$KTLSSRC=ktls.c
ENDIF
-#TODO: For now we just include the libcrypto packet.c in libssl as well. We
-# could either continue to do it like this, or export all the WPACKET
-# symbols so that libssl can use them like any other. Probably would do
-# this privately so it does not become part of the public API.
+# For now we just include the libcrypto packet.c in libssl as well. We
+# could either continue to do it like this, or export all the WPACKET
+# symbols so that libssl can use them like any other. Probably would do
+# this privately so it does not become part of the public API.
SOURCE[../libssl]=\
pqueue.c ../crypto/packet.c \
statem/statem_srvr.c statem/statem_clnt.c s3_lib.c s3_enc.c record/rec_layer_s3.c \
BIO_ADDR_free(tmpclient);
tmpclient = NULL;
- /* TODO(size_t): convert this call */
if (BIO_write(wbio, wbuf, wreclen) < (int)wreclen) {
if (BIO_should_retry(wbio)) {
/*
clear_sys_error();
if (s->rbio != NULL) {
s->rwstate = SSL_READING;
- /* TODO(size_t): Convert this function */
ret = BIO_read(s->rbio, pkt + len + left, max - left);
if (ret >= 0)
bioread = ret;
clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */
mac_size = 0;
} else {
- /* TODO(siz_t): Convert me */
mac_size = EVP_MD_CTX_get_size(s->write_hash);
if (mac_size < 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s) && !SSL_TREAT_AS_TLS13(s)) {
int mode = EVP_CIPHER_CTX_get_mode(s->enc_write_ctx);
if (mode == EVP_CIPH_CBC_MODE) {
- /* TODO(size_t): Convert me */
eivlen = EVP_CIPHER_CTX_get_iv_length(s->enc_write_ctx);
if (eivlen <= 1)
eivlen = 0;
return i;
BIO_set_ktls_ctrl_msg(s->wbio, type);
}
- /* TODO(size_t): Convert this call */
i = BIO_write(s->wbio, (char *)
&(SSL3_BUFFER_get_buf(&wb[currbuf])
[SSL3_BUFFER_get_offset(&wb[currbuf])]),
if (BIO_get_ktls_recv(s->rbio) && !is_ktls_left)
goto skip_decryption;
- /* TODO(size_t): convert this to do size_t properly */
if (s->read_hash != NULL) {
const EVP_MD *tmpmd = EVP_MD_CTX_get0_md(s->read_hash);
if (rr->comp == NULL)
return 0;
- /* TODO(size_t): Convert this call */
i = COMP_expand_block(ssl->expand, rr->comp,
SSL3_RT_MAX_PLAIN_LENGTH, rr->data, (int)rr->length);
if (i < 0)
#ifndef OPENSSL_NO_COMP
int i;
- /* TODO(size_t): Convert this call */
i = COMP_compress_block(ssl->compress, wr->data,
(int)(wr->length + SSL3_RT_MAX_COMPRESSED_OVERHEAD),
wr->input, (int)wr->length);
int provided = (EVP_CIPHER_get0_provider(enc) != NULL);
l = rec->length;
- /* TODO(size_t): Convert this call */
bs = EVP_CIPHER_CTX_get_block_size(ds);
/* COMPRESS */
}
}
} else {
- /* TODO(size_t): Convert this call */
if (EVP_Cipher(ds, rec->data, rec->input, (unsigned int)l) < 1) {
/* Shouldn't happen */
SSLfatal(s, SSL_AD_BAD_RECORD_MAC, ERR_R_INTERNAL_ERROR);
} else {
/* Legacy cipher */
- /* TODO(size_t): Convert this call */
tmpr = EVP_Cipher(ds, recs[0].data, recs[0].input,
(unsigned int)reclen[0]);
if ((EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ds))
return 0;
}
- /* TODO(size_t): Convert these calls */
if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
|| EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
|| EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
rr->data = rr->input;
rr->orig_len = rr->length;
- /* TODO(size_t): convert this to do size_t properly */
if (s->read_hash != NULL) {
const EVP_MD *tmpmd = EVP_MD_CTX_get0_md(s->read_hash);
if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
#endif
/* Check whether this is a repeat, or aged record. */
- /*
- * TODO: Does it make sense to have replay protection in epoch 0 where
- * we have no integrity negotiated yet?
- */
if (!dtls1_record_replay_check(s, bitmap)) {
rr->length = 0;
rr->read = 1;
if (n_recs != 1) {
/* Should not happen */
- /* TODO(TLS1.3): Support pipelining */
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return 0;
}
return 0;
}
- /* TODO(size_t): lenu/lenf should be a size_t but EVP doesn't support it */
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, sending) <= 0
|| (!sending && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
taglen,
|| EVP_DigestUpdate(md_ctx, mac_out, md_size) <= 0)
goto err;
}
- /* TODO(size_t): Convert me */
ret = EVP_DigestFinal(md_ctx, md_out, &md_out_size_u);
if (ret && md_out_size)
*md_out_size = md_out_size_u;
SSL3_RANDOM_SIZE) <= 0
|| EVP_DigestUpdate(ctx, &(s->s3.server_random[0]),
SSL3_RANDOM_SIZE) <= 0
- /* TODO(size_t) : convert me */
|| EVP_DigestFinal_ex(ctx, buf, &n) <= 0
|| EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0
|| EVP_DigestUpdate(ctx, p, len) <= 0
/*
* Partially overrule strength sort to prefer TLS 1.2 ciphers/PRFs.
- * TODO(openssl-team): is there an easier way to accomplish all this?
