Todd Short [Tue, 11 Apr 2017 13:02:05 +0000 (09:02 -0400)]
Remove ECDH(E) ciphers from SSLv3
SSLv3 does not support TLS extensions, and thus, cannot provide any
curves for ECDH(E). With the removal of the default (all) list of curves
being used for connections that didn't provide any curves, ECDHE is no
longer possible.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3181)
(cherry picked from commit
fe55c4a20f79c77c64a082c5df2c5e8a61317162)
Rich Salz [Tue, 11 Apr 2017 16:11:34 +0000 (12:11 -0400)]
Additional check to handle BAD SSL_write retry
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3123)
Matt Caswell [Mon, 10 Apr 2017 16:33:29 +0000 (17:33 +0100)]
Reject decoding of an INT64 with a value >INT64_MAX
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3159)
(cherry picked from commit
0856e3f167964f58c26796331eab9d8b0a883921)
Benjamin Kaduk [Tue, 7 Feb 2017 22:23:16 +0000 (16:23 -0600)]
Allow an ALPN callback to pretend to not exist
RFC 7301 mandates that the server SHALL respond with a fatal
"no_application_protocol" alert when there is no overlap between
the client's supplied list and the server's list of supported protocols.
In commit
062178678f5374b09f00d70796f6e692e8775aca we changed from
ignoring non-success returns from the supplied alpn_select_cb() to
treating such non-success returns as indicative of non-overlap and
sending the fatal alert.
In effect, this is using the presence of an alpn_select_cb() as a proxy
to attempt to determine whether the application has configured a list
of supported protocols. However, there may be cases in which an
application's architecture leads it to supply an alpn_select_cb() but
have that callback be configured to take no action on connections that
do not have ALPN configured; returning SSL_TLSEXT_ERR_NOACK from
the callback would be the natural way to do so. Unfortunately, the
aforementioned behavior change also treated SSL_TLSEXT_ERR_NOACK as
indicative of no overlap and terminated the connection; this change
supplies special handling for SSL_TLSEXT_ERR_NOACK returns from the
callback. In effect, it provides a way for a callback to obtain the
behavior that would have occurred if no callback was registered at
all, which was not possible prior to this change.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3158)
(cherry picked from commit
8313a787d770ac1d7ddafcbc41b13e7fb5841eae)
Andy Polyakov [Sat, 8 Apr 2017 20:29:09 +0000 (22:29 +0200)]
rand/rand_lib.c: keep fixing no-engine configuration.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
ce57ac431964f7692af674fd124103d6fe07af2e)
Andy Polyakov [Sat, 8 Apr 2017 16:01:36 +0000 (18:01 +0200)]
asn1/x_long.c: remove conditions in inner loops and dependency on BN.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3152)
(cherry picked from commit
e128f891de71bbdba8391355af8d6d47d20b1969)
Andy Polyakov [Fri, 7 Apr 2017 20:30:13 +0000 (22:30 +0200)]
e_os.h: omit PRIu64.
PRIu64 is error-prone with BIO_printf, so introduce and stick to custom
platform-neutral macro. 'll' allows to print 64-bit values on *all*
supported platforms, but it's problematic with -Wformat -Werror. Hence
use 'l' in identifiable LP64 cases.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3148)
Andy Polyakov [Fri, 7 Apr 2017 18:26:59 +0000 (20:26 +0200)]
bio/b_print.c: drop dependency on BN config.
This might seem controversial, but it doesn't actually affect anything.
Or rather it doesn't make worse cases when it was problematic [with code
additions to 1.1.0]. One of such rare cases is 32-bit PA-RISC target
with *vendor* compiler.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3148)
Rich Salz [Mon, 3 Apr 2017 19:39:09 +0000 (15:39 -0400)]
Standardize on =over 4 and check for it.
(cherry picked from commit
dfc63ccebd8262648640fc6e35fffa132102b967)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3117)
Rich Salz [Fri, 7 Apr 2017 17:37:47 +0000 (13:37 -0400)]
Use 'over 2' for bullet lists.
(cherry picked from commit
7ea8ceab4b21d93eb272a89bff73958010d5c2c4)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3117)
Richard Levitte [Fri, 7 Apr 2017 14:26:10 +0000 (16:26 +0200)]
Fix rand_lib.c for no-engine configuration
When configured no-engine, we still refered to rand_engine_lock.
