Richard Levitte [Tue, 8 Dec 2015 23:09:47 +0000 (00:09 +0100)]
NEWS: Add a bit of precision regarding removal of cipher suites
Suggested by Benjamin Kaduk <bkaduk@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Tue, 8 Dec 2015 22:36:18 +0000 (23:36 +0100)]
Additional NEWS
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Tue, 8 Dec 2015 21:07:09 +0000 (16:07 -0500)]
Refer to website for acknowledgements.
Reviewed-by: Steve Marquess <marquess@openssl.com>
Richard Levitte [Tue, 8 Dec 2015 14:34:52 +0000 (15:34 +0100)]
Not all 'find's know -xtype, use -type instead
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 8 Dec 2015 11:43:05 +0000 (12:43 +0100)]
Adapt the OS X build to use the OS X tar
As part of this, move release creation to a script to be called from
.travis.yml. That makes it much easier to test outside of travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 8 Dec 2015 11:42:27 +0000 (12:42 +0100)]
Make it possible to affect the way dists are made
Introducing DISTTARVARS to propagate changed variables down to the
tar-making target.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Tue, 8 Dec 2015 16:49:12 +0000 (16:49 +0000)]
Update NEWS
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Mon, 7 Dec 2015 16:09:13 +0000 (16:09 +0000)]
Extended master secret test script.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Sun, 6 Dec 2015 17:49:14 +0000 (17:49 +0000)]
Add extms extension
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Tue, 8 Dec 2015 02:07:43 +0000 (02:07 +0000)]
TLSProxy update
Add function to delete extensions and fix ClientHello repacking.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Sat, 5 Dec 2015 18:58:49 +0000 (18:58 +0000)]
update errors
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Fri, 4 Dec 2015 19:48:15 +0000 (19:48 +0000)]
Extended master secret fixes and checks.
Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.
Server now sends extms if and only if the client sent extms.
Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Tue, 8 Dec 2015 13:00:59 +0000 (13:00 +0000)]
Fix merge error
Commit
6140f0365 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dmitry Belyavskiy [Wed, 30 Sep 2015 19:42:57 +0000 (22:42 +0300)]
Add some new cipher ctrl constants
These are needed for GOST
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Tue, 8 Dec 2015 00:01:13 +0000 (01:01 +0100)]
Cleanup the EVP_MD_CTX before exit rather than after
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 23:11:47 +0000 (00:11 +0100)]
Remove double semi (;)
When in the middle of declarations, some C compilers will complain.
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 19:49:17 +0000 (20:49 +0100)]
Remove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h
This is already defined in include/openssl/ossl_typ.h.
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 19:37:08 +0000 (20:37 +0100)]
Fix clang complaints about uninitialised variables.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 15:50:15 +0000 (16:50 +0100)]
Change tar owner and group to just 0
It seems like some tar versions don't like the name:id form for
--owner and --group. The closest known anonymous user being 0 (root),
that seems to be the most appropriate user/group to assign ownership
to. It matters very little when unpacking either way.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 02:28:22 +0000 (03:28 +0100)]
Add an entry in CHANGES
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 4 Dec 2015 12:04:54 +0000 (13:04 +0100)]
Document EVP_MD constructors, destructors and manipulators
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 22:43:59 +0000 (23:43 +0100)]
Document the HMAC changes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 02:19:11 +0000 (03:19 +0100)]
Document the EVP_MD_CTX changes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 13:47:08 +0000 (14:47 +0100)]
make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 21:49:24 +0000 (22:49 +0100)]
Cleanup: fix all sources that used HMAC_CTX_init
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 21:47:31 +0000 (22:47 +0100)]
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 23:52:56 +0000 (00:52 +0100)]
Cleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 23:49:35 +0000 (00:49 +0100)]
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 23:26:19 +0000 (00:26 +0100)]
Cleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free)
Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors. Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 23:22:30 +0000 (00:22 +0100)]
Cleanup: Remove M_EVP_MD_* macros
These macros were only meant for crypto/evp, and are now entirely
unused.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 22:43:27 +0000 (23:43 +0100)]
Adapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 22:42:39 +0000 (23:42 +0100)]
Remove HMAC_CTX_cleanup and combine its functionality into EVP_MD_CTX_init
This follows the same idea as the combination of EVP_MD_CTX_cleanup
and EVP_MD_CTX_init into one function.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 1 Dec 2015 00:38:35 +0000 (01:38 +0100)]
Remove EVP_MD_CTX_cleanup and put its functionality into EVP_MD_CTX_init
The idea is that with EVP_MD_CTX_create() and EVP_MD_CTX_destroy(),
EVP_MD_CTX_cleanup and EVP_MD_CTX_init is not used the same as before.
