oweals/openssl.git
6 years agoFix recent typo. -DL_ENDIAN / -DB_ENDIAN, not -DL_DEBIAN / -DB_DEBIAN
Richard Levitte [Mon, 29 Jan 2018 11:42:35 +0000 (12:42 +0100)]
Fix recent typo.  -DL_ENDIAN / -DB_ENDIAN, not -DL_DEBIAN / -DB_DEBIAN

Thank you Beat Bolli for notifying us

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5189)

6 years agoDon't break testing when runnins as root
Richard Levitte [Mon, 29 Jan 2018 05:14:53 +0000 (06:14 +0100)]
Don't break testing when runnins as root

The rehash test broke the test if run by root.  Instead, just skip the
check that requires non-root to be worth it.

Fixes #4387

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5184)

6 years agoAdd RAND_DRBG_bytes
Kurt Roeckx [Fri, 17 Nov 2017 14:00:35 +0000 (15:00 +0100)]
Add RAND_DRBG_bytes

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/4752)

6 years agoCreate troubleshooting subsection in INSTALL file
nickthetait [Sun, 28 Jan 2018 19:15:23 +0000 (20:15 +0100)]
Create troubleshooting subsection in INSTALL file

Fixes: #5130

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5178)

6 years agoGet rid of a warning about unused results
Richard Levitte [Sat, 27 Jan 2018 14:00:16 +0000 (15:00 +0100)]
Get rid of a warning about unused results

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5181)

6 years agoTreat C++ flags more like C flags, and only if C++ compiler specified
Richard Levitte [Sat, 27 Jan 2018 13:56:06 +0000 (14:56 +0100)]
Treat C++ flags more like C flags, and only if C++ compiler specified

C++ flags got the same config target value as C flags, but then
nothing else happened while C flags get all kinds of stuff added to
them (especially when --strict-warnings is used).

Now, C++ flags get the exact same treatment as C flags.  However, this
only happens when a C++ compiler is specified, to avoid confusing
messages about added C++ flags.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5181)

6 years agoFix WinCE config target
Richard Levitte [Sun, 28 Jan 2018 12:26:01 +0000 (13:26 +0100)]
Fix WinCE config target

vc_wince_info()->{defines} was left around, when it should be
vc_wince_info()->{cppflags}

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5182)

6 years agoVMS config.com: better handling of arguments
Richard Levitte [Sun, 28 Jan 2018 09:22:03 +0000 (10:22 +0100)]
VMS config.com: better handling of arguments

Most of all, this change preserves casing a bit better

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5180)

6 years agoUpdate copyright year in mkerr.pl
Steve Linsell [Sun, 28 Jan 2018 11:01:04 +0000 (12:01 +0100)]
Update copyright year in mkerr.pl

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5166)

6 years agoAdd a note on Configure variable processing in NEWS and CHANGES
Richard Levitte [Sat, 27 Jan 2018 15:53:07 +0000 (16:53 +0100)]
Add a note on Configure variable processing in NEWS and CHANGES

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoMake sure all our config targets inherit a BASE template
Richard Levitte [Sat, 27 Jan 2018 12:06:39 +0000 (13:06 +0100)]
Make sure all our config targets inherit a BASE template

There were a small number that inherited no BASE, the now inherit
BASE_unix.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoWe need Unixly defaults for config targets that don't inherit a BASE
Richard Levitte [Sat, 27 Jan 2018 12:01:44 +0000 (13:01 +0100)]
We need Unixly defaults for config targets that don't inherit a BASE

Ideally, each config target should inherit a base to get their
platform specific defaults.  Unfortunately, that is currently not the
case, so we duplicate the Unixly defaults from the BASE_unix template
into the DEFAULT template.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoStop having Unix defaults in Configure (partial)
Richard Levitte [Sat, 27 Jan 2018 11:13:35 +0000 (12:13 +0100)]
Stop having Unix defaults in Configure (partial)

Default values belong in the DEFAULT config target template, in
Configurations/00-base-templates.conf.