Rework the lock init code to avoid that.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3145)
(cherry picked from commit
2f881d2d9065342454fe352eac9e835cefa0ba90)
Richard Levitte [Thu, 6 Apr 2017 13:58:38 +0000 (15:58 +0200)]
Don't try to clean up RAND from ENGINE
This is especially harmful since OPENSSL_cleanup() has already called
the RAND cleanup function
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3137)
(cherry picked from commit
789a2b6250d5e05dfde6ce259e79ef8c172c9f3f)
Richard Levitte [Thu, 6 Apr 2017 09:30:03 +0000 (11:30 +0200)]
Make getting and setting the RAND default method thread safe
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3137)
(cherry picked from commit
87975cfa91c3f06a52f2550ed2ef632644be6dde)
Qin Long [Tue, 4 Apr 2017 17:08:16 +0000 (01:08 +0800)]
e_os2.h: Refine OSSL_SSIZE definition under UEFI environment
Under UEFI build environment, we may encounter the OSSL_SSIZE macro
re-definition error in e_os2.h if any module call OpenSSL API directly
by including "openssl/xxxx.h" (caused by the predefined _WIN32/_WIN64
macro, which should have been un-defined under OPENSSL_SYS_UEFI).
Though it's not one recommended usage, this patch could still eliminate
the possible build issue by refining the OSSL_SSIZE definition under
OPENSSL_SYS_UEFI.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3121)
(cherry picked from commit
005f6766284155645fa760cf764f85031e209f6c)
Richard Levitte [Thu, 6 Apr 2017 08:24:55 +0000 (10:24 +0200)]
In rand_cleanup_int(), don't go creating a default method
If no default method was yet given, RAND_get_rand_method() will set it
up. Doing so just to clean it away seems pretty silly, so instead,
use the default_RAND_meth variable directly.
This also clears a possible race condition where this will try to init
things, such as ERR or ENGINE when in the middle of a OPENSSL_cleanup.
Fixes #3128
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3136)
(cherry picked from commit
5006b37b31c5a520c3065048bd8aba8cc3ff128d)
Andy Polyakov [Mon, 3 Apr 2017 21:41:19 +0000 (23:41 +0200)]
Configurations/README: reword bn_ops description.
Fixes GH#3116.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
1bc563caa144a568fc505f210568f5ac5b66315e)
Richard Levitte [Fri, 31 Mar 2017 19:31:43 +0000 (21:31 +0200)]
Fix faulty check of padding in x_long.c
Bug uncovered by test
[extended tests]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3120)
Matt Caswell [Mon, 27 Mar 2017 15:11:11 +0000 (16:11 +0100)]
Fix a possible integer overflow in long_c2i
Credit to OSS-Fuzz for finding this.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3120)
Richard Levitte [Thu, 30 Mar 2017 11:33:33 +0000 (13:33 +0200)]
Convert SSL_SESSION_ASN1 to use size specific integers
This increases portability of SSL_SESSION files between architectures
where the size of |long| may vary. Before this, SSL_SESSION files
produced on a 64-bit long architecture may break on a 32-bit long
architecture.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3120)
Richard Levitte [Thu, 30 Mar 2017 11:33:20 +0000 (13:33 +0200)]
make update
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3120)
Richard Levitte [Thu, 30 Mar 2017 11:31:16 +0000 (13:31 +0200)]
Implement internal ASN.1 types INT32, UINT32, INT64, UINT64
Also Z varieties.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3120)
Matt Caswell [Mon, 3 Apr 2017 11:42:58 +0000 (12:42 +0100)]
Ensure dhparams can handle X9.42 params in DER
dhparams correctly handles X9.42 params in PEM format. However it failed
to correctly processes them when reading/writing DER format.
Fixes #3102
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3111)
(cherry picked from commit
18d20b5eb66fda0ada2e65c2b19aeae75827bdf8)
Matt Caswell [Mon, 3 Apr 2017 11:41:04 +0000 (12:41 +0100)]
Add missing macros for DHxparams
DHparams has d2i_DHparams_fp, d2i_DHxparams_bio etc, but the equivalent
macros for DHxparams were omitted.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3111)
(cherry picked from commit
ff79a24402108ba2cc313f52c745b69d473eb4b1)
Andy Polyakov [Sat, 1 Apr 2017 13:28:28 +0000 (15:28 +0200)]
crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X.
