perl/TLSProxy/ServerHello.pm
Log Message:
-----------
Adds dtls 1.3 support in TLS::Proxy
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23375)
Commit: d092afee09c21899071982752ca64ec3c20ee17e
https://github.com/openssl/openssl/commit/d092afee09c21899071982752ca64ec3c20ee17e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M apps/include/s_apps.h
Log Message:
-----------
Don't allow renegotiation for DTLS 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22362)
Commit: 975d8ce4700ff5c875d60aba1ae891dc35f0210b
https://github.com/openssl/openssl/commit/975d8ce4700ff5c875d60aba1ae891dc35f0210b
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/record/rec_layer_d1.c
Log Message:
-----------
Make dtls1.3 changes to dtls1_read_bytes and do_dtls1_write which matches ssl3_read_bytes and ssl3_write_bytes
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: a84a938ec75d28d04ce4f1fde9655477a1ef8623
https://github.com/openssl/openssl/commit/a84a938ec75d28d04ce4f1fde9655477a1ef8623
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/record/methods/dtls_meth.c
Log Message:
-----------
Adds some more changes dtls specific functions to make them more in sync with their tls counterparts.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: f201e74b471f29738b68ee61e6b000a2a64fb96f
https://github.com/openssl/openssl/commit/f201e74b471f29738b68ee61e6b000a2a64fb96f
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
Make similar changes to dtls1_do_write() for dtls1.3 as in ssl3_do_write() for tls1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: 8268924cc04cabc39f922d19f4cdc27f6850eaf0
https://github.com/openssl/openssl/commit/8268924cc04cabc39f922d19f4cdc27f6850eaf0
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/record/rec_layer_d1.c
Log Message:
-----------
Handle alerts similarly in dtls1_read_bytes() as done in ssl3_read_bytes()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
Commit: a05a3434c668b91201fc8ae8cdcedefc87348493
https://github.com/openssl/openssl/commit/a05a3434c668b91201fc8ae8cdcedefc87348493
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/t1_lib.c
Log Message:
-----------
Support TLS1.3 sigalg logic in DTLS1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22380)
Commit: 424c9c8d61db0084cdfd6817b3bb588d8940fc7e
https://github.com/openssl/openssl/commit/424c9c8d61db0084cdfd6817b3bb588d8940fc7e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
Removes an mtu assertion that fails
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22401)
Commit: f5fb9f0bd3b0d709a99c47c0eacb5b2c9843a697
https://github.com/openssl/openssl/commit/f5fb9f0bd3b0d709a99c47c0eacb5b2c9843a697
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_sess.c
M ssl/t1_lib.c
M ssl/t1_trce.c
Log Message:
-----------
Update session id and ticket logic for dtls13
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22936)
Commit: f94a886442f2afde37030f3f0c2fed8bc7e4d60a
https://github.com/openssl/openssl/commit/f94a886442f2afde37030f3f0c2fed8bc7e4d60a
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_txt.c
Log Message:
-----------
Fix session print for dtls1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22936)
Commit: 8e2fab83780142ea325a29d95e49b67b015d1e3b
https://github.com/openssl/openssl/commit/8e2fab83780142ea325a29d95e49b67b015d1e3b
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
tls_post_encryption_processing_default() and tls_validate_record_header()
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22376)
Commit: 2d125123414e7b533e958a3c48b84a43c3411244
https://github.com/openssl/openssl/commit/2d125123414e7b533e958a3c48b84a43c3411244
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_lib.c
Log Message:
-----------
Fix ssl_lib functions for dtls 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22378)
Commit: 8509f9601899b94a063cabf0efcfbaa5c34c0c4a
https://github.com/openssl/openssl/commit/8509f9601899b94a063cabf0efcfbaa5c34c0c4a
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/s3_lib.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/t1_lib.c
Log Message:
-----------
Sanity tests of inputs to ssl_version_cmp
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24293)
Commit: 20dd5cf5e976bfda743cc43ae8ebe5444708f5ab
https://github.com/openssl/openssl/commit/20dd5cf5e976bfda743cc43ae8ebe5444708f5ab
