Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added new OpenSSL IO Handler for OpenSSL 1.1.1 #299

Open
wants to merge 63 commits into
base: master
Choose a base branch
from
Open

Added new OpenSSL IO Handler for OpenSSL 1.1.1 #299

wants to merge 63 commits into from

Commits on Jul 6, 2023

  1. Added new OpenSSL IO Handler for OpenSSL 1.1.1 

    Added new OpenSSL 1.1.1 header translation

Added new OpenSSL IO Handler

Fixed memory corruption

If GetPAnsiChar own created UTF8String will be freed when the method
will be leaved. In that case the string is no longer accessable for
OpenSSL.

No clue what to do with the USE_MARSHALLED_PTRS part, that has the same
problem...

Implemented more compiler macros in x509

Set default values for options

Added virtual methods for context initialization for IndySockets#224

Fixed small translation error

Fixed small errors found with FixInsight

Added missing empty implementations

Added Header to source files

Removed own definition of size_t and time_t

Added PPIdC_INT definition to fpc

Updated OpenSSL Header translation and Source Generator

Fixed quirk with circular references

Added IdOpenSSLConsts for better x64 support

Improved xml doc

Added missing include

Added some pem functions for read/write

Added translation for objects.h and fixed some other translations

Added missing includes of IdCompilerDefines.inc

Some FPC compability

Added  PPPByte to FPC

Implemented some compiler macros in crypto

Some more OpenSSL translation

Moved TIdOpenSSLPersistent to own unit

Added new TIdC_TM

Added new x509 wrapper and callback for verification

Extracted TIdOpenSSLVersion to own unit

Fixed problem with explicite TLS

Renamed tls version properties

Implemented better way for dynamic loading

Implemented usage of dynamic loading
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    d8e2735 View commit details
    Browse the repository at this point in the history

  2. Added results of an internal review

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    ab54e16 View commit details
    Browse the repository at this point in the history

  3. FTP data channel should reuse the session of the command channel 

    This prevents connection stealing.
See https://forum.filezilla-project.org/viewtopic.php?p=137191#p137191
for more details
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    726bf0e View commit details
    Browse the repository at this point in the history

  4. Added git attributes

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    2d840c9 View commit details
    Browse the repository at this point in the history

  5. Fixed line endings and rebase error

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    5946cfd View commit details
    Browse the repository at this point in the history

  6. Made intermediate code more compatible 

    * replaced usage of reserved words, for example &in -> in_
* removed regions
* replaced accidentally added dotted unit name in crypto

Thanks to @JedrzejczykRobert
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    5456188 View commit details
    Browse the repository at this point in the history

  7. Made new OpenSSL IO Handler more compatible 

    * removed nested consts
* replaced some not existing functions
* removed regions
* replaced $Raise with Raise_

Thanks to @JedrzejczykRobert
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9098d2d View commit details
    Browse the repository at this point in the history

  8. Removed some unnecessary stuff from GenerateCode.dproj 

    Automated by ProjectMagican :)
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    95adc5f View commit details
    Browse the repository at this point in the history

  9. Do not use SafeLoadLibrary without second parameter 

    See for more information:
https://blog.dummzeuch.de/2017/06/13/do-not-call-safeloadlibrarydllname-dll/
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    75ea32b View commit details
    Browse the repository at this point in the history

  10. Added code for loading OpenSSL on Linux 

    Thanks to @xjikka
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9eb2819 View commit details
    Browse the repository at this point in the history

  11. Replaced %LINE% with %LINENUM% 

    %LINE% is a string, but we need an integer

Thanks to @grahamegrieve
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    a7bab36 View commit details
    Browse the repository at this point in the history

  12. IndyCheckWindowsVersion is only available under windows 

    Obviously...

Thanks to @grahamegrieve
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    11bf465 View commit details
    Browse the repository at this point in the history

  13. Removed duplicated types 

    rsa_st & dsa_st & dh_st & ec_key_st are already in IdOpenSSLHeaders_ossl_typ

Thanks to @grahamegrieve
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    0b3c98c View commit details
    Browse the repository at this point in the history

  14. If the options of the IO handler change, the context must be reinitia… 

    …lized
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    8e6da46 View commit details
    Browse the repository at this point in the history

  15. Corrected some header imports

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    6d52c7c View commit details
    Browse the repository at this point in the history

  16. Used correct case

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    95efa0a View commit details
    Browse the repository at this point in the history

  17. Fixed another wrong type

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9ecf100 View commit details
    Browse the repository at this point in the history

  18. Fixed copy'n'paste error :(

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    4b6316b View commit details
    Browse the repository at this point in the history

  19. Added missing raise

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    afb44be View commit details
    Browse the repository at this point in the history

  20. Fixed line endings

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    fdc52da View commit details
    Browse the repository at this point in the history

  21. Fixed small errors in crypto 

    * Missing cdecl
* Using PIdAnsiChar instead of PAnsiChar
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    f489e59 View commit details
    Browse the repository at this point in the history

  22. Added CRYPTO_set_mem_functions to crypto

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    36bec7c View commit details
    Browse the repository at this point in the history

  23. If OpenSSL is dynamically loaded, the DLLs should also be freed at un… 

    …loading
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    1c274b5 View commit details
    Browse the repository at this point in the history

  24. Fixed MemLeak with handling TLS Sessions 

    With new_session_cb we tell OpenSSL that we are holding a reference to
the session. We must then also release this reference. But since we get
more than one session object we need to keep a list of them.
And when cloning an IO Handler, the session reference must be increased.