It seems to be problematic to probe processor capabilities with SIGILL
on MacOS X. The problem should be limited to cases when application code
is debugged, but crashes were reported even during normal execution...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit
0bd93bbe4ae60e5f318b298bfe617e468a7b71d0)
Andy Polyakov [Fri, 31 Mar 2017 12:37:10 +0000 (14:37 +0200)]
Configure: use 5.10.0, don't require...
Configure started with 'require 5.10.0', but if executed by older perl
it failed with "might be runaway multi-line // string" instead of
naturally expected "Perl v5.10.0 required--this is only v5.x.y".
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
d83112b7fd3b0e751f8a5947e5a93db1cbbe86dc)
Andy Polyakov [Thu, 30 Mar 2017 21:07:26 +0000 (23:07 +0200)]
e_afalg.[ch]: fix --strict-warnings with gcc 4.x and 32-bit build.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
c27778d8adf7fca3128ece0b7efca09f628008b9)
Sebastian Andrzej Siewior [Fri, 31 Mar 2017 18:48:28 +0000 (20:48 +0200)]
Don't mention TLS 1.3 in the man page
The man pages for ciphers, s_client and s_server mention the tls1_3
option but it is not implemented in the 1.1.0 branch. Thus remove it to
avoid confusion.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3099)
Jon Spillett [Thu, 30 Mar 2017 04:13:44 +0000 (14:13 +1000)]
Fix for #2730. Add CRLDP extension to list of supported extensions
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3087)
(cherry picked from commit
e6f648fd880369e186039501c960809b17f96e88)
FdaSilvaYY [Wed, 29 Mar 2017 19:26:13 +0000 (21:26 +0200)]
More typo fixes
Backport of
69687aa829bc8bdcaf5468eb3dd0ada13700b7aa
(Merged from #3069)
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3079)
Andy Polyakov [Sun, 26 Mar 2017 15:40:32 +0000 (17:40 +0200)]
engines/e_capi.c: slip in PROV_RSA_AES for interchangable CSP only.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3034)
(cherry picked from commit
8ab9af5e28032478dd130467751b2e241eaee719)
Andy Polyakov [Sun, 26 Mar 2017 15:39:14 +0000 (17:39 +0200)]
engines/e_capi.c: adhere to CryptAcquireContextW unconditionally.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
3a5b64b2f039a237b595961da07350b3f23282d0)
Andy Polyakov [Sun, 26 Mar 2017 14:12:10 +0000 (16:12 +0200)]
engine/e_capi.c: more formatting and styling fixes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
8f0e5888ea4c577c5a1f0d667786da6376099c86)
Andy Polyakov [Fri, 24 Mar 2017 15:00:31 +0000 (16:00 +0100)]
engines/e_capi.c: formatting and styling fixes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
e08b444ac097825b10d3b90dbdb0d7197567cc4d)
Steven Collison [Tue, 28 Mar 2017 19:46:07 +0000 (12:46 -0700)]
doc: Add stitched ciphers to EVP_EncryptInit.pod
These ciphers don't appear to be documented anywhere. Given the
performance[1] benefits I think it makes sense to expose them.
