9pfs/solanum-vs-hackint-and-charybdis

Author	SHA1	Message	Date
Aaron Jones	a41a1d20db	GNUTLS: Fix the SSL_P(x) macro It previously assumed there was an "F" variable in the scope it was used in. It now uses its input "x" variable.	2016-09-17 00:56:52 +00:00
Aaron Jones	5103d939d0	GNUTLS: Rename the timeout callback in line with the other backends	2016-09-17 00:56:52 +00:00
Aaron Jones	992aa93b80	GNUTLS: Tidy up rb_init_ssl() and improve its error logging	2016-09-17 00:56:52 +00:00
Aaron Jones	6cc08ecf90	GNUTLS: Move `struct ssl_connect' definition to the top of the file	2016-09-17 00:56:52 +00:00
Aaron Jones	fde101b9b2	GNUTLS: Tidy up the cert authentication callback	2016-09-17 00:56:52 +00:00
Aaron Jones	75d7d47a7e	GNUTLS: Tidy up headers	2016-09-17 00:56:52 +00:00
Aaron Jones	d9e6ff7349	GNUTLS: Tidy up unit-scope variables and give them clearer names	2016-09-17 00:56:11 +00:00
Aaron Jones	4d89c83c32	GNUTLS: Shut down sessions properly If gnutls_bye() fails with a fatal error, we would reattempt it again and again, even though this may then go on to e.g. cause a segmentation fault. Now we just keep retrying if it was interrupted, in line with the other backends, up to a maximum of 3 retries.	2016-09-17 00:55:40 +00:00
Aaron Jones	a3a25a4c8a	MbedTLS: A few more minor changes Yeah, I know, I said I was happy with it and wouldn't be changing it. However, the new GNUTLS backend I'm working on has prompted this. E.g. MbedTLS error codes and GNUTLS error codes are both negative ints, but GNUTLS will not tolerate positive input values. Let's treat both backends the same.	2016-09-17 00:11:46 +00:00
Aaron Jones	159d901e71	MbedTLS & OpenSSL: Purely cosmetic changes. This further reduces the diff between the backends. It does not change any of the logic in either backend.	2016-09-16 11:17:29 +00:00
William Pitcock	de78e5906a	Merge pull request #219 from aaronmdjones/openssl219 Improve the OpenSSL backend	2016-09-15 21:50:48 -07:00
Aaron Jones	92c04c6b9d	OpenSSL: Final round of const correctness I'm happy with the state of this backend now. I don't anticipate making any further changes.	2016-09-15 20:14:01 +00:00
Aaron Jones	5feb292aa9	OpenSSL: Indicate successful RNG initialisation	2016-09-15 20:12:22 +00:00
Aaron Jones	5bb5226edc	OpenSSL: Simplify the RNG code	2016-09-15 20:12:22 +00:00
Aaron Jones	15e2cab1e5	OpenSSL: Add another debugging assert	2016-09-15 20:12:22 +00:00
Aaron Jones	01ce1c508d	OpenSSL: Add a debugging assert for timeouts	2016-09-15 20:12:22 +00:00
Aaron Jones	b4a0b60dff	OpenSSL: Cast sockaddr len variable appropriately	2016-09-15 20:12:22 +00:00
Aaron Jones	d9c825c4de	OpenSSL: Correct closing comment [ci skip]	2016-09-15 20:12:21 +00:00
Aaron Jones	06c588e535	OpenSSL: Apply consistent coding style [ci skip]	2016-09-15 20:12:21 +00:00
Aaron Jones	767fad345f	OpenSSL: Properly wrap long lines. [ci skip]	2016-09-15 20:12:21 +00:00
Aaron Jones	a8db009575	OpenSSL: Modify rb_ssl_strerror() in line with other backends	2016-09-15 20:12:21 +00:00
Aaron Jones	45d05d8882	OpenSSL: Improve error logging in rb_setup_ssl_server()	2016-09-15 20:12:21 +00:00
Aaron Jones	bd8097c459	OpenSSL: Tweak connection shutdown logic	2016-09-15 20:12:21 +00:00
Aaron Jones	485b5b8084	OpenSSL: Import the callback/handshake logic from the MbedTLS backend	2016-09-15 20:12:21 +00:00
Aaron Jones	9114e3a2dc	OpenSSL: Improve rb_setup_ssl_server() * Move file/data assignments to the top of the function * Don't attempt to set a hardcoded P-384 ECDH key if we have the new SSL_CTX_set1_curves_list() function (OpenSSL 1.0.2+) * Rename variables consistent with other backends and wrap the function arguments. * Disable OpenSSL's disabling of TLS 1/n-1 record splitting. In other words, enable TLS 1/n-1 record splitting. * Other misc cleanups.	2016-09-15 20:12:21 +00:00
Aaron Jones	47d51fe3ac	OpenSSL: Use C99 __func__ declaration instead of writing function names	2016-09-15 20:12:21 +00:00
Aaron Jones	cc04fbe3f9	OpenSSL: Fix up rb_init_ssl() to use proper define from openssl_ratbox.h	2016-09-15 20:12:21 +00:00
