oweals/openssl.git
5 years agoMove GMAC to providers
Richard Levitte [Sat, 1 Jun 2019 12:05:45 +0000 (14:05 +0200)]
Move GMAC to providers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)

5 years agoMove CMAC to providers
Richard Levitte [Sat, 1 Jun 2019 09:18:15 +0000 (11:18 +0200)]
Move CMAC to providers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)

5 years agoMove BLAKE2 MACs to the providers
Richard Levitte [Tue, 7 May 2019 10:40:25 +0000 (12:40 +0200)]
Move BLAKE2 MACs to the providers

This also moves the remaining parts of BLAKE2 digests to the default
provider, and removes the legacy EVP implementation.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)

5 years agoPrepare EVP_MAC infrastructure for moving all MACs to providers
Richard Levitte [Tue, 7 May 2019 10:39:58 +0000 (12:39 +0200)]
Prepare EVP_MAC infrastructure for moving all MACs to providers

Quite a few adaptations are needed, most prominently the added code
to allow provider based MACs.

As part of this, all the old information functions are gone, except
for EVP_MAC_name().  Some of them will reappear later, for example
EVP_MAC_do_all() in some form.

MACs by EVP_PKEY was particularly difficult to deal with, as they
need to allocate and deallocate EVP_MAC_CTXs "under the hood", and
thereby implicitly fetch the corresponding EVP_MAC.  This means that
EVP_MACs can't be constant in a EVP_MAC_CTX, as their reference count
may need to be incremented and decremented as part of the allocation
or deallocation of the EVP_MAC_CTX.  It may be that other provider
based EVP operation types may need to be handled in a similar manner.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)

5 years agoOPENSSL_s390xcap.pod: list msa9 facility bit (155)
Patrick Steuer [Fri, 12 Jul 2019 11:47:32 +0000 (13:47 +0200)]
OPENSSL_s390xcap.pod: list msa9 facility bit (155)

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)

5 years agos390x assembly pack: accelerate ECDSA
Patrick Steuer [Thu, 11 Jul 2019 08:38:18 +0000 (10:38 +0200)]
s390x assembly pack: accelerate ECDSA

for NIST P-256, P-384 and P-521 using KDSA instruction.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)

5 years agoEnable curve-spefific ECDSA implementations via EC_METHOD
Patrick Steuer [Thu, 11 Jul 2019 08:23:49 +0000 (10:23 +0200)]
Enable curve-spefific ECDSA implementations via EC_METHOD

which are already enabled for ECDH.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)

5 years agos390x assembly pack: accelerate scalar multiplication
Patrick Steuer [Tue, 9 Jul 2019 08:25:04 +0000 (10:25 +0200)]
s390x assembly pack: accelerate scalar multiplication

for NIST P-256, P-384 and P-521 using PCC instruction.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)

5 years agos390xcpuid.pl: fix comment
Patrick Steuer [Wed, 3 Jul 2019 16:02:11 +0000 (18:02 +0200)]
s390xcpuid.pl: fix comment

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)

5 years agoTest SSL_set_ciphersuites
raja-ashok [Fri, 31 May 2019 03:20:54 +0000 (08:50 +0530)]
Test SSL_set_ciphersuites

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9079)

5 years agoFix SSL_set_ciphersuites to set even if no call to SSL_set_cipher_list
raja-ashok [Thu, 30 May 2019 18:21:18 +0000 (23:51 +0530)]
Fix SSL_set_ciphersuites to set even if no call to SSL_set_cipher_list

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9079)

5 years agoINSTALL: clarify documentation of the --api=x.y.z deprecation option
Dr. Matthias St. Pierre [Thu, 15 Aug 2019 11:45:04 +0000 (13:45 +0200)]
INSTALL: clarify documentation of the --api=x.y.z deprecation option

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9599)

5 years agoFix syntax error for the armv4 assembler
Omid Najafi [Fri, 2 Aug 2019 21:40:19 +0000 (17:40 -0400)]
Fix syntax error for the armv4 assembler

The error was from the alignment syntax of the code.
More details:
https://stackoverflow.com/questions/57316823/arm-assembly-syntax-in-vst-vld-commands?noredirect=1#comment101133590_57316823

CLA: trivial

Fixes: #9518

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9518)

5 years agoRename provider and core get_param_types functions
Richard Levitte [Wed, 14 Aug 2019 18:17:39 +0000 (20:17 +0200)]
Rename provider and core get_param_types functions

It was argued that names like SOMETHING_set_param_types were confusing,
and a rename has been proposed to SOMETHING_settable_params, and by
consequence, SOMETHING_get_param_types is renamed
SOMETHING_gettable_params.