[1] https://software.intel.com/sites/default/files/open-ssl-performance-paper.pdf
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3067)
(cherry picked from commit
209fac9f8a24000beaa8a438517115b42ca7e7c6)
Steven Collison [Tue, 28 Mar 2017 16:02:37 +0000 (09:02 -0700)]
doc: Add missing options in s_{server,client}
These were added to the help in
ad775e04f6dab but not the pods.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3065)
(cherry picked from commit
254b58fd7335fa3c58e2535d46658109ffd8bdcd)
Jon Spillett [Tue, 28 Mar 2017 22:34:37 +0000 (08:34 +1000)]
Add documentation for SNI APIs
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3071)
(cherry picked from commit
8c55c4614731487449a02f90ff9a209ff6c63447)
Rich Salz [Tue, 28 Mar 2017 20:31:54 +0000 (16:31 -0400)]
Remove duplicate doc
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3068)
(cherry picked from commit
a01dbac232166563cdeafcbe31f321c05d164a10)
FdaSilvaYY [Thu, 10 Nov 2016 00:22:17 +0000 (01:22 +0100)]
Fix 0 -> NULL, indentation
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
(cherry picked from commit
a6ac1ed686346d2164c16446624c973e51d3ae92)
FdaSilvaYY [Thu, 10 Nov 2016 00:16:27 +0000 (01:16 +0100)]
Refomat a few comments on 80 cols
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
(cherry picked from commit
cbe952418376a25acd872db4281a0b09735001f1)
FdaSilvaYY [Fri, 17 Feb 2017 22:13:26 +0000 (23:13 +0100)]
Fix a few more typos
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
(cherry picked from commit
1ee4b98e695cd041da931c10fbdaf82f0ee0f268)
FdaSilvaYY [Fri, 10 Feb 2017 22:17:00 +0000 (23:17 +0100)]
Spelling fixes
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
(cherry picked from commit
a8cd439bf58708ffe234a9f707cf6a394d28a1f9)
Jon Spillett [Tue, 28 Mar 2017 06:22:07 +0000 (16:22 +1000)]
Add documentation for SSL_*_ex_data() functions
[skip ci]
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3050)
(cherry picked from commit
09fdfa4b2fe4c9770c27cd523a5bf55b1d50eac9)
Rich Salz [Tue, 28 Mar 2017 13:24:16 +0000 (09:24 -0400)]
Move PRIu64 to e_os.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3061)
Matt Caswell [Fri, 24 Mar 2017 16:01:50 +0000 (16:01 +0000)]
Provide documentation for missing SSL_SESSION_* functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3052)
(cherry picked from commit
b31db50528ccfd493b3be73f55c53f4606943d28)
Emilia Kasper [Tue, 28 Mar 2017 11:08:07 +0000 (13:08 +0200)]
asynctest: don't depend on apps
Remove unnecessary include of apps.h. Tests shouldn't take a
dependency on apps. In this case, there is no dependency, the include
is unnecessary.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Hannes Magnusson [Mon, 27 Mar 2017 23:26:33 +0000 (16:26 -0700)]
Remove redundant decl of 509_STORE_set_flags
a47bc283 accidentally adds another define for X509_STORE_set_flags
It is already defined 5lines prior
CLA: trivial
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3047)
(cherry picked from commit
feb891990a5137bbe11768a11100d2b423a6b11e)
Richard Levitte [Sun, 26 Mar 2017 18:01:44 +0000 (20:01 +0200)]
In err_cleanup(), cleanup the thread local storage too
Fixes #3033
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3035)
(cherry picked from commit
165f1c3ef39680471339d21b9f6c12ea86b4a26a)
Andy Polyakov [Sat, 25 Mar 2017 09:58:57 +0000 (10:58 +0100)]
aes/asm/bsaes-armv7.pl: relax stack alignment requirement.
Even though Apple refers to Procedure Call Standard for ARM Architecture
(AAPCS), they apparently adhere to custom version that doesn't follow
stack alignment constraints in the said standard. [Why or why? If it's
vendor lock-in thing, then it would be like worst spot ever.] And since
bsaes-armv7 relied on standard alignment, it became problematic to
execute the code on iOS.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit
0822d41b6d54132df96c02cc6f6fa9b179378351)
Bernd Edlinger [Fri, 24 Mar 2017 08:03:54 +0000 (09:03 +0100)]
Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3023)
(cherry picked from commit
1b6f5a4d3b8cdb02e0bba6878a2b70c850522440)
Zack Williams [Sat, 18 Mar 2017 01:43:53 +0000 (18:43 -0700)]
"any" instead of "and"
The "and" should be an "any"
Fixed in LibreSSL's docs: http://man.openbsd.org/man5/x509v3.cnf.5#Subject_alternative_name
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2980)
(cherry picked from commit
a41815f05e71009d2a5148bd30b70f47186ed66b)
Ian Spence [Fri, 17 Mar 2017 02:06:52 +0000 (19:06 -0700)]
Fix function documentation
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2972)
(cherry picked from commit
f5fd3848fe5033534b92d2d18ed6fbd16741a0a2)
Andy Polyakov [Wed, 22 Mar 2017 09:51:25 +0000 (10:51 +0100)]
bn/asm/sparcv9-mont.pl: fix squaring code path.