Instead, we need a single function that can be used to reinitialise an
existing EVP_MD_CTX that's been created with EVP_MD_CTX_create()
previously. Combining EVP_MD_CTX_cleanup and EVP_MD_CTX_init into
that one function is the answer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 12:44:28 +0000 (13:44 +0100)]
Adapt the rest of the source to the opaque HMAC_CTX
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 12:34:20 +0000 (13:34 +0100)]
Make the definition of HMAC_CTX opaque
This moves the definition to crypto/hmac/hmac_lcl.h. Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 09:25:36 +0000 (10:25 +0100)]
Add inclusion of internal/evp_int.h to all crypto/ files that need it
These are the files that add new EVP_MDs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 30 Nov 2015 09:24:12 +0000 (10:24 +0100)]
Adapt all engines that add new EVP_MDs
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Sun, 29 Nov 2015 19:12:35 +0000 (20:12 +0100)]
Have the few apps that accessed EVP_MD directly use accessors instead
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Sun, 29 Nov 2015 19:09:34 +0000 (20:09 +0100)]
Make the definition of EVP_MD opaque
This moves the definition to crypto/include/internal/evp_int.h and
defines all the necessary method creators, destructors, writers and
accessors. The name standard for the latter is inspired from the
corresponding functions to manipulate UI methods.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 13:02:12 +0000 (14:02 +0100)]
Adjust all accesses to EVP_MD_CTX to use accessor functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 13:19:27 +0000 (14:19 +0100)]
Document the changed HMAC API.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 13:10:15 +0000 (14:10 +0100)]
Adapt HMAC to the EVP_MD_CTX changes
This change required some special treatment, as HMAC is intertwined
with EVP_MD. For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX. This will
change as soon as HMAC_CTX becomes opaque.
Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 13:17:50 +0000 (14:17 +0100)]
Have other crypto/evp files include evp_locl.h
Note: this does not include the files in crypto/evp that are just
instanciations of EVP_MD.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 27 Nov 2015 12:35:02 +0000 (13:35 +0100)]
Make the definition of EVP_MD_CTX opaque
This moves the definitionto crypto/evp/evp_locl.h, along with a few
associated accessor macros. A few accessor/writer functions added.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 14:56:27 +0000 (15:56 +0100)]
Do not add symlinks in the source release
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 14:47:43 +0000 (15:47 +0100)]
In travis, build from a "source release" rather than from the build tree
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Mon, 7 Dec 2015 14:45:50 +0000 (15:45 +0100)]
Small changes to creating dists
Make TARFILE include ../ instead of having that hard coded all over the place.
When transforming file names in TAR_COMMAND, use $(NAME) instead of openssl-$(VERSION)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Thu, 3 Dec 2015 22:57:25 +0000 (22:57 +0000)]
Fix and update versions in CHANGES and NEWS
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Sun, 6 Dec 2015 21:02:39 +0000 (22:02 +0100)]
ARMv4 assembly pack: allow Thumb2 even in iOS build,
and engage it in most modules.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Viktor Dukhovni [Mon, 7 Dec 2015 03:17:15 +0000 (22:17 -0500)]
Fix typo and improve a bit of text
Reviewed-by: Tim Hudson <tjh@openssl.org>
Viktor Dukhovni [Sun, 6 Dec 2015 05:35:06 +0000 (00:35 -0500)]
Really disable 56-bit (single-DES) ciphers
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Kurt Roeckx [Sat, 5 Dec 2015 01:04:41 +0000 (02:04 +0100)]
Remove support for all 40 and 56 bit ciphers.
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #364
Kurt Roeckx [Fri, 4 Dec 2015 21:30:36 +0000 (22:30 +0100)]
Remove SSL_{CTX_}set_ecdh_auto() and always enable ECDH
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Kurt Roeckx [Fri, 4 Dec 2015 21:25:11 +0000 (22:25 +0100)]
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()
SSL_{CTX}_set_tmp_ecdh() allows to set 1 EC curve and then tries to use it. On
the other hand SSL_{CTX_}set1_curves() allows you to set a list of curves, but
only when SSL_{CTX_}set_ecdh_auto() was called to turn it on.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Kurt Roeckx [Fri, 4 Dec 2015 21:22:31 +0000 (22:22 +0100)]
Remove support for SSL_{CTX_}set_tmp_ecdh_callback().
