oweals/openssl.git
9 years agoCheck memory allocation
Alessandro Ghedini [Thu, 8 Oct 2015 12:50:27 +0000 (14:50 +0200)]
Check memory allocation

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix references to various RFCs
Alessandro Ghedini [Thu, 8 Oct 2015 12:41:09 +0000 (14:41 +0200)]
Fix references to various RFCs

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix typos
Alessandro Ghedini [Thu, 8 Oct 2015 12:40:42 +0000 (14:40 +0200)]
Fix typos

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoSet salt length after the malloc has succeeded
Alessandro Ghedini [Thu, 8 Oct 2015 12:39:58 +0000 (14:39 +0200)]
Set salt length after the malloc has succeeded

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix memory leaks and other mistakes on errors
Alessandro Ghedini [Thu, 8 Oct 2015 12:38:57 +0000 (14:38 +0200)]
Fix memory leaks and other mistakes on errors

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoReplace malloc+strlcpy with strdup
Alessandro Ghedini [Thu, 8 Oct 2015 12:37:21 +0000 (14:37 +0200)]
Replace malloc+strlcpy with strdup

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoDo not treat 0 return value from BIO_get_fd() as error
Alessandro Ghedini [Fri, 2 Oct 2015 13:16:08 +0000 (15:16 +0200)]
Do not treat 0 return value from BIO_get_fd() as error

0 is a valid file descriptor.

RT#4068

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove bugs/ and crypto/threads/
Alessandro Ghedini [Fri, 23 Oct 2015 15:55:27 +0000 (17:55 +0200)]
Remove bugs/ and crypto/threads/

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoClarify return values for EVP_DigestVerifyFinal.
Adam Eijdenberg [Mon, 19 Oct 2015 18:16:25 +0000 (11:16 -0700)]
Clarify return values for EVP_DigestVerifyFinal.

Previous language was unclear.  New language isn't pretty but I believe
it is more accurate.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoOnly include SRP headers when OPENSSL_NO_SRP is undefined
Richard Levitte [Thu, 22 Oct 2015 21:45:45 +0000 (23:45 +0200)]
Only include SRP headers when OPENSSL_NO_SRP is undefined

[fixes github issue #447]

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoMake Configure die when unsupported options are given
Richard Levitte [Thu, 22 Oct 2015 15:33:47 +0000 (17:33 +0200)]
Make Configure die when unsupported options are given

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoAdd an explicit list of options that can be disabled, enabled, ...
Richard Levitte [Thu, 22 Oct 2015 15:09:14 +0000 (17:09 +0200)]
Add an explicit list of options that can be disabled, enabled, ...

Configure has, so far, had no control at all of which 'no-' options it
can be given.  This means that, for example, someone could configure
with something absurd like 'no-stack' and then watch the build crumble
to dust...  or file a bug report.

This introduces some sanity into the possible choices.

The added list comes from looking for the explicit ones used in
Configure, and from grepping after OPENSSL_NO_ in all source files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agomake update
Richard Levitte [Mon, 19 Oct 2015 18:53:14 +0000 (20:53 +0200)]
make update

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoDon't forget to load the CT error strings
Richard Levitte [Mon, 19 Oct 2015 03:24:16 +0000 (05:24 +0200)]
Don't forget to load the CT error strings

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoHandle CT error macros separately
Richard Levitte [Mon, 19 Oct 2015 02:20:01 +0000 (04:20 +0200)]
Handle CT error macros separately

Because the default error macro generator assumes the header file with
error macros is in include/openssl and therefore generates a C file
with error texts that include <openssl/{name}.h>, we need to generate
the error macros and texts for CT separately, since the CT module
doesn't follow the default criteria.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoDon't use SSLv23_server_method in an example
Matt Caswell [Wed, 21 Oct 2015 13:40:15 +0000 (14:40 +0100)]
Don't use SSLv23_server_method in an example

The function SSLv23_server_method() is an old name. New code should use
TLS_server_method() instead. Therefore don't use SSLv23_server_method() in
an example in the docs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAvoid undefined behaviour in PACKET_buf_init
Matt Caswell [Wed, 21 Oct 2015 09:00:24 +0000 (10:00 +0100)]
Avoid undefined behaviour in PACKET_buf_init

Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.