This module is used only with odd input lengths, i.e. not used in normal
PKI cases, on contemporary processors. The problem was "illuminated" by
fuzzing tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
120a9e1a825bd0407639bedb1e8e15823cf7a545)
Rich Salz [Thu, 23 Mar 2017 17:04:52 +0000 (13:04 -0400)]
Look for comma before - in POD pages
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3021)
(cherry picked from commit
3ba4dac67a63c2d2589d46095d989b301cd62650)
Richard Levitte [Thu, 23 Mar 2017 14:09:41 +0000 (15:09 +0100)]
Fix find-doc-nits: { is significant in regexps
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3019)
(cherry picked from commit
5d5835219ea84b6aa35f82791fdc585362e210d4)
Andy Polyakov [Mon, 20 Mar 2017 11:47:08 +0000 (12:47 +0100)]
modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors.
One could have fixed the problem by arranging 64-bit alignment of
EVP_AES_OCB_CTX.aad_buf in evp/e_aes.c, but CRYPTO_ocb128_aad
prototype doesn't imply alignment and we have to honour it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2994)
(cherry picked from commit
a2bb183623dac253792753b82e291fd1d180aa78)
Andy Polyakov [Mon, 20 Mar 2017 10:38:25 +0000 (11:38 +0100)]
aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
Initial IV was disregarded on SHAEXT-capable processors. Amazingly
enough bulk AES128-SHA* talk-to-yourself tests were passing.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2992)
(cherry picked from commit
08d09628d2c9f3ef599399d8cad021a07ab98347)
Richard Levitte [Tue, 21 Mar 2017 12:18:32 +0000 (13:18 +0100)]
Fix test/recipes/80-test_ssl_old.t
Cherry-pick error
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3006)
David Benjamin [Tue, 21 Mar 2017 04:27:35 +0000 (00:27 -0400)]
Remove duplicate X509_OBJECT free function.
These two functions do the same thing.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3001)
(cherry picked from commit
b6ef12c4baa3a2c1ff0e3ac71270588dfcfe8cbd)
Richard Levitte [Wed, 15 Mar 2017 01:40:55 +0000 (02:40 +0100)]
Rework how protocol specific ciphers in 80-test_ssl_old.t are picked out
The code to do this incorrectly assumed that the protocol version
could be used as a valid cipher suite for the 'openssl cipher'
command. While this is true in some cases, that isn't something to be
trusted. Replace that assumption with code that takes the full
'openssl ciphers' command output and parses it to find the ciphers we
look for.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2956)
(cherry picked from commit
9ea6d56d044a95459e563abdc85aed26149e6ee9)
Richard Levitte [Mon, 20 Mar 2017 20:31:02 +0000 (21:31 +0100)]
Fix decoding of ASN.1 LONG and ZLONG items
LONG and ZLONG items (which are OpenSSL private special cases of
ASN1_INTEGER) are encoded into DER with padding if the leading octet
has the high bit set, where the padding can be 0x00 (for positive
numbers) or 0xff (for negative ones).
When decoding DER to LONG or ZLONG, the padding wasn't taken in
account at all, which means that if the encoded size with padding
is one byte more than the size of long, decoding fails. This change
fixes that issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3000)
Rich Salz [Mon, 20 Mar 2017 20:25:22 +0000 (16:25 -0400)]
Document BIO_printf family
Also fix an error in UI_STRING (typo; wrong case).
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2999)
(cherry picked from commit
2ca2e9175d54dc66a66fe2a51ff5dd9b3bc899dc)
Bernd Edlinger [Mon, 20 Mar 2017 17:52:44 +0000 (18:52 +0100)]
Fix the error handling in CRYPTO_dup_ex_data.
Fix a strict aliasing issue in ui_dup_method_data.
Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2997)
Richard Levitte [Mon, 20 Mar 2017 11:29:37 +0000 (12:29 +0100)]
Fix docs for X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert()
They both return 2 when the revoked entry that's found has the reason
removeFromCRL.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2993)
(cherry picked from commit
cdd6c8c5785f44026d58b542431674598db18493)
Péter Budai [Tue, 11 Oct 2016 17:26:23 +0000 (19:26 +0200)]
Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation.
