oweals/openssl.git
8 years agoMark VC templates correctly.
Richard Levitte [Mon, 31 Oct 2016 15:40:36 +0000 (16:40 +0100)]
Mark VC templates correctly.

VC-noCE-common and VC-WIN64-common were missing this line:

        template         => 1,

Fixes GH#1809

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1811)

8 years agoTry to unify BIO read/write parameter names
Benjamin Kaduk [Fri, 28 Oct 2016 16:53:00 +0000 (11:53 -0500)]
Try to unify BIO read/write parameter names

After the recent reworking, not everything matched up, and some
comments didn't catch up to the outl-->dlen and inl-->dlen renames
that happened during the development of the recent patches.

Try to make parameter names consistent across header, implementation,
and manual pages.

Also remove some trailing whitespace that was inadvertently introduced.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1798)

8 years agoWordsmith INSTALL
Benjamin Kaduk [Wed, 31 Aug 2016 22:06:22 +0000 (17:06 -0500)]
Wordsmith INSTALL

Make it clear that the OPENSSL_LOCAL_CONFIG_DIR settings take
precedence over the in-tree configs.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1798)

8 years agoFix stdio build following BIO size_t work
Matt Caswell [Thu, 27 Oct 2016 11:59:26 +0000 (12:59 +0100)]
Fix stdio build following BIO size_t work

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix more shadowed variable warnings
Matt Caswell [Tue, 25 Oct 2016 23:05:25 +0000 (00:05 +0100)]
Fix more shadowed variable warnings

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix some feedback issues for BIO size_t-ify
Matt Caswell [Tue, 25 Oct 2016 12:19:59 +0000 (13:19 +0100)]
Fix some feedback issues for BIO size_t-ify

Rename some parameters; add some error codes; fix a comment; etc

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdd some sanity checks for BIO_read* and BIO_gets
Matt Caswell [Fri, 21 Oct 2016 14:21:55 +0000 (15:21 +0100)]
Add some sanity checks for BIO_read* and BIO_gets

Make sure the return value isn't bigger than the buffer len

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMore parameter naming of BIO_read*/BIO_write* related functions
Matt Caswell [Fri, 21 Oct 2016 14:15:51 +0000 (15:15 +0100)]
More parameter naming of BIO_read*/BIO_write* related functions

Based on feedback received.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoTweaks based on review feedback of BIO size_t work
Matt Caswell [Fri, 21 Oct 2016 13:35:26 +0000 (14:35 +0100)]
Tweaks based on review feedback of BIO size_t work

Rename some parameters.
Also change handling of buffer sizes >INT_MAX in length.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoEnsure that BIO_read_ex() and BIO_write_ex() only return 0 or 1
Matt Caswell [Fri, 21 Oct 2016 12:07:06 +0000 (13:07 +0100)]
Ensure that BIO_read_ex() and BIO_write_ex() only return 0 or 1

They should return 0 for a failure (retryable or not), and 1 for a success.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRead up to INT_MAX when calling legacy BIO_read() implementations
Matt Caswell [Thu, 20 Oct 2016 23:09:02 +0000 (00:09 +0100)]
Read up to INT_MAX when calling legacy BIO_read() implementations

In converting a new style BIO_read() call into an old one, read
as much data as we can (INT_MAX), if the size of the buffer is
>INT_MAX.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix a shadowed variable declaration warning
Matt Caswell [Thu, 20 Oct 2016 23:00:40 +0000 (00:00 +0100)]
Fix a shadowed variable declaration warning

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix some bogus uninit variable warnings
Matt Caswell [Thu, 20 Oct 2016 23:00:19 +0000 (00:00 +0100)]
Fix some bogus uninit variable warnings

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoDocument the new BIO functions introduced as part of the size_t work
Matt Caswell [Thu, 20 Oct 2016 08:56:18 +0000 (09:56 +0100)]
Document the new BIO functions introduced as part of the size_t work