RT#4094

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoct_locl.h moved, reflect it in crypto/ct/Makefile
Richard Levitte [Sun, 18 Oct 2015 19:31:21 +0000 (21:31 +0200)]
ct_locl.h moved, reflect it in crypto/ct/Makefile

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agomake update
Richard Levitte [Sun, 18 Oct 2015 06:59:51 +0000 (08:59 +0200)]
make update

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoAdd crypto/include/internal to the directories to scan for stack declarations
Richard Levitte [Sun, 18 Oct 2015 06:59:00 +0000 (08:59 +0200)]
Add crypto/include/internal to the directories to scan for stack declarations

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoBecause ct_locl.h is used between modules, move it to internal headers
Richard Levitte [Sun, 18 Oct 2015 06:57:37 +0000 (08:57 +0200)]
Because ct_locl.h is used between modules, move it to internal headers

Rename it to ct_int.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoMove auto Host adding to query_responder
Dr. Stephen Henson [Sat, 17 Oct 2015 23:16:23 +0000 (00:16 +0100)]
Move auto Host adding to query_responder

Check for Host header in query_responder instead of process_responder. This
also fixes a memory leak in the old code if the headers was NULL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix memory leak with -issuer option.
Dr. Stephen Henson [Sat, 17 Oct 2015 23:04:10 +0000 (00:04 +0100)]
Fix memory leak with -issuer option.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoset string type when embedding
Dr. Stephen Henson [Sat, 17 Oct 2015 23:54:13 +0000 (00:54 +0100)]
set string type when embedding

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoMove contributing info to CONTRIBUTING
Manish Goregaokar [Sat, 17 Oct 2015 11:10:55 +0000 (16:40 +0530)]
Move contributing info to CONTRIBUTING

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRun tests on Travis for mingw builds as well
Rich Salz [Fri, 16 Oct 2015 15:19:04 +0000 (11:19 -0400)]
Run tests on Travis for mingw builds as well

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoFix error message when loading engines from config
Dmitry Belyavsky [Fri, 16 Oct 2015 09:07:57 +0000 (10:07 +0100)]
Fix error message when loading engines from config

When using command line applications errors occur when trying to
load engines specified in a config file. Introduced by commit
a0a82324f96

RT#4093

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoRemove Obsolete engines
Matt Caswell [Tue, 13 Oct 2015 14:02:47 +0000 (15:02 +0100)]
Remove Obsolete engines

There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoFix self signed handling.
Dr. Stephen Henson [Wed, 5 Aug 2015 02:21:40 +0000 (03:21 +0100)]
Fix self signed handling.

Don't mark a certificate as self signed if keyUsage is present and
certificate signing not asserted.

PR#3979

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoembed CRL serial number and signature fields
Dr. Stephen Henson [Sun, 11 Oct 2015 20:13:42 +0000 (21:13 +0100)]
embed CRL serial number and signature fields

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoembed certificate serial number and signature fields
Dr. Stephen Henson [Sun, 11 Oct 2015 20:05:49 +0000 (21:05 +0100)]
embed certificate serial number and signature fields

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoembed value field of X509_EXTENSION
Dr. Stephen Henson [Sun, 11 Oct 2015 19:44:07 +0000 (20:44 +0100)]
embed value field of X509_EXTENSION

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoadd CHANGES entry for embed
Dr. Stephen Henson [Sun, 11 Oct 2015 20:20:19 +0000 (21:20 +0100)]
add CHANGES entry for embed

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoHandle embed flag in ASN1_STRING_copy().
Dr. Stephen Henson [Sun, 11 Oct 2015 22:25:08 +0000 (23:25 +0100)]
Handle embed flag in ASN1_STRING_copy().

