oweals/openssl.git
8 years agoPrepare for 1.1.0-pre6 release OpenSSL_1_1_0-pre6
Matt Caswell [Thu, 4 Aug 2016 14:00:44 +0000 (15:00 +0100)]
Prepare for 1.1.0-pre6 release

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agomake update
Matt Caswell [Thu, 4 Aug 2016 14:00:43 +0000 (15:00 +0100)]
make update

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix date in CHANGES
Matt Caswell [Thu, 4 Aug 2016 13:55:41 +0000 (14:55 +0100)]
Fix date in CHANGES

The release scripts expect to see the date "xx XXX xxxx" in CHANGES. At
some point the year got changed from xxxx to 2016. This changes it back.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoDon't check any revocation info on proxy certificates
Richard Levitte [Wed, 3 Aug 2016 14:02:20 +0000 (16:02 +0200)]
Don't check any revocation info on proxy certificates

Because proxy certificates typically come without any CRL information,
trying to check revocation on them will fail.  Better not to try
checking such information for them at all.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoINSTALL: Make the use of [, ], { and } consistent and explain it
Richard Levitte [Wed, 3 Aug 2016 05:55:54 +0000 (07:55 +0200)]
INSTALL: Make the use of [, ], { and } consistent and explain it

The diverse notations used in INSTALL are not as self explanatory as
we might imagine, so let's attempt a consistent notation for mandatory
and optional pieces of a command line, and to explain the meaning of
each notation.

This does away with the bash notation used in one spot, as it isn't
universally understood and will only confuse the unknowing more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoINSTALL: Add missing details on VMS installation results
Richard Levitte [Wed, 3 Aug 2016 05:55:16 +0000 (07:55 +0200)]
INSTALL: Add missing details on VMS installation results

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoVMS: make sure to provide an absolute source directory for pod2html
Richard Levitte [Wed, 3 Aug 2016 10:54:42 +0000 (12:54 +0200)]
VMS: make sure to provide an absolute source directory for pod2html

Experience shows that pod2html changes directory during its process
without properly adjusting the given source directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoVMS: If configured no-shared, don't provide shareable image logical names
Richard Levitte [Wed, 3 Aug 2016 10:53:49 +0000 (12:53 +0200)]
VMS: If configured no-shared, don't provide shareable image logical names

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCheck for overlows and error return from ASN1_object_size()
Dr. Stephen Henson [Mon, 1 Aug 2016 23:45:31 +0000 (00:45 +0100)]
Check for overlows and error return from ASN1_object_size()

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoCheck for overflows in ASN1_object_size().
Dr. Stephen Henson [Mon, 1 Aug 2016 23:30:47 +0000 (00:30 +0100)]
Check for overflows in ASN1_object_size().

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago80-test_ssl_new.t: only skip on $no_tls if no other skip conditions defined
Richard Levitte [Tue, 2 Aug 2016 11:27:39 +0000 (13:27 +0200)]
80-test_ssl_new.t: only skip on $no_tls if no other skip conditions defined

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoIn 80-test_ssl_new, more "plan tests" to a more useful position
Richard Levitte [Tue, 2 Aug 2016 09:19:07 +0000 (11:19 +0200)]
In 80-test_ssl_new, more "plan tests" to a more useful position

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix tests for no-nextprotoneg
Matt Caswell [Tue, 2 Aug 2016 09:19:56 +0000 (10:19 +0100)]
Fix tests for no-nextprotoneg

Fix the 80-test_ssl_test_ctx and 80-test_ssl_new tests when used with the
no-nextprotoneg option

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix some style issues...
FdaSilvaYY [Thu, 28 Jul 2016 19:15:52 +0000 (21:15 +0200)]
Fix some style issues...

 extra spacing and 80 cols

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)

8 years agoDon't overwrite existing installed openssl.cnf
Richard Levitte [Mon, 1 Aug 2016 21:18:25 +0000 (23:18 +0200)]
Don't overwrite existing installed openssl.cnf

Instead, install the new one as openssl.cnf.dist (openssl.cnf-dist on
VMS), and only install it as openssl.cnf if that file doesn't already
exist.