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoEnsure all BIO functions call the new style callback
Matt Caswell [Thu, 20 Oct 2016 12:48:31 +0000 (13:48 +0100)]
Ensure all BIO functions call the new style callback

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoCreate BIO_write_ex() which handles size_t arguments
Matt Caswell [Thu, 20 Oct 2016 14:18:39 +0000 (15:18 +0100)]
Create BIO_write_ex() which handles size_t arguments

Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_write_ex function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoCreate BIO_read_ex() which handles size_t arguments
Matt Caswell [Mon, 5 Sep 2016 16:26:58 +0000 (17:26 +0100)]
Create BIO_read_ex() which handles size_t arguments

Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_read function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix a double free in ca command line
Matt Caswell [Mon, 10 Oct 2016 15:53:11 +0000 (16:53 +0100)]
Fix a double free in ca command line

Providing a spkac file with no default section causes a double free.

Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
8 years agoAdd a test for BIO_read() returning 0 in SSL_read() (and also for write)
Matt Caswell [Thu, 27 Oct 2016 12:46:57 +0000 (13:46 +0100)]
Add a test for BIO_read() returning 0 in SSL_read() (and also for write)

A BIO_read() 0 return indicates that a failure occurred that may be
retryable. An SSL_read() 0 return indicates a non-retryable failure. Check
that if BIO_read() returns 0, SSL_read() returns <0. Same for SSL_write().

The asyncio test filter BIO already returns 0 on a retryable failure so we
build on that.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoA zero return from BIO_read()/BIO_write() could be retryable
Matt Caswell [Fri, 21 Oct 2016 12:25:19 +0000 (13:25 +0100)]
A zero return from BIO_read()/BIO_write() could be retryable

A zero return from BIO_read()/BIO_write() could mean that an IO operation
is retryable. A zero return from SSL_read()/SSL_write() means that the
connection has been closed down (either cleanly or not). Therefore we
should not propagate a zero return value from BIO_read()/BIO_write() back
up the stack to SSL_read()/SSL_write(). This could result in a retryable
failure being treated as fatal.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoProvide a cross-platform format specifier (OSSLzu) for printing size_t
Matt Caswell [Tue, 25 Oct 2016 14:28:30 +0000 (15:28 +0100)]
Provide a cross-platform format specifier (OSSLzu) for printing size_t

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMove manpages to man[1357] structure.
Rich Salz [Wed, 26 Oct 2016 17:56:48 +0000 (13:56 -0400)]
Move manpages to man[1357] structure.

Move manpages to manX directories
Add Windows/VMS install fix from Richard Levitte
Update README
Fix typo's
Remove some duplicates

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoVMS: tell the C compiler to use the ISO C94 standard
Richard Levitte [Wed, 26 Oct 2016 16:04:40 +0000 (18:04 +0200)]
VMS: tell the C compiler to use the ISO C94 standard

The current version of the VMS compiler provides C99 features,
strictly language wise.  Unfortunately, even the most recent standard
library isn't fully updated for that standard, so we need to use an
earlier standard that the compiler supports.

Most importantly, this affects the __STDC_VERSION__ value, which the
compiler unfortunately currently defaults to 199901L.  With this
change we won't have to give VMS special treatment when looking for
features based on that macro.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1785)

8 years agoFix typo (reported by Matthias St. Pierre)
Rich Salz [Wed, 26 Oct 2016 15:48:43 +0000 (11:48 -0400)]
Fix typo (reported by Matthias St. Pierre)

Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoBackdated note in CHANGES about shared library names
Richard Levitte [Fri, 21 Oct 2016 22:50:25 +0000 (00:50 +0200)]
Backdated note in CHANGES about shared library names

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1767)

8 years agoAdd some notes on shared library names on different platforms
Richard Levitte [Fri, 21 Oct 2016 22:49:27 +0000 (00:49 +0200)]
Add some notes on shared library names on different platforms

This is overdue since the addition of the unified build system

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1767)

8 years agoppccap.c: engage new multipplication and squaring subroutines.
Andy Polyakov [Fri, 9 Sep 2016 15:25:04 +0000 (17:25 +0200)]
ppccap.c: engage new multipplication and squaring subroutines.

