David Asraf [Wed, 23 Jan 2019 11:10:11 +0000 (11:10 +0000)]
crypto/bn: fix return value in BN_generate_prime
When the ret parameter is NULL the generated prime
is in rnd variable and not in ret.
CLA: trivial
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8076)
Shigeki Ohtsu [Thu, 24 Jan 2019 13:45:50 +0000 (22:45 +0900)]
s_client: fix not to send a command letter of R
Before 1.1.0, this command letter is not sent to a server.
CLA: trivial
(cherry picked from commit
bc180cb4887c2e82111cb714723a94de9f6d2c35)
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8081)
Tomas Mraz [Thu, 24 Jan 2019 16:58:56 +0000 (17:58 +0100)]
Remove stray -modulus option from the ec manual page.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8082)
Matthias Kraft [Fri, 18 Jan 2019 12:09:06 +0000 (13:09 +0100)]
Add "weak" declarations of symbols used in safestack.h and lhash.h
Only for SunCC for now.
It turns out that some compilers to generate external variants of
unused static inline functions, and if they use other external
symbols, those need to be present as well. If you then happen to
include one of safestack.h or lhash.h without linking with libcrypto,
the build fails.
Fixes #6912
Signed-off-by: Matthias Kraft <Matthias.Kraft@softwareag.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8087)
Dr. Matthias St. Pierre [Fri, 25 Jan 2019 07:40:46 +0000 (08:40 +0100)]
X509_STORE: fix two misspelled compatibility macros
Fixes #8084
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8086)
Klotz, Tobias [Thu, 20 Dec 2018 11:59:31 +0000 (12:59 +0100)]
Cleanup vxworks support to be able to compile for VxWorks 7
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7569)
Matt Caswell [Tue, 22 Jan 2019 14:27:25 +0000 (14:27 +0000)]
Fix s_client so that it builds on Windows
Fixes #8050
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8065)
Matt Caswell [Fri, 18 Jan 2019 12:10:07 +0000 (12:10 +0000)]
Revert "Keep the DTLS timer running after the end of the handshake if appropriate"
This commit erroneously kept the DTLS timer running after the end of the
handshake. This is not correct behaviour and shold be reverted.
This reverts commit
f7506416b1311e65d5c440defdbcfe176f633c50.
Fixes #7998
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8047)
Matt Caswell [Fri, 18 Jan 2019 15:24:57 +0000 (15:24 +0000)]
Make sure we trigger retransmits in DTLS testing
During a DTLS handshake we may need to periodically handle timeouts in the
DTLS timer to ensure retransmits due to lost packets are performed. However,
one peer will always complete a handshake before the other. The DTLS timer
stops once the handshake has finished so any handshake messages lost after
that point will not automatically get retransmitted simply by calling
DTLSv1_handle_timeout(). However attempting an SSL_read implies a
DTLSv1_handle_timeout() and additionally will process records received from
the peer. If those records are themselves retransmits then we know that the
peer has not completed its handshake yet and a retransmit of our final
flight automatically occurs.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8047)
Richard Levitte [Tue, 22 Jan 2019 14:46:54 +0000 (15:46 +0100)]
Build: change remaining $unified_info{install} checks to use attributes
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8063)
Richard Levitte [Tue, 22 Jan 2019 11:17:36 +0000 (12:17 +0100)]
Rework build: Windows dependency building fix
One variable misssing
Fixes #8060
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8061)
Richard Levitte [Wed, 7 Nov 2018 10:10:50 +0000 (11:10 +0100)]
Build: pass attributes down to make rule generators
For good measure, we pass down attributes when calling obj2shlib,
obj2lib, obj2dso, obj2bin, or in2script. We currently don't use them
in our build file templates, but might as well for future use.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
Richard Levitte [Wed, 7 Nov 2018 10:05:17 +0000 (11:05 +0100)]
Build: use attributes to indicate installed script classes
We have two classes of scripts to be installed, those that are
installed as "normal" programs, and those that are installed as "misc"
scripts. These classes are installed in different locations, so the
build file templates must pay attention.