Also, don't install with exec privileges on VMS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAll of ssldirs installation should be done by the install_ssldirs target
Richard Levitte [Mon, 1 Aug 2016 21:15:50 +0000 (23:15 +0200)]
All of ssldirs installation should be done by the install_ssldirs target

The Unix build file template didn't do that quite right.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoSome minor tweaks to the fuzzing docs
Matt Caswell [Mon, 1 Aug 2016 20:46:08 +0000 (21:46 +0100)]
Some minor tweaks to the fuzzing docs

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument certificate and CRL time functions.
Dr. Stephen Henson [Mon, 1 Aug 2016 18:16:52 +0000 (19:16 +0100)]
Document certificate and CRL time functions.

RT#4639

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoConstify some X509_CRL, X509_REQ functions.
Dr. Stephen Henson [Mon, 1 Aug 2016 18:30:34 +0000 (19:30 +0100)]
Constify some X509_CRL, X509_REQ functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoConstify some X509_CRL functions.
Dr. Stephen Henson [Mon, 1 Aug 2016 18:25:16 +0000 (19:25 +0100)]
Constify some X509_CRL functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agomake update
Dr. Stephen Henson [Mon, 1 Aug 2016 17:37:48 +0000 (18:37 +0100)]
make update

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd DSA_bits() function.
Dr. Stephen Henson [Mon, 1 Aug 2016 17:37:03 +0000 (18:37 +0100)]
Add DSA_bits() function.

RT#4637

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix typo of BN_zero()
Kurt Roeckx [Sun, 31 Jul 2016 12:11:12 +0000 (14:11 +0200)]
Fix typo of BN_zero()

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoForgotten make update
Richard Levitte [Mon, 1 Aug 2016 14:14:41 +0000 (16:14 +0200)]
Forgotten make update

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoConst the ex data stuff too to fix warnings
Richard J. Moore [Sun, 31 Jul 2016 10:04:48 +0000 (11:04 +0100)]
Const the ex data stuff too to fix warnings

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoConst EC_KEY_dup
Richard J. Moore [Sun, 31 Jul 2016 00:08:30 +0000 (01:08 +0100)]
Const EC_KEY_dup

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdditional CMS content types from RFC 4073, RFC 5083, and RFC 5084.
Wim Lewis [Wed, 27 Jul 2016 00:37:29 +0000 (17:37 -0700)]
Additional CMS content types from RFC 4073, RFC 5083, and RFC 5084.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1355)

8 years agoUseless allocation
FdaSilvaYY [Thu, 28 Jul 2016 21:20:19 +0000 (23:20 +0200)]
Useless allocation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoFix some style issues
FdaSilvaYY [Thu, 28 Jul 2016 20:51:18 +0000 (22:51 +0200)]
Fix some style issues

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoAdd missing help string
FdaSilvaYY [Sat, 23 Jul 2016 13:39:49 +0000 (15:39 +0200)]
Add missing help string

Fix an error message

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoFix some awkward tests
FdaSilvaYY [Sat, 23 Jul 2016 12:45:08 +0000 (14:45 +0200)]
Fix some awkward tests

Add some explanatory comments
Discard some useless parenthesis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoMerge some conditional blocks of code.
FdaSilvaYY [Fri, 29 Jul 2016 11:22:42 +0000 (13:22 +0200)]
Merge some conditional blocks of code.

Fix an #if check about rsa_count...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoSimplify default inits, add const qualifiers
FdaSilvaYY [Tue, 19 Jul 2016 21:54:21 +0000 (23:54 +0200)]
Simplify default inits, add const qualifiers
Simplify some loops to reuse k variable

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoCast to right type, simplify array args
FdaSilvaYY [Tue, 19 Jul 2016 21:57:18 +0000 (23:57 +0200)]
Cast to right type, simplify array args

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoFix sharing of two static variables
FdaSilvaYY [Tue, 12 Jul 2016 21:13:20 +0000 (23:13 +0200)]
Fix sharing of two static variables

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoECDH test is only one operation to run
FdaSilvaYY [Tue, 19 Jul 2016 22:16:45 +0000 (00:16 +0200)]
ECDH test is only one operation to run

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoFix three missing global declarations.
FdaSilvaYY [Sat, 23 Jul 2016 12:26:07 +0000 (14:26 +0200)]
Fix three missing global declarations.