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoPACKET: fix __owur
Emilia Kasper [Thu, 15 Oct 2015 10:53:35 +0000 (12:53 +0200)]
PACKET: fix __owur

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoAppease gcc's Wmaybe-uninitialized
Emilia Kasper [Thu, 15 Oct 2015 11:27:55 +0000 (13:27 +0200)]
Appease gcc's Wmaybe-uninitialized

False positive: gcc (4.8) can't figure out the SSL_IS_DTLS logic.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRemove EVP_CHECK_DES_KEY
Emilia Kasper [Wed, 14 Oct 2015 16:32:38 +0000 (18:32 +0200)]
Remove EVP_CHECK_DES_KEY

Thanks to the OpenBSD community for bringing this to our attention.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoct_locl.h: fix some comments
Emilia Kasper [Fri, 9 Oct 2015 15:38:47 +0000 (17:38 +0200)]
ct_locl.h: fix some comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agomake depend: prefer clang over makedepend
Emilia Kasper [Fri, 9 Oct 2015 18:00:53 +0000 (20:00 +0200)]
make depend: prefer clang over makedepend

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoRFC5753 compliance.
Dr. Stephen Henson [Mon, 12 Oct 2015 20:14:04 +0000 (21:14 +0100)]
RFC5753 compliance.

RFC5753 requires that we omit parameters for AES key wrap and set them
to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm
parameters so can transparently handle either form.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoAdd Clang 3.6 and additional GCC 5 builds to travis
Alessandro Ghedini [Tue, 6 Oct 2015 18:27:50 +0000 (20:27 +0200)]
Add Clang 3.6 and additional GCC 5 builds to travis

Follow-up to f386742.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoGH429: Add clang to travis
Alessandro Ghedini [Mon, 12 Oct 2015 20:15:43 +0000 (16:15 -0400)]
GH429: Add clang to travis

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agotestlib/OpenSSL/Test.pm: remove redundant 'cmd /c', MSWin32 Perl can take care of...
Andy Polyakov [Mon, 12 Oct 2015 20:31:20 +0000 (22:31 +0200)]
testlib/OpenSSL/Test.pm: remove redundant 'cmd /c', MSWin32 Perl can take care of itself.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoHarmonize do_rehash_rule with updated test/recipies/25-test_verify.t.
Andy Polyakov [Mon, 12 Oct 2015 20:26:14 +0000 (22:26 +0200)]
Harmonize do_rehash_rule with updated test/recipies/25-test_verify.t.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoTest suite: chomp->s/\R// to harmonize with mingw 'make test'.
Andy Polyakov [Mon, 12 Oct 2015 20:24:27 +0000 (22:24 +0200)]
Test suite: chomp->s/\R// to harmonize with mingw 'make test'.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoTest suite: minimal required to get mingw 'make test' work under Linux.
Andy Polyakov [Mon, 12 Oct 2015 20:16:07 +0000 (22:16 +0200)]
Test suite: minimal required to get mingw 'make test' work under Linux.

(part by Alessandro Ghedini)

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRename -set-serial command to req
Matt Caswell [Mon, 12 Oct 2015 12:03:50 +0000 (13:03 +0100)]
Rename -set-serial command to req

Previous OpenSSL versions used -set_serial, but master was using
-set-serial - so rename it back to the old version.

RT#4059

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoCentralise loading default apps config file
Matt Caswell [Mon, 12 Oct 2015 11:40:15 +0000 (12:40 +0100)]
Centralise loading default apps config file

Loading the config file after processing command line options can
cause problems, e.g. where an engine provides new ciphers/digests
these are not then recoginised on the command line. Move the
default config file loading to before the command line option
processing. Whilst we're doing this we might as well centralise
this instead of doing it individually for each application. Finally
if we do it before the OpenSSL_add_ssl_algorithms() call then
ciphersuites provided by an engine (e.g. GOST) can be available to
the apps.

RT#4085
RT#4086

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix option name discrepancy
Matt Caswell [Mon, 12 Oct 2015 08:44:15 +0000 (09:44 +0100)]
Fix option name discrepancy

There used to be options -macopt and -sigopt in <=1.0.2 for the dgst
command line app. These were incorrectly spelled as -macop and -sigop in
master.