This only gets used to set a specific curve without actually checking that the
peer supports it or not and can therefor result in handshake failures that can
be avoided by selecting a different cipher.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Fri, 4 Dec 2015 10:18:01 +0000 (10:18 +0000)]
Fix EAP FAST in the new state machine
The new state machine code missed an allowed transition when resuming a
session via EAP FAST. This commits adds the missing check for the
transition.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Viktor Dukhovni [Fri, 4 Dec 2015 05:27:47 +0000 (00:27 -0500)]
Revert unnecessary SSL_CIPHER_get_bits API change
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 4 Dec 2015 16:27:54 +0000 (17:27 +0100)]
Run test/run_tests.pl directly in the test_ordinals target
Running 'make TEST=test_ordinals test' starts the whole build process,
which wasn't desired for this target. Instead, we take a shortcut.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Tue, 1 Dec 2015 08:00:32 +0000 (09:00 +0100)]
bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Wed, 2 Dec 2015 13:32:08 +0000 (14:32 +0100)]
perlasm/ppc-xlate.pl: comply with ABIs that specify vrsave as reserved.
RT#4162
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Wed, 2 Dec 2015 15:25:08 +0000 (16:25 +0100)]
modes/ocb128.c: fix sanitizer warning.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 17:54:15 +0000 (18:54 +0100)]
Fix ./Configure reconf
'./Configure reconf' hasn't been working for a while, because a perl
lable needs to be immediately followed by a block.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Wed, 2 Dec 2015 14:30:39 +0000 (14:30 +0000)]
Remove RSA_FLAG_SIGN_VER flag.
Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
compatibility after RSA_METHOD was extended to include rsa_sign and
rsa_verify fields. It is no longer needed.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 17:44:26 +0000 (18:44 +0100)]
Move the backtrace memleak options to a separate variable
The contents of this variable ($memleak_devteam_backtrace) is added to
$cflags unless we build for a platform we know doesn't support gcc's
-rdynamic och backtrace() and friends.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Wed, 2 Dec 2015 17:03:20 +0000 (17:03 +0000)]
make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Wed, 2 Dec 2015 13:57:04 +0000 (13:57 +0000)]
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Wed, 2 Dec 2015 17:20:49 +0000 (12:20 -0500)]
Run test_ordinals after update
Catch a common 'make update' failure: conflicting ordinals.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 17:18:03 +0000 (18:18 +0100)]
_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead
The feature_test_macros(7) manual tells us that _BSD_SOURCE is
deprecated since glibc 2.20 and that the compiler will warn about it
being used, unless _DEFAULT_SOURCE is defined as well.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Wed, 2 Dec 2015 12:19:45 +0000 (13:19 +0100)]
Add backtrace to memory leak output
This is an option for builds with gcc and --strict-warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Tue, 1 Dec 2015 11:21:08 +0000 (12:21 +0100)]
crypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Mon, 30 Nov 2015 22:07:38 +0000 (23:07 +0100)]
modes/ocb128.c: split fixed block xors to aligned and misaligned.
Main goal was to improve performance on RISC platforms, e.g. 10%
was measured on MIPS, POWER8...
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Mon, 30 Nov 2015 12:26:21 +0000 (13:26 +0100)]
modes/ocb128.c: ocb_lookup_l to allow non-contiguous lookup
and CRYPTO_ocb128_encrypt to handle in==out.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Tue, 1 Dec 2015 18:40:37 +0000 (13:40 -0500)]
typo fix on function
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Tue, 21 Jul 2015 14:06:03 +0000 (10:06 -0400)]
ex_data part 2: doc fixes and CRYPTO_free_ex_index.
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Sat, 21 Nov 2015 13:27:46 +0000 (08:27 -0500)]
Remove BN_init
Rename it to be an internal function bn_init.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Sun, 29 Nov 2015 16:59:18 +0000 (16:59 +0000)]
Remove GOST special case: handled automatically now.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Dr. Stephen Henson [Sun, 29 Nov 2015 16:54:27 +0000 (16:54 +0000)]
Use digest indices for signature algorithms.
Don't hard code EVP_sha* etc for signature algorithms: use table
indices instead. Add SHA224 and SHA512 to tables.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Dr. Stephen Henson [Sun, 29 Nov 2015 14:13:33 +0000 (14:13 +0000)]
For TLS < 1.2 use default digest for client certificate
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Sun, 29 Nov 2015 16:27:08 +0000 (16:27 +0000)]
Use digest tables for defaults.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Viktor Dukhovni [Sat, 28 Nov 2015 19:45:43 +0000 (14:45 -0500)]
Correct aes-128-cbc cipher name
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Fri, 27 Nov 2015 21:26:36 +0000 (21:26 +0000)]
fix function code discrepancy
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Wed, 25 Nov 2015 18:20:50 +0000 (18:20 +0000)]
PRF and handshake hash revision.