Because we didn't have the tools to indicate what scripts go where, we
had these scripts hard coded in the build template files, with the
maintenance issues that may cause. Now that we have attributes, those
can be used to classify the installed scripts, and have the build file
templates simply check the attributes to know what's what.
Furthermore, the 'tsget.pl' script exists both as 'tsget.pl' and
'tsget', which is done by installing a symbolic link (or copy). This
link name is now given through an attribute, which results in even
less hard coding in the Unix Makefile template.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
Richard Levitte [Wed, 7 Nov 2018 10:02:06 +0000 (11:02 +0100)]
Build: Change all _NO_INST to use attributes instead.
This means that all PROGRAMS_NO_INST, LIBS_NO_INST, ENGINES_NO_INST
and SCRIPTS_NO_INST are changed to be PROGRAM, LIBS, ENGINES and
SCRIPTS with the associated attribute 'noinst'.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
Richard Levitte [Wed, 7 Nov 2018 09:44:05 +0000 (10:44 +0100)]
Configure: add attributes to end product build.info variables
Among others, this avoids having special variables like
PROGRAMS_NO_INST. Instead, we can have something like this:
PROGRAMS{noinst}=foo bar
Configure itself is entirely agnostic to these attributes, they are
simply passed to the build file templates, to be used as they see fit.
Attributes can also have values, for example:
SCRIPTS{linkname=foo}=foo.pl
This could help indicate to build file templates that care that the
perl script 'foo.pl' should also exist with the name 'foo', preferably
as a symbolic link.
Fixes #7568
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
Richard Levitte [Wed, 7 Nov 2018 09:34:05 +0000 (10:34 +0100)]
Configure: teach the tokenizer to handle other separators than spaces
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
Matt Eaton [Tue, 22 Jan 2019 02:14:34 +0000 (20:14 -0600)]
Update NOTES.ANDROID
Minor typo fix to `adjustment` in the line:
"In such case you have to pass matching target
name to Configure and shouldn't use -D__ANDROID_API__=N. PATH adjustment
becomes simpler, $ANDROID_NDK/bin:$PATH suffices."
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8054)
Richard Levitte [Tue, 23 Oct 2018 13:45:24 +0000 (15:45 +0200)]
Rework building: Get rid of old %unified_info structures
Now that we have the names of libraries on different systems
established through platform modules, we can remove the old structure
to establish the same thing, i.e. $unified_info{sharednames} and
$unified_info{rename}. That means removing support for the RENAME and
SHARED_NAME keywords in build.info as well.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Richard Levitte [Tue, 23 Oct 2018 13:42:46 +0000 (15:42 +0200)]
Rework building: adapt some scripts
The platform module collection is made in such a way that any Perl
script that wants to take part of the available information can use
them just as well as the build system.
This change adapts test/recipes/90-test_shlibload.t, util/mkdef.pl,
and util/shlib_wrap.sh.in
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Richard Levitte [Tue, 23 Oct 2018 13:09:57 +0000 (15:09 +0200)]
Rework building: Unix changes to handle extensions and product names
Add platform::Unix, which is a generic Unix module to support product
name and extensions functionlity. However, this isn't quite enough,
as mingw and Cygwin builds are done using the same templates, but
since shared libraries work as on Windows and are named accordingly,
platform::mingw and platform::Cygwin were also added to provide the
necessary tweaks.
This reworks Configurations/unix-Makefile.tmpl to work out product
names in platform::Unix et al terms. In this one, we currently do
care about the *_extension config attributes, and the modules adapt
accordingly where it matters.
This change also affected crypto/include/internal/dso_conf.h.in, since
the DSO extension is meant to be the same as the short shared library
extension, which isn't '.so' everywhere.