[And remove FPU mutiplication subroutine.]

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agobn/asm/ppc-mont.pl: add optimized multiplication and squaring subroutines.
Andy Polyakov [Fri, 9 Sep 2016 15:19:58 +0000 (17:19 +0200)]
bn/asm/ppc-mont.pl: add optimized multiplication and squaring subroutines.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agobn/asm/ppc-mont.pl: prepare for extension.
Andy Polyakov [Fri, 9 Sep 2016 14:33:22 +0000 (16:33 +0200)]
bn/asm/ppc-mont.pl: prepare for extension.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agosha/asm/sha512-armv8.pl: adapt for kernel use.
Andy Polyakov [Tue, 11 Oct 2016 08:08:22 +0000 (10:08 +0200)]
sha/asm/sha512-armv8.pl: adapt for kernel use.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdd NPN to an SSL3 build
Rich Salz [Tue, 27 Sep 2016 13:23:24 +0000 (09:23 -0400)]
Add NPN to an SSL3 build

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1629)

8 years agox86_64 assembly pack: add Goldmont performance results.
Andy Polyakov [Fri, 14 Oct 2016 11:25:06 +0000 (13:25 +0200)]
x86_64 assembly pack: add Goldmont performance results.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agosha/keccak1600.c: add known answer and verify result with memcmp.
Andy Polyakov [Fri, 14 Oct 2016 15:19:28 +0000 (17:19 +0200)]
sha/keccak1600.c: add known answer and verify result with memcmp.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agocrypto/sha: add Keccak1600 primitives to build SHA-3 upon.
Andy Polyakov [Wed, 12 Oct 2016 13:47:45 +0000 (15:47 +0200)]
crypto/sha: add Keccak1600 primitives to build SHA-3 upon.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAdd a github pull request template
Kurt Roeckx [Sat, 22 Oct 2016 11:55:59 +0000 (13:55 +0200)]
Add a github pull request template

Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1770

8 years agoFix support for DragonFly BSD
jrmarino [Fri, 21 Oct 2016 13:48:31 +0000 (08:48 -0500)]
Fix support for DragonFly BSD

The __DragonFly__ macros were introduced in issue #1546 along with a
function naming fix, but it was decided they should be handled
separately.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1765)

8 years agoEfence is antiquated, remove all traces of using it
Richard Levitte [Fri, 21 Oct 2016 23:24:54 +0000 (01:24 +0200)]
Efence is antiquated, remove all traces of using it

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1768)

8 years agoCorrect installation test in appveyor
Richard Levitte [Fri, 21 Oct 2016 09:55:04 +0000 (11:55 +0200)]
Correct installation test in appveyor

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1759)

8 years agoFix grammar error in SSL_CTX_set_min_proto_version
Claus Assmann [Fri, 21 Oct 2016 10:15:39 +0000 (06:15 -0400)]
Fix grammar error in SSL_CTX_set_min_proto_version

CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1762)

8 years agoGH1546: Fix old names in cryptodev code.
Rich Salz [Fri, 16 Sep 2016 16:07:36 +0000 (12:07 -0400)]
GH1546: Fix old names in cryptodev code.

Add DragonFly version of BSD.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1584)

8 years agoapps: remove some #ifndef clutter
Richard Levitte [Wed, 19 Oct 2016 17:49:43 +0000 (19:49 +0200)]
apps: remove some #ifndef clutter

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1643)

8 years agoapps: instead of varying implementation, make setup_engine a function always
Richard Levitte [Wed, 19 Oct 2016 17:49:22 +0000 (19:49 +0200)]
apps: instead of varying implementation, make setup_engine a function always

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1643)

8 years agoIf an engine comes up explicitely, it must also come down explicitely
Richard Levitte [Wed, 28 Sep 2016 21:39:18 +0000 (23:39 +0200)]
If an engine comes up explicitely, it must also come down explicitely

In apps/apps.c, one can set up an engine with setup_engine().
However, we freed the structural reference immediately, which means
that for engines that don't already have a structural reference
somewhere else (because it's a built in engine), we end up returning
an invalid reference.

