oweals/openssl.git
8 years agomove ECDSA_SIG definition
Dr. Stephen Henson [Tue, 27 Oct 2015 18:18:18 +0000 (18:18 +0000)]
move ECDSA_SIG definition

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMove ECDSA implementation to crypto/ec
Dr. Stephen Henson [Tue, 27 Oct 2015 16:48:36 +0000 (16:48 +0000)]
Move ECDSA implementation to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMove ECDSA_SIG ASN.1 to crypto/ec
Dr. Stephen Henson [Tue, 27 Oct 2015 16:45:47 +0000 (16:45 +0000)]
Move ECDSA_SIG ASN.1 to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdd set methods.
Dr. Stephen Henson [Sun, 25 Oct 2015 13:09:50 +0000 (13:09 +0000)]
Add set methods.

Add set_group, set_public and set_private methods. An EC_KEY_METHOD can use
these to perform any appropriate operation when the key components are set,
such as caching data in some more convenient ENGINE specific format or
returning an error if the parameters are invalid or the operation is
not supported.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoEC_KEY_METHOD copy support
Dr. Stephen Henson [Fri, 23 Oct 2015 18:19:57 +0000 (19:19 +0100)]
EC_KEY_METHOD copy support

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoEC_KEY_METHOD init and finish support
Dr. Stephen Henson [Fri, 23 Oct 2015 18:10:24 +0000 (19:10 +0100)]
EC_KEY_METHOD init and finish support

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoENGINE fixes
Dr. Stephen Henson [Fri, 23 Oct 2015 17:46:58 +0000 (18:46 +0100)]
ENGINE fixes

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoremove ECDH from mkdef.pl
Dr. Stephen Henson [Thu, 22 Oct 2015 18:22:53 +0000 (19:22 +0100)]
remove ECDH from mkdef.pl

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoremove ECDH_METHOD typedef
Dr. Stephen Henson [Thu, 22 Oct 2015 15:17:50 +0000 (16:17 +0100)]
remove ECDH_METHOD typedef

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoremove ecdh.h header
Dr. Stephen Henson [Thu, 22 Oct 2015 18:02:49 +0000 (19:02 +0100)]
remove ecdh.h header

Remove redundant ecdh.h header and any references to it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoremove ECDH error loading
Dr. Stephen Henson [Thu, 22 Oct 2015 17:59:32 +0000 (18:59 +0100)]
remove ECDH error loading

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRemove crypto/ecdh update Makefile.org
Dr. Stephen Henson [Thu, 22 Oct 2015 17:54:49 +0000 (18:54 +0100)]
Remove crypto/ecdh update Makefile.org

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoremove ECDH_METHOD from ENGINE
Dr. Stephen Henson [Thu, 22 Oct 2015 15:17:50 +0000 (16:17 +0100)]
remove ECDH_METHOD from ENGINE

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agomake errors
Dr. Stephen Henson [Thu, 22 Oct 2015 17:51:25 +0000 (18:51 +0100)]
make errors

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdd compute key support to EC_KEY_METHOD
Dr. Stephen Henson [Thu, 22 Oct 2015 17:48:59 +0000 (18:48 +0100)]
Add compute key support to EC_KEY_METHOD

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdapt ecdh_compute_key
Dr. Stephen Henson [Thu, 22 Oct 2015 17:47:11 +0000 (18:47 +0100)]
Adapt ecdh_compute_key

Rename ecdh_compute_key into ossl_ecdh_compute_key and modify it
to use EC error codes. Remove superfluous old ECDH functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agomove ECDH implementation to crypto/ec
Dr. Stephen Henson [Thu, 22 Oct 2015 17:35:56 +0000 (18:35 +0100)]
move ECDH implementation to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMove ECDH_KDF_X9_62 to crypto/ec
Dr. Stephen Henson [Thu, 22 Oct 2015 14:47:38 +0000 (15:47 +0100)]
Move ECDH_KDF_X9_62 to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoEC_KEY_METHOD keygen support.
Dr. Stephen Henson [Thu, 22 Oct 2015 13:53:23 +0000 (14:53 +0100)]
EC_KEY_METHOD keygen support.

Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agomake errors
Dr. Stephen Henson [Tue, 20 Oct 2015 23:36:54 +0000 (00:36 +0100)]
make errors

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoSupport for EC_KEY_METHOD.
Dr. Stephen Henson [Mon, 19 Oct 2015 13:38:43 +0000 (14:38 +0100)]
Support for EC_KEY_METHOD.

Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:

EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoLink library for backtrace() on BSD...
Ben Laurie [Wed, 9 Dec 2015 13:37:30 +0000 (13:37 +0000)]
Link library for backtrace() on BSD...

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoNEWS: Add a bit of precision regarding removal of cipher suites
Richard Levitte [Tue, 8 Dec 2015 23:09:47 +0000 (00:09 +0100)]
NEWS: Add a bit of precision regarding removal of cipher suites

Suggested by Benjamin Kaduk <bkaduk@akamai.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoAdditional NEWS
Richard Levitte [Tue, 8 Dec 2015 22:36:18 +0000 (23:36 +0100)]
Additional NEWS

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoRefer to website for acknowledgements.
Rich Salz [Tue, 8 Dec 2015 21:07:09 +0000 (16:07 -0500)]
Refer to website for acknowledgements.

Reviewed-by: Steve Marquess <marquess@openssl.com>
8 years agoNot all 'find's know -xtype, use -type instead
Richard Levitte [Tue, 8 Dec 2015 14:34:52 +0000 (15:34 +0100)]
Not all 'find's know -xtype, use -type instead

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdapt the OS X build to use the OS X tar
Richard Levitte [Tue, 8 Dec 2015 11:43:05 +0000 (12:43 +0100)]
Adapt the OS X build to use the OS X tar

As part of this, move release creation to a script to be called from
.travis.yml.  That makes it much easier to test outside of travis.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMake it possible to affect the way dists are made
Richard Levitte [Tue, 8 Dec 2015 11:42:27 +0000 (12:42 +0100)]
Make it possible to affect the way dists are made

Introducing DISTTARVARS to propagate changed variables down to the
tar-making target.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoUpdate NEWS
Dr. Stephen Henson [Tue, 8 Dec 2015 16:49:12 +0000 (16:49 +0000)]
Update NEWS

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoExtended master secret test script.
Dr. Stephen Henson [Mon, 7 Dec 2015 16:09:13 +0000 (16:09 +0000)]
Extended master secret test script.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoAdd extms extension
Dr. Stephen Henson [Sun, 6 Dec 2015 17:49:14 +0000 (17:49 +0000)]
Add extms extension

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoTLSProxy update
Dr. Stephen Henson [Tue, 8 Dec 2015 02:07:43 +0000 (02:07 +0000)]
TLSProxy update

Add function to delete extensions and fix ClientHello repacking.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoupdate errors
Dr. Stephen Henson [Sat, 5 Dec 2015 18:58:49 +0000 (18:58 +0000)]
update errors

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoExtended master secret fixes and checks.
Dr. Stephen Henson [Fri, 4 Dec 2015 19:48:15 +0000 (19:48 +0000)]
Extended master secret fixes and checks.

Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.

Server now sends extms if and only if the client sent extms.

Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix merge error
Matt Caswell [Tue, 8 Dec 2015 13:00:59 +0000 (13:00 +0000)]
Fix merge error

Commit 6140f0365 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd some new cipher ctrl constants
Dmitry Belyavskiy [Wed, 30 Sep 2015 19:42:57 +0000 (22:42 +0300)]
Add some new cipher ctrl constants

These are needed for GOST

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoCleanup the EVP_MD_CTX before exit rather than after
Richard Levitte [Tue, 8 Dec 2015 00:01:13 +0000 (01:01 +0100)]
Cleanup the EVP_MD_CTX before exit rather than after

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoRemove double semi (;)
Richard Levitte [Mon, 7 Dec 2015 23:11:47 +0000 (00:11 +0100)]
Remove double semi (;)