This changes implements this change for the dispatched provider and
core functions.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9591)

5 years agocrypto/engine/eng_openssl.c: define TEST_ENG_OPENSSL_RC4_P_INIT conditionally
Richard Levitte [Thu, 15 Aug 2019 08:20:13 +0000 (10:20 +0200)]
crypto/engine/eng_openssl.c: define TEST_ENG_OPENSSL_RC4_P_INIT conditionally

When OpenSSL is configured with 'no-stdio', TEST_ENG_OPENSSL_RC4_P_INIT
shouldn't be defined, as that test uses stdio.

Fixes #9597

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9598)

5 years agoAdd {get,set}table_params() functions for provider digests
Richard Levitte [Mon, 12 Aug 2019 13:03:24 +0000 (15:03 +0200)]
Add {get,set}table_params() functions for provider digests

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9576)

5 years agoModify 'openssl list' to give more verbose descriptions
Richard Levitte [Mon, 12 Aug 2019 13:01:00 +0000 (15:01 +0200)]
Modify 'openssl list' to give more verbose descriptions

With the diverse {get,set}table_params functions, it's possible to
give a more verbose description of the diverse algorithm
implementations.  Most notably, we add a description of the parameters
that each implementation is willing to share.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9576)

5 years agoAdd missing EVP param utility functions
Richard Levitte [Mon, 12 Aug 2019 12:56:18 +0000 (14:56 +0200)]
Add missing EVP param utility functions

These functions were missing for a completes API:

EVP_MD_get_params(), EVP_CIPHER_get_params(), EVP_CIPHER_CTX_set_params(),
and EVP_CIPHER_CTX_get_params

Additionally, we also add all the corresponding parameter descriptor
returning functions, along the correspoding provider dispatches:

EVP_MD_gettable_params(), EVP_MD_CTX_settable_params(),
EVP_MD_CTX_gettable_params(), EVP_CIPHER_gettable_params(),
EVP_CIPHER_CTX_settable_params(), and EVP_CIPHER_CTX_gettable_params()

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9576)

5 years agoAccess data after obtaining the lock not before.
Pauli [Mon, 12 Aug 2019 10:07:39 +0000 (20:07 +1000)]
Access data after obtaining the lock not before.

It isn't completely clear that this constitutes a race condition, but it will
always be conservative to access the locked data after getting the lock.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9579)

5 years agoIf we are multiblock capable make sure we use it
Matt Caswell [Mon, 12 Aug 2019 10:55:53 +0000 (11:55 +0100)]
If we are multiblock capable make sure we use it

Recent changes to the assembler defines meant that they weren't being
set for libssl code. This resulted in the multiblock code never being
used.

Fixes #9571

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9574)

5 years agoAdd missing EBCDIC strings
opensslonzos-github [Thu, 8 Aug 2019 18:11:38 +0000 (14:11 -0400)]
Add missing EBCDIC strings

Fix a few places where calling ossl_isdigit does the wrong thing on
EBCDIC based systems.
Replaced with ascii_isdigit.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9556)

5 years agoAdd description in X509_STORE manipulation
Paul Yang [Wed, 14 Aug 2019 02:28:07 +0000 (10:28 +0800)]
Add description in X509_STORE manipulation

Add memory management description in X509_STORE_add_cert, otherwise
users will not be aware that they are leaking memory...

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9484)

5 years agoBIO_lookup_ex: Do not retry on EAI_MEMORY
Tomas Mraz [Mon, 12 Aug 2019 14:43:59 +0000 (16:43 +0200)]
BIO_lookup_ex: Do not retry on EAI_MEMORY

We should not retry on EAI_MEMORY as that error is most probably
fatal and not depending on AI_ADDRCONFIG hint.

Also report the error from the first call if the second call fails
as that one would be most probably the more interesting one.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)

5 years agoBIO_lookup_ex: Always retry the lookup on failure with AI_NUMERICHOST set
Tomas Mraz [Mon, 5 Aug 2019 17:11:07 +0000 (19:11 +0200)]
BIO_lookup_ex: Always retry the lookup on failure with AI_NUMERICHOST set

Do not try to discern the error return value on
getaddrinfo() failure but when retrying set the AI_NUMERICHOST
to avoid DNS lookups.