RT#4072

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoConfigurations: move -Wno-pedantic-ms-format to .travis.yml.
Andy Polyakov [Wed, 7 Oct 2015 07:35:12 +0000 (09:35 +0200)]
Configurations: move -Wno-pedantic-ms-format to .travis.yml.

The option is not available in older toolchains and would cause breakage.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoembed OCSP_CERTID
Dr. Stephen Henson [Wed, 7 Oct 2015 13:42:34 +0000 (14:42 +0100)]
embed OCSP_CERTID

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoembed support for ASN1_STRING
Dr. Stephen Henson [Wed, 7 Oct 2015 12:28:46 +0000 (13:28 +0100)]
embed support for ASN1_STRING

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoEmbed various OCSP fields.
Dr. Stephen Henson [Tue, 6 Oct 2015 22:04:08 +0000 (23:04 +0100)]
Embed various OCSP fields.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoembed support for CHOICE type
Dr. Stephen Henson [Tue, 6 Oct 2015 21:53:48 +0000 (22:53 +0100)]
embed support for CHOICE type

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoSkip PSK tests for no-psk
Dr. Stephen Henson [Sat, 12 Sep 2015 02:53:40 +0000 (03:53 +0100)]
Skip PSK tests for no-psk

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoMake no-psk compile without warnings.
Dr. Stephen Henson [Fri, 11 Sep 2015 16:08:11 +0000 (17:08 +0100)]
Make no-psk compile without warnings.

PR#4035

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoTypo.
Dr. Stephen Henson [Sat, 10 Oct 2015 23:06:56 +0000 (00:06 +0100)]
Typo.

PR#4079

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoDTLS: remove unused cookie field
Emilia Kasper [Tue, 6 Oct 2015 15:20:32 +0000 (17:20 +0200)]
DTLS: remove unused cookie field

Note that this commit constifies a user callback parameter and therefore
will break compilation for applications using this callback. But unless
they are abusing write access to the buffer, the fix is trivial.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoFix Windows build
Matt Caswell [Fri, 9 Oct 2015 11:10:16 +0000 (12:10 +0100)]
Fix Windows build

Add the new ct directory to mkfiles.pl and fix the ct Makefile

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoInitial commit for Certificate Transparency support
Adam Eijdenberg [Tue, 15 Sep 2015 16:13:48 +0000 (09:13 -0700)]
Initial commit for Certificate Transparency support

Original authors:
Rob Stradling <rob@comodo.com>
Dr. Stephen Henson <steve@openssl.org>

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoPACKET: simplify ServerKeyExchange parsing
Emilia Kasper [Fri, 2 Oct 2015 12:40:30 +0000 (14:40 +0200)]
PACKET: simplify ServerKeyExchange parsing

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoFix no-ripemd on Windows
Matt Caswell [Thu, 8 Oct 2015 14:29:15 +0000 (15:29 +0100)]
Fix no-ripemd on Windows

mkdef.pl was getting confused by:

 # ifdef OPENSSL_NO_RMD160
 #  error RIPEMD is disabled.
 # endif

Changing RIPEMD to RMD160 solves it. Fix suggested by Steve Henson.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoDon't treat a bare OCTETSTRING as DigestInfo in int_rsa_verify
Matt Caswell [Thu, 8 Oct 2015 12:36:10 +0000 (13:36 +0100)]
Don't treat a bare OCTETSTRING as DigestInfo in int_rsa_verify

The function int_rsa_verify is an internal function used for verifying an
RSA signature. It takes an argument |dtype| which indicates the digest type
that was used. Dependant on that digest type the processing of the
signature data will vary. In particular if |dtype == NID_mdc2| and the
signature data is a bare OCTETSTRING then it is treated differently to the
default case where the signature data is treated as a DigestInfo (X509_SIG).

Due to a missing "else" keyword the logic actually correctly processes the
OCTETSTRING format signature first, and then attempts to continue and
process it as DigestInfo. This will invariably fail because we already know
that it is a bare OCTETSTRING.

