steve
/
factor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
31,509 Commits
33 Branches
119 Tags
249 MiB
Commit Graph

95 Commits (1724ae15a90ec61cba74ee9ba4fdf2fbce775e07)

Author SHA1 Message Date
Doug Coleman d5d552eb40 Merge remote-tracking branch 'origin/master' into modern-harvey3 2019-09-28 09:54:13 -05:00
Doug Coleman afe188efb3 openssl: Fallback for versions of macOS < 10.15. 
We probably want a word that finds libssl.x.dylib where x is the highest version so that we don't have to update the libary-loading code in the future.

This is all because loading libssl.dylib causes a SIGABORT signal 6, perhaps there's another workaround?
 2019-09-28 09:40:47 -05:00
Doug Coleman 5963f3a520 Merge remote-tracking branch 'origin/master' into modern-harvey3 2019-09-27 17:26:09 -05:00
Doug Coleman 1ce3b72760 Revert "openssl: Fix bootstrap for macOS 10.15 beta." 
This reverts commit 3eda5056c7.
 2019-09-27 17:24:51 -05:00
Doug Coleman bf719c4cca openssl: macOS 10.15 beta needs explicit paths for these libraries. 
10.14 has versions that are .2 lower than 10.15.
 2019-09-27 17:17:22 -05:00
Doug Coleman 3eda5056c7 openssl: Fix bootstrap for macOS 10.15 beta. 2019-09-27 16:02:27 -05:00
Doug Coleman e7c10e22b7 Merge remote-tracking branch 'origin/master' into modern-harvey3 2019-09-27 08:14:30 -05:00
Doug Coleman 1d3779e3ba openssl.libcrypto: nginx factorcode.org server upgrades to https by default. 
Change the unit test to expect a 301. We should probably make all tests work with networking disabled instead of hitting remote servers.
 2019-09-25 00:15:44 -05:00
Doug Coleman 5d8b912216 Merge remote-tracking branch 'origin/master' into modern-harvey2 2018-01-27 09:43:21 -06:00
Björn Lindqvist 71d2a373fe openssl.libcrypto.tests: should not forget to free the BIO 2018-01-24 20:20:38 +01:00
Doug Coleman 3d83bb9f06 Merge remote-tracking branch 'local-master/master' into modern-harvey2 2017-12-24 14:59:58 -08:00
Doug Coleman db9073d98d openssl: Add TLS 1.0 test certs back for macOS 10.11.6. 
Fixes #1887.
 2017-12-17 20:01:27 -06:00
Doug Coleman e9ad224752 libssl: Fix SSL struct again. 
int main() {
	SSL *ssl;
	printf("sizeof SSL %lu\n", sizeof(SSL));
	printf("SSL_MAX_SID_CTX_LENGTH %d\n", SSL_MAX_SID_CTX_LENGTH);
	printf("offsetof generate_session_id %ld\n", offsetof(struct ssl_st, generate_session_id));
	printf("offsetof mac_flags %ld\n", offsetof(struct ssl_st, mac_flags));
	printf("offsetof write_hash %ld\n", offsetof(struct ssl_st, write_hash));
	printf("offsetof session %ld\n", offsetof(struct ssl_st, session));
	printf("offsetof error_code %ld\n", offsetof(struct ssl_st, error_code));
	printf("offsetof debug %ld\n", offsetof(struct ssl_st, debug));
	printf("offsetof verify_callback %ld\n", offsetof(struct ssl_st, verify_callback));
	printf("offsetof ctx %ld\n", offsetof(struct ssl_st, ctx));
	printf("offsetof ex_data %ld\n", offsetof(struct ssl_st, ex_data));
	printf("offsetof first_packet %ld\n", offsetof(struct ssl_st, first_packet));
	printf("offsetof verify_result %ld\n", offsetof(struct ssl_st, verify_result));
	printf("offsetof client_CA %ld\n", offsetof(struct ssl_st, client_CA));
	printf("offsetof references %ld\n", offsetof(struct ssl_st, references));
	printf("offsetof tlsext_status_type %ld\n", offsetof(struct ssl_st, tlsext_status_type));
	printf("offsetof tlsext_ocsp_resplen %ld\n", offsetof(struct ssl_st, tlsext_ocsp_resplen));
	printf("offsetof tlsext_ecpointformatlist %ld\n", offsetof(struct ssl_st, tlsext_ecpointformatlist));
	printf("offsetof tls_session_ticket_ext_cb_arg %ld\n", offsetof(struct ssl_st, tls_session_ticket_ext_cb_arg));
	printf("offsetof next_proto_negotiated %ld\n", offsetof(struct ssl_st, next_proto_negotiated));
	printf("offsetof alpn_client_proto_list_len %ld\n", offsetof(struct ssl_st, alpn_client_proto_list_len));
	printf("offsetof srp_ctx %ld\n", offsetof(struct ssl_st, srp_ctx));
	return 0;
}

