Emilia Kasper [Wed, 19 Nov 2014 14:42:43 +0000 (15:42 +0100)]
Reset s->tlsext_ticket_expected in ssl_scan_serverhello_tlsext.
This ensures that it's zeroed even if the SSL object is reused
(as in ssltest.c). It also ensures that it applies to DTLS, too.
If no keyfile has been specified use the certificate file instead.
Fix typo: we need to check the chain is not NULL, not the chain file. Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 786370b1b09b919d9306f27336e13783e4fe3fd0)
Don't send or parse any extensions other than RI (which is needed
to handle secure renegotation) for SSLv3. Reviewed-by: Matt Caswell <matt@openssl.org>
Process signature algorithms before deciding on certificate.
The supported signature algorithms extension needs to be processed before
the certificate to use is decided and before a cipher is selected (as the
set of shared signature algorithms supported may impact the choice). Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 56e8dc542bd693b2dccea8828b3d8e5fc6932d0c)
Mike Bland [Wed, 25 Jun 2014 19:28:38 +0000 (15:28 -0400)]
Add whrlpool and camellia .s files to perlasm list
Change-Id: I626d751f19f24df6b967c17498d6189cc0acb96c Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Sun, 29 Jun 2014 14:00:43 +0000 (10:00 -0400)]
Add missing SRC variable
This is the only Makefile without SRC defined. This change enables a
standard Makefile include directive to cover crypto/jpake/*.d files.
This was automatically applied by AddSrcVarIfNeeded() in:
https://code.google.com/p/mike-bland/source/browse/openssl/update_makefiles.py
Change-Id: I030204a1bc873b5de5b06c8ddc0b94bb224c6650 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Tue, 24 Jun 2014 17:03:49 +0000 (13:03 -0400)]
Remove redundant test targets outside of test/
These correspond to targets of the same name in test/Makefile that clash when
using the single-makefile build method using GitConfigure and GitMake.
Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Tue, 24 Jun 2014 04:39:33 +0000 (00:39 -0400)]
Improve variable parsing when generating MINFO
Before this change, variables for which a '=' appeared in the assignment would
be parsed as the entire string up until the final '='. For example:
BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
would result in the variable name "BUILD_CMD=shlib_target". This doesn't
appear to harm the current generation of MINFO, but creates problems for other
Makefile-related work I'm attempting.
Change-Id: I1f3a606d67fd5464bb459e8f36c23b3e967b77e1 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Sun, 8 Jun 2014 18:58:16 +0000 (14:58 -0400)]
{,darwin64-}debug-test-64-clang Configure targets
These are based on debug-ben-debug-64-clang and is intended to produce
consistent settings for folks involved in the unit testing effort detailed at:
http://wiki.openssl.org/index.php/Unit_Testing
-fsanitize has been removed from the set of clang flags for now. Apparently
clang 3.1, which ships with FreeBSD 9.1, completely ignores -fsanitize. Clang
3.3, which ships with FreeBSD 9.2, compiles with it, but fails to link due to
the absence of libasan:
We need -Wno-error=unused-const-variable because of this error:
.../crypto/ec/ec_lib.c:74:19: error: unused variable 'EC_version' [-Werror,-Wunused-const-variable]
static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
Change-Id: I2cba53537137186114c083049ea1233550a741f9 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Tue, 24 Jun 2014 00:26:30 +0000 (20:26 -0400)]
Emit PERLASM_SCHEME to fix GitMake on OS X
This fixes the errors when trying to assemble .s files using GitMake on OS X.
Change-Id: I2221f558619302d22e0c57d7203173d634155678 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Mike Bland [Mon, 9 Jun 2014 00:27:20 +0000 (20:27 -0400)]
Add cscope.out and .d files to .gitignore
cscope.out is generated by cscope as described in:
http://wiki.openssl.org/index.php/Testing_and_Development_Tools_and_Tips
.d files are compiler-generated Makefile dependency files (e.g. using
'gcc -MMD -MP foo.c').
Change-Id: I2338858a6b6ee0527837d10a8b55cff1689023fd Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Print out more details of the conection in ssltest specifically:
server certificate curve name for EC, server temporary key (if any)
and peer signing digest. Reviewed-by: Matt Caswell <matt@openssl.org>
Add command line support for SSL_CONF: server side arguments are
prefixed by -s_ (e.g. -s_no_ssl3) and client side with -c_. Reviewed-by: Matt Caswell <matt@openssl.org>
If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table. Reviewed-by: Tim Hudson <tjh@openssl.org>
Russell Coker [Thu, 25 Jun 2009 05:59:32 +0000 (15:59 +1000)]
Fix datarace reported by valgrind/helgrind
This doesn't really fix the datarace but changes it so it can only happens
once. This isn't really a problem since we always just set it to the same
value. We now just stop writing it after the first time.
PR3584, https://bugs.debian.org/534534
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org>
The trial division and probable prime with coprime tests are disabled
on WIN32 builds because they use internal functions not exported from
the WIN32 DLLs. Reviewed-by: Emilia Käsper <emilia@openssl.org>
Emilia Kasper [Tue, 28 Oct 2014 16:35:59 +0000 (17:35 +0100)]
Tighten session ticket handling
Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
the extension anew in the ServerHello. Previously, a TLS client would
reuse the old extension state and thus accept a session ticket if one was
announced in the initial ServerHello.
SSL_set_SSL_CTX is used to change the SSL_CTX for SNI, keep the
supported signature algorithms and raw cipherlist. Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Thu, 23 Oct 2014 14:08:44 +0000 (16:08 +0200)]
ecp_nistz256 update.
Facilitate switch to custom scatter-gather routines. This modification
does not change algorithms, only makes it possible to implement
alternative. This is achieved by a) moving precompute table to assembly
(perlasm parses ecp_nistz256_table.c and is free to rearrange data to
match gathering algorithm); b) adhering to explicit scatter subroutine
(which for now is simply a memcpy). First implementations that will use
this option are 32-bit assembly implementations, ARMv4 and x86, where
equivalent of current read-whole-table-select-single-value algorithm
is too time-consuming. [On side note, switching to scatter-gather on
x86_64 would allow to improve server-side ECDSA performance by ~5%].
Kurt Roeckx [Tue, 21 Oct 2014 18:45:15 +0000 (20:45 +0200)]
Keep old method in case of an unsupported protocol
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set
the method to NULL. We didn't used to do that, and it breaks things. This is a
regression introduced in 62f45cc27d07187b59551e4fad3db4e52ea73f2c. Keep the old
method since the code is not able to deal with a NULL method at this time.
Matt Caswell [Wed, 15 Oct 2014 00:03:32 +0000 (01:03 +0100)]
Fix for SRTP Memory Leak
CVE-2014-3513
This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.
The following #ifdef tests were all removed:
__MWERKS__
MAC_OS_pre_X
MAC_OS_GUSI_SOURCE
MAC_OS_pre_X
OPENSSL_SYS_MACINTOSH_CLASSIC
OPENSSL_SYS_MACOSX_RHAPSODY
Tim Hudson [Sun, 21 Sep 2014 11:54:31 +0000 (21:54 +1000)]
Fixed error introduced in commit f2be92b94dad3c6cbdf79d99a324804094cf1617
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit
Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>