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_lib.c
M ssl/t1_lib.c
Log Message:
-----------
Fix sanity tests for ssl_version_cmp for dtls 1.3 branch
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24293)
Commit: 9962774afd7ea48b37e68f96535d7574652af0bf
https://github.com/openssl/openssl/commit/9962774afd7ea48b37e68f96535d7574652af0bf
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M include/openssl/dtls1.h
M ssl/ssl_local.h
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
Log Message:
-----------
Update dtls max version
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: 180ffe377885b361c14c0a894729856638846f23
https://github.com/openssl/openssl/commit/180ffe377885b361c14c0a894729856638846f23
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_clnt.c
Log Message:
-----------
Remove obsolete TODO and guards for post handshake authentication in DTLS 1.3
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: a286ca6e1cdcbab2ec4236d5e6e68df7f7a9a216
https://github.com/openssl/openssl/commit/a286ca6e1cdcbab2ec4236d5e6e68df7f7a9a216
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_lib.c
M test/ssl_ctx_test.c
Log Message:
-----------
Update DTLS version tests
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: c26304328d48b6feb1f2ab85bffcaac2c8067e10
https://github.com/openssl/openssl/commit/c26304328d48b6feb1f2ab85bffcaac2c8067e10
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_lib.c
Log Message:
-----------
Fix version check to avoid unsupported protocol error in ssl_choose_server_version()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: 092812ba26faef959378d0d112c917865c6b3c3f
https://github.com/openssl/openssl/commit/092812ba26faef959378d0d112c917865c6b3c3f
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/extensions_clnt.c
Log Message:
-----------
Fix renegotiation check that was added in https://github.com/openssl/openssl/pull/24161
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: 9782bd69ef3c9cf21e2b30838ec0d7a92f530d0e
https://github.com/openssl/openssl/commit/9782bd69ef3c9cf21e2b30838ec0d7a92f530d0e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M fuzz/dtlsclient.c
M test/dtls_mtu_test.c
M test/dtlstest.c
M test/ssl-tests/29-dtls-sctp-label-bug.cnf
M test/ssl-tests/29-dtls-sctp-label-bug.cnf.in
Log Message:
-----------
Run some failing tests with DTLS1.2
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: a3d404c5a9a2f4eda29413a2b471976d2141f919
https://github.com/openssl/openssl/commit/a3d404c5a9a2f4eda29413a2b471976d2141f919
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/ssl-tests/07-dtls-protocol-version.cnf
M test/ssl-tests/11-dtls_resumption.cnf
M test/ssl-tests/protocol_version.pm
Log Message:
-----------
Fix test_ssl_new tests
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: de70500343bb6725218b40ecc51060d76ad8e1f3
https://github.com/openssl/openssl/commit/de70500343bb6725218b40ecc51060d76ad8e1f3
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
Log Message:
-----------
Check that both tls1.3 and dtls1.3 is disabled before removing code from compilation path.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: a49587d1ae3aabf398b01270a32bfbc31b0ac2c3
https://github.com/openssl/openssl/commit/a49587d1ae3aabf398b01270a32bfbc31b0ac2c3
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_local.h
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/statem/statem_srvr.c
Log Message:
-----------
Disable middlebox for dtls
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: 71fc0af8831f9f053d1dbcb39ccf4ca1a57a1956
https://github.com/openssl/openssl/commit/71fc0af8831f9f053d1dbcb39ccf4ca1a57a1956
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/tls13_enc.c
M test/tls13secretstest.c
Log Message:
-----------
Clear old messages from queues in order to avoid leaks of record layer objects.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
Commit: 1cdbbeb2cf2dd6dee5bd600ada48ae36d3bc4a77
https://github.com/openssl/openssl/commit/1cdbbeb2cf2dd6dee5bd600ada48ae36d3bc4a77
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/t1_trce.c
Log Message:
-----------
Correct traces for certificates in dtls13
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22935)
Commit: c5c7a2ef26c9a1b07e4a6746098b07c33a5c7f52
https://github.com/openssl/openssl/commit/c5c7a2ef26c9a1b07e4a6746098b07c33a5c7f52