Change handshake hash array into a single digest context simplifying the
handhake hash code. Use EVP_md5_sha1() if needed for handshake hashes in
TLS 1.1 and earlier.
Simplify PRF code to also use a single digest and treat EVP_md5_sha1()
as a special case.
Modify algorithm2 field of ciphers to use a single index value for handshake
hash and PRF instead of a bitmap.
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Tue, 24 Nov 2015 13:52:07 +0000 (13:52 +0000)]
Updates to GOST2012
Various updates following feedback from the recent commit of the new
GOST2012 code.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Sat, 2 May 2015 16:44:08 +0000 (17:44 +0100)]
Remove X509_VERIFY_PARAM_ID
Now that X509_VERIFY_PARAM is opaque X509_VERIFY_PARAM_ID is no longer
needed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Thu, 12 Nov 2015 15:54:30 +0000 (15:54 +0000)]
Fix a NULL deref in an error path
The SRP_create_verifier_BN function goes to the |err| label if the |salt|
value passed to it is NULL. It is then deref'd.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Tue, 24 Nov 2015 16:08:34 +0000 (16:08 +0000)]
Add documentation for BN_with_flags
Following on from the previous commit this adds some documentation for the
BN_with_flags function which is easy to misuse.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Tue, 24 Nov 2015 11:09:00 +0000 (11:09 +0000)]
Tighten up BN_with_flags usage and avoid a reachable assert
The function rsa_ossl_mod_exp uses the function BN_with_flags to create a
temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This
temporary copy shares some state with the original r1. If the state of r1
gets updated then local_r1's state will be stale. This was occurring in the
function so that when local_r1 was freed a call to bn_check_top was made
which failed an assert due to the stale state. To resolve this we must free
local_r1 immediately after we have finished using it and not wait until the
end of the function.
This problem prompted a review of all BN_with_flag usage within the
codebase. All other usage appears to be correct, although often not
obviously so. This commit refactors things to make it much clearer for
these other uses.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Wed, 25 Nov 2015 13:08:08 +0000 (13:08 +0000)]
Remove unused cert_verify_mac code
Reviewed-by: Andy Polyakov <appro@openssl.org>
Andy Polyakov [Mon, 23 Nov 2015 13:12:17 +0000 (14:12 +0100)]
Configuratons: add -DFILIO_H to harmonized Solaris targets.
Triggered by RT#4144.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Alessandro Ghedini [Wed, 28 Oct 2015 19:38:39 +0000 (20:38 +0100)]
Remove useless locking code
Follow-up to
070c233.
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>
GH: #454
Finn Hakansson [Tue, 24 Nov 2015 20:55:50 +0000 (15:55 -0500)]
Fix typo: _REENTERANT -> _REENTRANT
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #484
Marcus Meissner [Wed, 4 Nov 2015 14:00:12 +0000 (15:00 +0100)]
mark openssl configuration as loaded at end of OPENSSL_config
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>
GH: #466
Quanah Gibson-Mount [Mon, 23 Nov 2015 03:35:15 +0000 (21:35 -0600)]
Fix grammar errors
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>
GH: #481
Pascal Cuoq [Sun, 22 Nov 2015 23:13:15 +0000 (00:13 +0100)]
ssl3_free(): Return if it wasn't created
If somewhere in SSL_new() there is a memory allocation failure, ssl3_free() can
get called with s->s3 still being NULL.
Patch also provided by Willy Tarreau <wtarreau@haproxy.com>
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
Dr. Stephen Henson [Tue, 24 Nov 2015 14:20:58 +0000 (14:20 +0000)]
Add ctrl for SHA1 and SSLv3
Add SSLv3 ctrl to EVP_sha1() this is only needed if SSLv3 client
authentication is used with DSA/ECDSA.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Tue, 24 Nov 2015 02:29:57 +0000 (02:29 +0000)]
make update
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Tue, 24 Nov 2015 00:47:11 +0000 (00:47 +0000)]
Use EVP_md5_sha1() to process client verify
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Tue, 24 Nov 2015 00:08:35 +0000 (00:08 +0000)]
Use EVP_md5_sha1() to generate client verify
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Mon, 23 Nov 2015 16:07:46 +0000 (16:07 +0000)]
Add EVP_MD_CTX_ctrl function.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Mon, 23 Nov 2015 16:05:20 +0000 (16:05 +0000)]
Add ssl3 ctrl to EVP_md5_sha1().
Add a ctrl to EVP_md5_sha1() to handle the additional operations needed
to handle SSL v3 client authentication and finished message.
Reviewed-by: Tim Hudson <tjh@openssl.org>