'shared_extension' attributes that had the value
'.so.\$(SHLIB_VERSION_NUMBER)' are removed, platform::Unix provides
an extension where the shared library version number is hard-coded
instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Richard Levitte [Tue, 23 Oct 2018 13:00:36 +0000 (15:00 +0200)]
Rework building: VMS changes to handle extensions and product names
Add platform::VMS, which is a generic VMS module. Additional modules
to support specific building aspects (such as specific compilers) may
be added later, but since we currently work on file names and those
are generic enough, this is also enough.
This reworks Configurations/descrip.mms.tmpl to work out product names
in platform::VMS terms. Something to be noted is that the new
functionality ignores the *_extension config attributes, as they were
never used. VMS is very consistent in its use of extensions, so there
is no reason to believe much will change in this respect.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Richard Levitte [Tue, 23 Oct 2018 12:36:23 +0000 (14:36 +0200)]
Rework building: Windows changes to handle extensions and product names
Add platform::Windows, which is a generic Windows module, and
platform::Windows::MSVC, which is a module specifically for MS Visual
C.
This reworks Configurations/windows-makeffile.tmpl to work out product
names in platform::Windows. Something to be noted is that the new
functionality ignores the *_extension config attributes, as they were
never used.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Richard Levitte [Tue, 23 Oct 2018 12:14:48 +0000 (14:14 +0200)]
Rework building: initial changes
This is the start of a major work to correct some quirks in the
buiding system. The base for this is to move certain attributes that
lack desired flexibility from Configurations/*.conf to perl modules
that can be selected with one single attribute in the config targets.
The way this is meant to work is by adding this attribute in select
config targets:
perl_module => 'Name'; # Name to be replaced
Then, in the perl scripts or modules that need the functionality,
these lines should be added:
use lib catdir($srcdir, 'Configurations'); # Ensure access to platform.pm
use lib $blddir; # Ensure access to configdata.pm
use platform; # Will load platform::$target{perl_module}
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
Bernd Edlinger [Fri, 21 Sep 2018 07:05:16 +0000 (09:05 +0200)]
Make ca command silently use default if .attr file does not exist
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7286)
Bernd Edlinger [Thu, 17 Jan 2019 14:15:57 +0000 (15:15 +0100)]
PPC: Try out if mftb works before using it
If this fails try out if mfspr268 works.
Use OPENSSL_ppccap=0x20 for enabling mftb,
OPENSSL_ppccap=0x40 for enabling mfspr268,
and OPENSSL_ppccap=0 for enabling neither.
Fixes #8012
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8043)
David von Oheimb [Thu, 17 Jan 2019 13:52:18 +0000 (14:52 +0100)]
update Copyright date
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8036)
David von Oheimb [Wed, 16 Jan 2019 14:38:34 +0000 (15:38 +0100)]
add 'L' after _OPENSSL_VERSION_PRE_RELEASE literals, fixes #8021
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8036)
Corey Minyard [Mon, 21 Jan 2019 07:47:02 +0000 (17:47 +1000)]
Fix a memory leak in the mem bio
If you use a BIO and set up your own buffer that is not freed, the
memory bio will leak the BIO_BUF_MEM object it allocates.
The trouble is that the BIO_BUF_MEM is allocated and kept around,
but it is not freed if BIO_NOCLOSE is set.
The freeing of BIO_BUF_MEM was fairly confusing, simplify things
so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM
in mem_free(), where it should be done.
Alse add a test for a leak in the memory bio
Setting a memory buffer caused a leak.
Signed-off-by: Corey Minyard <minyard@acm.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8051)
Antoine Salon [Fri, 14 Dec 2018 20:47:07 +0000 (12:47 -0800)]
Add missing EVP_MD documentation
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7905)
Marc [Thu, 3 Jan 2019 00:32:00 +0000 (00:32 +0000)]
s_client: Add basic proxy authentication support
1) Add two new flags (-proxy_user & -proxy_pass) to s_client to add support for basic (base64) proxy authentication.
2) Add a "Proxy-Connection: Keep-Alive" HTTP header which is a workaround for some broken proxies which otherwise close the connection when entering tunnel mode (eg Squid 2.6).
