JimC [Sat, 6 Aug 2016 10:22:04 +0000 (06:22 -0400)]
Fix CIPHER_DEBUG
Commit 3eb2aff renamed a field of ssl_cipher_st from algorithm_ssl -> min_tls but neglected to update the fprintf reference which is included by -DCIPHER_DEBUG
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1417)
Richard Levitte [Sat, 6 Aug 2016 09:30:48 +0000 (11:30 +0200)]
Add a note about a perl issue on VMS and how to work around it
I bug in perl's File::Spec->canonpath() was uncovered. There's
nothing we can do about it (except re-implementing canonpath()),
except working around the problem (a directory rename) and reporting
the issue to the perl module developers.
Tomas Mraz [Fri, 5 Aug 2016 07:33:30 +0000 (09:33 +0200)]
Fix irregularities in GENERAL_NAME_print().
Add colon when printing Registered ID.
Remove extra space when printing DirName.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1401)
Rob Percival [Sat, 6 Aug 2016 01:27:12 +0000 (21:27 -0400)]
Mkae CT_log_new_from_base64 always return 0 on failure
In one failure case, it used to return -1. That failure case
(CTLOG_new() returning NULL) was not usefully distinct from all of the
other failure cases.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1407)
Richard Levitte [Fri, 5 Aug 2016 08:57:47 +0000 (10:57 +0200)]
util/mkdef.pl: mark certain PEM function declarations with STDIO
The macros that produce PEM_write_FOO() andd PEM_read_FOO() only do so
unless 'no-stdio' has been configured. mkdef.pl should mimic that by
marking those functions with the "STDIO" algo.
Richard Levitte [Thu, 4 Aug 2016 22:32:36 +0000 (00:32 +0200)]
Move the building of test/buildtest_*. to be done unconditionally
These were guarded by $disabled{tests}. However, 'tests' is disabled
if we configure 'no-stdio', which means that we don't detect the lack
of OPENSSL_NO_STDIO guards in our public header files. So we move the
generation and build of test/buildtest_*.c to be unconditional.
Emilia Kasper [Wed, 3 Aug 2016 13:29:21 +0000 (15:29 +0200)]
Add a coverage target
Run tests with coverage and report to coveralls.io
For simplicity, this currently only adds a single target in a
configuration that attempts to maximize coverage. The true CI coverage
from all the various builds may be a little larger.
The coverage run has the following configuration:
- no-asm: since we can't track asm coverage anyway, might as well measure the
non-asm code coverage.
- Enable various disabled-by-default options:
- rc5
- md2
- ec_nistp_64_gcc_128
- ssl3
- ssl3-method
- weak-ssl-ciphers
Finally, observe that no-pic implies no-shared, and therefore running
both builds in the matrix is redundant.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Richard Levitte [Wed, 3 Aug 2016 17:49:32 +0000 (19:49 +0200)]
openssl-format-source: no dash marker on *INDENT-(ON|OFF)* comments
We mark small comments with a dash immediately following the starting /*.
However, *INDENT-(ON|OFF)* comments shouldn't be treated that way, or
indent will ignore them if we do.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
David Woodhouse [Tue, 2 Aug 2016 21:54:46 +0000 (22:54 +0100)]
Fix ubsan 'left shift of negative value -1' error in satsub64be()
Baroque, almost uncommented code triggers behaviour which is undefined
by the C standard. You might quite reasonably not care that the code was
broken on ones-complement machines, but if we support a ubsan build then
we need to at least pretend to care.
It looks like the special-case code for 64-bit big-endian is going to
behave differently (and wrongly) on wrap-around, because it treats the
values as signed. That seems wrong, and allows replay and other attacks.
Surely you need to renegotiate and start a new epoch rather than
wrapping around to sequence number zero again?
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
David Woodhouse [Mon, 25 Jul 2016 17:03:27 +0000 (18:03 +0100)]
Make DTLS1_BAD_VER work with DTLS_client_method()
DTLSv1_client_method() is deprecated, but it was the only way to obtain
DTLS1_BAD_VER support. The SSL_OP_CISCO_ANYCONNECT hack doesn't work with
DTLS_client_method(), and it's relatively non-trivial to make it work without
expanding the hack into lots of places.