This isn't a complete move, but takes care of the most blatant
examples.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoProcessing GNU-style "make variables" - implementation
Richard Levitte [Fri, 26 Jan 2018 18:56:44 +0000 (19:56 +0100)]
Processing GNU-style "make variables" - implementation

Support the following "make variables":

AR              (GNU compatible)
ARFLAGS         (GNU Compatible)
AS              (GNU Compatible)
ASFLAGS         (GNU Compatible)
CC              (GNU Compatible)
CFLAGS          (GNU Compatible)
CXX             (GNU Compatible)
CXXFLAGS        (GNU Compatible)
CPP             (GNU Compatible)
CPPFLAGS        (GNU Compatible)
CPPDEFINES      List of CPP macro definitions.  Alternative for -D
CPPINCLUDES     List of CPP inclusion directories.  Alternative for -I
HASHBANGPERL    Perl invocation to be inserted after '#!' in public
                perl scripts.
LDFLAGS         (GNU Compatible)
LDLIBS          (GNU Compatible)
RANLIB          Program to generate library archive index
RC              Program to manipulate Windows resources
RCFLAGS         Flags for $(RC)
RM              (GNU Compatible)

Setting one of these overrides the corresponding data from our config
targets.  However, flags given directly on the configuration command
line are additional, and are therefore added to the flags coming from
one of the variables above or the config target.

Fixes #2420

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoProcessing GNU-style "make variables" - separate CPP flags from C flags
Richard Levitte [Tue, 23 Jan 2018 12:54:55 +0000 (13:54 +0100)]
Processing GNU-style "make variables" - separate CPP flags from C flags

C preprocessor flags get separated from C flags, which has the
advantage that we don't get loads of macro definitions and inclusion
directory specs when linking shared libraries, DSOs and programs.

This is a step to add support for "make variables" when configuring.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)

6 years agoFix some style nits in commit eee8a40
Bernd Edlinger [Fri, 26 Jan 2018 18:15:28 +0000 (19:15 +0100)]
Fix some style nits in commit eee8a40

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5173)

6 years agoCatch some more old sigalg names in comments
Benjamin Kaduk [Fri, 26 Jan 2018 15:23:57 +0000 (09:23 -0600)]
Catch some more old sigalg names in comments

Make the sigalg name in comments reflect one that actually exists
in the draft standard.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5174)

6 years agoFix ssl-trace with TLS 1.3 draft-23 PSS sigalgs
Benjamin Kaduk [Fri, 26 Jan 2018 15:21:08 +0000 (09:21 -0600)]
Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgs

The latest TLS 1.3 draft split the RSA-PSS signature schemes into
two versions that indicate the OID of the RSA key being used.
This forced us to rename the preprocessor defines for the sigalg
values, and the ssl-trace code was not adopted to match, since
it was not enabled int the default build.

Belatedly update the ssl_sigalg_tbl in the trace code to match.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5174)

6 years agoFix uninitialized read in sigalg parsing code
Benjamin Kaduk [Fri, 26 Jan 2018 01:30:54 +0000 (19:30 -0600)]
Fix uninitialized read in sigalg parsing code

The check for a duplicate value was reading one entry past
where it was supposed to, getting an uninitialized value.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5172)

6 years agoAdd TLSProxy tests for signature_algorithms_cert
Benjamin Kaduk [Wed, 24 Jan 2018 20:45:08 +0000 (14:45 -0600)]
Add TLSProxy tests for signature_algorithms_cert

We don't need to send this extension in normal operation since
we are our own X.509 library, but add some test cases that force
the extension to be sent and exercise our code to process the extension.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoAdd support for the TLS 1.3 signature_algorithms_cert extension
Benjamin Kaduk [Thu, 11 Jan 2018 17:47:12 +0000 (11:47 -0600)]
Add support for the TLS 1.3 signature_algorithms_cert extension

The new extension is like signature_algorithms, but only for the
signature *on* the certificate we will present to the peer (the
old signature_algorithms extension is still used for signatures that
we *generate*, i.e., those over TLS data structures).

We do not need to generate this extension, since we are the same
implementation as our X.509 stack and can handle the same types
of signatures, but we need to be prepared to receive it, and use the received
information when selecting what certificate to present.

There is a lot of interplay between signature_algorithms_cert and
signature_algorithms, since both affect what certificate we can
use, and thus the resulting signature algorithm used for TLS messages.
So, apply signature_algorithms_cert (if present) as a filter on what
certificates we can consider when choosing a certificate+sigalg
pair.

As part of this addition, we also remove the fallback code that let
keys of type EVP_PKEY_RSA be used to generate RSA-PSS signatures -- the
new rsa_pss_pss_* and rsa_pss_rsae_* signature schemes have pulled
the key type into what is covered by the signature algorithm, so
we should not apply this sort of compatibility workaround.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoUpdate documentation for SSL_set1_sigalgs()
Benjamin Kaduk [Thu, 18 Jan 2018 05:21:19 +0000 (23:21 -0600)]
Update documentation for SSL_set1_sigalgs()

These functions can now take both "sig+hash" strings and
algorithm-specific identifiers like "rsa_pss_pss_sha256" that
indicate a particular entry from the TLS signature algorithm
registry.