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7975)
David Benjamin [Tue, 11 Sep 2018 20:49:28 +0000 (13:49 -0700)]
Reduce inputs before the RSAZ code.
The RSAZ code requires the input be fully-reduced. To be consistent with the
other codepaths, move the BN_nnmod logic before the RSAZ check.
This fixes an oft-reported fuzzer bug.
https://github.com/google/oss-fuzz/issues/1761
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7187)
Richard Levitte [Wed, 16 Jan 2019 20:54:48 +0000 (21:54 +0100)]
apps/verify.c: Change an old comment to clarify what the callback does
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7922)
Richard Levitte [Wed, 12 Dec 2018 21:37:37 +0000 (22:37 +0100)]
crypto/bio/b_dump.c: change all char* to void*, and constify
Some of these functions take char*, which is seldom right, they should
have been unsigned char*, because the content isn't expected to be
text.
Even better is to simply take void* as data type, which also happens
to be transparent for any type these functions are called with, be it
char* or unsigned char*. This shouldn't break anything.
While we're at it, constify the input data parameters.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7890)
Richard Levitte [Wed, 16 Jan 2019 05:31:15 +0000 (06:31 +0100)]
crypto/armcap.c, crypto/ppccap.c: stricter use of getauxval()
Having a weak getauxval() and only depending on GNU C without looking
at the library we build against meant that it got picked up where not
really expected.
So we change this to check for the glibc version, and since we know it
exists from that version, there's no real need to make it weak.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8028)
Richard Levitte [Thu, 20 Dec 2018 09:17:38 +0000 (10:17 +0100)]
crypto/uid.c: use own macro as guard rather than AT_SECURE
It turns out that AT_SECURE may be defined through other means than
our inclusion of sys/auxv.h, so to be on the safe side, we define our
own guard and use that to determine if getauxval() should be used or
not.
Fixes #7932
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7933)
Matt Caswell [Mon, 14 Jan 2019 16:37:14 +0000 (16:37 +0000)]
Don't get the mac type in TLSv1.3
We don't use this information so we shouldn't fetch it. As noted in the
comments in #8005.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8020)
Matt Caswell [Mon, 14 Jan 2019 16:36:33 +0000 (16:36 +0000)]
Add missing entries in ssl_mac_pkey_id
Fixes #8005
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8020)
Matt Caswell [Mon, 14 Jan 2019 11:22:42 +0000 (11:22 +0000)]
Check more return values in the SRP code
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8019)
Matt Caswell [Mon, 14 Jan 2019 11:06:43 +0000 (11:06 +0000)]
Check a return value in the SRP code
Spotted by OSTIF audit
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8019)
Anna Henningsen [Sun, 13 Jan 2019 17:26:43 +0000 (18:26 +0100)]
Fix compilation with `-DREF_PRINT`
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8016)
Matt Caswell [Wed, 17 Oct 2018 15:17:25 +0000 (16:17 +0100)]
Don't artificially limit the size of the ClientHello
We were setting a limit of SSL3_RT_MAX_PLAIN_LENGTH on the size of the
ClientHello. AFAIK there is nothing in the standards that requires this
limit.
The limit goes all the way back to when support for extensions was first
added for TLSv1.0. It got converted into a WPACKET max size in 1.1.1. Most
likely it was originally added to avoid the complexity of having to grow
the init_buf in the middle of adding extensions. With WPACKET this is
irrelevant since it will grow automatically.
This issue came up when an attempt was made to send a very large
certificate_authorities extension in the ClientHello.
We should just remove the limit.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7424)
Matt Caswell [Mon, 7 Jan 2019 15:16:23 +0000 (15:16 +0000)]
Fix compilation on sparc
Fixes #7966
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7997)
FdaSilvaYY [Tue, 8 Jan 2019 06:27:27 +0000 (16:27 +1000)]
Fix CID
1434549: Unchecked return value in test/evp_test.c
5. check_return: Calling EVP_EncodeUpdate without checking return value
(as is done elsewhere 4 out of 5 times).