This failure doesn't actualy make a real difference because it ends up at
the |err| label regardless and still returns a "success" result. This patch
just cleans things up to make it look a bit more sane.

RT#4076

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoWhen ENGINE_add finds that id or name is missing, actually return
Richard Levitte [Thu, 8 Oct 2015 09:53:07 +0000 (11:53 +0200)]
When ENGINE_add finds that id or name is missing, actually return

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoDon't check pointer we just freed, always set it to NULL.
Pascal Cuoq [Wed, 6 May 2015 08:15:28 +0000 (10:15 +0200)]
Don't check pointer we just freed, always set it to NULL.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231

9 years agoMove BN_CTX_start() call so the error case can always call BN_CTX_end().
Pascal Cuoq [Tue, 5 May 2015 09:20:39 +0000 (11:20 +0200)]
Move BN_CTX_start() call so the error case can always call BN_CTX_end().

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231

9 years agoMove BN_CTX_start() call so the error case can always call BN_CTX_end().
Pascal Cuoq [Tue, 5 May 2015 09:20:39 +0000 (11:20 +0200)]
Move BN_CTX_start() call so the error case can always call BN_CTX_end().

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231

9 years agoProperly check return type of DH_compute_key()
Pascal Cuoq [Wed, 6 May 2015 07:55:28 +0000 (09:55 +0200)]
Properly check return type of DH_compute_key()

It returns -1 on error, not 0.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231

9 years agoSet flags to 0 before calling BN_with_flags()
Pascal Cuoq [Wed, 6 May 2015 09:31:27 +0000 (11:31 +0200)]
Set flags to 0 before calling BN_with_flags()

BN_with_flags() will read the dest->flags to keep the BN_FLG_MALLOCED but
overwrites everything else.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231

9 years agoDon't advance PACKET in ssl_check_for_safari
Matt Caswell [Wed, 7 Oct 2015 14:20:47 +0000 (15:20 +0100)]
Don't advance PACKET in ssl_check_for_safari

The function ssl_check_for_safari fingerprints the incoming extensions
to see whether it is one of the broken versions of safari. However it was
failing to reset the PACKET back to the same position it started in, hence
causing some extensions to be skipped incorrectly.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
9 years agoFix travis builds on master
Alessandro Ghedini [Tue, 6 Oct 2015 16:23:42 +0000 (12:23 -0400)]
Fix travis builds on master

-Allow mingw debug builds to fail on Travis CI
-Fix Travis email notifications config
-Rename a variable to avoid a bogus warning with old GCC
 error: declaration of ``dup'' shadows a global declaration [-Werror=shadow]
-Disable pedantic ms-format warnings with mingw
-Properly define const DH parameters
-Restore --debug flag in Travis CI builds; -d would get incorrectly passed
 to ./Configure in mingw debug builds.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoSSLv2 compat ciphers: clarify comment
Emilia Kasper [Tue, 6 Oct 2015 15:27:35 +0000 (17:27 +0200)]
SSLv2 compat ciphers: clarify comment

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoDon't try and parse boolean type.
Dr. Stephen Henson [Tue, 6 Oct 2015 13:15:14 +0000 (14:15 +0100)]
Don't try and parse boolean type.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoAddress more Windows warnings illuminated by mingw.
Andy Polyakov [Mon, 5 Oct 2015 13:23:37 +0000 (15:23 +0200)]
Address more Windows warnings illuminated by mingw.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoNew cipher and cipher modes standardized in Russia
Dmitry Belyavskiy [Sun, 4 Oct 2015 09:11:26 +0000 (12:11 +0300)]
New cipher and cipher modes standardized in Russia

This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoValidate ClientHello extension field length
Alessandro Ghedini [Fri, 2 Oct 2015 11:43:29 +0000 (13:43 +0200)]
Validate ClientHello extension field length

RT#4069

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoAdd PACKET_copy_all
Emilia Kasper [Thu, 1 Oct 2015 11:54:11 +0000 (13:54 +0200)]
Add PACKET_copy_all

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agossl_sess.c: grab a copy of the session ID
Emilia Kasper [Thu, 1 Oct 2015 11:00:39 +0000 (13:00 +0200)]
ssl_sess.c: grab a copy of the session ID

The user callback takes a non-const pointer, so don't pass PACKET data
to it directly; rather, grab a local copy.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoPACKETize and clean up ssl_bytes_to_cipher_list.
Emilia Kasper [Thu, 1 Oct 2015 10:53:08 +0000 (12:53 +0200)]
PACKETize and clean up ssl_bytes_to_cipher_list.