Fixes: #9053

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)

5 years ago30-test_evp.t: make the tested configs depend on what's been built
Richard Levitte [Mon, 12 Aug 2019 05:04:13 +0000 (07:04 +0200)]
30-test_evp.t: make the tested configs depend on what's been built

If the FIPS module hasn't been built, don't use test/fips.cnf, for example.

Fixes #9568

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9570)

5 years agoFix doc example code to follow coding style
Rich Salz [Mon, 12 Aug 2019 03:23:17 +0000 (13:23 +1000)]
Fix doc example code to follow coding style

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9577)

5 years agoHMAC: use EVP_MD_flags(), not EVP_MD_meth_get_flags()
Richard Levitte [Wed, 24 Jul 2019 20:19:37 +0000 (22:19 +0200)]
HMAC: use EVP_MD_flags(), not EVP_MD_meth_get_flags()

The latter should only be ussed with legacy methods.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9391)

5 years agoAdapt the provider digests for more use of OSSL_PARAM
Richard Levitte [Tue, 16 Jul 2019 04:06:26 +0000 (06:06 +0200)]
Adapt the provider digests for more use of OSSL_PARAM

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9391)

5 years agoRework the provider digest constructor to provide implementation get_params
Richard Levitte [Tue, 16 Jul 2019 04:05:08 +0000 (06:05 +0200)]
Rework the provider digest constructor to provide implementation get_params

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9391)

5 years agoAdapt diverse EVP_MD functions to use get_params and set_params interfaces
Richard Levitte [Tue, 16 Jul 2019 04:03:12 +0000 (06:03 +0200)]
Adapt diverse EVP_MD functions to use get_params and set_params interfaces

Also clean up EVP_MD_CTX_ctrl(), which did use these interfaces, but
development since allows for more elegant code.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9391)

5 years agoMake more use of OSSL_PARAM for digests
Richard Levitte [Tue, 16 Jul 2019 03:59:50 +0000 (05:59 +0200)]
Make more use of OSSL_PARAM for digests

A lot of the different numbers associated with digests are really
algorithm parameters.  block size, digest length, that sort of
thing.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9391)

5 years agoAdd OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()
Richard Levitte [Wed, 3 Jul 2019 16:42:21 +0000 (18:42 +0200)]
Add OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()

These are utility functions that can be used to replace calls to
ctrl_str type functions with get_params / set_params types of calls.
They work by translating text values to something more suitable for
OSSL_PARAM, and by interpretting parameter keys in a compatible
fashion.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9303)

5 years agoAdd OPENSSL_hexstr2buf_ex() and OPENSSL_buf2hexstr_ex()
Richard Levitte [Wed, 3 Jul 2019 16:40:17 +0000 (18:40 +0200)]
Add OPENSSL_hexstr2buf_ex() and OPENSSL_buf2hexstr_ex()

They do the same thing as OPENSSL_hexstr2buf() and OPENSSL_buf2hexstr(),
except they take a result buffer from the caller.

We take the opportunity to break out the documentation of the hex to /
from buffer conversion routines from the OPENSSL_malloc() file to its
own file.  These routines aren't memory allocation routines per se.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9303)

5 years agoenable DECLARE_DEPRECATED macro for Oracle Developer Studio compiler
Vladimir Kotal [Mon, 22 Jul 2019 15:08:16 +0000 (17:08 +0200)]
enable DECLARE_DEPRECATED macro for Oracle Developer Studio compiler

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9434)

5 years agoConfigurations/unit-Makefile.tmpl: Don't clean away dotted files
Richard Levitte [Mon, 12 Aug 2019 09:46:23 +0000 (11:46 +0200)]
Configurations/unit-Makefile.tmpl: Don't clean away dotted files

A local 'make clean' did some sweeping removals of files execpt for
the .git directory.  This is a little too sweeping, as other dotted
files might be cleaned away if they happen to match the pattern that's
searched for.

An example is a symlink .dir-locals.el that would keep disappearing if
you build in the source tree and do a make clean...

So we change this to leave all dotted files alone.  Our builds do not
produce such files anyway, so this is a harmless (or rather, less
harmful) change.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9573)

5 years agoRemove some duplicate words from the documentation
Denis Ovsienko [Fri, 9 Aug 2019 21:14:04 +0000 (22:14 +0100)]
Remove some duplicate words from the documentation

Fixup INSTALL and a couple man pages to get rid of "the the" and "in the
in the".