Instead, the function release_engine() is added, and called at the end
of the routines that call setup_engine().

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1643)

8 years agoOpenSSL::Test - small fixup
Richard Levitte [Tue, 18 Oct 2016 18:55:07 +0000 (20:55 +0200)]
OpenSSL::Test - small fixup

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1686)

8 years agoOpenSSL::Test cleanup - no forward declarations needed
Richard Levitte [Mon, 17 Oct 2016 05:06:39 +0000 (07:06 +0200)]
OpenSSL::Test cleanup - no forward declarations needed

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1686)

8 years agoappveyor: make tests verbose
Richard Levitte [Thu, 13 Oct 2016 08:44:33 +0000 (10:44 +0200)]
appveyor: make tests verbose

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1686)

8 years agoAdd documentation of internal OpenSSL::Test functions
Richard Levitte [Fri, 14 Oct 2016 21:05:30 +0000 (23:05 +0200)]
Add documentation of internal OpenSSL::Test functions

Also, fix __wrap_cmd so it doesn't return unnecessary empty strings

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1686)

8 years agoMake OpenSSL::Test a bit more flexible
Richard Levitte [Mon, 10 Oct 2016 20:13:27 +0000 (22:13 +0200)]
Make OpenSSL::Test a bit more flexible

So far, apps and test programs, were a bit rigidely accessible as
executables or perl scripts.  But what about scripts in some other
language?  Or what about running entirely external programs?  The
answer is certainly not to add new functions to access scripts for
each language or wrapping all the external program calls in our magic!

Instead, this adds a new functions, cmd(), which is useful to access
executables and scripts in a more generalised manner.  app(), test(),
fuzz(), perlapp() and perltest() are rewritten in terms of cmd(), and
serve as examples how to do something similar for other scripting
languages, or constrain the programs to certain directories.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1686)

8 years agoFix broken link to ASYNC_get_wait_ctx and rewrap the paragraph
Andrea Grandi [Tue, 18 Oct 2016 09:53:14 +0000 (10:53 +0100)]
Fix broken link to ASYNC_get_wait_ctx and rewrap the paragraph

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1745)

8 years agoDo not set load_crypto_strings_inited when OPENSSL_NO_ERR is defined
Mat [Mon, 3 Oct 2016 03:40:32 +0000 (05:40 +0200)]
Do not set load_crypto_strings_inited when OPENSSL_NO_ERR is defined

Only set the load_crypto_strings_inited to 1 when err_load_crypto_strings_int was called.

This solves the following issue:
- openssl is built with no-err
- load_crypto_strings_inited is set to 1 during the OPENSSL_init_crypto call
- During the cleanup: OPENSSL_cleanup, err_free_strings_int is called because load_crypto_strings_inited == 1
- err_free_strings_int calls do_err_strings_init because it has never been called
- Now do_err_strings_init calls OPENSSL_init_crypto
- But since we are in the cleanup (stopped == 1) this results in an error:
  CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
- which then tries to initialize everything we are trying to clean up: ERR_get_state, ossl_init_thread_start, etc
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1654)

8 years agoAdd error checking, small nit on ouput
FdaSilvaYY [Tue, 27 Sep 2016 21:03:41 +0000 (23:03 +0200)]
Add error checking, small nit on ouput

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1632)

8 years agoFix config option 'no-deprecated'
Richard Levitte [Tue, 18 Oct 2016 20:02:30 +0000 (22:02 +0200)]
Fix config option 'no-deprecated'

crypto/asn1/asn1_item_list.c needed including dh.h and rsa.h directly.
The reason is that they are not included by x509.h when configured
'no-deprecated'

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1741)