clang ssl.c -I /usr/local/opt/openssl/include && ./a.out
 2017-10-08 00:04:29 -05:00
Doug Coleman 9a7406d98d Revert "Revert "openssl.libssl: The SSL struct has grown a lot."" 
This reverts commit 86c086bafc.
 2017-10-07 23:31:06 -05:00
Doug Coleman b8a0feea5c Revert "openssl.libssl: The SSL struct has grown a lot." 
This reverts commit af7a248131.

Crashes on Linux?

We should fix the SSL struct in another patch soon.
 2017-09-24 23:17:35 -05:00
Doug Coleman 86c086bafc Revert "openssl.libssl: The SSL struct has grown a lot." 
This reverts commit a1fe918276.

Crashes.
 2017-09-24 23:16:01 -05:00
Doug Coleman af7a248131 openssl.libssl: The SSL struct has grown a lot. 
Maybe this is related to #1860.
 2017-09-24 23:10:44 -05:00
Doug Coleman a1fe918276 openssl.libssl: The SSL struct has grown a lot. 
Maybe this is related to #1860.
 2017-09-24 23:09:23 -05:00
Björn Lindqvist 1ca8276df4 basis/,core/,extra/: many new tags 2017-07-06 23:04:18 +02:00
Björn Lindqvist 5903f8f6b6 openssl.test: updating cert for openssl 1.1 (#1843) 
The password is "password" as it was
 2017-07-05 01:50:39 +02:00
Björn Lindqvist 5156d250b9 checksums,openssl.libcrypto: make it work with openssl 1.1 2017-07-01 22:19:42 +02:00
Björn Lindqvist 97cf96b668 openssl: docs 2017-07-01 13:50:29 +02:00
Björn Lindqvist 2a5f5ca6b9 openssl.*,io.sockets.*: support for openssl 1.1 
In the new version, a lot of c function names have changed. So a new
global ssl-new-api? is needed to know if the new or old names should be
used.
 2017-07-01 13:41:22 +02:00
Björn Lindqvist 8b6ae235ab openssl.*: adding functions that are different in libbsl 1.1.x 2017-07-01 09:25:09 +02:00
Björn Lindqvist 0d8338ceb8 io.sockets.secure.openssl,openssl.libssl: ENUM: over syntax 
The enum does the same thing as the custom syntax did and is a little
easier to understand.
 2017-06-24 16:46:00 +02:00
Björn Lindqvist 861b0eacd7 openssl.libssl.tests: removing stupid test that didn't work 
you can't know beforehand which of the tls versions openssl supports.
 2016-11-19 23:24:51 +01:00
Björn Lindqvist cc6f03f5b5 openssl.libssl: new destructors, to make sure the tests doesnt leak 2016-11-19 18:03:12 +01:00
Björn Lindqvist 317a832a86 openssl.libssl: trying to organize vocab a little better 
like all the constants in one block, and functions grouped on their
method object
 2016-11-19 17:27:50 +01:00
Björn Lindqvist 1448531b24 openssl.libssl: remove the testing of SSLv2 and SSLv3 
It caused spurious test errors on Arch and Ubuntu because they are
removing support for those protocols.
 2016-11-19 03:42:03 +01:00
Björn Lindqvist d4528c36da openssl.libssl: fix tc that breaks if sslv2 is disabled 2016-08-16 04:01:08 +02:00
Doug Coleman d9a39ce5e4 openssl.libssl: Use libcrypto on Windows instead of libeay or ssleay and 
add a few more functions. Ugh.
 2016-03-13 16:11:44 -07:00
Doug Coleman 2398800829 openssl.libssl: Adding some functions to work with certificates. 2016-03-13 01:42:53 -08:00
Doug Coleman a4804621af windows openssl, libtls: Use the libressl dlls for SSL. 
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/
http://downloads.factorcode.org/dlls/
libcrypt-37.dll
libssl-38.dll
libtls-10.dll
 2016-03-08 12:48:45 -08:00
Doug Coleman 777528fd40 openssl.libssl: Add more constants. 2016-03-04 10:05:02 -08:00
Doug Coleman 3576c0930c openssl: Prefer tls1.2. Only use secure ciphers. 2016-03-04 09:15:12 -08:00
Benjamin Pollack 62d1425971 Add SNI support to Factor 
Fixes #1527
 2016-03-03 09:48:20 -08:00
Benjamin Pollack bfd656df17 Dump everything before TLSv1 
All versions of SSL are deprecated and have major security issues. Just
kill the whole thing. If you want to deliberately expose yourself to
POODLE, you can do it on your own time.
 2016-03-01 19:43:06 -05:00
Doug Coleman 03e8f4bc19 openssl.libssl: Add some more constants. Move things around a little and add SSL_ctrl() binding. 2016-02-23 18:24:41 -08:00
Benjamin Pollack 12af22f3ee openssl: only set RSA keys if required to do so 
Modern OpenSSL and LibreSSL both do not require SSL_CTX_set_tmp_rsa to
be called unless SSL_CTX_need_tmp_rsa returns true, and LibreSSL and
OpenSSL compiled with deprecation warnings both will fail if this
happens. This commit resolves that.

