Christian Heimes [Sun, 21 Jan 2018 09:37:59 +0000 (10:37 +0100)]
Fix signature of min/max proto getter
The getters for min and max proto version wrongly passed NULL instead of
0 as third argument to SSL_ctrl() and SSL_CTX_ctrl(). The third argument
is not used, but the error results in a compiler warning:
warning: passing argument 3 of ‘SSL_CTX_ctrl’ makes integer from pointer without a cast [-Wint-conversion]
int v = SSL_CTX_get_max_proto_version(self->ctx);
See https://github.com/openssl/openssl/pull/4364
Signed-off-by: Christian Heimes <christian@python.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5128)
David Cooper [Fri, 18 Aug 2017 13:27:19 +0000 (09:27 -0400)]
Add -rsigopt option to ocsp command
Add a -rsigopt option to the ocsp command that allows signature parameters to be provided for the signing of OCSP responses. The parameters that may be provided to -rsigopt are the same as may be provided to -sigopt in the ca, req, and x509 commands.
This PR also defines a OCSP_basic_sign_ctx() function, which functions in the same way as OCSP_basic_sign(), except that it accepts a EVP_MD_CTX rather than a key and digest. The OCSP_basic_sign_ctx() function is used to implement the -rsigopt option in the ocsp command.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)
Richard Levitte [Tue, 23 Jan 2018 18:13:48 +0000 (19:13 +0100)]
Configure: ensure that a DEPEND generates the correct inclusion directory
We incorrectly assumed that explicit dependencies meant that the
source directory would be added for inclusion. However, if the
dependent file is generated, it's stored in the build directory, and
that should be used for inclusion rather than the source directory.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)
Richard Levitte [Mon, 22 Jan 2018 18:03:37 +0000 (19:03 +0100)]
Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find()
EVP_PKEY_asn1_find_str() would search through standard asn1 methods
first, then those added by the application, which EVP_PKEY_asn1_find()
worked the other way around. Also, EVP_PKEY_asn1_find_str() didn't
handle aliases.
This change brings EVP_PKEY_asn1_find_str() closer to EVP_PKEY_asn1_find().
Fixes #5086
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5137)
Matt Caswell [Fri, 19 Jan 2018 14:34:56 +0000 (14:34 +0000)]
Don't allow an empty Subject when creating a Certificate
Misconfiguration (e.g. an empty policy section in the config file) can
lead to an empty Subject. Since certificates should have unique Subjects
this should not be allowed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5114)
Benjamin Kaduk [Tue, 9 Jan 2018 21:26:37 +0000 (15:26 -0600)]
enc(1): document that AEAD is not and will not be supported
Note the reasons, including streaming output issues and key/iv/nonce
management issues.
Recommend the use of cms(1) instead.
Fixes #471.
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5048)
Richard Levitte [Wed, 17 Jan 2018 10:22:47 +0000 (11:22 +0100)]
Create one permanent proxy socket per TLSProxy::Proxy instance
On Windows, we sometimes see a behavior with SO_REUSEADDR where there
remains lingering listening sockets on the same address and port as a
newly created one.
To avoid this scenario, we don't create a new proxy port for each new
client run. Instead, we create one proxy socket when the proxy object
is created, and close it when destroying that object.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5095)
Richard Levitte [Thu, 11 Jan 2018 21:01:44 +0000 (22:01 +0100)]
Cygwin is POSIX, don't say it isn't
More to the point, Cygwin is a POSIX API. In our library, the use of
a POSIX API is marked by defining the macro OPENSSL_SYS_UNIX.
Therefore, that macro shouldn't be undefined when building for Cygwin.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)
Richard Levitte [Thu, 18 Jan 2018 09:54:48 +0000 (10:54 +0100)]
TLSProxy::Proxy: Don't use ReuseAddr on Windows
On Windows, we sometimes see a behavior with SO_REUSEADDR where there
remains lingering listening sockets on the same address and port as a
newly created one.
An easy solution is not to use ReuseAddr on Windows.
Thanks Bernd Edlinger for the suggestion.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5103)
Jakub Jelen [Thu, 18 Jan 2018 00:23:37 +0000 (19:23 -0500)]
doc: Bad prototypes of EVP_PKEY_CTX_new()
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4861)
Richard Levitte [Wed, 17 Jan 2018 20:27:33 +0000 (21:27 +0100)]
TLSProxy::Proxy: don't waste time redirecting STDOUT and STDERR
On Windows, it seems that doing so in a forked (pseudo-)process
sometimes affects the parent, and thereby hides all the results that
are supposed to be seen by the running test framework (the "ok" and
"not ok" lines).
It turns out that our redirection isn't necessary, as the test
framework seems to swallow it all in non-verbose mode anyway.
It's possible that we did need this at some point, but the framework
has undergone some refinement since then...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5100)
Matt Caswell [Mon, 15 Jan 2018 11:23:07 +0000 (11:23 +0000)]
Revert BN_copy() flag copy semantics change
Commit 9f9442918a changed the semantics of BN_copy() to additionally
copy the BN_FLG_CONSTTIME flag if it is set. This turns out to be
ill advised as it has unintended consequences. For example calling
BN_mod_inverse_no_branch() can sometimes return a result with the flag
set and sometimes not as a result. This can lead to later failures if we
go down code branches that do not support constant time, but check for
the presence of the flag.
