Richard Levitte [Fri, 29 Jan 2016 17:07:37 +0000 (18:07 +0100)]
Configure et al: split up the lflags configuration item into two
The lflags configuration had a weird syntax with a % as separator. If
it was present, whatever came before ended up as PEX_LIBS in Makefile
(usually, this is LDFLAGS), while whatever came after ended up as
EX_LIBS.
This change splits that item into lflags and ex_libs, making their use
more explicit.
Also, PEX_LIBS in all the Makefiles are renamed to LDFLAGS.
Viktor Dukhovni [Thu, 28 Jan 2016 03:43:23 +0000 (22:43 -0500)]
Make it possible to check for explicit auxiliary trust
By default X509_check_trust() trusts self-signed certificates from
the trust store that have no explicit local trust/reject oids
encapsulated as a "TRUSTED CERTIFICATE" object. (See the -addtrust
and -trustout options of x509(1)).
This commit adds a flag that makes it possible to distinguish between
that implicit trust, and explicit auxiliary settings.
With flags |= X509_TRUST_NO_SS_COMPAT, a certificate is only trusted
via explicit trust settings.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Wed, 4 Nov 2015 17:30:22 +0000 (17:30 +0000)]
Fix bug in nistp224/256/521 where have_precompute_mult always returns 0
During precomputation if the group given is well known then we memcpy a
well known precomputation. However we go the wrong label in the code and
don't store the data properly. Consequently if we call have_precompute_mult
the data isn't there and we return 0.
RT#3600
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 29 Jan 2016 09:38:06 +0000 (09:38 +0000)]
Correct value of DH_CHECK_PUBKEY_INVALID
A new return value for DH_check_pub_key was recently added:
DH_CHECK_PUBKEY_INVALID. As this is a flag which can be ORed with other
return values it should have been set to the value 4 not 3.
Matt Caswell [Mon, 25 Jan 2016 15:00:10 +0000 (15:00 +0000)]
Implement Async SSL_shutdown
This extends the existing async functionality to SSL_shutdown(), i.e.
SSL_shutdown() can now casuse an SSL_ERROR_WANT_ASYNC error to be returned
from SSL_get_error() if async mode has been enabled.
Rich Salz [Thu, 28 Jan 2016 03:00:55 +0000 (22:00 -0500)]
Remove outdated tests
These tests are not built, and only usable as hand-tests so not
worth moving into our test framework.
This closes https://github.com/openssl/openssl/pull/561 and RT 4252
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Mon, 18 Jan 2016 11:31:58 +0000 (11:31 +0000)]
Prevent small subgroup attacks on DH/DHE
Historically OpenSSL only ever generated DH parameters based on "safe"
primes. More recently (in version 1.0.2) support was provided for
generating X9.42 style parameter files such as those required for RFC
5114 support. The primes used in such files may not be "safe". Where an
application is using DH configured with parameters based on primes that
are not "safe" then an attacker could use this fact to find a peer's
private DH exponent. This attack requires that the attacker complete
multiple handshakes in which the peer uses the same DH exponent.
A simple mitigation is to ensure that y^q (mod p) == 1
Rich Salz [Wed, 27 Jan 2016 23:43:25 +0000 (18:43 -0500)]
Remove outdated legacy crypto options
Many options for supporting optimizations for legacy crypto on legacy
platforms have been removed. This simplifies the source code and
does not really penalize anyone.
DES_PTR (always on)
DES_RISC1, DES_RISC2 (always off)
DES_INT (always 'unsigned int')
DES_UNROLL (always on)
BF_PTR (always on) BF_PTR2 (removed)
MD2_CHAR, MD2_LONG (always 'unsigned char')
IDEA_SHORT, IDEA_LONG (always 'unsigned int')
RC2_SHORT, RC2_LONG (always 'unsigned int')
RC4_LONG (only int and char (for assembler) are supported)
RC4_CHUNK (always long), RC_CHUNK_LL (removed)
RC4_INDEX (always on)
And also make D_ENCRYPT macro more clear (@appro)
Rich Salz [Fri, 18 Dec 2015 17:57:23 +0000 (12:57 -0500)]
Remove /* foo.c */ comments
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
Benjamin Kaduk [Thu, 21 Jan 2016 18:06:39 +0000 (12:06 -0600)]
Remove unused, undocumented clean-shared target
Also removes the make variable SHARED_LIBS_LINK_EXTS, only used by
the clean-shared target.