So deprecate SSL_OP_CISCO_ANYCONNECT with DTLSv1_client_method(), and make
it work with SSL_CTX_set_{min,max}_proto_version(DTLS1_BAD_VER) instead.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
David Woodhouse [Fri, 8 Jul 2016 19:56:38 +0000 (20:56 +0100)]
Fix DTLS_VERSION_xx() comparison macros for DTLS1_BAD_VER
DTLS version numbers are strange and backwards, except DTLS1_BAD_VER so
we have to make a special case for it.
This does leave us with a set of macros which will evaluate their arguments
more than once, but it's not a public-facing API and it's not like this is
the kind of thing where people will be using DTLS_VERSION_LE(x++, y) anyway.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
David Woodhouse [Fri, 8 Jul 2016 19:46:07 +0000 (20:46 +0100)]
Fix SSL_export_keying_material() for DTLS1_BAD_VER
Commit d8e8590e ("Fix missing return value checks in SCTP") made the
DTLS handshake fail, even for non-SCTP connections, if
SSL_export_keying_material() fails. Which it does, for DTLS1_BAD_VER.
Apply the trivial fix to make it succeed, since there's no real reason
why it shouldn't even though we never need it.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
Benjamin Kaduk [Wed, 3 Aug 2016 20:07:55 +0000 (15:07 -0500)]
Remove some unused options from 10-main.conf
The options RC4_CHUNK_LL, DES_PTR, and BF_PTR were removed by Rich
in commit 3e9e810f2e047effb1056211794d2d12ec2b04e7 but were still
sticking around in a coupule configuration entries.
Since they're unused, remove them.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1390)
Richard Levitte [Thu, 4 Aug 2016 09:50:39 +0000 (11:50 +0200)]
Travis: When testing installation, build in separate dir, otherwise in checkout
The rationale is that installation from a tarball is a common task
that everyone performs. For all other builds, we do specialised
tests, and might as well build them directly in the checkout, which
also gives us fuzz corpora.
Richard Levitte [Wed, 3 Aug 2016 14:02:20 +0000 (16:02 +0200)]
Don't check any revocation info on proxy certificates
Because proxy certificates typically come without any CRL information,
trying to check revocation on them will fail. Better not to try
checking such information for them at all.
Richard Levitte [Wed, 3 Aug 2016 05:55:54 +0000 (07:55 +0200)]
INSTALL: Make the use of [, ], { and } consistent and explain it
The diverse notations used in INSTALL are not as self explanatory as
we might imagine, so let's attempt a consistent notation for mandatory
and optional pieces of a command line, and to explain the meaning of
each notation.
This does away with the bash notation used in one spot, as it isn't
universally understood and will only confuse the unknowing more.
Richard Levitte [Mon, 1 Aug 2016 11:07:48 +0000 (13:07 +0200)]
Fix return values of do_passwd() in apps/passwd.c
do_passwd() was returning 0 on success and 1 on failure. However,
those values were interpreted the other way around. The fix that
makes the most sense is to change what do_passwd() returns.
Andy Polyakov [Tue, 19 Jul 2016 11:52:49 +0000 (13:52 +0200)]
crypto/ui/ui_openssl.c: UTF-y Windows code path.
Windows never composes UTF-8 strings as result of user interaction
such as input query. The only way to compose one is programmatic
conversion from WCHAR string, which in turn can be picked up with
ReadConsoleW.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Sat, 16 Jul 2016 21:21:39 +0000 (23:21 +0200)]
apps/openssl.c: UTF-y Windows argv.
Windows never composes UTF-8 strings as result of user interaction
such as passing command-line argument. The only way to compose one
is programmatic conversion from WCHAR string, which in turn can be
picked up on command line.
[For reference, why not wmain, it's not an option on MinGW.]
Reviewed-by: Richard Levitte <levitte@openssl.org>
projects / openssl / log