Also clarify that only the "_list" form allows for the new-style names
(the non-"list" interfaces take sig and hasn NIDs, which cannot
access all of the new-style schemes).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoPropagate TLS 1.3 sigalgs through tls1_set_sigalgs()
Benjamin Kaduk [Wed, 17 Jan 2018 17:55:29 +0000 (11:55 -0600)]
Propagate TLS 1.3 sigalgs through tls1_set_sigalgs()

Our historical SSL{,_CTX}_set_sigalgs() APIs take an array of
NID pairs (hash and signature), and our parser for manually
specifying unified sigalgs (that do not necessarily correspond
to an actual signature+hash pair) was transiting via (the implementation
of) this historical API.  The TLS 1.3 draft-23 has introduced
signature schemes that have identical signature type and hash type,
differing only in the (RSA) public key OID, which prevents
the rsa_pss_pss_* schemes from being properly identified and
sent on the wire.

To fix the issue, parse sigalg strings directly into SIGALG_LOOKUP
objects, and pass around an array of uint16 wire protocol values
instead of NID pairs.  The old interface is retained for API
compatibility but will become less and less useful with time.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoAdd TLS 1.3 draft-23 PSS signature algorithms
Benjamin Kaduk [Thu, 11 Jan 2018 19:39:30 +0000 (13:39 -0600)]
Add TLS 1.3 draft-23 PSS signature algorithms

We now have a split in the signature algorithms codepoint space for
whether the certificate's key is for rsaEncryption or a PSS-specific
key, which should let us get rid of some special-casing that we
previously needed to try to coax rsaEncryption keys into performing PSS.
(This will be done in a subsequent commit.)

Send the new PSS-with-PSS-specific key first in our list, so that
we prefer the new technology to the old one.

We need to update the expected certificate type in one test,
since the "RSA-PSS+SHA256" form now corresponds to a public key
of type rsaEncryption, so we should expect the server certificate
type to be just "RSA".  If we want to get a server certificate
type of "RSA-PSS", we need to use a new signature algorithm
that cannot be represented as signature+hash, so add a test for that
as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoRenumber TLSEXT_TYPE_key_share for draft-23
Benjamin Kaduk [Thu, 11 Jan 2018 16:55:05 +0000 (10:55 -0600)]
Renumber TLSEXT_TYPE_key_share for draft-23

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoBump TLS1_3_VERSION_DRAFT for draft-23
Benjamin Kaduk [Thu, 11 Jan 2018 16:49:33 +0000 (10:49 -0600)]
Bump TLS1_3_VERSION_DRAFT for draft-23

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)

6 years agoMake the s_server command listen on IPv6 only when requested
Bernd Edlinger [Tue, 23 Jan 2018 16:43:45 +0000 (17:43 +0100)]
Make the s_server command listen on IPv6 only when requested

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5152)

6 years agoFix setting of IPV6_V6ONLY on Windows
Bernd Edlinger [Thu, 25 Jan 2018 14:16:18 +0000 (15:16 +0100)]
Fix setting of IPV6_V6ONLY on Windows

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5139)

6 years agoFix signature of min/max proto getter
Christian Heimes [Sun, 21 Jan 2018 09:37:59 +0000 (10:37 +0100)]
Fix signature of min/max proto getter

The getters for min and max proto version wrongly passed NULL instead of
0 as third argument to SSL_ctrl() and SSL_CTX_ctrl(). The third argument
is not used, but the error results in a compiler warning:

warning: passing argument 3 of ‘SSL_CTX_ctrl’ makes integer from pointer without a cast [-Wint-conversion]
int v = SSL_CTX_get_max_proto_version(self->ctx);

See https://github.com/openssl/openssl/pull/4364

Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5128)

6 years agoFix SSL_CTX_get_{min,max}_proto_version integer conversion warning
Steffan Karger [Wed, 17 Jan 2018 16:06:41 +0000 (17:06 +0100)]
Fix SSL_CTX_get_{min,max}_proto_version integer conversion warning

When using the SSL_CTX_get_min_min_version macro while compiling with
-Wall, my compiler rightfully complains about this construction:

warning: passing argument 3 of ‘SSL_CTX_ctrl’ makes integer from
pointer without a cast [-Wint-conversion]

These macro's should use 0, instead of NULL, for the third argument,
like most other SSL_CTX_ctrl 'get' wrappers do.

CLA: trivial
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5099)

6 years agoAdded "B" tag to all variables.
David Cooper [Wed, 24 Jan 2018 17:27:19 +0000 (12:27 -0500)]
Added "B" tag to all variables.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

6 years agoAdd documentation for the OCSP_basic_sign() and OCSP_basic_sign_ctx() functions.
David Cooper [Wed, 24 Jan 2018 16:47:23 +0000 (11:47 -0500)]
Add documentation for the OCSP_basic_sign() and OCSP_basic_sign_ctx() functions.