Fix CID
1371695,
1371698: Resource leak in test/evp_test.c
- leaked_storage: Variable edata going out of scope leaks the storage it
points to.
- leaked_storage: Variable encode_ctx going out of scope leaks the
storage it points to
Fix CID
1430437,
1430426,
1430429 : Dereference before null check in test/drbg_cavs_test.c
check_after_deref: Null-checking drbg suggests that it
may be null, but it has already been dereferenced on all paths leading
to the check
Fix CID
1440765: Dereference before null check in test/ssltestlib.c
check_after_deref: Null-checking ctx suggests that it may be null, but
it has already been dereferenced on all paths leading to the check.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7993)
Viktor Dukhovni [Tue, 1 Jan 2019 07:53:24 +0000 (02:53 -0500)]
More configurable crypto and ssl library initialization
1. In addition to overriding the default application name,
one can now also override the configuration file name
and flags passed to CONF_modules_load_file().
2. By default we still keep going when configuration file
processing fails. But, applications that want to be strict
about initialization errors can now make explicit flag
choices via non-null OPENSSL_INIT_SETTINGS that omit the
CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far been
both undocumented and unused).
3. In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG
if the options already include OPENSSL_INIT_NO_LOAD_CONFIG.
4. Don't set up atexit() handlers when called with INIT_BASE_ONLY.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7986)
Viktor Dukhovni [Wed, 2 Jan 2019 00:19:43 +0000 (19:19 -0500)]
Update generator copyright year.
Some Travis builds appear to fail because generated objects get
2019 copyrights now, and the diff complains.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7986)
Matt Caswell [Fri, 4 Jan 2019 16:55:15 +0000 (16:55 +0000)]
Add a test for correct handling of the cryptopro bug extension
This was complicated by the fact that we were using this extension for our
duplicate extension handling tests. In order to add tests for cryptopro
bug the duplicate extension handling tests needed to change first.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7984)
Matt Caswell [Fri, 4 Jan 2019 16:54:03 +0000 (16:54 +0000)]
Don't complain if we receive the cryptopro extension in the ClientHello
The cryptopro extension is supposed to be unsolicited and appears in the
ServerHello only. Additionally it is unofficial and unregistered - therefore
we should really treat it like any other unknown extension if we see it in
the ClientHello.
Fixes #7747
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7984)
Dr. Matthias St. Pierre [Mon, 7 Jan 2019 00:21:56 +0000 (01:21 +0100)]
doc/man1/x509.pod: fix typo
This looks like a copy&paste error from req.pod to x509.pod.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7995)
Dmitry Belyavskiy [Fri, 4 Jan 2019 17:38:29 +0000 (20:38 +0300)]
Restore compatibility with GOST2001 implementations.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7985)
Matt Caswell [Fri, 4 Jan 2019 11:13:39 +0000 (11:13 +0000)]
Fix no-sock
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7981)
Matt Caswell [Fri, 4 Jan 2019 10:24:19 +0000 (10:24 +0000)]
Fix no-cmac
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7979)
Richard Levitte [Sat, 5 Jan 2019 08:33:22 +0000 (09:33 +0100)]
crypto/evp/e_aes.c: build again on s390x
The stuff needed to build with SIV wasn't in place for s390x
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7988)
Patrick Steuer [Fri, 3 Aug 2018 22:10:06 +0000 (00:10 +0200)]
crypto/chacha/asm/chacha-s390x.pl: add vx code path.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6919)
Patrick Steuer [Wed, 7 Dec 2016 11:58:34 +0000 (12:58 +0100)]
s390x assembly pack: perlasm support.
Added crypto/perlasm/s390x.pm Perl module. Its primary use is to be
independent of binutils version, that is to write byte codes of
instructions that are not part of the base instruction set.