8 years agoAdd missing .pod extension to EVP_PKEY_CTX_set_tls1_prf_md
Andrea Grandi [Tue, 18 Oct 2016 09:26:38 +0000 (10:26 +0100)]
Add missing .pod extension to EVP_PKEY_CTX_set_tls1_prf_md

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix not-c code
FdaSilvaYY [Tue, 18 Oct 2016 22:01:42 +0000 (00:01 +0200)]
Fix not-c code

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1742)

8 years agoFix strict-warnings build
Patrick Steuer [Sat, 15 Oct 2016 15:41:41 +0000 (17:41 +0200)]
Fix strict-warnings build

crypto/s390xcap.c: internal/cryptlib.h needs to be included for
OPENSSL_cpuid_setup function prototype is located there to avoid
build error due to -Werror=missing-prototypes.

Signed-off-by: Patrick Steuer <psteuer@mail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

8 years agoFix strict-warnings build
Patrick Steuer [Sat, 15 Oct 2016 15:14:05 +0000 (17:14 +0200)]
Fix strict-warnings build

crypto/evp/e_aes.c: Types of inp and out parameters of
AES_xts_en/decrypt functions need to be changed from char to
unsigned char to avoid build error due to
'-Werror=incompatible-pointer-types'.

crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above
change.

Signed-off-by: Patrick Steuer <psteuer@mail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

8 years agoFix strict-warnings build
Patrick Steuer [Sat, 15 Oct 2016 14:54:52 +0000 (16:54 +0200)]
Fix strict-warnings build

crypto/asn1/a_strex.c: Type of width variable in asn1_valid_host
function  needs to be changed from char to signed char to avoid
build error due to '-Werror=type-limits'.

Signed-off-by: Patrick Steuer <psteuer@mail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

8 years agoAdd SSL_OP_NO_ENCRYPT_THEN_MAC
David Woodhouse [Thu, 13 Oct 2016 23:26:38 +0000 (00:26 +0100)]
Add SSL_OP_NO_ENCRYPT_THEN_MAC

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix encrypt-then-mac implementation for DTLS
David Woodhouse [Wed, 12 Oct 2016 22:12:04 +0000 (23:12 +0100)]
Fix encrypt-then-mac implementation for DTLS

OpenSSL 1.1.0 will negotiate EtM on DTLS but will then not actually *do* it.

If we use DTLSv1.2 that will hopefully be harmless since we'll tend to use
an AEAD ciphersuite anyway. But if we're using DTLSv1, then we certainly
will end up using CBC, so EtM is relevant — and we fail to interoperate with
anything that implements EtM correctly.

Fixing it in HEAD and 1.1.0c will mean that 1.1.0[ab] are incompatible with
1.1.0c+... for the limited case of non-AEAD ciphers, where they're *already*
incompatible with other implementations due to this bug anyway. That seems
reasonable enough, so let's do it. The only alternative is just to turn it
off for ever... which *still* leaves 1.0.0[ab] failing to communicate with
non-OpenSSL implementations anyway.

Tested against itself as well as against GnuTLS both with and without EtM.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoAdd Postgres support to -starttls
Valentin Vidic [Mon, 15 Feb 2016 14:28:41 +0000 (15:28 +0100)]
Add Postgres support to -starttls

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
8 years agoFix embedded string handling.
Dr. Stephen Henson [Sun, 2 Oct 2016 13:13:40 +0000 (14:13 +0100)]
Fix embedded string handling.

Don't rely on embedded flag to free strings correctly: it wont be
set if there is a malloc failure during initialisation.

Thanks to Guido Vranken for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1725)

8 years agofix invalid use of incomplete type X509_STORE_CTX
choury [Mon, 17 Oct 2016 07:30:14 +0000 (15:30 +0800)]
fix invalid use of incomplete type X509_STORE_CTX

CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoAllow older versions in the *.num files
Matt Caswell [Sat, 15 Oct 2016 22:13:29 +0000 (23:13 +0100)]
Allow older versions in the *.num files

In 1.1.0 we only allowed a strictly increasing version number in the *.num
files, i.e. you could never introduce a symbol at the end of the *.num file
with a lower version number than the one preceding it. This made sense for
1.1.0. However in master we may be introducing symbols for backport to
1.1.0. Therefore it is ok in master to have a symbol for version 1.1.0c
coming after a symbol for version 1.1.1.