When in the middle of declarations, some C compilers will complain.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoRemove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h
Richard Levitte [Mon, 7 Dec 2015 19:49:17 +0000 (20:49 +0100)]
Remove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h

This is already defined in include/openssl/ossl_typ.h.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix clang complaints about uninitialised variables.
Richard Levitte [Mon, 7 Dec 2015 19:37:08 +0000 (20:37 +0100)]
Fix clang complaints about uninitialised variables.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoChange tar owner and group to just 0
Richard Levitte [Mon, 7 Dec 2015 15:50:15 +0000 (16:50 +0100)]
Change tar owner and group to just 0

It seems like some tar versions don't like the name:id form for
--owner and --group.  The closest known anonymous user being 0 (root),
that seems to be the most appropriate user/group to assign ownership
to.  It matters very little when unpacking either way.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd an entry in CHANGES
Richard Levitte [Tue, 1 Dec 2015 02:28:22 +0000 (03:28 +0100)]
Add an entry in CHANGES

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument EVP_MD constructors, destructors and manipulators
Richard Levitte [Fri, 4 Dec 2015 12:04:54 +0000 (13:04 +0100)]
Document EVP_MD constructors, destructors and manipulators

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument the HMAC changes
Richard Levitte [Mon, 30 Nov 2015 22:43:59 +0000 (23:43 +0100)]
Document the HMAC changes

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument the EVP_MD_CTX changes
Richard Levitte [Tue, 1 Dec 2015 02:19:11 +0000 (03:19 +0100)]
Document the EVP_MD_CTX changes

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agomake update
Richard Levitte [Fri, 27 Nov 2015 13:47:08 +0000 (14:47 +0100)]
make update

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: fix all sources that used HMAC_CTX_init
Richard Levitte [Wed, 2 Dec 2015 21:49:24 +0000 (22:49 +0100)]
Cleanup: fix all sources that used HMAC_CTX_init

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: rename HMAC_CTX_init to HMAC_CTX_reset
Richard Levitte [Wed, 2 Dec 2015 21:47:31 +0000 (22:47 +0100)]
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use
Richard Levitte [Tue, 1 Dec 2015 23:52:56 +0000 (00:52 +0100)]
Cleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)
Richard Levitte [Tue, 1 Dec 2015 23:49:35 +0000 (00:49 +0100)]
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free)
Richard Levitte [Tue, 1 Dec 2015 23:26:19 +0000 (00:26 +0100)]
Cleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free)

Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors.  Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoCleanup: Remove M_EVP_MD_* macros
Richard Levitte [Tue, 1 Dec 2015 23:22:30 +0000 (00:22 +0100)]
Cleanup: Remove M_EVP_MD_* macros

These macros were only meant for crypto/evp, and are now entirely
unused.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup
Richard Levitte [Mon, 30 Nov 2015 22:43:27 +0000 (23:43 +0100)]
Adapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove HMAC_CTX_cleanup and combine its functionality into EVP_MD_CTX_init
Richard Levitte [Mon, 30 Nov 2015 22:42:39 +0000 (23:42 +0100)]
Remove HMAC_CTX_cleanup and combine its functionality into EVP_MD_CTX_init

This follows the same idea as the combination of EVP_MD_CTX_cleanup
and EVP_MD_CTX_init into one function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove EVP_MD_CTX_cleanup and put its functionality into EVP_MD_CTX_init
Richard Levitte [Tue, 1 Dec 2015 00:38:35 +0000 (01:38 +0100)]
Remove EVP_MD_CTX_cleanup and put its functionality into EVP_MD_CTX_init

The idea is that with EVP_MD_CTX_create() and EVP_MD_CTX_destroy(),
EVP_MD_CTX_cleanup and EVP_MD_CTX_init is not used the same as before.
Instead, we need a single function that can be used to reinitialise an
existing EVP_MD_CTX that's been created with EVP_MD_CTX_create()
previously.  Combining EVP_MD_CTX_cleanup and EVP_MD_CTX_init into
that one function is the answer.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdapt the rest of the source to the opaque HMAC_CTX
Richard Levitte [Mon, 30 Nov 2015 12:44:28 +0000 (13:44 +0100)]
Adapt the rest of the source to the opaque HMAC_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMake the definition of HMAC_CTX opaque
Richard Levitte [Mon, 30 Nov 2015 12:34:20 +0000 (13:34 +0100)]
Make the definition of HMAC_CTX opaque