Currently only gas format is supported.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6919)
Matt Caswell [Fri, 16 Nov 2018 17:26:23 +0000 (17:26 +0000)]
Support _onexit() in preference to atexit() on Windows
This enables cleanup to happen on DLL unload instead of at process exit.
[extended tests]
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Fri, 16 Nov 2018 14:05:14 +0000 (14:05 +0000)]
Introduce a no-pinshared option
This option prevents OpenSSL from pinning itself in memory.
Fixes #7598
[extended tests]
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Thu, 15 Nov 2018 17:41:06 +0000 (17:41 +0000)]
Test atexit handlers
Test that atexit handlers get called properly at process exit, unless we
have explicitly asked for them not to be.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Thu, 15 Nov 2018 16:59:41 +0000 (16:59 +0000)]
Don't link shlibloadtest against libcrypto
The whole point of shlibloadtest is to test dynamically loading and
unloading the library. If we link shlibloadtest against libcrypto then that
might mask potential issues.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Thu, 15 Nov 2018 16:27:34 +0000 (16:27 +0000)]
Implement OPENSSL_INIT_NO_ATEXIT
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Tue, 20 Nov 2018 15:32:55 +0000 (15:32 +0000)]
Fix a RUN_ONCE bug
We have a number of instances where there are multiple "init" functions for
a single CRYPTO_ONCE variable, e.g. to load config automatically or to not
load config automatically. Unfortunately the RUN_ONCE mechanism was not
correctly giving the right return value where an alternative init function
was being used.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Matt Caswell [Thu, 15 Nov 2018 14:50:52 +0000 (14:50 +0000)]
Fix shlibloadtest to properly execute the dso_ref test
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)
Dmitry Belyavskiy [Wed, 2 Jan 2019 12:47:07 +0000 (15:47 +0300)]
Eliminate unused buffers from ssl3_change_cipher_state
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7971)
Dmitry Belyavskiy [Wed, 2 Jan 2019 10:28:07 +0000 (13:28 +0300)]
Remove unused variables from tls1_change_cipher_state
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7971)
Matt Caswell [Wed, 2 Jan 2019 16:43:21 +0000 (16:43 +0000)]
make update
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/7972)
Bernd Edlinger [Thu, 27 Dec 2018 21:18:21 +0000 (22:18 +0100)]
Fix cert with rsa instead of rsaEncryption as public key algorithm
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7962)
Bernd Edlinger [Sun, 16 Dec 2018 11:43:59 +0000 (12:43 +0100)]
Fix a minor nit in the hkdflabel size
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7913)
Behrang [Thu, 20 Dec 2018 12:56:03 +0000 (23:56 +1100)]
Fixed minor typo in the req.pod docs
CLA: Trivial
Fixes #7928.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7973)
Michael Richardson [Thu, 27 Dec 2018 18:25:07 +0000 (13:25 -0500)]
fixed grammar typo
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7959)
David Makepeace [Wed, 28 Nov 2018 04:03:15 +0000 (14:03 +1000)]
Minor doc fixes for EVP_MAC.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7716)
Shreya Bhandare [Thu, 13 Dec 2018 17:29:10 +0000 (22:59 +0530)]
EVP_PKEY_size declared to take a const parameter
CLA: trivial
Function EVP_PKEY_size has been modified to take a const parameter
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7892)
Jung-uk Kim [Thu, 13 Dec 2018 23:18:16 +0000 (18:18 -0500)]
Do not complain when /dev/crypto does not exist.
FreeBSD does not enable cryptodev(4) by default. OpenBSD disabled support
for /dev/crypto by default from 4.9 and removed it from 5.7. Now the engine
is properly enabled by default on BSD platforms (see #7885), it continuously
complains:
Could not open /dev/crypto: No such file or directory
Hide the nagging error message behind ENGINE_DEVCRYPTO_DEBUG.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7896)
FdaSilvaYY [Sun, 30 Sep 2018 20:39:38 +0000 (22:39 +0200)]
Coverity fix in some crypto/asn1 code
Call to i2d method returns an int value.