The documentation of this function states that the password parameter
can be NULL. However, the implementation returns an error in this case
due to the inner workings of the HMAC_Init_ex() function.
With this change, NULL password will be treated as an empty string and
PKCS5_PBKDF2_HMAC() no longer fails on this input.
I have also added two new test cases that tests the handling of the
special values NULL and -1 of the password and passlen parameters,
respectively.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1692)
(cherry picked from commit
fa013b65241dfed9b7d9e10e0adfedc9869c797e)
Matt Caswell [Fri, 17 Mar 2017 10:21:25 +0000 (10:21 +0000)]
Fix no-dtls builds
Commits
f2ff1432f in master and
14d4d7eda in 1.1.0 broke the no-dtls build
by moving the position of a "#endif" for OPENSSL_NO_DTLS in a change
which is otherwise unrelated to DTLS. This puts it back to where it was.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2974)
(cherry picked from commit
9998b32cb63b0bdd3d014abfa1d70e9a2c20a283)
Paul Yang [Thu, 16 Mar 2017 09:05:30 +0000 (17:05 +0800)]
Fix typo in ASYNC_WAIT_CTX_new.pod doc
For the function that get the changed fds, it should be
'ASYNC_WAIT_CTX_get_changed_fds()' instead of 'ASYNC_WAIT_CTX_fds_have_changed()'.
CLA: trivial
Signed-off-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2967)
Richard Levitte [Tue, 14 Mar 2017 16:01:19 +0000 (17:01 +0100)]
Rather use -out parameter than redirect stdout
On some platforms, setting stdout to binary mode isn't quite enough,
which makes the result unusable. With -out, we have better control.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2939)
(cherry picked from commit
d8f9213ae2f0c59198fe56eeb70c34d735422254)
FdaSilvaYY [Mon, 5 Dec 2016 23:42:01 +0000 (00:42 +0100)]
Simplify code around next_proto.len by changing 'len' data type.
clean an useless static qualifier and a dead comment.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2278)
(cherry picked from commit
f2ff1432fc50e5033471859dc9899eb219278a7a)
Bernd Edlinger [Tue, 14 Mar 2017 14:10:52 +0000 (15:10 +0100)]
Fixed a crash in print_notice.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2935)
(cherry picked from commit
29d1fad78899e5ae2997b19937a175784b21c996)
Pauli [Wed, 15 Mar 2017 04:29:08 +0000 (14:29 +1000)]
Update doc for sk_TYPE_find() and sk_TYPE_find_ex()
to better describe the vagaries in their behaviour.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2958)
(cherry picked from commit
89b06ca7b0b08d31ac48275d1376a7046dd75f55)
Andy Polyakov [Tue, 14 Mar 2017 20:29:24 +0000 (21:29 +0100)]
NOTES.WIN: mention Strawberry Perl as option.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit
3a80bd29be74b50771dd20e15282db693dbe9522)
Richard Levitte [Tue, 14 Mar 2017 21:22:17 +0000 (22:22 +0100)]
VMS: throw away [.util]shareable_image_wrap.c.in and add replacement scripts
[.util]shareable_image_wrap.c.in was never useful because lib$spawn()
insisted on combining stdout and stderr into one.
Instead, we introduce two scripts that create and destroy a temporary
environment where the local shareable images become available,
[.util]local_shlib.com and [.util]unlocal_shlib.com.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2948)
Benjamin Kaduk [Tue, 14 Mar 2017 16:37:42 +0000 (11:37 -0500)]
Fix a -Wsign-compare warning
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2940)
(cherry picked from commit
96a5d7fdbaa7aea5e5090e0f7dc2973943986fc9)
Benjamin Kaduk [Tue, 14 Mar 2017 16:36:07 +0000 (11:36 -0500)]
Fix some -Wshadow warnings
Found using various (old-ish) versions of gcc.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2940)
(cherry picked from commit
aebe9e399109dcde63a1d0328ffdfc5619b49431)
Bernd Edlinger [Wed, 8 Mar 2017 18:09:42 +0000 (19:09 +0100)]
Added a test case for RSA_padding_add_PKCS1_PSS_mgf1.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2881)
Bernd Edlinger [Wed, 8 Mar 2017 17:53:36 +0000 (18:53 +0100)]
Fix a crash or unbounded allocation in RSA_padding_add_PKCS1_PSS_mgf1
and RSA_verify_PKCS1_PSS_mgf1 with 512-bit RSA vs. sha-512.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2881)
Richard Levitte [Mon, 13 Mar 2017 20:25:37 +0000 (21:25 +0100)]
Better way to recognise mingw64 in config script
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2922)
(cherry picked from commit
41bee3e8fb749504f21f78dbf3eca85e5b84820b)
Andy Polyakov [Sun, 12 Mar 2017 14:32:59 +0000 (15:32 +0100)]
poly1305/asm/poly1305-armv8.pl: ilp32-specific poly1305_init fix.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit
a25cef89fdf40c738f7e7a456f285217dc41fd6b)
Andy Polyakov [Sun, 12 Mar 2017 13:45:06 +0000 (14:45 +0100)]
crypto/x86*cpuid.pl: move extended feature detection.
