Matt Caswell [Wed, 16 Sep 2015 21:54:54 +0000 (22:54 +0100)]
Fix s_server bug
If an async event occurs during a renegotiation in SSL_read then s_server
was looping around, detecting we were in init and calling
init_ssl_connection instead of re-calling SSL_read.
Matt Caswell [Fri, 24 Jul 2015 07:15:31 +0000 (08:15 +0100)]
Initial Async notify code changes
Initial API implemented for notifying applications that an ASYNC_JOB
has completed. Currently only s_server is using this. The Dummy Async
engine "cheats" in that it notifies that it has completed *before* it
pauses the job. A normal async engine would not do that.
Only the posix version of this has been implemented so far, so it will
probably fail to compile on Windows at the moment.
Matt Caswell [Wed, 22 Jul 2015 16:50:51 +0000 (17:50 +0100)]
Add ASYNC_JOB pools
It is expensive to create the ASYNC_JOB objects due to the "makecontext"
call. This change adds support for pools of ASYNC_JOB objects so that we
don't have to create a new ASYNC_JOB every time we want to use one.
Matt Caswell [Thu, 26 Mar 2015 10:15:59 +0000 (10:15 +0000)]
Async clean ups
Removed the function ASYNC_job_is_waiting() as it was redundant. The only
time user code has a handle on a job is when one is waiting, so all they
need to do is check whether the job is NULL. Also did some cleanups to
make sure the job really is NULL after it has been freed!
Matt Caswell [Fri, 13 Feb 2015 23:28:49 +0000 (23:28 +0000)]
Make libssl async aware
The following entry points have been made async aware:
SSL_accept
SSL_read
SSL_write
Also added is a new mode - SSL_MODE_ASYNC. Calling the above functions with
the async mode enabled will initiate a new async job. If an async pause is
encountered whilst executing the job (such as for example if using SHA1/RSA
with the Dummy Async engine), then the above functions return with
SSL_WANT_ASYNC. Calling the functions again (with exactly the same args
as per non-blocking IO), will resume the job where it left off.
Matt Caswell [Fri, 13 Feb 2015 23:25:33 +0000 (23:25 +0000)]
Add the Dummy Async engine (dasync)
This engine is for developers of async aware applications. It simulates
asynchronous activity with external hardware. This initial version supports
SHA1 and RSA. Certain operations using those algorithms have async job
"pauses" in them - using the new libcrypto async capability.
Matt Caswell [Wed, 16 Sep 2015 11:28:03 +0000 (12:28 +0100)]
Add async sub-library to libcrypto
Provides support for running asynchronous jobs. Currently this is completely
stand alone. Future commits will integrate this into libssl and s_server/
s_client. An asynchronous capable engine will be required to see any benefit
from this capability.
Matt Caswell [Thu, 19 Nov 2015 14:55:09 +0000 (14:55 +0000)]
Add pthread support
The forthcoming async code needs to use pthread thread local variables. This
updates the various Configurations to add the necessary flags. In many cases
this is an educated guess as I don't have access to most of these
environments! There is likely to be some tweaking needed.
Matt Caswell [Fri, 6 Nov 2015 16:31:21 +0000 (16:31 +0000)]
Ensure all EVP calls have their returns checked where appropriate
There are lots of calls to EVP functions from within libssl There were
various places where we should probably check the return value but don't.
This adds these checks.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 12 Nov 2015 15:11:34 +0000 (15:11 +0000)]
Check error return from sysconf in secure memory code
We use the sysconf function to provide details about the page size in the
secure memory code. This function can return -1 on error so we should check
for this before proceeding.
Matt Caswell [Wed, 11 Nov 2015 10:17:22 +0000 (10:17 +0000)]
Add comment explaining why we don't check a return value
A call to X509_verify_cert() is used to build a chain of certs for the
server to send back to the client. It isn't *actually* used for verifying
the cert at all - just building the chain. Therefore the return value is
ignored.
Matt Caswell [Tue, 10 Nov 2015 23:12:36 +0000 (23:12 +0000)]
Remove an NULL ptr deref in an error path
The |passwd| variable in the code can be NULL if it goes to the err label.
Therefore we cannot call strlen on it without first checking that it is non
NULL.
Andy Polyakov [Fri, 13 Nov 2015 22:44:23 +0000 (23:44 +0100)]
bn/asm/ppc64-mont.pl: adapt for little-endian.
The problem remained unnoticed so far, because it's never called by default.
You have to craft OPENSSL_ppccap environment variable to trigger the problem.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Tue, 10 Nov 2015 20:11:24 +0000 (21:11 +0100)]
bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling.
Print certificate details using accessor functions.
Since X509_CERT_AUX_print is only used in one place and can't
be used by applications (it uses an internal X509_CERT_AUX structure)
this has been removed and replaced by a function X509_aux_print which
takes an X509 pointer instead.