When shared library linking was moved to the separate Makefile.shared
in commit 30afcc072acd4f70590fec68bf0590da4e4f1883, this target was
skipped. Prior to that commit, clean-shared was invoked as a
dependency of build-shared, but afterward it was no longer referenced
anywhere in the tree.
Instead of porting the functionality over to Makefile.shared, just
remove it entirely, as it appears to be unused.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Tue, 26 Jan 2016 13:57:21 +0000 (14:57 +0100)]
Have OpenSSL::Test handle perl scripts like any program
Since we're building some of our perl scripts and the result might not
end up in apps/ (*), we may need to treat them like the compile
programs we use for testing.
This introduces perlapp() and perltest(), which behave like app() and
test(), but will add the perl executable in the command line.
-----
(*) For example, with a mk1mf build, the result will end up in $(BIN_D)
Matt Caswell [Tue, 26 Jan 2016 11:31:41 +0000 (11:31 +0000)]
Add SSL_up_ref() and SSL_CTX_up_ref()
The SSL and SSL_CTX structures are reference counted. However since libssl
was made opaque there is no way for users of the library to manipulate the
reference counts. This adds functions to enable that.
Richard Levitte [Tue, 26 Jan 2016 01:09:33 +0000 (02:09 +0100)]
Use Configure's @disablables and %disabled through configdata.pm
Enhances the routines in OpenSSL::Test::Utils for checking disabled
stuff to get their information directly from Configure instead of
'openssl list -disabled'.
Richard Levitte [Mon, 25 Jan 2016 20:51:22 +0000 (21:51 +0100)]
Small cleanups in Configure
- Small rearrangement of the TABLE and HASH printouts, and adding
printout of the "build_scheme" item
- Renamed "engines_obj" to "padlock_obj"
- Moved the runs of dofile down... it didn't quite make sense to have
that in the middle of a printout
Richard Levitte [Mon, 25 Jan 2016 20:19:59 +0000 (21:19 +0100)]
Generate warning text
Now that we're using templates, we should warn people not to edit the
resulting file. We do it through util/dofile.pl, which is enhanced
with an option to tell what file it was called from. We also change
the calls so the template files are on the command line instead of
being redirected through standard input. That way, we can display
something like this (example taken from include/openssl/opensslconf.h):
/* WARNING: do not edit! */
/* Generated by Configure from include/openssl/opensslconf.h.in */
Richard Levitte [Wed, 20 May 2015 18:03:20 +0000 (20:03 +0200)]
Refactor file writing - Remake Makefile.org into a template
It is time for Makefile.org to fold into the new regime and have a run
through util/dofile.pl. This forces some information out of there and
into Configure, which isn't a bad thing, it makes Configure
increasingly the center of build information, which is as it should
be.
A few extra defaults were needed in the BASE template to get rid of
warnings about missing values.
Richard Levitte [Sun, 27 Dec 2015 01:27:30 +0000 (02:27 +0100)]
Refactor file writing - make configdata.pm the info center for "reconf"
Now that configdata.pm is the centre of information, use that instead
of Makefile to figure out reconfiguration parameters. This will help
future development with different Makefile file names.
The code to read necessary configuration data from Makefile is retained
for an easy transition to configdata.pm based information gathering. It
will be removed later on.
This change includes moving the variable $cross_compile_prefix to %config.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Richard Levitte [Mon, 18 May 2015 23:40:54 +0000 (01:40 +0200)]
Refactor file writing - rewrite crypto/opensslconf.h.in as template
The turn has come to have crypto/opensslconf.h.in get run through
util/dofile.pl. The consequence is that a large number of variables
get moved to the %config table.
Also, the string variables $openssl_*, which were populated with cpp
lines, all being of the form "#define SOMETHING", were converted into
ARRAY refs in %config values, containing just the list of macros to be
defined.
Richard Levitte [Mon, 11 Jan 2016 23:17:12 +0000 (00:17 +0100)]
Refactor file writing - Adapt util/mkdef.pl to use configdata.pm
For this adaptation, the variables $options and $version needed to
move to %config in Configure, and why not move all other variables
holding diverse version numbers at the same time?
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Fri, 22 Jan 2016 11:37:31 +0000 (12:37 +0100)]
Refactor file writing - arrange for use of bundled Perl modules as fallback
For our own convenience, we need a mechanism to be able to fall back
on bundled Perl modules. It's a minimal package that's called like
this:
use with_fallback qw(Module1 Module2 ...);
For each module, it will try to require them from the system
installation, and failing that, it will temporarly add external/perl
and try to require transfer::{ModuleName}. It requires that each
bundled Perl modules is accompanied by a small transfer module
(external/perl/transfer/ModuleName.pm in our example) that knows
exactly what to load.
apps/CA.pl and tools/c_rehash are built from template files. So far,
this was done by Configure, which created its own problems as it
forced everyone to reconfigure just because one of the template files
had changed.