Correct error return value in OCSP_basic_sign().

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

6 years agoMake editorial changes suggested by Matt Caswell and fixed Travis failures.
David Cooper [Tue, 23 Jan 2018 19:22:17 +0000 (14:22 -0500)]
Make editorial changes suggested by Matt Caswell and fixed Travis failures.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

6 years agoMake editorial changes suggested by Rich Salz and add the -rsigopt option to the...
David Cooper [Tue, 12 Dec 2017 21:01:22 +0000 (16:01 -0500)]
Make editorial changes suggested by Rich Salz and add the -rsigopt option to the man page for the ocsp command.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

6 years agoAdd -rsigopt option to ocsp command
David Cooper [Fri, 18 Aug 2017 13:27:19 +0000 (09:27 -0400)]
Add -rsigopt option to ocsp command

Add a -rsigopt option to the ocsp command that allows signature parameters to be provided for the signing of OCSP responses. The parameters that may be provided to -rsigopt are the same as may be provided to -sigopt in the ca, req, and x509 commands.

This PR also defines a OCSP_basic_sign_ctx() function, which functions in the same way as OCSP_basic_sign(), except that it accepts a EVP_MD_CTX rather than a key and digest. The OCSP_basic_sign_ctx() function is used to implement the -rsigopt option in the ocsp command.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)

6 years agoFix error-path memory leak in asn_mime.c
Todd Short [Mon, 22 Jan 2018 19:30:24 +0000 (14:30 -0500)]
Fix error-path memory leak in asn_mime.c

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5142)

6 years agoUpdates following review of SSL_stateless() code
Matt Caswell [Tue, 23 Jan 2018 12:23:23 +0000 (12:23 +0000)]
Updates following review of SSL_stateless() code

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd a timestamp to the cookie
Matt Caswell [Wed, 17 Jan 2018 14:29:22 +0000 (14:29 +0000)]
Add a timestamp to the cookie

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd the ability for s_server to operate statelessly
Matt Caswell [Fri, 29 Dec 2017 17:37:04 +0000 (17:37 +0000)]
Add the ability for s_server to operate statelessly

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoDon't send unexpected_message if we receive CCS while stateless
Matt Caswell [Fri, 29 Dec 2017 17:36:28 +0000 (17:36 +0000)]
Don't send unexpected_message if we receive CCS while stateless

Probably this is the CCS between the first and second ClientHellos. It
should be ignored.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd documentation for SSL_stateless()
Matt Caswell [Thu, 28 Sep 2017 14:05:58 +0000 (15:05 +0100)]
Add documentation for SSL_stateless()

Fixes #4283

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoFix the cookie/key_share extensions for use with SSL_stateless()
Matt Caswell [Thu, 28 Sep 2017 12:25:23 +0000 (13:25 +0100)]
Fix the cookie/key_share extensions for use with SSL_stateless()

Fixes some bugs identified during testing.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoFix the SSL_stateless() return code
Matt Caswell [Thu, 28 Sep 2017 12:24:58 +0000 (13:24 +0100)]
Fix the SSL_stateless() return code

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoFix interaction between SSL_stateless() and SSL_clear()
Matt Caswell [Thu, 28 Sep 2017 12:23:49 +0000 (13:23 +0100)]
Fix interaction between SSL_stateless() and SSL_clear()

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd some tests for the SSL_stateless() capability
Matt Caswell [Wed, 27 Sep 2017 08:46:38 +0000 (09:46 +0100)]
Add some tests for the SSL_stateless() capability

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoFix logic around when to send an HRR based on cookies
Matt Caswell [Wed, 13 Sep 2017 13:50:49 +0000 (14:50 +0100)]
Fix logic around when to send an HRR based on cookies

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd the SSL_stateless() function
Matt Caswell [Wed, 13 Sep 2017 12:48:48 +0000 (13:48 +0100)]
Add the SSL_stateless() function

This enables sending and receiving of the TLSv1.3 cookie on the server side
as appropriate.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoEnable the cookie callbacks to work even in TLS in the apps
Matt Caswell [Tue, 12 Sep 2017 15:19:09 +0000 (16:19 +0100)]
Enable the cookie callbacks to work even in TLS in the apps

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoAdd support for sending TLSv1.3 cookies
Matt Caswell [Mon, 11 Sep 2017 14:43:56 +0000 (15:43 +0100)]
Add support for sending TLSv1.3 cookies