This moves the definition to crypto/hmac/hmac_lcl.h.  Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd inclusion of internal/evp_int.h to all crypto/ files that need it
Richard Levitte [Mon, 30 Nov 2015 09:25:36 +0000 (10:25 +0100)]
Add inclusion of internal/evp_int.h to all crypto/ files that need it

These are the files that add new EVP_MDs.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdapt all engines that add new EVP_MDs
Richard Levitte [Mon, 30 Nov 2015 09:24:12 +0000 (10:24 +0100)]
Adapt all engines that add new EVP_MDs

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoHave the few apps that accessed EVP_MD directly use accessors instead
Richard Levitte [Sun, 29 Nov 2015 19:12:35 +0000 (20:12 +0100)]
Have the few apps that accessed EVP_MD directly use accessors instead

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMake the definition of EVP_MD opaque
Richard Levitte [Sun, 29 Nov 2015 19:09:34 +0000 (20:09 +0100)]
Make the definition of EVP_MD opaque

This moves the definition to crypto/include/internal/evp_int.h and
defines all the necessary method creators, destructors, writers and
accessors.  The name standard for the latter is inspired from the
corresponding functions to manipulate UI methods.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdjust all accesses to EVP_MD_CTX to use accessor functions.
Richard Levitte [Fri, 27 Nov 2015 13:02:12 +0000 (14:02 +0100)]
Adjust all accesses to EVP_MD_CTX to use accessor functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDocument the changed HMAC API.
Richard Levitte [Fri, 27 Nov 2015 13:19:27 +0000 (14:19 +0100)]
Document the changed HMAC API.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdapt HMAC to the EVP_MD_CTX changes
Richard Levitte [Fri, 27 Nov 2015 13:10:15 +0000 (14:10 +0100)]
Adapt HMAC to the EVP_MD_CTX changes

This change required some special treatment, as HMAC is intertwined
with EVP_MD.  For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX.  This will
change as soon as HMAC_CTX becomes opaque.

Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoHave other crypto/evp files include evp_locl.h
Richard Levitte [Fri, 27 Nov 2015 13:17:50 +0000 (14:17 +0100)]
Have other crypto/evp files include evp_locl.h

Note: this does not include the files in crypto/evp that are just
instanciations of EVP_MD.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMake the definition of EVP_MD_CTX opaque
Richard Levitte [Fri, 27 Nov 2015 12:35:02 +0000 (13:35 +0100)]
Make the definition of EVP_MD_CTX opaque

This moves the definitionto crypto/evp/evp_locl.h, along with a few
associated accessor macros.  A few accessor/writer functions added.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDo not add symlinks in the source release
Richard Levitte [Mon, 7 Dec 2015 14:56:27 +0000 (15:56 +0100)]
Do not add symlinks in the source release

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoIn travis, build from a "source release" rather than from the build tree
Richard Levitte [Mon, 7 Dec 2015 14:47:43 +0000 (15:47 +0100)]
In travis, build from a "source release" rather than from the build tree

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoSmall changes to creating dists
Richard Levitte [Mon, 7 Dec 2015 14:45:50 +0000 (15:45 +0100)]
Small changes to creating dists

Make TARFILE include ../ instead of having that hard coded all over the place.
When transforming file names in TAR_COMMAND, use $(NAME) instead of openssl-$(VERSION)

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix and update versions in CHANGES and NEWS
Dr. Stephen Henson [Thu, 3 Dec 2015 22:57:25 +0000 (22:57 +0000)]
Fix and update versions in CHANGES and NEWS

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoARMv4 assembly pack: allow Thumb2 even in iOS build,
Andy Polyakov [Sun, 6 Dec 2015 21:02:39 +0000 (22:02 +0100)]
ARMv4 assembly pack: allow Thumb2 even in iOS build,
and engage it in most modules.