Fix compilation without SIGALRM.
It don't link because of remaning alarm(0); call.

Convert engine_id variable to local one

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)

8 years agoFix return values of do_passwd() in apps/passwd.c
Richard Levitte [Mon, 1 Aug 2016 11:07:48 +0000 (13:07 +0200)]
Fix return values of do_passwd() in apps/passwd.c

do_passwd() was returning 0 on success and 1 on failure.  However,
those values were interpreted the other way around.  The fix that
makes the most sense is to change what do_passwd() returns.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix bad result in i2b_PVK()
Matt Caswell [Mon, 1 Aug 2016 11:11:21 +0000 (12:11 +0100)]
Fix bad result in i2b_PVK()

The function i2b_PVK() was returning a bad pointer causing subsequent
crashes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix param order in RSA_get0_key
Matt Caswell [Mon, 1 Aug 2016 11:10:11 +0000 (12:10 +0100)]
Fix param order in RSA_get0_key

Some calls to RSA_get0_key had the parameters in the wrong order causing a
failure.

GitHub Issue #1368

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoInclude what we use.
Ben Laurie [Mon, 1 Aug 2016 02:44:42 +0000 (03:44 +0100)]
Include what we use.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agopeer_tmp doesn't exist if no-ec no-dh.
Ben Laurie [Sun, 31 Jul 2016 14:48:24 +0000 (15:48 +0100)]
peer_tmp doesn't exist if no-ec no-dh.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix various no-*s.
Ben Laurie [Sun, 31 Jul 2016 10:42:04 +0000 (11:42 +0100)]
Fix various no-*s.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agocrypto/ui/ui_openssl.c: UTF-y Windows code path.
Andy Polyakov [Tue, 19 Jul 2016 11:52:49 +0000 (13:52 +0200)]
crypto/ui/ui_openssl.c: UTF-y Windows code path.

Windows never composes UTF-8 strings as result of user interaction
such as input query. The only way to compose one is programmatic
conversion from WCHAR string, which in turn can be picked up with
ReadConsoleW.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoapps/openssl.c: UTF-y Windows argv.
Andy Polyakov [Sat, 16 Jul 2016 21:21:39 +0000 (23:21 +0200)]
apps/openssl.c: UTF-y Windows argv.

Windows never composes UTF-8 strings as result of user interaction
such as passing command-line argument. The only way to compose one
is programmatic conversion from WCHAR string, which in turn can be
picked up on command line.

[For reference, why not wmain, it's not an option on MinGW.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoConfigurations/00-base-templates.conf: harmonize BASE_Windows.
Andy Polyakov [Sun, 17 Jul 2016 20:12:38 +0000 (22:12 +0200)]
Configurations/00-base-templates.conf: harmonize BASE_Windows.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoConfigurations/unix-Makefile.tmpl: add LC_ALL=C to unify messages.
Andy Polyakov [Thu, 28 Jul 2016 21:05:32 +0000 (23:05 +0200)]
Configurations/unix-Makefile.tmpl: add LC_ALL=C to unify messages.

RT#4138

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoevp/bio_enc.c: perform enc_read operation without using overlapping buffers.
Andy Polyakov [Mon, 25 Jul 2016 13:04:33 +0000 (15:04 +0200)]
evp/bio_enc.c: perform enc_read operation without using overlapping buffers.

Reviewed-by: Stephen Henson <steve@openssl.org>
8 years agotest/smcont.txt: trigger assertion in bio_enc.c.
Andy Polyakov [Mon, 25 Jul 2016 13:03:43 +0000 (15:03 +0200)]
test/smcont.txt: trigger assertion in bio_enc.c.

Reviewed-by: Stephen Henson <steve@openssl.org>
8 years agoevp/evp_enc.c: make assert error message more readable
Andy Polyakov [Mon, 25 Jul 2016 13:02:26 +0000 (15:02 +0200)]
evp/evp_enc.c: make assert error message more readable
and add EVPerr(PARTIALLY_OVERLAPPED)

Reviewed-by: Stephen Henson <steve@openssl.org>
8 years agoFix the docs too
Richard J. Moore [Sat, 30 Jul 2016 18:34:06 +0000 (19:34 +0100)]
Fix the docs too

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)

8 years agoIgnore the serial number for now and just do the rest.
Richard J. Moore [Sat, 30 Jul 2016 17:36:16 +0000 (18:36 +0100)]
Ignore the serial number for now and just do the rest.