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M doc/man1/openssl-s_client.pod.in
M doc/man3/SSL_CIPHER_get_name.pod
M doc/man3/SSL_CONF_cmd.pod
M doc/man3/SSL_CTX_set0_CA_list.pod
M doc/man3/SSL_CTX_set1_sigalgs.pod
M doc/man3/SSL_CTX_set_min_proto_version.pod
M doc/man3/SSL_CTX_set_num_tickets.pod
M doc/man3/SSL_CTX_set_options.pod
M doc/man3/SSL_check_chain.pod
M doc/man3/SSL_export_keying_material.pod
M doc/man3/SSL_get_shared_sigalgs.pod
M doc/man3/SSL_get_version.pod
Log Message:
-----------
Update documentation for DTLS1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22363)
Commit: f915625f51a4852abb263a01c61512c329cc6359
https://github.com/openssl/openssl/commit/f915625f51a4852abb263a01c61512c329cc6359
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M doc/man3/SSL_CONF_cmd.pod
Log Message:
-----------
Updates SSL_CONF_cmd.pod to be explicit when features are for both TLS and DTLS
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22363)
Commit: 59b17a0b17a749e00fbc49c05ee44254dd539350
https://github.com/openssl/openssl/commit/59b17a0b17a749e00fbc49c05ee44254dd539350
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M doc/man3/SSL_CONF_cmd.pod
Log Message:
-----------
Mention brainpoolP256r1tls13, brainpoolP384r1tls13, brainpoolP512r1tls13 in SSL_CONF_cmd.pod
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22363)
Commit: 14cd195bed0520acaa4a3c72e12f5e293cdcf102
https://github.com/openssl/openssl/commit/14cd195bed0520acaa4a3c72e12f5e293cdcf102
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/ssl_local.h
Log Message:
-----------
Fix description of version field of ssl connection struct
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22937)
Commit: a80b02e796cc504c78f2f8a53e3acfe881f11307
https://github.com/openssl/openssl/commit/a80b02e796cc504c78f2f8a53e3acfe881f11307
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_srvr.c
Log Message:
-----------
Continue processing cookieless client hellos for dtls1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22400)
Commit: eb2be8986d90683c9857dceb980e59fff6166b7a
https://github.com/openssl/openssl/commit/eb2be8986d90683c9857dceb980e59fff6166b7a
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/ssl-tests/02-protocol-version.cnf
M test/ssl-tests/07-dtls-protocol-version.cnf
M test/ssl-tests/10-resumption.cnf
M test/ssl-tests/protocol_version.pm
Log Message:
-----------
Adds DTLSv1.3 to protocol_version.pm for additional protocol version tests.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23242)
Commit: 3d5233ccbd822dc77987e8bb191b2b4b5f835ca4
https://github.com/openssl/openssl/commit/3d5233ccbd822dc77987e8bb191b2b4b5f835ca4
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/dtlstest.c
M test/sslapitest.c
Log Message:
-----------
Run test_cookie() test with DTLS 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24425)
Commit: 7f8fd73cc5f75ccd4b0c6705f3fbecc6229daa81
https://github.com/openssl/openssl/commit/7f8fd73cc5f75ccd4b0c6705f3fbecc6229daa81
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
A doc/designs/dtlsv1_3/dtlsv1_3-main.md
Log Message:
-----------
Add design document for DTLS 1.3 implementation
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23041)
Commit: 0e42732dd67a2ba9c95dc5440a09bebc45d5ddf4
https://github.com/openssl/openssl/commit/0e42732dd67a2ba9c95dc5440a09bebc45d5ddf4
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M apps/s_client.c
M apps/s_server.c
M ssl/record/methods/tls_common.c
M ssl/ssl_cert.c
M ssl/ssl_ciph.c
M ssl/ssl_lib.c
M ssl/ssl_local.h
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M ssl/t1_lib.c
M test/sslapitest.c
Log Message:
-----------
Refactor code and fix a couple of missing DTLSv1.3 checks.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24345)
Commit: b9b5f5fea57c3b5bcdb9a088aee2f1f6f4c46d04
https://github.com/openssl/openssl/commit/b9b5f5fea57c3b5bcdb9a088aee2f1f6f4c46d04
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/record/methods/dtls_meth.c
M ssl/statem/statem_dtls.c
Log Message:
-----------
Re-enable mtu assertion which previously failed for DTLS 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24524)
Commit: 2c800b852dedb5c146572c3f3dfce7b0acdaa640
https://github.com/openssl/openssl/commit/2c800b852dedb5c146572c3f3dfce7b0acdaa640
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M crypto/packet.c