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoFix typo and improve a bit of text
Viktor Dukhovni [Mon, 7 Dec 2015 03:17:15 +0000 (22:17 -0500)]
Fix typo and improve a bit of text

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoReally disable 56-bit (single-DES) ciphers
Viktor Dukhovni [Sun, 6 Dec 2015 05:35:06 +0000 (00:35 -0500)]
Really disable 56-bit (single-DES) ciphers

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
8 years agoRemove support for all 40 and 56 bit ciphers.
Kurt Roeckx [Sat, 5 Dec 2015 01:04:41 +0000 (02:04 +0100)]
Remove support for all 40 and 56 bit ciphers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #364

8 years agoRemove SSL_{CTX_}set_ecdh_auto() and always enable ECDH
Kurt Roeckx [Fri, 4 Dec 2015 21:30:36 +0000 (22:30 +0100)]
Remove SSL_{CTX_}set_ecdh_auto() and always enable ECDH

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
8 years agoMake SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()
Kurt Roeckx [Fri, 4 Dec 2015 21:25:11 +0000 (22:25 +0100)]
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()

SSL_{CTX}_set_tmp_ecdh() allows to set 1 EC curve and then tries to use it.  On
the other hand SSL_{CTX_}set1_curves() allows you to set a list of curves, but
only when SSL_{CTX_}set_ecdh_auto() was called to turn it on.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
8 years agoRemove support for SSL_{CTX_}set_tmp_ecdh_callback().
Kurt Roeckx [Fri, 4 Dec 2015 21:22:31 +0000 (22:22 +0100)]
Remove support for SSL_{CTX_}set_tmp_ecdh_callback().

This only gets used to set a specific curve without actually checking that the
peer supports it or not and can therefor result in handshake failures that can
be avoided by selecting a different cipher.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
8 years agoFix EAP FAST in the new state machine
Matt Caswell [Fri, 4 Dec 2015 10:18:01 +0000 (10:18 +0000)]
Fix EAP FAST in the new state machine

The new state machine code missed an allowed transition when resuming a
session via EAP FAST. This commits adds the missing check for the
transition.

Reviewed-by: Andy Polyakov <appro@openssl.org>
8 years agoRevert unnecessary SSL_CIPHER_get_bits API change
Viktor Dukhovni [Fri, 4 Dec 2015 05:27:47 +0000 (00:27 -0500)]
Revert unnecessary SSL_CIPHER_get_bits API change

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRun test/run_tests.pl directly in the test_ordinals target
Richard Levitte [Fri, 4 Dec 2015 16:27:54 +0000 (17:27 +0100)]
Run test/run_tests.pl directly in the test_ordinals target

Running 'make TEST=test_ordinals test' starts the whole build process,
which wasn't desired for this target.  Instead, we take a shortcut.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agobn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).
Andy Polyakov [Tue, 1 Dec 2015 08:00:32 +0000 (09:00 +0100)]
bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoperlasm/ppc-xlate.pl: comply with ABIs that specify vrsave as reserved.
Andy Polyakov [Wed, 2 Dec 2015 13:32:08 +0000 (14:32 +0100)]
perlasm/ppc-xlate.pl: comply with ABIs that specify vrsave as reserved.

RT#4162

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agomodes/ocb128.c: fix sanitizer warning.
Andy Polyakov [Wed, 2 Dec 2015 15:25:08 +0000 (16:25 +0100)]
modes/ocb128.c: fix sanitizer warning.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix ./Configure reconf
Richard Levitte [Wed, 2 Dec 2015 17:54:15 +0000 (18:54 +0100)]
Fix ./Configure reconf

'./Configure reconf' hasn't been working for a while, because a perl
lable needs to be immediately followed by a block.

Reviewed-by: Andy Polyakov <appro@openssl.org>
8 years agoRemove RSA_FLAG_SIGN_VER flag.
Dr. Stephen Henson [Wed, 2 Dec 2015 14:30:39 +0000 (14:30 +0000)]
Remove RSA_FLAG_SIGN_VER flag.

Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
compatibility after RSA_METHOD was extended to include rsa_sign and
rsa_verify fields. It is no longer needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMove the backtrace memleak options to a separate variable
Richard Levitte [Wed, 2 Dec 2015 17:44:26 +0000 (18:44 +0100)]
Move the backtrace memleak options to a separate variable

The contents of this variable ($memleak_devteam_backtrace) is added to
$cflags unless we build for a platform we know doesn't support gcc's
-rdynamic och backtrace() and friends.

Reviewed-by: Andy Polyakov <appro@openssl.org>
8 years agomake update
Dr. Stephen Henson [Wed, 2 Dec 2015 17:03:20 +0000 (17:03 +0000)]
make update

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRemove legacy sign/verify from EVP_MD.
Dr. Stephen Henson [Wed, 2 Dec 2015 13:57:04 +0000 (13:57 +0000)]
Remove legacy sign/verify from EVP_MD.

Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRun test_ordinals after update
Rich Salz [Wed, 2 Dec 2015 17:20:49 +0000 (12:20 -0500)]
Run test_ordinals after update

Catch a common 'make update' failure: conflicting ordinals.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead
Richard Levitte [Wed, 2 Dec 2015 17:18:03 +0000 (18:18 +0100)]
_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead

The feature_test_macros(7) manual tells us that _BSD_SOURCE is
deprecated since glibc 2.20 and that the compiler will warn about it
being used, unless _DEFAULT_SOURCE is defined as well.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd backtrace to memory leak output
Richard Levitte [Wed, 2 Dec 2015 12:19:45 +0000 (13:19 +0100)]
Add backtrace to memory leak output

This is an option for builds with gcc and --strict-warnings.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agocrypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris.
Andy Polyakov [Tue, 1 Dec 2015 11:21:08 +0000 (12:21 +0100)]
crypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agomodes/ocb128.c: split fixed block xors to aligned and misaligned.
Andy Polyakov [Mon, 30 Nov 2015 22:07:38 +0000 (23:07 +0100)]
modes/ocb128.c: split fixed block xors to aligned and misaligned.

Main goal was to improve performance on RISC platforms, e.g. 10%
was measured on MIPS, POWER8...

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agomodes/ocb128.c: ocb_lookup_l to allow non-contiguous lookup
Andy Polyakov [Mon, 30 Nov 2015 12:26:21 +0000 (13:26 +0100)]
modes/ocb128.c: ocb_lookup_l to allow non-contiguous lookup
and CRYPTO_ocb128_encrypt to handle in==out.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agotypo fix on function
Rich Salz [Tue, 1 Dec 2015 18:40:37 +0000 (13:40 -0500)]
typo fix on function

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoex_data part 2: doc fixes and CRYPTO_free_ex_index.
Rich Salz [Tue, 21 Jul 2015 14:06:03 +0000 (10:06 -0400)]
ex_data part 2: doc fixes and CRYPTO_free_ex_index.

Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoRemove BN_init
Rich Salz [Sat, 21 Nov 2015 13:27:46 +0000 (08:27 -0500)]
Remove BN_init

Rename it to be an internal function bn_init.

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoRemove GOST special case: handled automatically now.
Dr. Stephen Henson [Sun, 29 Nov 2015 16:59:18 +0000 (16:59 +0000)]
Remove GOST special case: handled automatically now.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
8 years agoUse digest indices for signature algorithms.
Dr. Stephen Henson [Sun, 29 Nov 2015 16:54:27 +0000 (16:54 +0000)]
Use digest indices for signature algorithms.

Don't hard code EVP_sha* etc for signature algorithms: use table
indices instead. Add SHA224 and SHA512 to tables.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
8 years agoFor TLS < 1.2 use default digest for client certificate
Dr. Stephen Henson [Sun, 29 Nov 2015 14:13:33 +0000 (14:13 +0000)]
For TLS < 1.2 use default digest for client certificate

Reviewed-by: Tim Hudson <tjh@openssl.org>