This commit fixes the check in mkdef.pl to be a bit looser to allow this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix signatures of EVP_Digest{Sign,Verify}Update
Steven Fackler [Sat, 15 Oct 2016 20:01:25 +0000 (13:01 -0700)]
Fix signatures of EVP_Digest{Sign,Verify}Update

These are implemented as macros delegating to `EVP_DigestUpdate`, which
takes a `size_t` as its third argument, not an `unsigned int`.

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoEnsure we handle len == 0 in ERR_err_string_n
Matt Caswell [Wed, 12 Oct 2016 15:43:03 +0000 (16:43 +0100)]
Ensure we handle len == 0 in ERR_err_string_n

If len == 0 in a call to ERR_error_string_n() then we can read beyond the
end of the buffer. Really applications should not be calling this function
with len == 0, but we shouldn't be letting it through either!

Thanks to Agostino Sarubbo for reporting this issue. Agostino's blog on
this issue is available here:
https://blogs.gentoo.org/ago/2016/10/14/openssl-libcrypto-stack-based-buffer-overflow-in-err_error_string_n-err-c/

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoUse clang++ for C++ for the linux-x86_64-clang target
Matt Caswell [Fri, 14 Oct 2016 16:04:38 +0000 (17:04 +0100)]
Use clang++ for C++ for the linux-x86_64-clang target

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoEngine afalg: properly set operation type also on big endian.
Tomas Mraz [Wed, 12 Oct 2016 12:32:05 +0000 (14:32 +0200)]
Engine afalg: properly set operation type also on big endian.

Copy the whole ALG_OP_TYPE to CMSG_DATA.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix style issue
FdaSilvaYY [Fri, 14 Oct 2016 16:25:14 +0000 (18:25 +0200)]
Fix style issue

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1694)

8 years agoConstify command options
FdaSilvaYY [Sun, 13 Mar 2016 13:07:50 +0000 (14:07 +0100)]
Constify command options

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1694)

8 years agoFix C++ support: set $target{cxx} correctly
Richard Levitte [Fri, 14 Oct 2016 15:44:25 +0000 (17:44 +0200)]
Fix C++ support: set $target{cxx} correctly

Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoFix typo
Xiaoyin Liu [Mon, 26 Sep 2016 01:28:02 +0000 (21:28 -0400)]
Fix typo

I think the second "VC-WIN32" should be "VC-WIN64".
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

8 years agoConfigure: remove superfluous 0x
Vitezslav Cizek [Thu, 13 Oct 2016 09:44:08 +0000 (11:44 +0200)]
Configure: remove superfluous 0x

The number is taken from the OPENSSL_VERSION_NUMBER which is already
in the hex form.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1706)

8 years agoAdd memory leak detection to d2i_test
Dr. Stephen Henson [Thu, 13 Oct 2016 15:10:21 +0000 (16:10 +0100)]
Add memory leak detection to d2i_test

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1707)

8 years agoFix copy-paste test labels
FdaSilvaYY [Tue, 11 Oct 2016 21:52:09 +0000 (23:52 +0200)]
Fix copy-paste test labels

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRemove automatic RPATH - Add a CHANGES entry
Richard Levitte [Wed, 12 Oct 2016 15:57:10 +0000 (17:57 +0200)]
Remove automatic RPATH - Add a CHANGES entry

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove automatic RPATH - adapt shlib_wrap.sh
Richard Levitte [Wed, 12 Oct 2016 22:08:55 +0000 (00:08 +0200)]
Remove automatic RPATH - adapt shlib_wrap.sh

Looking for something starting with '-Wl,-rpath,' isn't good enough,
as someone might give something like '-Wl,--enable-new-dtags,-rpath,/PATH'.
Looking for ',-rpath,' should be safe enough.