CLA: trivial

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9563)

5 years agoFix windows compile errors in params.c
Shane Lontis [Mon, 12 Aug 2019 01:37:53 +0000 (11:37 +1000)]
Fix windows compile errors in params.c

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9569)

5 years agoAdd a clang-7 build target with --strict-warnings
Bernd Edlinger [Wed, 24 Jul 2019 07:22:25 +0000 (09:22 +0200)]
Add a clang-7 build target with --strict-warnings

[extended tests]

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9450)

5 years agoExtend tests of SSL_check_chain()
Matt Caswell [Tue, 23 Jul 2019 16:10:05 +0000 (17:10 +0100)]
Extend tests of SSL_check_chain()

Actually supply a chain and then test:
1) A successful check of both the ee and chain certs
2) A failure to check the ee cert
3) A failure to check a chain cert

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)

5 years agoFix SSL_check_chain()
Matt Caswell [Tue, 23 Jul 2019 14:14:29 +0000 (15:14 +0100)]
Fix SSL_check_chain()

The function SSL_check_chain() can be used by applications to check that
a cert and chain is compatible with the negotiated parameters. This could
be useful (for example) from the certificate callback. Unfortunately this
function was applying TLSv1.2 sig algs rules and did not work correctly if
TLSv1.3 was negotiated.

We refactor tls_choose_sigalg to split it up and create a new function
find_sig_alg which can (optionally) take a certificate and key as
parameters and find an appropriate sig alg if one exists. If the cert and
key are not supplied then we try to find a cert and key from the ones we
have available that matches the shared sig algs.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)

5 years agoFix test_key_exchange with no_tlsv1_2
Matt Caswell [Tue, 23 Jul 2019 14:13:26 +0000 (15:13 +0100)]
Fix test_key_exchange with no_tlsv1_2

Make sure we only test TLSv1.2 things if TLSv1.2 is actually available.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)

5 years agoFix test_sslextension if TLSv1.2 has been disabled
Matt Caswell [Tue, 23 Jul 2019 14:12:29 +0000 (15:12 +0100)]
Fix test_sslextension if TLSv1.2 has been disabled

A skip rule was skipping the wrong number of tests.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)

5 years agoAdd TLS tests for RSA-PSS Restricted certificates
Matt Caswell [Thu, 8 Aug 2019 10:41:18 +0000 (11:41 +0100)]
Add TLS tests for RSA-PSS Restricted certificates

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9553)

5 years agoAdd Restricted PSS certificate and key
Matt Caswell [Thu, 8 Aug 2019 10:08:14 +0000 (11:08 +0100)]
Add Restricted PSS certificate and key

Create a PSS certificate with parameter restrictions

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9553)

5 years agoEnsure RSA PSS correctly returns the right default digest
Matt Caswell [Thu, 8 Aug 2019 08:13:51 +0000 (09:13 +0100)]
Ensure RSA PSS correctly returns the right default digest

A default digest of SHA256 was being returned for RSA PSS even if the
PSS parameters indicated a different digest must be used. We change this
so that the correct default digest is returned and additionally mark this
as mandatory for PSS.

This bug had an impact on sig alg selection in libssl. Due to this issue
an incorrect sig alg might be selected in the event that a server is
configured with an RSA-PSS cert with parameter restrictions.

Fixes #9545

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9553)

5 years agouse native atomic increment function on Solaris
Vladimir Kotal [Fri, 21 Jun 2019 08:31:05 +0000 (10:31 +0200)]
use native atomic increment function on Solaris

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9215)

5 years agoAdd missing SIZE_MAX define for windows
Shane Lontis [Fri, 9 Aug 2019 11:38:42 +0000 (21:38 +1000)]
Add missing SIZE_MAX define for windows

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9559)

5 years agoAdd a CHANGES entry for BN_generate_prime_ex
Bernd Edlinger [Mon, 15 Jul 2019 18:34:31 +0000 (20:34 +0200)]
Add a CHANGES entry for BN_generate_prime_ex

BN_generate_prime_ex no longer avoids factors 3..17863 in p-1
when not computing safe primes.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9309)

5 years agoUpdate documentation of BN_generate_prime_ex
Bernd Edlinger [Wed, 10 Jul 2019 19:33:48 +0000 (21:33 +0200)]
Update documentation of BN_generate_prime_ex

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9309)

5 years agoMerge probable_prime_dh_safe with bn_probable_prime_dh
Bernd Edlinger [Fri, 5 Jul 2019 09:55:56 +0000 (11:55 +0200)]
Merge probable_prime_dh_safe with bn_probable_prime_dh

This should avoid half of the trial divisions in probable_prime_dh_safe
and avoid bn_probable_prime_dh generating primes with special properties.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9309)

5 years agoAdd a parameter to probable_prime if we look for a safe prime
Bernd Edlinger [Thu, 4 Jul 2019 12:52:41 +0000 (14:52 +0200)]
Add a parameter to probable_prime if we look for a safe prime

Currently probable_prime makes sure that p-1 does not have
any prime factors from 3..17863, which is useful for safe primes,
but not necessarily for the general case.