This adds a TLSv1.0 cipher alias for ciphersuites requiring
at least TLSv1.0: currently only PSK ciphersuites using SHA256
or SHA384 MAC (SSLv3 only supports SHA1 and MD5 MAC).
Matt Caswell [Mon, 9 Nov 2015 14:38:59 +0000 (14:38 +0000)]
Fix SSL_use_certificate_chain_file
The new function SSL_use_certificate_chain_file was always crashing in
the internal function use_certificate_chain_file because it would pass a
NULL value for SSL_CTX *, but use_certificate_chain_file would
unconditionally try to dereference it.
Matt Caswell [Mon, 9 Nov 2015 16:37:33 +0000 (16:37 +0000)]
Remove redundant check from tls1_get_curvelist
The function tls1_get_curvelist() has an explicit check to see if s->cert
is NULL or not. However the check appears *after* calling the tls1_suiteb
macro which derefs s->cert. In reality s->cert can never be NULL because
it is created in SSL_new(). If the malloc fails then the SSL_new call fails
and no SSL object is created.
Matt Caswell [Fri, 30 Oct 2015 10:05:53 +0000 (10:05 +0000)]
Standardise our style for checking malloc failures
if we have a malloc |x = OPENSSL_malloc(...)| sometimes we check |x|
for NULL and sometimes we treat it as a boolean |if(!x) ...|. Standardise
the approach in libssl.
Matt Caswell [Mon, 9 Nov 2015 15:31:27 +0000 (15:31 +0000)]
Remove redundant check from SSL_shutdown
The SSL object was being deref'd and then there was a later redundant check
to see if it is NULL. We assume all SSL_foo functions pass a non NULL SSL
object and do not check it.
Richard Levitte [Mon, 9 Nov 2015 08:50:56 +0000 (09:50 +0100)]
Make the match for previous cflags a bit more strict
./Configure [target] --strict-warnings -Wno-pedantic-ms-format
would not add '-pedantic' because it matches '-Wno-pedantic-ms-format',
which was added first.
Matt Caswell [Fri, 6 Nov 2015 09:47:18 +0000 (09:47 +0000)]
Don't finish the handshake twice
We finish the handshake when we move into the TLS_ST_OK state. At various
points we were also unnecessarily finishing it when we were reading/writing
the Finished message. It's much simpler just to do it in TLS_ST_OK, so
remove the other calls.
Richard Levitte [Mon, 2 Nov 2015 15:48:53 +0000 (16:48 +0100)]
Remove the state parameter from BIO_ctrl_set_connected
The actual implementation has the state of the connection being
controlled with the peer parameter, non-NULL meaning connected and
NULL meaning connected.
Matt Caswell [Fri, 30 Oct 2015 17:01:01 +0000 (17:01 +0000)]
Remove a reachable assert from ssl3_write_bytes
A buggy application that call SSL_write with a different length after a
NBIO event could cause an OPENSSL_assert to be reached. The assert is not
actually necessary because there was an explicit check a little further
down that would catch this scenario. Therefore remove the assert an move
the check a little higher up.
Matt Caswell [Fri, 30 Oct 2015 16:39:29 +0000 (16:39 +0000)]
Remove a trivially true OPENSSL_assert
This OPENSSL_assert in (d)tls1_hearbeat is trivially always going to be
true because it is testing the sum of values that have been set as
constants just a few lines above and nothing has changed them. Therefore
remove this.
Matt Caswell [Mon, 26 Oct 2015 23:11:44 +0000 (23:11 +0000)]
Add SRP and PSK to disallowed CertificateRequest ciphersuites
There was a discrepancy between what ciphersuites we allowed to send a
CertificateRequest, and what ciphersuites we allowed to receive one. So
add PSK and SRP to the disallowed ones.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Mon, 26 Oct 2015 14:05:43 +0000 (14:05 +0000)]
Remove superfluous check
|tls_process_finished| was checking that |peer_finish_md_len| was
non-negative. However neither |tls1_final_finish_mac| or
|ssl3_final_finish_mac| can ever return a negative value, so the check is
superfluous.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 22 Oct 2015 14:13:20 +0000 (15:13 +0100)]
Fix a bogus clang warning
Clang with --strict-warnings was complaining about an uninitalised
variable. In reality it will never be used uninitialised but clang can't
figure out the logic, so just init it anyway to silence the warning.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 22 Oct 2015 14:02:14 +0000 (15:02 +0100)]
Fix empty NewSessionTicket processing
Rebasing the state machine code introduced a problem with empty
NewSessionTicket processing. The return value from the
tls_process_new_session_ticket() is supposed to be an enum, but a bare
integer was being used. Unfortunately this is valid C so the compiler
doesn't pick it up.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
projects / openssl / log