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)

8 years agoMake some more X509 functions const.
Richard J. Moore [Sat, 30 Jul 2016 10:47:18 +0000 (11:47 +0100)]
Make some more X509 functions const.

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1367)

8 years agorsa.c: fix incorrect guard for pvk-* options
Viktor Szakats [Sat, 30 Jul 2016 00:34:19 +0000 (02:34 +0200)]
rsa.c: fix incorrect guard for pvk-* options

This update syncs the #if guard protecting the pvk-* options
with the rest of the source handling those options. Also fix
some nearby whitespace.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1365)

8 years agoFix crash as a result of MULTIBLOCK
Matt Caswell [Mon, 25 Jul 2016 09:36:57 +0000 (10:36 +0100)]
Fix crash as a result of MULTIBLOCK

The MULTIBLOCK code uses a "jumbo" sized write buffer which it allocates
and then frees later. Pipelining however introduced multiple pipelines. It
keeps track of how many pipelines are initialised using numwpipes.
Unfortunately the MULTIBLOCK code was not updating this when in deallocated
its buffers, leading to a buffer being marked as initialised but set to
NULL.

RT#4618

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix bogus warnings
Matt Caswell [Sat, 30 Jul 2016 09:37:53 +0000 (10:37 +0100)]
Fix bogus warnings

Fix some bogus "may be used uninitialized" warnings on some compilers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoprint out MAC algorithm
Dr. Stephen Henson [Fri, 22 Jul 2016 14:33:15 +0000 (15:33 +0100)]
print out MAC algorithm

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix CRL time comparison.
Dr. Stephen Henson [Fri, 29 Jul 2016 16:54:52 +0000 (17:54 +0100)]
Fix CRL time comparison.

Thanks to David Benjamin <davidben@google.com> for reporting this bug.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoUpdate the SSL_set_bio()/SSL_set0_rbio()/SSL_set0_wbio() docs
Matt Caswell [Fri, 22 Jul 2016 10:55:10 +0000 (11:55 +0100)]
Update the SSL_set_bio()/SSL_set0_rbio()/SSL_set0_wbio() docs

Update the documentation for the newly renamed and modified SSL_set0_rbio()
and SSL_set0_wbio() functions. State that they should be preferred over
SSL_set_bio(). Attempt to document the ownership rules for SSL_set_bio().

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoSimplify and rename SSL_set_rbio() and SSL_set_wbio()
Matt Caswell [Thu, 21 Jul 2016 11:17:29 +0000 (12:17 +0100)]
Simplify and rename SSL_set_rbio() and SSL_set_wbio()

SSL_set_rbio() and SSL_set_wbio() are new functions in 1.1.0 and really
should be called SSL_set0_rbio() and SSL_set0_wbio(). The old
implementation was not consistent with what "set0" means though as there
were special cases around what happens if the rbio and wbio are the same.
We were only ever taking one reference on the BIO, and checking everywhere
whether the rbio and wbio are the same so as not to double free.

A better approach is to rename the functions to SSL_set0_rbio() and
SSL_set0_wbio(). If an existing BIO is present it is *always* freed
regardless of whether the rbio and wbio are the same or not. It is
therefore the callers responsibility to ensure that a reference is taken
for *each* usage, i.e. one for the rbio and one for the wbio.

The legacy function SSL_set_bio() takes both the rbio and wbio in one go
and sets them both. We can wrap up the old behaviour in the implementation
of that function, i.e. previously if the rbio and wbio are the same in the
call to this function then the caller only needed to ensure one reference
was passed. This behaviour is retained by internally upping the ref count.

This commit was inspired by BoringSSL commit f715c423224.

RT#4572

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd some SSL BIO tests
Matt Caswell [Thu, 21 Jul 2016 10:02:22 +0000 (11:02 +0100)]
Add some SSL BIO tests

This adds some simple SSL BIO tests that check for pushing and popping of
BIOs into the chain. These tests would have caught the bugs fixed in the
previous three commits, if combined with a crypto-mdebug build.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix BIO_pop for SSL BIOs
Matt Caswell [Thu, 21 Jul 2016 09:55:31 +0000 (10:55 +0100)]
Fix BIO_pop for SSL BIOs

The BIO_pop implementation assumes that the rbio still equals the next BIO
in the chain. While this would normally be the case, it is possible that it
could have been changed directly by the application. It also does not
properly cater for the scenario where the buffering BIO is still in place
for the write BIO.