Fix alerts.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agossl3_get_client_hello: rearrange logic
Emilia Kasper [Wed, 30 Sep 2015 13:33:12 +0000 (15:33 +0200)]
ssl3_get_client_hello: rearrange logic

Move all packet parsing to the beginning of the method. This limits the
SSLv2 compatibility soup to the parsing, and makes the rest of the
processing uniform.

This is also needed for simpler EMS support: EMS servers need to do an
early scan for EMS to make resumption decisions. This'll be easier when
the entire ClientHello is parsed in the beginning.

As a side effect,
1) PACKETize ssl_get_prev_session and tls1_process_ticket; and
2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG.

Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agomake depend
Richard Levitte [Sun, 4 Oct 2015 19:16:28 +0000 (21:16 +0200)]
make depend

Reviewed-by: Ben Laurie <ben@openssl.org>
9 years agoFix make depend for things being built in subdirectories
Richard Levitte [Sun, 4 Oct 2015 19:12:03 +0000 (21:12 +0200)]
Fix make depend for things being built in subdirectories

Some makedepend mechanisms remove all directory information in the
target, so a dependency can looks like this:

ssl3_record.o: record/ssl3_record.c

However, that doesn't quite suit us, our Makefile has us build
record/ssl3_record.o rather than ssl3_record.o.

To clear this up, a change to util/clean-depend.pl takes care of this
case by looking up the original file in the dependencies and restoring
the directory information from it.

Reviewed-by: Ben Laurie <ben@openssl.org>
9 years agoHarmonize pointer printing and size_t-fy casts.
Andy Polyakov [Wed, 30 Sep 2015 08:36:21 +0000 (10:36 +0200)]
Harmonize pointer printing and size_t-fy casts.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agobio/bss_log.c: harmonize format string to silence -Wformat.
Andy Polyakov [Wed, 30 Sep 2015 08:28:14 +0000 (10:28 +0200)]
bio/bss_log.c: harmonize format string to silence -Wformat.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAddress Windows warnings in apps/.
Andy Polyakov [Wed, 30 Sep 2015 08:27:19 +0000 (10:27 +0200)]
Address Windows warnings in apps/.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoExplicitly cast INVALID_SOCKET to (int) to address warnings on Windows.
Andy Polyakov [Wed, 30 Sep 2015 08:15:03 +0000 (10:15 +0200)]
Explicitly cast INVALID_SOCKET to (int) to address warnings on Windows.

Even though SOCKET is effectively declared as (void *) on Windows, it's
not actually a pointer, but an index within per-process table of
kernel objects. The table size is actually limited and its upper limit
is far below upper limit for signed 32-bit integer. This is what makes
cast in question possible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agoFree up ASN.1 structures at top level only.
Dr. Stephen Henson [Sat, 3 Oct 2015 16:15:15 +0000 (17:15 +0100)]
Free up ASN.1 structures at top level only.

When a decoding error in ASN.1 occurs only free up the partial structure
at the top level. This simplifies embedded handling and fixes freeing
up of structures when presented with malformed input.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoFix more d2i cases to properly update the input pointer
Kurt Roeckx [Tue, 29 Sep 2015 17:59:48 +0000 (19:59 +0200)]
Fix more d2i cases to properly update the input pointer

Thanks to David Benjamin <davidben@google.com> for pointing them out.