Exteneded feature flags were not pulled on AMD processors, as result
a number of extensions were effectively masked on Ryzen. Original fix
for x86_64cpuid.pl addressed this problem, but messed up processor
vendor detection. This fix moves extended feature detection past
basic feature detection where it belongs. 32-bit counterpart is
harmonized too.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
1aed5e1ac28790cc915ad03e86e2d5e896a4ea13)
Richard Levitte [Mon, 13 Mar 2017 12:20:55 +0000 (13:20 +0100)]
Document in CHANGES that config now recognises 64-bit mingw
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2917)
(cherry picked from commit
b1fa4031feb94e1406f3bd2ba0f771e48d0407b5)
Richard Levitte [Mon, 13 Mar 2017 08:09:43 +0000 (09:09 +0100)]
Recognise mingw64 in config script
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2914)
(cherry picked from commit
57cb3385b109ff66f7cb0b81ad3a89543bfd6f68)
Rich Salz [Sat, 11 Mar 2017 17:48:32 +0000 (12:48 -0500)]
Fix some doc nits
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2909)
(cherry picked from commit
d4ea9659d9bc6577627b085d7cb6cdc7b94fee20)
Matt Caswell [Fri, 10 Mar 2017 10:51:35 +0000 (10:51 +0000)]
Fix out-of-memory condition in conf
conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.
Credit to OSS-Fuzz for finding this problem.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
(cherry picked from commit
8a585601fea1091022034dd14b961c1ecd5916c3)
Rich Salz [Sat, 11 Mar 2017 15:28:45 +0000 (10:28 -0500)]
Handle find-doc-nits script rename
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit
a3b0d466930ec45bc3ddf4c9e853d73d37783f44)
Rich Salz [Sat, 11 Mar 2017 13:56:44 +0000 (08:56 -0500)]
Fix many doc L<> errors
Add 2017 copyright year
Add missing typedef to NAME
Remove ec(7) and bn(7) doc links
Remove .pod link errors, bogus links, make a few typo corrections
Fix some typo's in links and some missing items.