With this change, it becomes possible to use LibreSSL in place of
OpenSSL with Factor.
 2016-02-23 08:11:04 -05:00
Benjamin Pollack 8073c8a77e Update OpenSSL calls to work with LibreSSL/newer OpenSSL 
RSA_generate_key has been deprecated, and is not available in either
LibreSSL or newer OpenSSL that are not compiled with deprecated call
support. This commit switches to the still-supported
RSA_generate_key_ex, which is supported by both libraries.

Note that this is still insufficient for Factor to work under LibreSSL,
though we now get a call further than before.
 2016-02-22 14:21:39 -08:00
Björn Lindqvist 0a3b4b4872 io.sockets.secure.debug: use <test-secure-config> in some places 
the word can be reused in a few places when setting up ssl. it removes
some duplicated code
 2015-10-04 01:25:11 +02:00
Doug Coleman 0176591527 factor: actual patch to remove ; from all c/fortran functions 2015-07-19 16:25:30 -07:00
Doug Coleman cdef03f182 openssl.libssl: Fix FUNCTION: error exposed after parser change. 2015-07-19 15:46:57 -07:00
Doug Coleman 892c62e1dc factor: second stab at [ ] [ ] unit-test -> { } [ ] unit-test 2015-07-03 09:39:59 -07:00
Doug Coleman 59f3b1ea57 Revert "factor: rename [ ] [ ] unit-test -> { } [ ] unit-test using a refactoring tool!" 
Needs a bit more work.

This reverts commit 7e54cc2824.
 2015-07-02 13:47:06 -07:00
Doug Coleman 7e54cc2824 factor: rename [ ] [ ] unit-test -> { } [ ] unit-test using a refactoring tool! 2015-07-02 11:36:08 -07:00
Doug Coleman 6e60c811ac core: Rename create to create-word, create-in to create-word-in. 2015-06-08 12:47:35 -07:00
John Benediktsson de179243ce basis/extra: cleanup uses of add-library. 2014-11-13 13:05:14 -08:00
Benjamin Pollack 2c3dd8c3c8 Remove executable bit from tons of files that aren't 2014-11-05 20:40:42 -08:00
Björn Lindqvist 8b01a47358 openssl.libcrypto.tests: BIO_free should be called to release connections 2014-10-03 07:12:27 -07:00