We could remove the preloading stuff entirely, but just in case the
user has chosen to given RPATH setting arguments at configuration,
we'd better make sure testing will still work.  Fair warning, there
are some configuration options that do not work with preloaded OpenSSL
libraries, such as the sanity checking ones.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove automatic RPATH - add user rpath support
Richard Levitte [Wed, 12 Oct 2016 15:05:35 +0000 (17:05 +0200)]
Remove automatic RPATH - add user rpath support

Make Configure recognise -rpath and -R to support user added rpaths
for OSF1 and Solaris.  For convenience, add a variable LIBRPATH in the
Unix Makefile, which the users can use as follows:

    ./config [options] -Wl,-rpath,\$(LIBRPATH)

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove automatic RPATH
Richard Levitte [Wed, 12 Oct 2016 15:18:11 +0000 (17:18 +0200)]
Remove automatic RPATH

Before OpenSSL 1.1.0, binaries were installed in a non-standard
location by default, and runpath directories were therefore added in
those binaries, to make sure the executables would be able to find the
shared libraries they were linked with.

With OpenSSL 1.1.0 and on, binaries are installed in standard
directories by default, and the addition of runpath directories is
therefore not needed any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRT is put out to pasture
Rich Salz [Wed, 12 Oct 2016 19:49:06 +0000 (15:49 -0400)]
RT is put out to pasture

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1702)

8 years agoAdd C++ settings in the Linux config targets
Richard Levitte [Wed, 12 Oct 2016 13:33:13 +0000 (15:33 +0200)]
Add C++ settings in the Linux config targets

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd support for C++ in Configurations/unix-Makefile.tmpl
Richard Levitte [Wed, 12 Oct 2016 13:30:43 +0000 (15:30 +0200)]
Add support for C++ in Configurations/unix-Makefile.tmpl

Note that it relies on a trick from Configure, where file names for
object files made from C++ source get '.cc' replaced with '_cc.o' to
recognise them.  This is needed so the correct compiler is used when
linking binaries.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd support for C++ in Configure
Richard Levitte [Wed, 12 Oct 2016 13:30:08 +0000 (15:30 +0200)]
Add support for C++ in Configure

A note: this will form object file names by changing '.cc' to
'_cc.o'.  This will permit other configuration code to recognise these
object files were built for C++ rather than C.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoFix X509_NAME decode for malloc failures.
Dr. Stephen Henson [Sun, 2 Oct 2016 14:21:29 +0000 (15:21 +0100)]
Fix X509_NAME decode for malloc failures.

The original X509_NAME decode free code was buggy: this
could result in double free or leaks if a malloc failure
occurred.

Simplify and fix the logic.

Thanks to Guido Vranken for reporting this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1691)

8 years agodoc/crypto/OPENSSL_ia32cap.pod: update assembler requirements.
Andy Polyakov [Sun, 9 Oct 2016 20:06:12 +0000 (22:06 +0200)]
doc/crypto/OPENSSL_ia32cap.pod: update assembler requirements.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago.travis.yml: minor optimizations:
Andy Polyakov [Mon, 10 Oct 2016 10:22:10 +0000 (12:22 +0200)]
.travis.yml: minor optimizations:

- make 'pip install --user cpp-coveralls' conditional;
- limit no-stdio to single build per operating environment;
- omit enable-asan duplicate;

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago.travis.yml: install wine on demand.
Andy Polyakov [Sun, 9 Oct 2016 21:28:03 +0000 (23:28 +0200)]
.travis.yml: install wine on demand.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoFix up bn_prime.pl formatting.
David Benjamin [Mon, 10 Oct 2016 21:33:51 +0000 (17:33 -0400)]
Fix up bn_prime.pl formatting.