Issue was initially reported here:
MIRONOV, I. Factoring RSA Moduli II.
https://windowsontheory.org/2012/05/17/factoring-rsa-moduli-part-ii/

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9309)

5 years agomention what happens if OPENSSL_NO_RC2 is defined
Vladimir Kotal [Fri, 19 Jul 2019 14:01:13 +0000 (16:01 +0200)]
mention what happens if OPENSSL_NO_RC2 is defined

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9415)

5 years agoRestrict usage of bio_dgram_sctp_data only to DGRAM SCTP methods
raja-ashok [Sat, 6 Jul 2019 16:27:53 +0000 (21:57 +0530)]
Restrict usage of bio_dgram_sctp_data only to DGRAM SCTP methods

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9216)

5 years agomake ecp_nistz256_point_add_vis3() local
Vladimir Kotal [Tue, 11 Jun 2019 14:21:00 +0000 (16:21 +0200)]
make ecp_nistz256_point_add_vis3() local

fixes #8936

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9132)

5 years agoFix reversed meaning of error codes
Martin Ukrop [Mon, 5 Aug 2019 12:14:54 +0000 (14:14 +0200)]
Fix reversed meaning of error codes

The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were still reversed in the X509_STORE_CTX_get_error function documentation.
This used to be the problem also in the verify application documentation, but was fixed on 2010-02-23 in 7d3d178.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9529)

5 years agoClarify the INSTALL instructions
Matt Caswell [Fri, 28 Jun 2019 11:07:55 +0000 (12:07 +0100)]
Clarify the INSTALL instructions

Ensure users understand that they need to have appropriate permissions
to write to the install location.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9268)

5 years agoAvoid holding a lock when calling OPENSSL_init_crypto
Matt Caswell [Wed, 7 Aug 2019 09:46:26 +0000 (10:46 +0100)]
Avoid holding a lock when calling OPENSSL_init_crypto

We move an OPENSSL_init_crypto call slightly earlier in the process to
avoid calling it while holding the store lock. This can lead to deadlocks.

Fixes the no-engine build.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9547)

5 years agoFix no-filenames
Matt Caswell [Wed, 7 Aug 2019 08:47:43 +0000 (09:47 +0100)]
Fix no-filenames

If built with no-filenames then we shouldn't test this functionality in
the test suite.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9544)

5 years agoFix no-ec
Matt Caswell [Wed, 7 Aug 2019 08:38:05 +0000 (09:38 +0100)]
Fix no-ec

Fix some unguarded references to EC code inside the FIPS provider.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9543)

5 years agoFix document nit in EVP_MAC.pod
Shane Lontis [Thu, 8 Aug 2019 04:23:52 +0000 (14:23 +1000)]
Fix document nit in EVP_MAC.pod

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9551)

5 years agoChange EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes
Shane Lontis [Thu, 8 Aug 2019 03:14:05 +0000 (13:14 +1000)]
Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9542)

5 years agoFix enable-ec_nistp_64_gcc_128
Matt Caswell [Wed, 7 Aug 2019 09:03:12 +0000 (10:03 +0100)]
Fix enable-ec_nistp_64_gcc_128

When creating a BN_CTX, make sure we store it in the right variable!

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9546)

5 years agoFix BN error reporting
Matt Caswell [Tue, 6 Aug 2019 12:39:00 +0000 (13:39 +0100)]
Fix BN error reporting

Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use
it. A typo in err.h means that errors in the BN library are mistakenly
attributed to the RSA library.