Instead, have those files created as part of the normal build in apps/
and in tools/.
Furthermore, this prepares for a future where Configure may produce
entirely other build files than Makefile, and the latter can't be
guaranteed to be the holder of all information for other scripts.
Instead, configdata.pm (described below) becomes the center of
configuration information.
This introduces a few new things:
%config a hash table to hold all kinds of configuration data
that can be used by any other script.
configdata.pm a perl module that Configure writes. It currently
holds the hash tables %config and %target.
util/dofile.pl a script that takes a template on STDIN and outputs
the result after applying configuration data on it.
It's supposed to be called like this:
perl -I$(TOP) -Mconfigdata < template > result
or
perl -I$(TOP) -Mconfigdata templ1 templ2 ... > result
Note: util/dofile.pl requires Text::Template.
As part of this changed, remove a number of variables that are really
just copies of entries in %target, and use %target directly. The
exceptions are $target{cflags} and $target{lflags}, they do get copied
to $cflags and $lflags. The reason for this is that those variable
potentially go through a lot of changes and would rather deserve a
place in %config. That, however, is for another commit.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Mon, 18 May 2015 10:53:38 +0000 (12:53 +0200)]
Refactor config - consolidate and refresh print_table_entry
It's time for print_table_entry to get a bit of refreshment. The way it
was put together, we needed to maintain the list of known configuration
keys of interest twice, in different shapes. This is error prone, so
move the list of strings to a common list for all printing cases, and
use simple formatting of lines to do the actual printout based on that
list.
Richard Levitte [Fri, 22 Jan 2016 12:06:26 +0000 (13:06 +0100)]
Cleanup .gitignore
Some things to ignore need to be properly rooted, and use a bit more
precision on ignoring 'lib', as that maybe be a perfectly valid
directory name to add into git elsewhere in the source tree.
Richard Levitte [Mon, 18 May 2015 12:31:49 +0000 (14:31 +0200)]
Refactor config - @MK1MF_Builds out, general build scheme in
Time to get rid of @MK1MF_Builds and introduce a more flexible
'build_scheme' configuration key. Its value may be a string or an
array of strings, meaning we need to teach resolve_config how to
handle ARRAY referenses.
The build scheme is a word that selects a function to create the
appropriate result files for a certain configuration. Currently valid
build schemes aer "mk1mf" and "unixmake", the plan is however to add
at least one other for a more universal build scheme.
Incidently, this also adds the functions 'add' and 'add_before', which
can be used in a configuration, so instead of having to repeatedly
write a sub like this:
key1 => sub { join(" ", @_, "myvalues"); },
key2 => sub { join(" ", "myvalues", @_); },
The good point with 'add' and 'add_before' is that they handle
inheritances where the values are a misture of scalars and ARRAYs. If
there are any ARRAY to be found, the resulting value will be an ARRAY,
otherwise it will be a scalar with all the incoming valued joined
together with the separator given as first argument to add/add_before.
Richard Levitte [Mon, 18 May 2015 00:54:28 +0000 (02:54 +0200)]
Refactor config - move templates and template docs to Configurations
Move the documentation of the target configuration form to
Configurations/README.
Move initial assembler object templates to
Configurations/00-BASE-templates.conf.
Furthermore, remove all variables containing the names of the
non-assembler object files and make a BASE template of them instead.
The values from this templates are used as defaults as is. The
remaining manipulation of data when assembler modules are used is done
only when $no_asm is false.
While doing this, clean out some other related variables that aren't
used anywhere.
Also, we had to move the resolution of the chosen target a bit, or the
function 'asm' would never catch a true $no_asm... this hasn't
mattered before we've moved it all to the BASE template, but now it
does.
At the same time, add the default for the 'unistd' key to the BASE
template.
Richard Levitte [Wed, 20 Jan 2016 17:11:51 +0000 (18:11 +0100)]
Refresh the thinking of --prefix and --openssldir
--prefix is now exclusively used for software and manual installation.
--openssldir is not exclusively used as a default location for certs,
keys and the default openssl.cnf.
This change is made to bring clarity, to have the two less
intertwined, and to be more compatible with the usual ways of software
installation.
Please change your habits and scripts to use --prefix rather than
--openssldir for installation location now.