This just adds the various extension functions. More changes will be
required to actually use them.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

6 years agoSmall cleanup of some build.info files
Richard Levitte [Tue, 23 Jan 2018 18:16:29 +0000 (19:16 +0100)]
Small cleanup of some build.info files

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)

6 years agoConfigure: ensure that a DEPEND generates the correct inclusion directory
Richard Levitte [Tue, 23 Jan 2018 18:13:48 +0000 (19:13 +0100)]
Configure: ensure that a DEPEND generates the correct inclusion directory

We incorrectly assumed that explicit dependencies meant that the
source directory would be added for inclusion.  However, if the
dependent file is generated, it's stored in the build directory, and
that should be used for inclusion rather than the source directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)

6 years agoConfigure: let INCLUDEs set on binaries "trickle down" to the objects
Richard Levitte [Tue, 23 Jan 2018 18:07:14 +0000 (19:07 +0100)]
Configure: let INCLUDEs set on binaries "trickle down" to the objects

This ensures that only one set of includes is associated with each
object file, reagardless of where it's used.

For example, if apps/build.info has this:

    SOURCE[openssl]=foo.c
    INCLUDE[openssl]=.. ../include

and test/build.info has this:

    SOURCE[footest]=../apps/foo.c
    INCLUDE[footest]=../include

The inclusion directories used for apps/foo.o would differ depending
on which program's dependencies get generated first in the build file.

With this change, all those INCLUDEs get combined into one set of
inclusion directories tied to the object file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)

6 years agoSHA512/224 and SHA512/256
Pauli [Wed, 17 Jan 2018 03:20:22 +0000 (13:20 +1000)]
SHA512/224 and SHA512/256

Support added for these two digests, available only via the EVP interface.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)

6 years agoHave EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find()
Richard Levitte [Mon, 22 Jan 2018 18:03:37 +0000 (19:03 +0100)]
Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find()

EVP_PKEY_asn1_find_str() would search through standard asn1 methods
first, then those added by the application, which EVP_PKEY_asn1_find()
worked the other way around.  Also, EVP_PKEY_asn1_find_str() didn't
handle aliases.

This change brings EVP_PKEY_asn1_find_str() closer to EVP_PKEY_asn1_find().

Fixes #5086

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5137)

6 years agoRevert "EVP_PKEY_asn1_add0(): Check that this method isn't already registered"
Richard Levitte [Mon, 22 Jan 2018 17:24:55 +0000 (18:24 +0100)]
Revert "EVP_PKEY_asn1_add0(): Check that this method isn't already registered"

This reverts commit d85722d31ac9ff0dc54c06cdc8d125acf56ca27a.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5137)

6 years agoFix no-ec --strict-warnings builds
Benjamin Kaduk [Tue, 23 Jan 2018 13:31:36 +0000 (07:31 -0600)]
Fix no-ec --strict-warnings builds

The 'loop' variable is only used if EC is available.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5149)

6 years agoImprove some BN documentation.
Rich Salz [Mon, 22 Jan 2018 19:41:09 +0000 (14:41 -0500)]
Improve some BN documentation.

Thanks to Nicolas Schodet for pointing this out.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5141)

6 years agoDon't add $(EX_LIBS) to libssl.pc's Libs.private
Richard Levitte [Mon, 22 Jan 2018 15:53:23 +0000 (16:53 +0100)]
Don't add $(EX_LIBS) to libssl.pc's Libs.private

Since libssl requires libcrypto and libcrypto.pc already has
Libs.private set exactly the same, there's no reason to repeat it in
libssl.pc.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5134)

6 years agoAdd anything specifying a threads library to ex_libs
Richard Levitte [Mon, 22 Jan 2018 15:50:54 +0000 (16:50 +0100)]
Add anything specifying a threads library to ex_libs

Even -pthread gets treated that way.  The reason to do this is so it
ends up in 'Libs.private' in libcrypto.pc.

Fixes #3884

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5134)

6 years agoWhen building shared libraries, only ln -s when simple and full name differ
Richard Levitte [Mon, 22 Jan 2018 21:02:36 +0000 (22:02 +0100)]
When building shared libraries, only ln -s when simple and full name differ

Fixes #5143

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5144)

6 years agoMove fprintf after assignment to avoid crash.
Rich Salz [Mon, 22 Jan 2018 19:33:22 +0000 (14:33 -0500)]
Move fprintf after assignment to avoid crash.