Most of the existing BIO_pop code for SSL BIOs can be replaced by a single
call to SSL_set_bio(). This is equivalent to the existing code but
additionally handles the scenario where the rbio has been changed or the
buffering BIO is still in place.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix BIO_push ref counting for SSL BIO
Matt Caswell [Thu, 21 Jul 2016 09:48:12 +0000 (10:48 +0100)]
Fix BIO_push ref counting for SSL BIO

When pushing a BIO onto an SSL BIO we set the rbio and wbio for the SSL
object to be the BIO that has been pushed. Therefore we need to up the ref
count for that BIO. The existing code was uping the ref count on the wrong
BIO.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDon't double free the write bio
Matt Caswell [Thu, 21 Jul 2016 09:28:24 +0000 (10:28 +0100)]
Don't double free the write bio

When setting the read bio we free up any old existing one. However this can
lead to a double free if the existing one is the same as the write bio.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd a test for SSL_set_bio()
Matt Caswell [Thu, 21 Jul 2016 14:06:13 +0000 (15:06 +0100)]
Add a test for SSL_set_bio()

The SSL_set_bio() function has some complicated ownership rules. This adds a
test to make sure it all works as expected.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMake the checks for an SSLv2 style record stricter
Matt Caswell [Fri, 22 Jul 2016 13:58:19 +0000 (14:58 +0100)]
Make the checks for an SSLv2 style record stricter

SSLv2 is no longer supported in 1.1.0, however we *do* still accept an SSLv2
style ClientHello, as long as we then subsequently negotiate a protocol
version >= SSLv3. The record format for SSLv2 style ClientHellos is quite
different to SSLv3+. We only accept this format in the first record of an
initial ClientHello. Previously we checked this by confirming
s->first_packet is set and s->server is true. However, this really only
tells us that we are dealing with an initial ClientHello, not that it is
the first record (s->first_packet is badly named...it really means this is
the first message). To check this is the first record of the initial
ClientHello we should also check that we've not received any data yet
(s->init_num == 0), and that we've not had any empty records.

GitHub Issue #1298

Reviewed-by: Emilia Käsper <emilia@openssl.org>
8 years agoVarious doc fixes.
Rich Salz [Thu, 28 Jul 2016 21:00:05 +0000 (17:00 -0400)]
Various doc fixes.

Cannot nest B<> tags
Document "openssl speed" command.
Fix doc nits: missing NAME/SYNOPSIS stuff

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoAdd memory sanitizer config, and run on travis.
Emilia Kasper [Thu, 28 Jul 2016 18:24:28 +0000 (20:24 +0200)]
Add memory sanitizer config, and run on travis.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoNote cipher BIO write errors too.
Dr. Stephen Henson [Tue, 26 Jul 2016 19:22:49 +0000 (20:22 +0100)]
Note cipher BIO write errors too.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoUse sk_CONF_VALUE_pop_free in do_ext_nconf error path.
David Benjamin [Tue, 26 Jul 2016 15:36:23 +0000 (11:36 -0400)]
Use sk_CONF_VALUE_pop_free in do_ext_nconf error path.

8605abf13523579ecab8b1f2a4bcb8354d94af79 fixed the nval leak, but it
used free instead of pop_free. nval owns its contents, so it should be
freed with pop_free. See the pop_free call a few lines down.