Align at 5 characters, not 4. There are 5-digit numbers in the output.
Also avoid emitting an extra blank line and trailing whitespace.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoRemove trailing whitespace from some files.
David Benjamin [Mon, 10 Oct 2016 16:01:24 +0000 (12:01 -0400)]
Remove trailing whitespace from some files.

The prevailing style seems to not have trailing whitespace, but a few
lines do. This is mostly in the perlasm files, but a few C files got
them after the reformat. This is the result of:

  find . -name '*.pl' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'
  find . -name '*.c' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'
  find . -name '*.h' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'

Then bn_prime.h was excluded since this is a generated file.

Note mkerr.pl has some changes in a heredoc for some help output, but
other lines there lack trailing whitespace too.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoAdd some missing types to indent.pro
FdaSilvaYY [Sat, 8 Oct 2016 12:25:20 +0000 (14:25 +0200)]
Add some missing types to indent.pro

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
8 years agoUpdate fuzz corpora
Kurt Roeckx [Sun, 9 Oct 2016 13:39:15 +0000 (15:39 +0200)]
Update fuzz corpora

New minimal fuzz corpora for asn1, asn1parse, bndiv, crl and x509

Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #1678

8 years agoFix linebreaks in the tls_construct_client_certificate function
Matt Caswell [Mon, 3 Oct 2016 14:37:47 +0000 (15:37 +0100)]
Fix linebreaks in the tls_construct_client_certificate function

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoAdd a typedef for the construction function
Matt Caswell [Mon, 3 Oct 2016 14:35:17 +0000 (15:35 +0100)]
Add a typedef for the construction function

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMove setting of the handshake header up one more level
Matt Caswell [Fri, 30 Sep 2016 10:17:57 +0000 (11:17 +0100)]
Move setting of the handshake header up one more level

We now set the handshake header, and close the packet directly in the
write_state_machine. This is now possible because it is common for all
messages.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove the special case processing for finished construction
Matt Caswell [Fri, 30 Sep 2016 09:50:57 +0000 (10:50 +0100)]
Remove the special case processing for finished construction

tls_construct_finished() used to have different arguments to all of the
other construction functions. It doesn't anymore, so there is no neeed to
treat it as a special case.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoHarmonise setting the header and closing construction
Matt Caswell [Fri, 30 Sep 2016 09:38:32 +0000 (10:38 +0100)]
Harmonise setting the header and closing construction

Ensure all message types work the same way including CCS so that the state
machine doesn't need to know about special cases. Put all the special logic
into ssl_set_handshake_header() and ssl_close_construct_packet().

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoDon't set the handshake header in every message
Matt Caswell [Thu, 29 Sep 2016 23:27:40 +0000 (00:27 +0100)]
Don't set the handshake header in every message

Move setting the handshake header up a level into the state machine code
in order to reduce boilerplate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoMove init of the WPACKET into write_state_machine()
Matt Caswell [Thu, 29 Sep 2016 22:28:29 +0000 (23:28 +0100)]
Move init of the WPACKET into write_state_machine()

Instead of initialising, finishing and cleaning up the WPACKET in every
message construction function, we should do it once in
write_state_machine().

Reviewed-by: Rich Salz <rsalz@openssl.org>
8 years agoRemove untrue comment.
Ben Laurie [Sat, 1 Oct 2016 11:41:36 +0000 (12:41 +0100)]
Remove untrue comment.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoMake dependencies if Makefile is new.
Ben Laurie [Sat, 1 Oct 2016 11:40:58 +0000 (12:40 +0100)]
Make dependencies if Makefile is new.

Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years agoRename ssl_set_handshake_header2()
Matt Caswell [Thu, 29 Sep 2016 21:40:15 +0000 (22:40 +0100)]
Rename ssl_set_handshake_header2()

ssl_set_handshake_header2() was only ever a temporary name while we had
to have ssl_set_handshake_header() for code that hadn't been converted to
WPACKET yet. No code remains that needed that so we can rename it.

Reviewed-by: Rich Salz <rsalz@openssl.org>