Aaron Jones	62fc0eab03	OpenSSL: Rename error functions consistent with other backends.	2016-09-15 20:12:21 +00:00
Aaron Jones	4e9441a1cb	OpenSSL: Add generic direction enum for negotiation setup. Also define an SSL_P(x) macro as in other backends and use that to refer to the client session context.	2016-09-15 20:12:21 +00:00
Aaron Jones	e569720fe1	OpenSSL: Misc code cleanups Make use of C99 for loop initialisers, declarations with immediate rvalues, etc.	2016-09-15 20:12:20 +00:00
Aaron Jones	a61e06e1d1	OpenSSL: Add const-correctness to function and variable declarations.	2016-09-15 20:12:20 +00:00
Aaron Jones	1c39c519fe	OpenSSL: Reorder functions in line with the MbedTLS backend. The diff for this commit will look like I have changed a lot of code; in reality, nothing was changed, just whole functions moved up or down.	2016-09-15 20:12:20 +00:00
Aaron Jones	1c7d295320	OpenSSL: Move connect structure declaration to top of file	2016-09-15 20:12:20 +00:00
Aaron Jones	8a40573369	OpenSSL: Remove context duplication OpenSSL is perfectly capable of having a single context that is shared by both client and server sessions alike; one simply needs to call SSL_set_accept_state (for server) or SSL_set_connect_state (for client) before attempting handshaking.	2016-09-15 20:12:20 +00:00
Aaron Jones	2aec9b6d68	OpenSSL: Remove unnecessary handshake info callback	2016-09-15 20:12:20 +00:00
Aaron Jones	1f30c8943b	OpenSSL: Tidy up headers Move all the header includes to a single header file, rename said file.	2016-09-15 20:12:20 +00:00
Aaron Jones	265dc4e53c	MbedTLS: Final round of const correctness I'm happy with the state of this backend now. I don't anticipate making any further changes.	2016-09-15 20:10:43 +00:00
Aaron Jones	f66a6390b0	MbedTLS: More const correctness	2016-09-15 13:24:29 +00:00
Aaron Jones	101c659117	MbedTLS: Cast addrlen rb_ssl_accept_setup to avoid compiler warnings	2016-09-15 13:24:29 +00:00
Aaron Jones	1083d8557b	MbedTLS: Cast return types for reading/writing only on success	2016-09-15 13:24:29 +00:00
Aaron Jones	f0ad82013c	MbedTLS: More const correctness	2016-09-15 13:24:28 +00:00
Aaron Jones	ac62792970	MbedTLS: Correct NULL checks for functions in line with other backends	2016-09-15 13:24:28 +00:00
Aaron Jones	988fedf212	MbedTLS: Move structure cert/key assignment to after cert/key loading	2016-09-15 13:24:28 +00:00
Aaron Jones	bef81a5d45	MbedTLS: Use C99 __func__ declaration instead of writing function names	2016-09-15 13:24:28 +00:00
Aaron Jones	8cd8b24ffb	MbedTLS: Make error string printing prettier.	2016-09-15 13:24:28 +00:00
Aaron Jones	db12df5c16	MbedTLS: Store error codes properly. OpenSSL uses `unsigned long' type for its error codes, so that's what (lib)ratbox used to store the error values. Unfortunately, MbedTLS uses int, and its error codes are negative. On machines where `int' and `long' are the same size, this could result in storing a truncated error code. This patch inverts the sign bit on error codes and then casts them to unsigned long for storage. MbedTLS itself (specifically, `mbedtls_strerror()') will function properly with negative or positive input values. It even converts negative input values to positive before checking them against the list of known error codes! See also: `library/error.c' in the MbedTLS 2.1+ distribution.	2016-09-15 13:24:28 +00:00
Aaron Jones	8668cb9b9d	MbedTLS: Const correctness in rb_ssl_init_fd We shouldn't ever change this input variable. Tell the compiler that we won't.	2016-09-15 13:24:28 +00:00
Aaron Jones	46c61dd478	MbedTLS: Set socket send/receive functions after initialising session	2016-09-15 13:24:28 +00:00
Aaron Jones	978c8ae828	MbedTLS: Move memory allocation to the beginning of rb_ssl_init_fd	2016-09-15 13:24:28 +00:00
Aaron Jones	163a4a9d06	MbedTLS: Remove default case in switch for an enum with all values Having default here doesn't make sense (using something not in that enum will generate a compile-time warning).	2016-09-15 13:24:28 +00:00

1 2 3 4 5

239 commits