This is a no-op as, in this codepath, we must have nval == NULL or
sk_CONF_VALUE_num(nval) == 0. In those cases, free and pop_free are
identical. However, variables should be freed consistently.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1351)

8 years agoSkip non-existing files.
Kurt Roeckx [Sat, 16 Jul 2016 19:45:34 +0000 (21:45 +0200)]
Skip non-existing files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1324

8 years agoAdd Hurd shared extension
Kurt Roeckx [Sun, 24 Jul 2016 20:32:15 +0000 (22:32 +0200)]
Add Hurd shared extension

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1345

8 years agoRT4639: Typo when -DSSL_DEBUG
Jon Loeliger [Tue, 26 Jul 2016 16:48:20 +0000 (12:48 -0400)]
RT4639: Typo when -DSSL_DEBUG

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoSet error if EVP_CipherUpdate fails.
Dr. Stephen Henson [Tue, 26 Jul 2016 15:51:49 +0000 (16:51 +0100)]
Set error if EVP_CipherUpdate fails.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDeprecate X509_LU_FAIL, X509_LU_RETRY
Dr. Stephen Henson [Mon, 25 Jul 2016 15:57:49 +0000 (16:57 +0100)]
Deprecate X509_LU_FAIL, X509_LU_RETRY

Instead of X509_LU_FAIL, X509_LU_RETRY use 0/1 for return values.

RT#4577

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoUse X509_LOOKUP_TYPE for lookup type consistently.
Dr. Stephen Henson [Mon, 25 Jul 2016 15:46:05 +0000 (16:46 +0100)]
Use X509_LOOKUP_TYPE for lookup type consistently.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMove X509_LU_RETRY, X509_LU_FAIL
Dr. Stephen Henson [Mon, 25 Jul 2016 13:58:07 +0000 (14:58 +0100)]
Move X509_LU_RETRY, X509_LU_FAIL

X509_LU_RETRY and X509_LU_FAIL are not X509_OBJECT types so don't include
them in the enum.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove current_method from X509_STORE_CTX
Dr. Stephen Henson [Mon, 25 Jul 2016 13:05:39 +0000 (14:05 +0100)]
Remove current_method from X509_STORE_CTX

Remove current_method: it was intended as a means of retrying
lookups bit it was never used. Now that X509_verify_cert() is
a "one shot" operation it can never work as intended.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoUpdate the example in proxy_certificates.txt
Richard Levitte [Mon, 25 Jul 2016 16:55:28 +0000 (18:55 +0200)]
Update the example in proxy_certificates.txt

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDiscard BIO_set(BIO* bio) method
FdaSilvaYY [Fri, 10 Jun 2016 21:28:44 +0000 (23:28 +0200)]
Discard BIO_set(BIO* bio) method

Simplify BIO init using OPENSSL_zalloc().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1261)

8 years agozero pad DHE public key in ServerKeyExchange message for interop
russor [Mon, 25 Jul 2016 17:30:13 +0000 (10:30 -0700)]
zero pad DHE public key in ServerKeyExchange message for interop

Some versions of the Microsoft TLS stack have problems when the DHE public key
is encoded with fewer bytes than the DHE prime.

There's some public acknowledgement of the bug at these links:

https://connect.microsoft.com/IE/feedback/details/1253526/tls-serverkeyexchange-with-1024-dhe-may-encode-dh-y-as-127-bytes-breaking-internet-explorer-11
https://connect.microsoft.com/IE/feedback/details/1104905/wininet-calculation-of-mac-in-tls-handshake-intermittently-fails-for-dhe-rsa-key-exchange

This encoding issue also causes the same errors with 2048-bit DHE, if the
public key is encoded in fewer than 256 bytes and includes the TLS stack on
Windows Phone 8.x.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1320)

8 years agoMake it possible for external code to set the certiciate proxy path length
Richard Levitte [Mon, 25 Jul 2016 15:02:56 +0000 (17:02 +0200)]
Make it possible for external code to set the certiciate proxy path length

This adds the functions X509_set_proxy_pathlen(), which sets the
internal pc path length cache for a given X509 structure, along with
X509_get_proxy_pathlen(), which retrieves it.

Along with the previously added X509_set_proxy_flag(), this provides
the tools needed to manipulate all the information cached on proxy
certificates, allowing external code to do what's necessary to have
them verified correctly by the libcrypto code.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd X509_STORE lock and unlock functions
Richard Levitte [Thu, 7 Jul 2016 21:55:34 +0000 (23:55 +0200)]
Add X509_STORE lock and unlock functions

Since there are a number of function pointers in X509_STORE that might
lead to user code, it makes sense for them to be able to lock the
store while they do their work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agomake update
Richard Levitte [Wed, 20 Jul 2016 14:39:39 +0000 (16:39 +0200)]
make update