This was found due to the following error appearing in a travis log:

00:07:CB:13:05:7F:00:00:error:0400006C:rsa routines::data greater than mod
len:crypto/bn/bn_gcd.c:613:
00:07:CB:13:05:7F:00:00:error:04000003:rsa routines::BN
lib:crypto/rsa/rsa_gen.c:393:
/home/travis/build/openssl/openssl/util/shlib_wrap.sh
/home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem
-primes 5 8192 => 1
not ok 12 - genrsa 8192p5

The line in question (crypto/bn/bn_gcd.c:613) actually looks like this:

        BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);

The test was checking for that error being raised, but was instead seeing
a different error and thus failing.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/9539)

5 years agoRun evp_test in FIPS mode
Matt Caswell [Mon, 5 Aug 2019 12:38:25 +0000 (13:38 +0100)]
Run evp_test in FIPS mode

We run the cipher and digest evp_test test files in FIPS mode. Some
ciphers/digests aren't available in FIPS mode so we mark those as
only being available in the default provider.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9531)

5 years agoDon't set ctx->cipher until after a successful fetch
Matt Caswell [Mon, 5 Aug 2019 12:37:05 +0000 (13:37 +0100)]
Don't set ctx->cipher until after a successful fetch

If an implict EVP_CIPHER_fetch fails then ctx->cipher should not be set
otherwise strange things will happen when trying to free the ctx.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9531)

5 years agoGCM cipher in provider now fails if passed bad keylength
Shane Lontis [Wed, 7 Aug 2019 01:39:04 +0000 (11:39 +1000)]
GCM cipher in provider now fails if passed bad keylength

Fixes #9500

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9512)

5 years agoUpdate man page for new API SSL_get_negotiated_group()
raja-ashok [Mon, 8 Jul 2019 12:43:24 +0000 (18:13 +0530)]
Update man page for new API SSL_get_negotiated_group()

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9323)

5 years agoTest SSL_get_negotiated_group() API
raja-ashok [Mon, 8 Jul 2019 12:16:50 +0000 (17:46 +0530)]
Test SSL_get_negotiated_group() API

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9323)

5 years agoAPI to get negotiated key exchange algorithm in TLS1.3
raja-ashok [Mon, 8 Jul 2019 09:20:59 +0000 (14:50 +0530)]
API to get negotiated key exchange algorithm in TLS1.3

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9323)

5 years agoFix ECDSA_SIG docs
Matt Caswell [Mon, 5 Aug 2019 15:13:24 +0000 (16:13 +0100)]
Fix ECDSA_SIG docs

They incorrectly said that i2d_ECDSA_SIG returns 0 on error. In fact it
returns a negative value on error.

We fix this by moving the i2d_ECDSA_SIG/d2i_ECDSA_SIG docs onto the same
page as all the other d2i/i2d docs.

Fixes #9517

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9533)

5 years agoAdd documentation for new EC functions
Matt Caswell [Mon, 15 Jul 2019 14:54:08 +0000 (15:54 +0100)]
Add documentation for new EC functions

Document the new EC functions that are OPENSSL_CTX aware.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9380)

5 years agoInsert a dummy call to EC code in the FIPS provider
Matt Caswell [Thu, 4 Jul 2019 14:01:48 +0000 (15:01 +0100)]
Insert a dummy call to EC code in the FIPS provider

Test that EC code works properly in the FIPS provider

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9380)

5 years agoMake the EC code available from inside the FIPS provider
Matt Caswell [Wed, 3 Jul 2019 16:30:03 +0000 (17:30 +0100)]
Make the EC code available from inside the FIPS provider

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9380)

5 years agoCorrect the Extended Master Secret string for EBCDIC
Matt Caswell [Mon, 22 Jul 2019 10:02:46 +0000 (11:02 +0100)]
Correct the Extended Master Secret string for EBCDIC

The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string
"extended master secret". On EBCDIC machines it actually contained the
value "extecded master secret"

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9430)

5 years agoFix SSL_MODE_RELEASE_BUFFERS functionality
Matt Caswell [Thu, 1 Aug 2019 13:55:25 +0000 (14:55 +0100)]
Fix SSL_MODE_RELEASE_BUFFERS functionality

At some point in the past do_ssl3_write() used to return the number of
bytes written, or a value <= 0 on error. It now just returns a success/
error code and writes the number of bytes written to |tmpwrit|.

The SSL_MODE_RELEASE_BUFFERS code was still looking at the return code
for the number of bytes written rather than |tmpwrit|. This has the effect
that the buffers are not released when they are supposed to be.