Reviewed-by: Steve Henson <steve@openssl.org>
MR #1198

9 years agoRemove BIO_s_file_internal macro.
Rich Salz [Wed, 30 Sep 2015 18:32:49 +0000 (14:32 -0400)]
Remove BIO_s_file_internal macro.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoRevert "Custom cipher constants"
Matt Caswell [Thu, 1 Oct 2015 12:51:31 +0000 (13:51 +0100)]
Revert "Custom cipher constants"

This reverts commit 3aabc1dd1c969e60bdea8f827d6645ff04c56b67.

Reviewed-by: Stephen Henson <steve@openssl.org>
9 years agoCustom cipher constants
Dmitry Belyavskiy [Wed, 30 Sep 2015 19:42:57 +0000 (22:42 +0300)]
Custom cipher constants

Add some custom ctrls for Engine specific use.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
9 years agoRemove the hard coded -DOPENSSL_NO_DEPRECATED from DEPFLAG
Richard Levitte [Wed, 30 Sep 2015 13:44:53 +0000 (15:44 +0200)]
Remove the hard coded -DOPENSSL_NO_DEPRECATED from DEPFLAG

Any time you configure with enable-deprecated, make depend would
scream bloody murder.  This change has it quiet down a bit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoChange the DEFAULT ciphersuites to exclude DES, RC4 and RC2
Matt Caswell [Tue, 29 Sep 2015 10:14:35 +0000 (11:14 +0100)]
Change the DEFAULT ciphersuites to exclude DES, RC4 and RC2

This patch updates the "DEFAULT" cipherstring to be
"ALL:!COMPLEMENTOFDEFAULT:!eNULL". COMPLEMENTOFDEFAULT is now defined
internally by a flag on each ciphersuite indicating whether it should be
excluded from DEFAULT or not. This gives us control at an individual
ciphersuite level as to exactly what is in DEFAULT and what is not.

Finally all DES, RC4 and RC2 ciphersuites are added to COMPLEMENTOFDEFAULT
and hence removed from DEFAULT.

Reviewed-by: Tim Hudson <tjh@openssl.org>
9 years agobn/asm/armv4-mont.pl: boost NEON performance.
Andy Polyakov [Fri, 25 Sep 2015 11:43:00 +0000 (13:43 +0200)]
bn/asm/armv4-mont.pl: boost NEON performance.

Close difference gap on Cortex-A9, which resulted in further improvement
even on other processors.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoMake update / libeay.num fix
Rich Salz [Mon, 28 Sep 2015 21:00:00 +0000 (17:00 -0400)]
Make update / libeay.num fix

Looks like someone forgot to do a "make update" since crypto/ts/Makefile
keeps changing.  So include that.

Second is that the declare_dh_bn macro fools the libeay.num script.
The declarations are only needed in one file (dh_rfc5114) so remove
them from the header and put the "raw" declarations directly into that
file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoFix libeay.num
Matt Caswell [Wed, 30 Sep 2015 13:09:26 +0000 (14:09 +0100)]
Fix libeay.num

Removed duplicated ordinals from libeay.num

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoAdd a test for duplicated ordinals
Matt Caswell [Wed, 30 Sep 2015 13:06:14 +0000 (14:06 +0100)]
Add a test for duplicated ordinals

Occaisionally we have had problems where there are duplicated ordinals in
libeay.num or ssleay.num. This adds a test for this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
9 years agoDisplay brief help if no options for list.
Ben Laurie [Wed, 30 Sep 2015 11:17:52 +0000 (12:17 +0100)]
Display brief help if no options for list.

Reviewed-by: Andy Polyakov <appro@openssl.org>
9 years agoAdd GOST12 cms/smime capabilities
Matt Caswell [Tue, 29 Sep 2015 15:43:27 +0000 (16:43 +0100)]
Add GOST12 cms/smime capabilities

Add additional NID references in the CMS/SMIME capabilities code to cater
for GOST12.

Patch supplied by Dmitry Belyavsky <beldmit@gmail.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
9 years agoFix no-stdio build
David Woodhouse [Fri, 11 Sep 2015 18:56:32 +0000 (14:56 -0400)]
Fix no-stdio build

Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>