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument the X509_STORE and X509_STORE_CTX setters and getters
Richard Levitte [Sat, 23 Jul 2016 14:00:02 +0000 (16:00 +0200)]
Document the X509_STORE and X509_STORE_CTX setters and getters

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd setter and getter for X509_STORE's check_policy
Richard Levitte [Wed, 20 Jul 2016 14:23:34 +0000 (16:23 +0200)]
Add setter and getter for X509_STORE's check_policy

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd getters / setters for the X509_STORE_CTX and X509_STORE functions
Richard Levitte [Thu, 7 Jul 2016 21:22:45 +0000 (23:22 +0200)]
Add getters / setters for the X509_STORE_CTX and X509_STORE functions

We only add setters for X509_STORE function pointers except for the
verify callback function.  The thought is that the function pointers
in X509_STORE_CTX are a cache for the X509_STORE functions.
Therefore, it's preferable if the user makes the changes in X509_STORE
before X509_STORE_CTX_init is called, and otherwise use the verify
callback to override any results from OpenSSL's internal
calculations.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRT4627: Doc patch: fix constant names
Steffen Nurpmeso [Mon, 25 Jul 2016 10:25:15 +0000 (12:25 +0200)]
RT4627: Doc patch: fix constant names

Reviewed-by: Matt Caswell <matt@openssl.org>
Signed-off-by: Rich Salz <rsalz@openssl.org>
8 years agoexplicit init
FdaSilvaYY [Thu, 14 Jul 2016 08:36:55 +0000 (10:36 +0200)]
explicit init

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoTypo and comment fix
FdaSilvaYY [Tue, 5 Jul 2016 19:22:18 +0000 (21:22 +0200)]
Typo and comment fix

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoUnused variable, and cleanups
FdaSilvaYY [Sat, 2 Jul 2016 12:08:37 +0000 (14:08 +0200)]
Unused variable, and cleanups

Break two long messages.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoUnused variable cleanup
FdaSilvaYY [Mon, 11 Jul 2016 17:46:08 +0000 (19:46 +0200)]
Unused variable cleanup

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoDiscard a dead option
FdaSilvaYY [Mon, 11 Jul 2016 17:45:40 +0000 (19:45 +0200)]
Discard a dead option

Old inactive inherited code, a code relic for sure.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoDiscard some unused typedefs
FdaSilvaYY [Mon, 11 Jul 2016 17:41:32 +0000 (19:41 +0200)]
Discard some unused typedefs

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

8 years agoConstify X509|X509_CRL|X509_REVOKED_get_ext
FdaSilvaYY [Sat, 9 Jul 2016 22:59:23 +0000 (00:59 +0200)]
Constify X509|X509_CRL|X509_REVOKED_get_ext

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)

8 years agoConstify ... X509|X509_CRL|X509_REVOKED|_get_ext*()
FdaSilvaYY [Sat, 9 Jul 2016 22:37:58 +0000 (00:37 +0200)]
Constify ... X509|X509_CRL|X509_REVOKED|_get_ext*()

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)

8 years agoConstify ...
FdaSilvaYY [Fri, 8 Jul 2016 22:43:28 +0000 (00:43 +0200)]
Constify ...

X509_REVOKED_get0_extensions
X509_check_private_key

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)

8 years agoConstify (X509|X509V3|X509_CRL|X509_REVOKED)_get_ext_d2i ...
FdaSilvaYY [Fri, 8 Jul 2016 22:08:40 +0000 (00:08 +0200)]
Constify (X509|X509V3|X509_CRL|X509_REVOKED)_get_ext_d2i ...

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)

8 years agoConstify i2s_ASN1_INTEGER, X509V3_get_d2i
FdaSilvaYY [Fri, 8 Jul 2016 22:08:03 +0000 (00:08 +0200)]
Constify i2s_ASN1_INTEGER, X509V3_get_d2i

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)

8 years agoConstify input parameters of methods :
FdaSilvaYY [Thu, 7 Jul 2016 22:10:29 +0000 (00:10 +0200)]
Constify input parameters of methods :

 - X509_NAME_entry_count, X509_ATTRIBUTE_count
 - X509_NAME_add_entry_by_OBJ, X509_NAME_ENTRY_create_by_OBJ, X509_NAME_ENTRY_set_object

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)