Don't link to C runtime functions (See OPENSSL_malloc for example/precedent)
Document ASN1_tag2str(), add a few typedef's that were missing from NAME
Update doc-nits target; addresses
https://github.com/openssl/openssl/pull/1900#issuecomment-
259943891,
Merge check-doc-links into find-doc-nits; if run regularly, would have found
https://github.com/openssl/openssl/pull/2825
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2862)
(cherry picked from commit
9e183d2271653cbba2d9cf56d40c1356705207aa)
Richard Levitte [Sat, 11 Mar 2017 09:51:04 +0000 (10:51 +0100)]
UI docs: Rephrase the UI method function return value description
It seems the =item isn't supposed to have pure numbers, or so tells me
perldoc.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2906)
(cherry picked from commit
8e3d46e58ba1b754f0c3fdddd47f7c451f0b2b23)
Richard Levitte [Fri, 10 Mar 2017 23:54:52 +0000 (00:54 +0100)]
Fix UI_get0_action_string()
It shouldn't try to return an action description for UIT_PROMPT type
UI strings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2904)
(cherry picked from commit
6e470e190853f59a394dc92fefd74666c94266f4)
Richard Levitte [Fri, 10 Mar 2017 23:51:53 +0000 (00:51 +0100)]
Document UI_METHOD and UI_STRING, both useful for UI_METHOD creators
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2903)
(cherry picked from commit
5469600e367a1a4cf3dd929159b5bc8091db49de)
Pauli [Tue, 7 Mar 2017 05:36:16 +0000 (15:36 +1000)]
Use the callbacks from the SSL object instead of the SSL_CTX object
... in functions dealing with the SSL object rather than the context.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2870)
(cherry picked from commit
d61461a7525322d188f9c6e3f90cfc93916cc636)
Bernd Edlinger [Fri, 10 Mar 2017 14:10:41 +0000 (15:10 +0100)]
Avoid questionable use of the value of a pointer that refers to space
deallocated by a call to the free function in tls_decrypt_ticket.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2897)
Matt Caswell [Fri, 10 Mar 2017 15:49:04 +0000 (15:49 +0000)]
Fix some RSA documentation
RSA_private_encrypt(), RSA_public_decrypt(), RSA_public_encrypt() and
RSA_private_decrypt() are declared with a "const" from parameter, but
this is not reflected in the docs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2899)
(cherry picked from commit
b41f6b64f809e5992b9f1b601b3dff1a2129da2d)
Pauli [Wed, 8 Mar 2017 23:42:25 +0000 (09:42 +1000)]
Make the output of enc -ciphers identical
even if run several times in a session.
This amounts to moving the column counter so it isn't a function local
static variable and reinitialising it each time.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2884)
(cherry picked from commit
2b305ab02e0977ed71c255cc386ff75c397d7820)
Jon Spillett [Wed, 1 Mar 2017 04:22:21 +0000 (14:22 +1000)]
Exit the loop on failure
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2805)
(cherry picked from commit
f125430063dd81efe098c99542b02b2a918adc1d)
Pauli [Wed, 8 Mar 2017 01:18:55 +0000 (11:18 +1000)]
Limit the output of the enc -ciphers command
to just the ciphers enc can
process. This means no AEAD ciphers and no XTS mode.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2876)
(cherry picked from commit
777f1708a88f85569304caeca197c96ef912b236)
Roberto Guimaraes [Sun, 26 Feb 2017 23:47:40 +0000 (15:47 -0800)]
prevent undefined behavior when src and dst are equal
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2750)
(cherry picked from commit
6aad9393680ccde591905c8d71da92a241756394)
Matt Caswell [Fri, 3 Mar 2017 12:41:39 +0000 (12:41 +0000)]
Provide a function to test whether we have unread records pending
Also updates SSL_has_pending() to use it. This actually fixes a bug in
SSL_has_pending() which is supposed to return 1 if we have any processed
or unprocessed data sitting in OpenSSL buffers. However it failed to return
1 if we had processed non-application data pending.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2875)
(cherry picked from commit
b8c49611bc26c8f9a980b814496a3069cd524b79)
Pauli [Mon, 6 Mar 2017 22:45:48 +0000 (08:45 +1000)]
Remove doc reference to non-existing GCM example
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2866)
(cherry picked from commit
f6ff4e32d48f8929fa33781bff5e6e42c713564f)
Rich Salz [Thu, 16 Feb 2017 16:13:47 +0000 (11:13 -0500)]
Get pointer type right in BIO_ssl_shutdown()
Also, restore 1.0.2 behavior of looping over all BIO's in the chain.
Thanks to Joseph Bester for finding this and suggesting a fix to the
crash.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2651)
(cherry picked from commit
9015d34e141af747f7c750f8d08f862b2a8273c7)
Andy Polyakov [Sun, 5 Mar 2017 19:38:36 +0000 (20:38 +0100)]
crypto/x86_64cpuid.pl: move extended feature detection upwards.
Exteneded feature flags were not pulled on AMD processors, as result a
number of extensions were effectively masked on Ryzen. It should have
been reported for Excavator since it implements AVX2 extension, but
apparently nobody noticed or cared...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit
f8418d87e191e46b81e1b9548326ab2876fa0907)
Pauli [Tue, 7 Mar 2017 00:12:05 +0000 (10:12 +1000)]
Increase the password buffer size to APP_PASS_LEN.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2868)
(cherry picked from commit
bf580d5f30368f7ebc4c44f10575b5f0b411d594)