Fixes #9490

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9505)

5 years agoDocumentation for the provider Key Exchange operation
Matt Caswell [Mon, 29 Jul 2019 09:24:44 +0000 (10:24 +0100)]
Documentation for the provider Key Exchange operation

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9506)

5 years agoFix deprecation inconsisteny w.r.t. CRYPTO_mem_debug_{push,pop}()
David von Oheimb [Tue, 30 Jul 2019 06:40:32 +0000 (08:40 +0200)]
Fix deprecation inconsisteny w.r.t. CRYPTO_mem_debug_{push,pop}()

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9483)

5 years agoReplace FUNCerr with ERR_raise_data
Rich Salz [Wed, 31 Jul 2019 19:24:20 +0000 (15:24 -0400)]
Replace FUNCerr with ERR_raise_data

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9496)

5 years agoUse NULL as parameter when pointer can only be NULL.
Pauli [Fri, 2 Aug 2019 01:56:46 +0000 (11:56 +1000)]
Use NULL as parameter when pointer can only be NULL.

Code clarification.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/9514)

5 years agoFix commit a672a02a s390x build breakage
Patrick Steuer [Thu, 1 Aug 2019 08:59:14 +0000 (10:59 +0200)]
Fix commit a672a02a s390x build breakage

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9501)

5 years agoAdd missing accessors for X509 AuthorityKeyIdentifier
Dr. Matthias St. Pierre [Wed, 31 Jul 2019 15:02:45 +0000 (17:02 +0200)]
Add missing accessors for X509 AuthorityKeyIdentifier

Complements commit b383aa208146, which added X509_get0_authority_key_id().

 const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
 const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x);      [NEW]
 const ASN1_INTEGER *X509_get0_authority_serial(X509 *x);       [NEW]

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9493)

5 years agoAdd a CHANGES entry about loading the config file by default
Matt Caswell [Wed, 31 Jul 2019 13:12:15 +0000 (14:12 +0100)]
Add a CHANGES entry about loading the config file by default

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)

5 years agoFix the krb5 external test
Matt Caswell [Wed, 31 Jul 2019 10:54:34 +0000 (11:54 +0100)]
Fix the krb5 external test

The krb5 external test relies on legacy algorithms. Therefore we make
use of the capability to load a config file by default, and ensure that
the config file in use by the krb5 tests loads both the legacy and default
providers.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)

5 years agoLoad the config file by default
Matt Caswell [Tue, 30 Jul 2019 15:42:53 +0000 (16:42 +0100)]
Load the config file by default

Previously we only loaded the config file by default for libssl. Now we do
it for libcrypto too.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)

5 years agoSuppress loading the FIPS module in evp_test
Matt Caswell [Wed, 31 Jul 2019 10:09:44 +0000 (11:09 +0100)]
Suppress loading the FIPS module in evp_test

Running evp_test with the FIPS module has never worked because the
config file was never loaded by default. Actually loading the FIPS module
reveals lots of failures in evp_test. The following commits will enable
loading the config file by default and so we temporarily disable running
the evp_test with the FIPS module until the tests can be fixed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)

5 years agoProperly process the "Availablein" keyword for evp_test
Matt Caswell [Tue, 30 Jul 2019 17:36:53 +0000 (18:36 +0100)]
Properly process the "Availablein" keyword for evp_test

The "Availablein" keyword is supposed to indicate which providers are
required in evp_test in order for a particular test to pass. Unfortunately
this didn't work. If the provider was available then the test failed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)

5 years agoPrevent an infinite recursion when the query cache is flushed.
Pauli [Wed, 31 Jul 2019 09:31:45 +0000 (19:31 +1000)]
Prevent an infinite recursion when the query cache is flushed.

The problem being that the "requires flush" flag was being cleared after the
the flush.  The fix is to clear it before.  This is a problem because the
cache flushing called RAND_bytes and if the DRBG hadn't been created yet, it
would be queried and added to the cache causing the flush code to repeat.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9477)

5 years agoThe query cache has been updated to not depend on RAND_bytes being available.
Pauli [Wed, 31 Jul 2019 09:31:21 +0000 (19:31 +1000)]
The query cache has been updated to not depend on RAND_bytes being available.

The alternative is to use a fast and small xorshift
random number generator.  The stochastic flushing doesn't require good
random numbers, just enough variety to avoid causing problems.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9477)

5 years agoUse allow_early_data_cb from SSL instead of SSL_CTX
raja-ashok [Sun, 28 Jul 2019 07:53:00 +0000 (13:23 +0530)]
Use allow_early_data_cb from SSL instead of SSL_CTX

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9471)

5 years agoFix warning C4164 in MSVC.
joe2018Outlookcom [Wed, 31 Jul 2019 05:46:02 +0000 (13:46 +0800)]
Fix warning C4164 in MSVC.

