diff options
| author | Adam Langley <agl@google.com> | 2015-11-12 12:15:39 -0800 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2015-11-12 12:16:24 -0800 |
| commit | fad6327e4112082b1e77e89a995723f26bd5a9aa (patch) | |
| tree | a1a6dd4f0310c9a9ce682a0436f80e27c56bf8e4 /src/ssl/ssl_lib.c | |
| parent | e99801b603dea8893dcc61c70b327ef2d00b652c (diff) | |
| download | external_boringssl-fad6327e4112082b1e77e89a995723f26bd5a9aa.zip external_boringssl-fad6327e4112082b1e77e89a995723f26bd5a9aa.tar.gz external_boringssl-fad6327e4112082b1e77e89a995723f26bd5a9aa.tar.bz2 | |
external/boringssl: update from upstream
BUG=24082170
7104cc9 Update and fix fuzzing instructions.
9a4beb8 Add four, basic fuzz tests.
4ab2540 Add AArch64 Montgomery assembly.
ad38dc7 Enable Montgomery optimisations on ARM.
2e64f1b Check PKCS#8 pkey field is valid before cleansing.
f606f98 bssl pkcs12 shouldn't crash on missing key.
e348ff4 Fix build.
6e80765 Add SSL_get_server_key_exchange_hash.
788be4a Remove the hard-coded SHA-1 exception for sigalgs.
5d5e39f Remove non-ASM version of |bn_mul_mont| in bn/generic.c.
59b0fcc Define BORINGSSL_201510.
e6d1e5a Use typedef names, not struct names.
16285ea Rewrite DTLS handshake message sending logic.
c81ee8b Add missing state to DTLS state machine.
2e24b9b Allow SHA-512 unaligned data access in |OPENSSL_NO_ASM| mode.
e82e6f6 Constify more BN_MONT_CTX parameters.
c7817d8 Add SSL_CIPHER_get_min_version and tidy up SSL_TLSV1_2 logic.
9d94d5e Remove untested, unnecessary big-endian SHA-1/SHA-256 optimizations.
38feb99 Require that EC points are on the curve.
ef793f4 Add various functions for SSL_CIPHER.
f93995b Test that the client doesn't offer TLS 1.2 ciphers when it shouldn't.
5f88999 Fix up several comments and detect problems in the future.
e57a192 Add missing newline in aead.h.
c2d3280 Add SSL_get_ivs.
a97b737 Separate CCS and handshake writing in DTLS.
ac9404c Improve crypto/digest/md32_common.h mechanism.
8fb0f52 Free BN_MONT_CTX in generic code.
bb87535 Fix ASan bot.
d93831d Make it possible for a static linker to discard unused RSA functions.
e8f783a Unwind DH_METHOD and DSA_METHOD.
3fc138e Don't bother sampling __func__.
165248c Fix several MSVC warnings.
8f7ecb8 (Hopefully) fix a warning on Windows.
466b989 Initialise variable before jump.
1895493 Add Intel's P-256
27a0d08 Add ssl_renegotiate_ignore.
fa9eb56 Correct the spelling of "primitive".
f1c1cf8 Revert "Improve crypto/digest/md32_common.h mechanism."
00461cf Improve crypto/digest/md32_common.h mechanism.
ecc2591 Update link to Google style guide.
efb42fb Make BN_mod_exp_mont_consttime take a const context.
eb8be01 Add ciphers option to bssl.
09d68c9 Expand a comment.
2e0901b Don't use ssl3_write_pending in DTLS.
13e81fc Fix DTLS asynchronous write handling.
ebda9b3 Make recordingconn emit more useful things for DTLS.
069bedf Fix documentation typo.
ce51469 Fix a missing initializer that only Clang warns about.
d9e8173 Fix several warnings that arise in Android.
bb85f3d Reorganise |SSL_SESSION| and |SSL| to save a little memory.
dff504d Make the instructions for downloading the ARM compiler easier to copy and paste.
Change-Id: I5ef2238f77f2bcab239919c8c50c3705b4577f09
Diffstat (limited to 'src/ssl/ssl_lib.c')
| -rw-r--r-- | src/ssl/ssl_lib.c | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/src/ssl/ssl_lib.c b/src/ssl/ssl_lib.c index 5fc2f66..c78a91a 100644 --- a/src/ssl/ssl_lib.c +++ b/src/ssl/ssl_lib.c @@ -1986,14 +1986,16 @@ void ssl_free_wbio_buffer(SSL *s) { } void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode) { - ctx->quiet_shutdown = mode; + ctx->quiet_shutdown = (mode != 0); } int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) { return ctx->quiet_shutdown; } -void SSL_set_quiet_shutdown(SSL *ssl, int mode) { ssl->quiet_shutdown = mode; } +void SSL_set_quiet_shutdown(SSL *ssl, int mode) { + ssl->quiet_shutdown = (mode != 0); +} int SSL_get_quiet_shutdown(const SSL *ssl) { return ssl->quiet_shutdown; } @@ -2634,6 +2636,27 @@ int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key, EVP_AEAD_CTX_get_rc4_state(&ssl->aead_write_ctx->ctx, write_key); } +int SSL_get_ivs(const SSL *ssl, const uint8_t **out_read_iv, + const uint8_t **out_write_iv, size_t *out_iv_len) { + if (ssl->aead_read_ctx == NULL || ssl->aead_write_ctx == NULL) { + return 0; + } + + size_t write_iv_len; + if (!EVP_AEAD_CTX_get_iv(&ssl->aead_read_ctx->ctx, out_read_iv, out_iv_len) || + !EVP_AEAD_CTX_get_iv(&ssl->aead_write_ctx->ctx, out_write_iv, + &write_iv_len) || + *out_iv_len != write_iv_len) { + return 0; + } + + return 1; +} + +uint8_t SSL_get_server_key_exchange_hash(const SSL *ssl) { + return ssl->s3->tmp.server_key_exchange_hash; +} + int SSL_clear(SSL *ssl) { if (ssl->method == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_METHOD_SPECIFIED); |