Thanks to @ralfjunker
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    ce5caa5 View commit details
    Browse the repository at this point in the history

  25. Fixed missing _ to parameter named "out" & added dynlibs to Loader 

    Thanks to @JedrzejczykRobert
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    0004ff8 View commit details
    Browse the repository at this point in the history

  26. Fixed used-after-free 

    The ssl object should be destroyed before its ssl context object.

While destroying ssl context, OpenSSL calls remove_session_cb, but our
FSessionList is already freed

Thanks to @ralfjunker
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    2b6e7e2 View commit details
    Browse the repository at this point in the history

  27. The Server IO Handler does not immediately start a TLS handshake any … 

    …longer

You need to set PassThrough to False

Thanks to @rlebeau
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    ff99d3f View commit details
    Browse the repository at this point in the history

  28. Added SaveToFile and ctor overload for file loading to TIdOpenSSLX509

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    d392d53 View commit details
    Browse the repository at this point in the history

  29. Added missing file header to IdOpenSSLX509

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    76fdc7d View commit details
    Browse the repository at this point in the history

  30. Fixed using PBIO instead of BIO directly

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    f61d373 View commit details
    Browse the repository at this point in the history

  31. Use existing CheckForError and RaiseError

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    a313bb7 View commit details
    Browse the repository at this point in the history

  32. Add additional Infos to EIdOpenSSLAcceptError

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    4346440 View commit details
    Browse the repository at this point in the history

  33. Replaced &parameter with parameter_ 

    For better support of older delphi versions and fpc
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    d17a73a View commit details
    Browse the repository at this point in the history

  34. Improved excpetion message for shutdown errors

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    7f5d370 View commit details
    Browse the repository at this point in the history

  35. Fixed multiple Load / Unload calls

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    3864f7b View commit details
    Browse the repository at this point in the history

  36. Resolved c macro for ASN1_INTEGER functions

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    e63d7fd View commit details
    Browse the repository at this point in the history

  37. Fixed wrong parameter definitin in bn

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    30861e6 View commit details
    Browse the repository at this point in the history

  38. Resolved c macro for ASN1_Time functions

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    506eb2b View commit details
    Browse the repository at this point in the history

  39. Resolved c macro for ASN1_UTCTIME & ASN1_GENERALIZEDTIME functions

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    2921154 View commit details
    Browse the repository at this point in the history

  40. Resolved c macro for BIO_get/set_mem functions

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9b30d60 View commit details
    Browse the repository at this point in the history

  41. Removed duplicate type X509_REVOKED

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9d56ae3 View commit details
    Browse the repository at this point in the history

  42. Fixed small memory leak

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    8bbb0b2 View commit details
    Browse the repository at this point in the history

  43. Fix compile errors for Delphi 7 

    Signed-off-by: Fabian S. Biehn <[email protected]>
    @mezen
    Andre Heider authored and mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    d2209ba View commit details
    Browse the repository at this point in the history

  44. Added initialization of result as addition to 9c37992

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    e1820c5 View commit details
    Browse the repository at this point in the history

  45. Added BeforeInitContext and AfterInitContext to TIdOpenSSLIOHandlerSe… 

    …rver
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    651fcee View commit details
    Browse the repository at this point in the history

  46. Added some xml doc

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    23518eb View commit details
    Browse the repository at this point in the history

  47. Removed old code

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    08795ef View commit details
    Browse the repository at this point in the history

  48. Use parameter instead of property

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    df99616 View commit details
    Browse the repository at this point in the history

  49. TLS Client is now able to verify host name

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    19f9c1d View commit details
    Browse the repository at this point in the history

  50. Added small helpful comment

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    feb0095 View commit details
    Browse the repository at this point in the history

  51. Added header translation for pkcs12.h

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    f542125 View commit details
    Browse the repository at this point in the history

  52. Sort uses

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    a94ebd5 View commit details
    Browse the repository at this point in the history

  53. Use newer function

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    af908dd View commit details
    Browse the repository at this point in the history

  54. Added possibility to load trusted certs 

    Trusted certs are a special OpenSSL format
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    46db019 View commit details
    Browse the repository at this point in the history

  55. Load x509 from memory directly

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    97e9a01 View commit details
    Browse the repository at this point in the history

  56. Fixed translation error in bio 

    Used BIO_METHOD (wrong) instead of PBIO_METHOD (correct)
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    9f5cdd6 View commit details
    Browse the repository at this point in the history

  57. Added missing uses

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    f40a353 View commit details
    Browse the repository at this point in the history

  58. Expanded some c compiler macro

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    d0c2417 View commit details
    Browse the repository at this point in the history

  59. Add missing properties in AssignTo

    @zencode1 @mezen
    zencode1 authored and mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    274c7d0 View commit details
    Browse the repository at this point in the history

  60. Add missing properties in Equals

    @zencode1 @mezen
    zencode1 authored and mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    da81e95 View commit details
    Browse the repository at this point in the history

  61. Return the correct socket error

    @zencode1 @mezen
    zencode1 authored and mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    a899fa4 View commit details
    Browse the repository at this point in the history

  62. Fixed some comments

    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    8ce7c93 View commit details
    Browse the repository at this point in the history

  63. Use bidirectional shutdown on default 

    Closing the TCP connection after sending a TLS shutdown without reading
on the TCP channel could lead to data loss, especially on write-only
connections, like FTP data channel!

Added new option to wait for the TLS shutdown of the peer.
RFC 5246 section 7.2.1 says: Any TLS peer MUST respond with a shutdown
immediately, discarding any pending writes.
The wait still uses the ReadTimeout.

For more information:
openssl/openssl#7948
https://www.rfc-editor.org/rfc/rfc5246#section-7.2.1
    @mezen
    mezen committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    c0101f0 View commit details
    Browse the repository at this point in the history