The original commit was made due to an issue in BN_MOD_CTX_set(). The
original PR fixed the problem in that function, but it was changed in
review to fix it in BN_copy() instead. The solution seems to be to revert
the BN_copy() change and go back to the originally proposed way.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5080)
Since do_rand_drbg_init() allocates three locks, it needs to ensure
that OPENSSL_init_crypto() is called, otherwise these resources are
not cleaned up properly.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5083)
Richard Levitte [Mon, 15 Jan 2018 09:40:24 +0000 (10:40 +0100)]
Fix intermittent Windows and Cygwin failures in s_server
The same kind of failure that has already been observed on the
s_client can sometimes also be observed on s_server, so we need to add
the same kind of 50ms delay as was previously added on s_client.
Richard Levitte [Sun, 14 Jan 2018 16:15:32 +0000 (17:15 +0100)]
Fix intermittent Cygwin failures in s_client
This was identified for Windows almost two years ago for VC and
msys/mingw. It seems that Cygwin suffers from the same issue, and
since Cygwin doesn't define OPENSSL_SYS_WINDOWS, we need to make a
special case to have a 50ms pause before closing the TLS connection.
Matt Caswell [Fri, 5 Jan 2018 10:12:29 +0000 (10:12 +0000)]
Tolerate DTLS alerts with an incorrect version number
In the case of a protocol version alert being sent by a peer the record
version number may not be what we are expecting. In DTLS records with an
unexpected version number are silently discarded. This probably isn't
appropriate for alerts, so we tolerate a mismatch in the minor version
number.
This resolves an issue reported on openssl-users where an OpenSSL server
chose DTLS1.0 but the client was DTLS1.2 only and sent a protocol_version
alert with a 1.2 record number. This was silently ignored by the server.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5018)
Various small build improvements on mkdef.pl, progs.pl, crypto/init.c, crypto/mem.c
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4994)
Tomas Mraz [Mon, 11 Dec 2017 12:09:13 +0000 (13:09 +0100)]
Avoid only exact duplicates when creating the accepted CA names list
This avoids situations where third party client is unable to recognize
that the client certificate was issued by the same CA with name differring
only by case or insignificant characters.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4731)
Patrick Steuer [Mon, 8 Jan 2018 18:42:32 +0000 (13:42 -0500)]
Document OPENSSL_ENGINES environment variable
In man1/engine.pod and man3/ENGINE_add.pod
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4956)
Patrick Steuer [Mon, 18 Dec 2017 21:47:01 +0000 (22:47 +0100)]
crypto/engine/eng_list.c: compare getenv rv to NULL instead of 0
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4958)
Many of the sub-commands under apps/ accept cipher or digest arguments like
"-sha256". These are implemented using a catchall flag that runs the result
through opt_md() or opt_cipher(). That means any unrecognized flag, including
typos, gets sent to those two functions, producing confusing error messages like
below:
$ ./apps/openssl req -x590
req: Unrecognized digest x590
req: Use -help for summary.
This change switches these two functions to say "Unrecognized flag X" instead.
The new message deliberately leaves off the "-" from the flag name, because
there are some cases where opt_md() and opt_cipher() are passed a flag value
instead (for instance, openssl ca -md). I think the new message is generic
enough that it can serve both cases with improved clarity.
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4972)
EasySec [Sat, 30 Dec 2017 17:48:23 +0000 (18:48 +0100)]
fix compile error 'intrinsic function not declared'
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5000)
Updates the year ranges of all OpenSSL copyright statements in the given
files or directories. (Directories are traversed recursively.)
Only copyright statements containing the string 'The OpenSSL Project' are
affected. The copyright time range is adjusted to include the current year.
If only a single year was specified, it is replaced by a time range starting
at that year and ending at the current year. All '(c)' and '(C)' signs are
preserved.
Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5027)
Richard Levitte [Mon, 8 Jan 2018 11:28:08 +0000 (12:28 +0100)]
Separate general linking flags from extra libraries
So far, we've placed all extra library related flags together, ending
up in the make variable EX_LIBS. This turns out to be problematic, as
for example, some compilers don't quite agree with something like
this:
cc -o foo foo.o -L/whatever -lsomething
They prefer this:
cc -L/whatever -o foo foo.o -lsomething
IBM's compiler on OS/390 is such a compiler that we know of, and we
have previously handled that as a previous case.
The answer here is to make a more general solution, where linking
options are divided in two parts, where one ends up in LDFLAGS and
the other in EX_LIBS (they corresponds to what is called LDFLAGS and
LDLIBS in the GNU world)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5033)
Patrick Steuer [Mon, 2 Oct 2017 13:53:00 +0000 (15:53 +0200)]
s390x assembly pack: add KMA code path for aes-gcm.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4634)
Patrick Steuer [Tue, 24 Oct 2017 11:29:40 +0000 (13:29 +0200)]
crypto/aes/asm/aes-s390x.pl: replace decrypt flag by macro.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4634)
Patrick Steuer [Tue, 14 Feb 2017 01:07:37 +0000 (02:07 +0100)]
s390x assembly pack: add KMA code path for aes-ctr.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4634)
Andy Polyakov [Sun, 31 Dec 2017 12:23:08 +0000 (13:23 +0100)]
ec/curve25519.c: avoid 2^51 radix on SPARC.
SPARC ISA doesn't have provisions to back up 128-bit multiplications
and additions. And so multiplications are done with library calls
and carries with comparisons and conditional moves. As result base
2^51 code is >40% slower...
projects / openssl / log