Fix:
CID
1338183 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
CID
1371691 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
CID
1371692 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
[extended tests]
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7359)
FdaSilvaYY [Sun, 7 Oct 2018 19:47:31 +0000 (21:47 +0200)]
Coverity fix in apps/oscp
CID
1440002 (#1 of 1): Use after free (USE_AFTER_FREE)
Not a deadly error, because error was just before app exit.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7359)
Richard Levitte [Sat, 15 Dec 2018 23:47:18 +0000 (00:47 +0100)]
util/process_docs.pl: handle multiple source directories correctly
The way this script handled multiple source directories wasn't quite
right, it ended up giving pod2html 'ARRAY(0xXXXXXXXXX)' as a source
directory.
This corrects the mistake.
Fixes #7742
Fixes #7939
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7911)
Ken Goldman [Fri, 14 Dec 2018 20:04:04 +0000 (15:04 -0500)]
Admit unknown pkey types at security level 0
The check_key_level() function currently fails when the public key
cannot be extracted from the certificate because its algorithm is not
supported. However, the public key is not needed for the last
certificate in the chain.
This change moves the check for level 0 before the check for a
non-NULL public key.
For background, this is the TPM 1.2 endorsement key certificate.
I.e., this is a real application with millions of certificates issued.
The key is an RSA-2048 key.
The TCG (for a while) specified
Public Key Algorithm: rsaesOaep
rather than the commonly used
Public Key Algorithm: rsaEncryption
because the key is an encryption key rather than a signing key.
The X509 certificate parser fails to get the public key.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7906)
Christian Heimes [Mon, 17 Dec 2018 21:56:17 +0000 (22:56 +0100)]
Fix function names in ct(7) documentation
The correct function name is SSL_CTX_enable_ct, not SSL_CTX_ct_enable.
Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7916)
Rich Salz [Tue, 11 Dec 2018 17:31:55 +0000 (12:31 -0500)]
Some code-cleanup/simplification in apps
Remove some casts on password callback by adding a wrapper function.
Remove level of indent by doing an early-return on failure.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7873)
Richard Levitte [Tue, 18 Dec 2018 08:14:51 +0000 (09:14 +0100)]
X509_check_issued: check that signature algo matches signing key algo
This implements 3.5.18 "Consistent Public Key and Signature Algorithms"
from RFC 4158 "Internet X.509 Public Key Infrastructure: Certification
Path Building"
Ref: https://tools.ietf.org/html/rfc4158#section-3.5.18
Fixes #7899
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7919)
Quantomicus [Mon, 17 Dec 2018 16:26:29 +0000 (17:26 +0100)]
Fix s_client hang on non-compliant NNTP server test
Fixes #7722
CLA: trivial
Signed-off-by: Mateja Milosevic <quantumgleam@gmail.com>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7915)
Dr. Matthias St. Pierre [Sun, 9 Dec 2018 00:02:36 +0000 (01:02 +0100)]
man: harmonize the various formulations in the HISTORY sections
While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is easier for
the user to find certain information if it is always presented in
the same way. For that reason, this commit harmonizes the varying
formulations in the HISTORY section about which functions, flags,
etc. were added in which OpenSSL version.
It also attempts to make the pod files more grep friendly by
avoiding to insert line breaks between the symbol names and the
corresponding version number in which they were introduced
(wherever possible). Some punctuation and typographical errors
were fixed on the way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7854)
Kurt Roeckx [Fri, 2 Nov 2018 14:51:19 +0000 (15:51 +0100)]
Convert tls1_prf_P_hash to use the EVP_MAC interface
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #7554
Kurt Roeckx [Tue, 18 Sep 2018 20:17:14 +0000 (22:17 +0200)]
Deprecate TLS_MAX_VERSION, DTLS_MAX_VERSION and DTLS_MIN_VERSION
Fixes: #7183
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #7260
Kurt Roeckx [Sun, 9 Dec 2018 19:53:05 +0000 (20:53 +0100)]
Use (D)TLS_MAX_VERSION_INTERNAL internally
Use 0 if we don't want to set a minimum or maximum version
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #7260
Richard Levitte [Fri, 14 Dec 2018 18:33:55 +0000 (19:33 +0100)]
ERR: preserve system error number in a few more places
It turns out that intialization may change the error number, so we
need to preserve the system error number in functions where
initialization is called for.