*/
ssl_cipher_apply_rule(0, 0, 0, 0, 0, TLS1_2_VERSION, 0, CIPHER_BUMP, -1,
&head, &tail);
int SSL_key_update(SSL *s, int updatetype)
{
- /*
- * TODO(TLS1.3): How will applications know whether TLSv1.3 has been
- * negotiated, and that it is appropriate to call SSL_key_update() instead
- * of SSL_renegotiate().
- */
if (!SSL_IS_TLS13(s)) {
ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
return 0;
size_t previous_client_finished_len;
unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
size_t previous_server_finished_len;
- int send_connection_binding; /* TODOEKR */
+ int send_connection_binding;
# ifndef OPENSSL_NO_NEXTPROTONEG
/*
if (x->ext.tick) {
if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
goto err;
- /* TODO(size_t): Convert this call */
if (BIO_dump_indent
(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
<= 0)
* messages the extension is relevant to. These flags also specify whether the
* extension is relevant to a particular protocol or protocol version.
*
- * TODO(TLS1.3): Make sure we have a test to check the consistency of these
- *
* NOTE: WebSphere Application Server 7+ cannot handle empty extensions at
* the end, keep these extensions before signature_algorithm.
*/
}
/*
- * TODO(TLS1.3): When changing to send more than one key_share we're
+ * When changing to send more than one key_share we're
* going to need to be able to save more than one EVP_PKEY. For now
* we reuse the existing tmp.pkey
*/
tls1_get_supported_groups(s, &pgroups, &num_groups);
/*
- * TODO(TLS1.3): Make the number of key_shares sent configurable. For
- * now, just send one
+ * Make the number of key_shares sent configurable. For
+ * now, we just send one
*/
if (s->s3.group_id != 0) {
curve_id = s->s3.group_id;
{
if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) {
/* We ignore this if the server sends a CertificateRequest */
- /* TODO(TLS1.3): Add support for this */
return 1;
}
{
if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) {
/* We ignore this if the server sends it in a CertificateRequest */
- /* TODO(TLS1.3): Add support for this */
return 1;
}
* the initial handshake and the resumption. In TLSv1.3 SNI is not
* associated with the session.
*/
- /*
- * TODO(openssl-team): if the SNI doesn't match, we MUST
- * fall back to a full handshake.
- */
s->servername_done = (s->session->ext.hostname != NULL)
&& PACKET_equal(&hostname, s->session->ext.hostname,
strlen(s->session->ext.hostname));
return 0;
}
- /*
- * TODO(openssl-team): currently, we re-authenticate the user
- * upon resumption. Instead, we MUST ignore the login.
- */
if (!PACKET_strndup(&srp_I, &s->srp_ctx.login)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return 0;
}
id_data = PACKET_data(&responder_id);
- /* TODO(size_t): Convert d2i_* to size_t */
id = d2i_OCSP_RESPID(NULL, &id_data,
(int)PACKET_remaining(&responder_id));
if (id == NULL) {
}
if (mt == SSL3_MT_CERTIFICATE_REQUEST) {
#if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION
-# error TODO(DTLS1.3): Restore digest for PHA before adding message.
+ /* Restore digest for PHA before adding message.*/
+# error Internal DTLS version error
#endif
if (!SSL_IS_DTLS(s) && s->post_handshake_auth == SSL_PHA_EXT_SENT) {
s->post_handshake_auth = SSL_PHA_REQUESTED;
return 0;
}
- /* TODO(size_t): Convert BN_bin2bn() calls */
if ((s->srp_ctx.N =
BN_bin2bn(PACKET_data(&prime),
(int)PACKET_remaining(&prime), NULL)) == NULL
return 0;
}
- /* TODO(size_t): Convert these calls */
p = BN_bin2bn(PACKET_data(&prime), (int)PACKET_remaining(&prime), NULL);
g = BN_bin2bn(PACKET_data(&generator), (int)PACKET_remaining(&generator),
NULL);
goto err;
}
/*
- * TODO(size_t): we use sess_len here because EVP_Digest expects an int
+ * We use sess_len here because EVP_Digest expects an int
* but s->session->session_id_length is a size_t
*/
if (!EVP_Digest(s->session->ext.tick, ticklen,
pms[0] = s->client_version >> 8;
pms[1] = s->client_version & 0xff;
- /* TODO(size_t): Convert this function */
if (RAND_bytes_ex(s->ctx->libctx, pms + 2, pmslen - 2, 0) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
goto err;
if (EVP_PKEY_encrypt_init(pkey_ctx) <= 0
/* Generate session key
- * TODO(size_t): Convert this function
*/
|| RAND_bytes_ex(s->ctx->libctx, pms, pmslen, 0) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
/*
* We don't allow resumption in a backwards compatible ClientHello.
- * TODO(openssl-team): in TLS1.1+, session_id MUST be empty.
+ * In TLS1.1+, session_id MUST be empty.
*
* Versions before 0.9.7 always allow clients to resume sessions in
* renegotiation. 0.9.7 and later allow this by default, but optionally
p = s->s3.tmp.key_block;
i = *mac_secret_size = s->s3.tmp.new_mac_secret_size;
- /* TODO(size_t): convert me */
cl = EVP_CIPHER_get_key_length(c);
j = cl;
k = tls_iv_length_within_key_block(c);
continue;
/*
- * TODO this does not differentiate between the
+ * This does not differentiate between the
* rsa_pss_pss_* and rsa_pss_rsae_* schemes since we do not
* have a chain here that lets us look at the key OID in the
* signing certificate.
return 0;
}
- /* TODO(size_t): convert me */
keylen = EVP_CIPHER_get_key_length(ciph);
if (EVP_CIPHER_get_mode(ciph) == EVP_CIPH_CCM_MODE) {
uint32_t algenc;