Thanks to David Vernet for reporting this.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5140)

6 years agotest/ossl_shim/packeted_bio.h: don't include e_os.h
Richard Levitte [Mon, 22 Jan 2018 16:51:51 +0000 (17:51 +0100)]
test/ossl_shim/packeted_bio.h: don't include e_os.h

That inclusion turned out to be completely unnecessary

[extended tests]

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5136)

6 years agoAdd accessors for AdmissionSyntax
Rich Salz [Thu, 5 Oct 2017 23:52:12 +0000 (00:52 +0100)]
Add accessors for AdmissionSyntax

Based on code from Matthias Ballreich, Steve Henson, and Wolf Tobias.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4724)

6 years agoReduce the use of e_os.h in test programs
Richard Levitte [Mon, 22 Jan 2018 10:00:59 +0000 (11:00 +0100)]
Reduce the use of e_os.h in test programs

This includes unnecessary use of the top as inclusion directory

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5132)

6 years agoDon't attempt to use X25519 for ECDSA in speed
Matt Caswell [Wed, 17 Jan 2018 10:33:18 +0000 (10:33 +0000)]
Don't attempt to use X25519 for ECDSA in speed

Fixes #5090

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5097)

6 years agoDon't crash on a missing Subject in index.txt
Matt Caswell [Fri, 19 Jan 2018 14:48:45 +0000 (14:48 +0000)]
Don't crash on a missing Subject in index.txt

An index.txt entry which has an empty Subject name field will cause ca
to crash. Therefore check it when we load it to make sure its not empty.

Fixes #5109

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5114)

6 years agoDon't allow an empty Subject when creating a Certificate
Matt Caswell [Fri, 19 Jan 2018 14:34:56 +0000 (14:34 +0000)]
Don't allow an empty Subject when creating a Certificate

Misconfiguration (e.g. an empty policy section in the config file) can
lead to an empty Subject. Since certificates should have unique Subjects
this should not be allowed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5114)

6 years agoAdd a configure option to opt-out secure memory
Bernd Edlinger [Fri, 19 Jan 2018 13:00:14 +0000 (14:00 +0100)]
Add a configure option to opt-out secure memory

./config -DOPENSSL_NO_SECURE_MEMORY

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5113)

6 years agoUpdate the license end year
Richard Levitte [Sat, 20 Jan 2018 09:02:23 +0000 (10:02 +0100)]
Update the license end year

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5121)

6 years agoEnable TLSProxy tests on Windows
Richard Levitte [Wed, 17 Jan 2018 09:39:28 +0000 (10:39 +0100)]
Enable TLSProxy tests on Windows

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5094)

6 years agoenc(1): document that AEAD is not and will not be supported
Benjamin Kaduk [Tue, 9 Jan 2018 21:26:37 +0000 (15:26 -0600)]
enc(1): document that AEAD is not and will not be supported

Note the reasons, including streaming output issues and key/iv/nonce
management issues.

Recommend the use of cms(1) instead.

Fixes #471.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5048)

6 years agoCopyright update of more files that have changed this year
Richard Levitte [Fri, 19 Jan 2018 09:49:22 +0000 (10:49 +0100)]
Copyright update of more files that have changed this year

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5110)

6 years agoSet OPENSSL_ENGINES for Windows
Bernd Edlinger [Fri, 19 Jan 2018 07:24:29 +0000 (08:24 +0100)]
Set OPENSSL_ENGINES for Windows

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5108)

6 years agoCreate one permanent proxy socket per TLSProxy::Proxy instance
Richard Levitte [Wed, 17 Jan 2018 10:22:47 +0000 (11:22 +0100)]
Create one permanent proxy socket per TLSProxy::Proxy instance

On Windows, we sometimes see a behavior with SO_REUSEADDR where there
remains lingering listening sockets on the same address and port as a
newly created one.

To avoid this scenario, we don't create a new proxy port for each new
client run.  Instead, we create one proxy socket when the proxy object
is created, and close it when destroying that object.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5095)

6 years agoOnly implement secure malloc if _POSIX_VERSION allows
Richard Levitte [Thu, 18 Jan 2018 13:05:33 +0000 (14:05 +0100)]
Only implement secure malloc if _POSIX_VERSION allows

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)

6 years agoThe Cygwin gcc doesn't define _WIN32, don't pretend it does
Richard Levitte [Mon, 15 Jan 2018 18:05:01 +0000 (19:05 +0100)]
The Cygwin gcc doesn't define _WIN32, don't pretend it does

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)

6 years agoSimplify Cygwin checks, part 1
Richard Levitte [Mon, 15 Jan 2018 18:04:17 +0000 (19:04 +0100)]
Simplify Cygwin checks, part 1

Because OPENSSL_SYS_CYGWIN will keep OPENSSL_SYS_UNIX defined, there's
no point having checks of this form:

    #if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN))

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)

6 years agoCygwin is POSIX, don't say it isn't
Richard Levitte [Thu, 11 Jan 2018 21:01:44 +0000 (22:01 +0100)]
Cygwin is POSIX, don't say it isn't

More to the point, Cygwin is a POSIX API.  In our library, the use of
a POSIX API is marked by defining the macro OPENSSL_SYS_UNIX.
Therefore, that macro shouldn't be undefined when building for Cygwin.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)

6 years agoTLSProxy::Proxy: Don't use ReuseAddr on Windows
Richard Levitte [Thu, 18 Jan 2018 09:54:48 +0000 (10:54 +0100)]
TLSProxy::Proxy: Don't use ReuseAddr on Windows

On Windows, we sometimes see a behavior with SO_REUSEADDR where there
remains lingering listening sockets on the same address and port as a
newly created one.

An easy solution is not to use ReuseAddr on Windows.

Thanks Bernd Edlinger for the suggestion.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5103)

6 years agodoc: Bad prototypes of EVP_PKEY_CTX_new()
Jakub Jelen [Thu, 18 Jan 2018 00:23:37 +0000 (19:23 -0500)]
doc: Bad prototypes of EVP_PKEY_CTX_new()

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4861)

6 years agoTLSProxy::Proxy: don't waste time redirecting STDOUT and STDERR
Richard Levitte [Wed, 17 Jan 2018 20:27:33 +0000 (21:27 +0100)]
TLSProxy::Proxy: don't waste time redirecting STDOUT and STDERR

On Windows, it seems that doing so in a forked (pseudo-)process
sometimes affects the parent, and thereby hides all the results that
are supposed to be seen by the running test framework (the "ok" and
"not ok" lines).

It turns out that our redirection isn't necessary, as the test
framework seems to swallow it all in non-verbose mode anyway.
It's possible that we did need this at some point, but the framework
has undergone some refinement since then...

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5100)

6 years agoTLSProxy::Proxy: If we don't support IPv6, force IPv4
Richard Levitte [Tue, 16 Jan 2018 18:50:10 +0000 (19:50 +0100)]
TLSProxy::Proxy:  If we don't support IPv6, force IPv4

We use the first we can of the following IO::Socket modules to create
sockets:

- IO::Socket::INET6
- IO::Socket::IP
- IO::Socket::INET

The last of them doesn't support IPv6, so if that's the one available,
we must force the s_client and s_server processes to use IPv4.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5092)

6 years agoUpdate all affected files' copyright year to 2018
Paul Yang [Mon, 15 Jan 2018 17:01:46 +0000 (01:01 +0800)]
Update all affected files' copyright year to 2018

Because the related PR/commits are merged in 2018...

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4976)

6 years agoEnforce return values section check
Paul Yang [Tue, 2 Jan 2018 17:07:57 +0000 (01:07 +0800)]
Enforce return values section check

To avoid check failure, make dummy RETURN VALUES sections in the docs
which have no real functions decribed inside...

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4976)

6 years agoAdd missing 'RETURN VALUES' sections in doc
Paul Yang [Mon, 25 Dec 2017 09:50:39 +0000 (17:50 +0800)]
Add missing 'RETURN VALUES' sections in doc

All missing sections are added.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4976)

6 years agoExtend timeout for TLSProxy
Matt Caswell [Tue, 16 Jan 2018 15:04:51 +0000 (15:04 +0000)]
Extend timeout for TLSProxy

I received this error from a TLSProxy test:

Failed to start up server (localhost,4443): Transport endpoint is not
connected

So, extend the timeout before we give up trying to connect to the server.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5088)

6 years agoRevert BN_copy() flag copy semantics change
Matt Caswell [Mon, 15 Jan 2018 11:23:07 +0000 (11:23 +0000)]
Revert BN_copy() flag copy semantics change

Commit 9f9442918a changed the semantics of BN_copy() to additionally
copy the BN_FLG_CONSTTIME flag if it is set. This turns out to be
ill advised as it has unintended consequences. For example calling
BN_mod_inverse_no_branch() can sometimes return a result with the flag
set and sometimes not as a result. This can lead to later failures if we
go down code branches that do not support constant time, but check for
the presence of the flag.

