Add support for compressed certificates (RFC8879) * Compressed Certificate extension (server/client) * Server certificates (send/receive) * Client certificate (send/receive) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18186)
SSL object refactoring using SSL_CONNECTION object Make the SSL object polymorphic based on whether this is a traditional SSL connection, QUIC connection, or later to be implemented a QUIC stream. It requires adding if after every SSL_CONNECTION_FROM_SSL() call which itself has to be added to almost every public SSL_ API call. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18612)
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16534) (cherry picked from commit 54d987b92ce57c1cc38c6d9b6bf879b003f4cbd4)
Fix state name abbreviation The TRSCV state abbrev was used for two states: * TLS_ST_CR_CERT_VRFY * TLS_ST_SW_CERT_VRFY The second one is wrong because it's a write operation. The state for TLS_ST_SW_CERT_VRFY should be "TWSCV" Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16327)
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
Following the license change, modify the boilerplates in ssl/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7768)
Merge HRR into ServerHello Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4701)
Fix SSL_state_string() and SSL_state_string_long() These functions needed updates for the various state machine states that have been added for TLSv1.3. Fixes #4795 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4801)
Fix errors in SSL_state_string_long TLS_ST_SR_NEXT_PROTO means "SSLv3/TLS read next proto" Fix typo in the message for TLS_ST_SW_CERT_STATUS Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4054)
Merge Nokia copyright notice into standard This is done with the kind permission of Nokia. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3722)
Add missing debug strings. Found by turning -Wswitch-enum on. Reviewed-by: Richard Levitte <levitte@openssl.org>
Indent ssl/ Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: Rich Salz <rsalz@openssl.org>
SSL test framework: port NPN and ALPN tests Reviewed-by: Rich Salz <rsalz@openssl.org>
Copyright consolidation 01/10 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Use return "" not set a var and return. Reviewed-by: Emilia Käsper <emilia@openssl.org>
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Change SSL_state_string return strings to start with a T Due the rest of the state machine changes it makes sense to change the SSL_state_string return strings from 3* to T*. They are not SSL3 specific Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove SSL_state and SSL_set_state SSL_state has been replaced by SSL_get_state and SSL_set_state is no longer supported. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Change statem prefix to ossl_statem Change various state machine functions to use the prefix ossl_statem instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove redundant code Clean up and remove lots of code that is now no longer needed due to the move to the new state machine. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>