Fix: crypto\whrlpool\wp_block.c(90) : warning C4164: '_rotl64' : intrinsic function not declared.
Fixes #9487

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9488)

5 years agomake RSA and DSA operations throw MISSING_PRIVATE_KEY if needed, adapt ECDSA
David von Oheimb [Fri, 26 Jul 2019 09:03:12 +0000 (11:03 +0200)]
make RSA and DSA operations throw MISSING_PRIVATE_KEY if needed, adapt ECDSA

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9466)

5 years agoAdd gcm ciphers (aes and aria) to providers.
Shane Lontis [Wed, 31 Jul 2019 11:55:16 +0000 (21:55 +1000)]
Add gcm ciphers (aes and aria) to providers.

The code has been modularized so that it can be shared by algorithms.

A fixed size IV is now used instead of being allocated.
The IV is not set into the low level struct now until the update (it uses an
iv_state for this purpose).

Hardware specific methods have been added to a PROV_GCM_HW object.

The S390 code has been changed to just contain methods that can be accessed in
a modular way. There are equivalent generic methods also for the other
platforms.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/9231)

5 years agoTemporary workaround for ectest.c for [extended tests]
Nicola Tuveri [Sun, 28 Jul 2019 13:13:30 +0000 (16:13 +0300)]
Temporary workaround for ectest.c for [extended tests]

[extended tests]

This is a temporary workaround for issue #9251, which contains a full
discussion of the real problem.

As a temporary workaround, we test `EC_GROUP_new_from_ecparameters()`
against a curve that does not currently have alternative
implementations.

The proper fix is dependant on resolution of issue #8615

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9474)

5 years agoERR: fix err_data_size inconsistencies
Richard Levitte [Wed, 31 Jul 2019 07:27:05 +0000 (09:27 +0200)]
ERR: fix err_data_size inconsistencies

In ERR_add_error_vdata(), the size of err_data had 1 added to it in
some spots, which could lead to buffer overflow.

In ERR_vset_error(), ERR_MAX_DATA_SIZE was used instead of buf_size in
the BIO_vsnprintf() call, which would lead to a buffer overflow if
such a large buffer couldn't be allocated.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9491)

5 years agoRename X509_STORE ptr stored in opaque struct X509_STORE_CTX
Shane Lontis [Wed, 31 Jul 2019 10:56:34 +0000 (20:56 +1000)]
Rename X509_STORE ptr stored in opaque struct X509_STORE_CTX

Change name from 'ctx' to 'store' to remove ctx->ctx from code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9405)

5 years agoAdd evp_util macros
Shane Lontis [Wed, 31 Jul 2019 10:34:26 +0000 (20:34 +1000)]
Add evp_util macros

Also added EVP_CTRL_RET_UNSUPPORTED define (so magic numbers can be removed)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9464)

5 years agoCAdES : lowercase name for now internal methods.
FdaSilvaYY [Wed, 31 Jul 2019 09:14:12 +0000 (19:14 +1000)]
CAdES : lowercase name for now internal methods.
CAdES : rework CAdES signing API.
Make it private, as it is unused outside library bounds.
Fix varous doc-nits.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
5 years agoDocument recent changes in NEWS and CHANGES
Richard Levitte [Wed, 31 Jul 2019 04:59:37 +0000 (06:59 +0200)]
Document recent changes in NEWS and CHANGES

More should be added there

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/9486)

5 years agoCheck for NULL return from zalloc in dh_dupctx.
Pauli [Tue, 30 Jul 2019 21:19:33 +0000 (07:19 +1000)]
Check for NULL return from zalloc in dh_dupctx.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9485)

5 years agoAvoid using ERR_put_error() directly in OpenSSL code
Richard Levitte [Wed, 24 Jul 2019 14:55:32 +0000 (16:55 +0200)]
Avoid using ERR_put_error() directly in OpenSSL code

If compiled with 'no-deprecated', ERR_put_error() is undefined.  We
had one spot where we were using it directly, because the file and
line information was passed from elsewhere.

Fortunately, it's possible to use ERR_raise() for that situation, and
call ERR_set_debug() immediately after and thereby override the
information that ERR_raise() stored in the error record.

util/mkerr.pl needed a small adjustment to not generate code that
won't compile in a 'no-deprecated' configuration.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9452)