These are ERR_get_state() and err_shelve_state()
Fixes #7897
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7902)
Todd Short [Thu, 13 Dec 2018 16:09:15 +0000 (11:09 -0500)]
Fixes #7879: AES-SIV to use EVP_MAC APIs
Convert CMAC APIs to EVP_MAC APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7891)
Mansour Ahmadi [Tue, 11 Dec 2018 21:18:21 +0000 (16:18 -0500)]
Add missing OPENSSL_clear_free before using ec->key
Fixes #7657
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7877)
Mansour Ahmadi [Tue, 11 Dec 2018 20:48:08 +0000 (15:48 -0500)]
add missing check for BN_mod_inverse
Fixes #7650
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7876)
Mansour Ahmadi [Tue, 11 Dec 2018 22:26:50 +0000 (17:26 -0500)]
fix inconsistent flen check in rsa_pk1 and rsa_oaep
Fixes #7117
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7880)
Rich Salz [Wed, 17 Oct 2018 14:25:00 +0000 (10:25 -0400)]
Ignore duplicated undocumented things
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/7423)
Richard Levitte [Wed, 12 Dec 2018 20:22:29 +0000 (21:22 +0100)]
VMS build: better treatment of .S -> .obj compilation
It turned out that .S files aren't to be treated as lightly as I
thought. They need to go through a preprocessing step, which .s files
don't need to.
Corrects #7703
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7889)
Dr. Matthias St. Pierre [Wed, 12 Dec 2018 06:38:07 +0000 (07:38 +0100)]
doc/man3: remove copy&paste leftover
Fixes #7883
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7884)
Jakub Jelen [Wed, 12 Dec 2018 10:22:00 +0000 (11:22 +0100)]
Use the correct function name
CLA: trivial
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7887)
Richard Levitte [Wed, 12 Dec 2018 08:27:48 +0000 (09:27 +0100)]
Fix error in processing $target{enable}
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7885)
Tobias Stoeckmann [Tue, 11 Dec 2018 19:34:21 +0000 (20:34 +0100)]
Fixed typo (vi leftover).
There was a trailing :w at a line, which didn't make sense in context
of the sentence/styling. Removed it, because I think it's a leftover
vi command.
CLA: trivial
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7875)
Todd Short [Fri, 19 May 2017 14:27:28 +0000 (10:27 -0400)]
Add RFC5297 AES-SIV support
Based originally on github.com/dfoxfranke/libaes_siv
This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR
and CMAC code to reduce complexity at the cost of perfomance. The
expected use is for short inputs, not TLS-sized records.
Add multiple AAD input capacity in the EVP tests.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3540)
Matt Caswell [Mon, 3 Dec 2018 16:36:50 +0000 (16:36 +0000)]
Add an Ed448 malleability test
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)
Matt Caswell [Mon, 3 Dec 2018 17:01:07 +0000 (17:01 +0000)]
Disallow Ed448 signature malleability
Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.2.7
Fixes #7706
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)
nxtstep [Mon, 10 Dec 2018 09:39:24 +0000 (10:39 +0100)]
typo ANS1 -> ASN1
CLA: trivial
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7857)
Richard Levitte [Tue, 11 Dec 2018 09:31:40 +0000 (10:31 +0100)]
util/mkdef.pl: Remove a ';' that snuck in
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7868)
Richard Levitte [Mon, 10 Dec 2018 18:48:37 +0000 (19:48 +0100)]
Configuration: $config{shlib_version_number} -> $config{shlib_version}
This was forgotten in a few places
Fixes #7862
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7865)