M include/internal/common.h
M include/internal/packet.h
M ssl/statem/extensions.c
M ssl/statem/extensions_clnt.c
M ssl/statem/statem_dtls.c
M ssl/statem/statem_lib.c
M test/dtls_mtu_test.c
M test/ssl-tests/29-dtls-sctp-label-bug.cnf.in
Log Message:
-----------
Place start of ClientHello correctly when calculating binder for DTLS 1.3
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24426)
Commit: 9140ba9ad7a9374005e368bcb4ce7ca621a0bb48
https://github.com/openssl/openssl/commit/9140ba9ad7a9374005e368bcb4ce7ca621a0bb48
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
Use WPACKET in dtls1_do_write()
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24426)
Commit: 4b810dea2da6571a4e0f0a6752277729b2355bc7
https://github.com/openssl/openssl/commit/4b810dea2da6571a4e0f0a6752277729b2355bc7
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M fuzz/dtlsclient.c
M ssl/d1_lib.c
M ssl/ssl_local.h
M ssl/statem/extensions_clnt.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_lib.c
M test/dtlstest.c
Log Message:
-----------
Fix an assertion failure which happens when a DTLS 1.3 client receives a HelloVerifyRequest.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24509)
Commit: feef23e4f18b45ca176bba6809ff82ea818c6be0
https://github.com/openssl/openssl/commit/feef23e4f18b45ca176bba6809ff82ea818c6be0
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M Configure
M test/recipes/70-test_tls13alerts.t
M util/perl/TLSProxy/Message.pm
M util/perl/TLSProxy/Proxy.pm
M util/perl/TLSProxy/Record.pm
M util/perl/TLSProxy/ServerKeyExchange.pm
Log Message:
-----------
Run 70-test_tls13alerts.t with dtls
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: 218ca61ebf9ae5a75586ed00f13f5c600f8d0dd0
https://github.com/openssl/openssl/commit/218ca61ebf9ae5a75586ed00f13f5c600f8d0dd0
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13cookie.t
Log Message:
-----------
Run 70-test_tls13cookie.t with dtls
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: 4a53781162480d1085717fdef9ca0b9d355136b1
https://github.com/openssl/openssl/commit/4a53781162480d1085717fdef9ca0b9d355136b1
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13hrr.t
Log Message:
-----------
Run 70-test_tls13hrr.t with dtls
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: a022d72aaac1a593fca6fb0bc616b63b819fa59e
https://github.com/openssl/openssl/commit/a022d72aaac1a593fca6fb0bc616b63b819fa59e
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13psk.t
Log Message:
-----------
Add support for running 70-test_tls13psk.t with dtls
Has to be currently disabled because it fails.
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: 8ce0641f7d314b6fe97430d98f202d7e186dab4f
https://github.com/openssl/openssl/commit/8ce0641f7d314b6fe97430d98f202d7e186dab4f
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13messages.t
Log Message:
-----------
Run 70-test_tls13messages.t with dtls
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: 06e06d44fd6fb8651939bc0d97c523fb473d5c78
https://github.com/openssl/openssl/commit/06e06d44fd6fb8651939bc0d97c523fb473d5c78
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13kexmodes.t
Log Message:
-----------
Run 70-test_tls13kexmodes.t with dtls
It is currently unsupported because of missing support in TLSProxy.
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: 29be50b727303d7aab282aec66c3eaf12cec4e98
https://github.com/openssl/openssl/commit/29be50b727303d7aab282aec66c3eaf12cec4e98
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M test/recipes/70-test_tls13alerts.t
M test/recipes/70-test_tls13certcomp.t
M test/recipes/70-test_tls13cookie.t
M test/recipes/70-test_tls13hrr.t
M test/recipes/70-test_tls13psk.t
Log Message:
-----------
Run 70-test_tls13certcomp.t with dtls
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Commit: d4af398d56098fb7e5a5d7a72ee0c4642dfbbe13
https://github.com/openssl/openssl/commit/d4af398d56098fb7e5a5d7a72ee0c4642dfbbe13
Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
Date: 2024-06-27 (Thu, 27 Jun 2024)
Changed paths:
M ssl/statem/statem_clnt.c
M ssl/statem/statem_srvr.c
M test/dtls_mtu_test.c
Log Message:
-----------
Fix SCTP todo
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24605)
Compare: https://github.com/openssl/openssl/compare/928386b424da...d4af398d5609
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list