The original commit was made due to an issue in BN_MOD_CTX_set(). The
original PR fixed the problem in that function, but it was changed in
review to fix it in BN_copy() instead. The solution seems to be to revert
the BN_copy() change and go back to the originally proposed way.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5080)

6 years agoFix memory leak in do_rand_drbg_init()
Dr. Matthias St. Pierre [Tue, 16 Jan 2018 07:03:37 +0000 (08:03 +0100)]
Fix memory leak in do_rand_drbg_init()

Fixes #5076

Since do_rand_drbg_init() allocates three locks, it needs to ensure
that OPENSSL_init_crypto() is called, otherwise these resources are
not cleaned up properly.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5083)

6 years agoFix intermittent Windows and Cygwin failures in s_server
Richard Levitte [Mon, 15 Jan 2018 09:40:24 +0000 (10:40 +0100)]
Fix intermittent Windows and Cygwin failures in s_server

The same kind of failure that has already been observed on the
s_client can sometimes also be observed on s_server, so we need to add
the same kind of 50ms delay as was previously added on s_client.

Ref: git commit cb2e10f257a464c6b475b321dd9e4769df84dbf6:

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5079)

6 years agoFix Windows build file template to recognise .res files
Richard Levitte [Sun, 14 Jan 2018 21:39:20 +0000 (22:39 +0100)]
Fix Windows build file template to recognise .res files

Only when building the main shared libraries

Fixes #5075

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5077)

6 years agoFix intermittent Cygwin failures in s_client
Richard Levitte [Sun, 14 Jan 2018 16:15:32 +0000 (17:15 +0100)]
Fix intermittent Cygwin failures in s_client

This was identified for Windows almost two years ago for VC and
msys/mingw.  It seems that Cygwin suffers from the same issue, and
since Cygwin doesn't define OPENSSL_SYS_WINDOWS, we need to make a
special case to have a 50ms pause before closing the TLS connection.

Ref: git commit cb2e10f257a464c6b475b321dd9e4769df84dbf6

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5074)

6 years agoUse constant value 1 instead of SHUT_WR in do_server
Bernd Edlinger [Sun, 14 Jan 2018 17:17:59 +0000 (18:17 +0100)]
Use constant value 1 instead of SHUT_WR in do_server

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5072)

6 years agoExplicitly shut the socket down in s_client
Bernd Edlinger [Sat, 13 Jan 2018 17:41:08 +0000 (18:41 +0100)]
Explicitly shut the socket down in s_client

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5072)

6 years agoCatch SIGPIPE in TLSProxy::Proxy::clientstart
Bernd Edlinger [Sat, 13 Jan 2018 09:24:45 +0000 (10:24 +0100)]
Catch SIGPIPE in TLSProxy::Proxy::clientstart

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5071)

6 years agoChange the name of the SEC typedef to openssl_speed_sec_t.
Pauli [Fri, 12 Jan 2018 03:37:39 +0000 (13:37 +1000)]
Change the name of the SEC typedef to openssl_speed_sec_t.

This to avoid a clash with a #defined symbol on Solaris from time.h.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5064)

6 years agoMake data argument const in SSL_dane_tlsa_add
Patrick Schlangen [Wed, 10 Jan 2018 17:06:35 +0000 (12:06 -0500)]
Make data argument const in SSL_dane_tlsa_add

The data argument of SSL_dane_tlsa_add is used read-only, so it
should be const.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5056)

6 years agoEnhance util/openssl-update-copyright shell script
Dr. Matthias St. Pierre [Tue, 9 Jan 2018 15:09:14 +0000 (16:09 +0100)]
Enhance util/openssl-update-copyright shell script

- Avoid creating repeated year ranges <current_year>-<current_year> for
  documents which were added in the current year.

- Use extended regular expressions for better readability (less quoting)

- Use a shebang line which is more portable

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5044)

6 years agoTolerate DTLS alerts with an incorrect version number
Matt Caswell [Fri, 5 Jan 2018 10:12:29 +0000 (10:12 +0000)]
Tolerate DTLS alerts with an incorrect version number

In the case of a protocol version alert being sent by a peer the record
version number may not be what we are expecting. In DTLS records with an
unexpected version number are silently discarded. This probably isn't
appropriate for alerts, so we tolerate a mismatch in the minor version
number.

This resolves an issue reported on openssl-users where an OpenSSL server
chose DTLS1.0 but the client was DTLS1.2 only and sent a protocol_version
alert with a 1.2 record number. This was silently ignored by the server.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5018)

6 years agoConfigure: try to make sure every config target name is unique
Richard Levitte [Tue, 9 Jan 2018 18:51:19 +0000 (19:51 +0100)]
Configure: try to make sure every config target name is unique

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5047)

6 years agoFix --strict-warnings with C90
Todd Short [Tue, 9 Jan 2018 15:46:44 +0000 (10:46 -0500)]
Fix --strict-warnings with C90

Found with gcc 4.8.4

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5045)