Commit graph

11580 commits

Author SHA1 Message Date
Rich Salz
dd13aadf9e RT1832: Fix PKCS7_verify return value
The function returns 0 or 1, only.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b0e659cfac)
2014-09-08 10:39:12 -04:00
Alon Bar-Lev
2a49fef28e RT1771: Add string.h include.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 8842987e5a)
2014-09-08 10:38:08 -04:00
Viktor Dkhovni
c56be26d9f RT1325,2973: Add more extensions to c_rehash
Regexp was bracketed wrong.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 5a8addc432)
2014-09-07 18:25:59 -04:00
Dr. Stephen Henson
2102c53caa Add CHANGES entry for SCT viewer code.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit b2774f6e17)
2014-09-05 13:45:45 +01:00
Adam Langley
e12e875759 psk_client_callback, 128-byte id bug.
Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.

OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.

This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.

(Original patch amended to achieve strnlen in a different way.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit be0d851732)
2014-09-05 12:22:33 +02:00
Adam Langley
0600a5cd49 Ensure that x**0 mod 1 = 0.
(cherry picked from commit 2b0180c37f)

Reviewed-by: Ben Laurie <ben@openssl.org>
2014-09-04 16:05:57 +02:00
Richard Levitte
a91b73fd29 Followup on RT3334 fix: make sure that a directory that's the empty
string returns 0 with errno = ENOENT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 360928b7d0)
2014-09-03 22:23:34 +02:00
Phil Mesnier
02c38e37a6 RT3334: Fix crypto/LPdir_win.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 6a14fe7576)
2014-09-03 22:23:34 +02:00
Clang via Jeffrey Walton
fa2ae04c40 RT3140: Possibly-unit variable in pem_lib.c
Can't really happen, but the flow of control isn't obvious.
Add an initializer.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 0ff3687eab)
2014-09-02 23:38:15 -04:00
Emilia Kasper
27739e9265 Make the inline const-time functions static.
"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit 86f50b36e6)
2014-09-02 15:24:54 +02:00
Adam Williamson
157c345175 RT3511: doc fix; req default serial is random
RT842, closed back in 2004, changed the default serial number
to be a random number rather than zero.  Finally time to update
the doc

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 3aba132d61)
2014-08-31 23:41:51 -04:00
Richard Levitte
770b98d02e Add t1_ext and ssl_utst to the VMS build as well.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-08-31 18:22:02 +02:00
TANABE Hiroyasu
8475416fe7 RT1325,2973: Add more extensions to c_rehash
Add .crt/.cer/.crl to the filenames parsed.

I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 80ec8d4e3e)
2014-08-31 00:37:54 -04:00
Andy Polyakov
30b7d5e1d8 md5-x86_64.pl: work around warning.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4d86e8df6b)
2014-08-30 19:18:12 +02:00
Andy Polyakov
9dd6240201 x86[_64] assembly pack: add Silvermont performance data.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b59f92e75d)
2014-08-30 19:14:49 +02:00
Rich Salz
63eacabb61 RT2820: case-insensitive filenames on Darwin
Andy pointed out there is also darwin64, so tweak the pattern.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 457f7b14ec)
2014-08-30 10:20:28 -04:00
Rich Salz
0996ccc077 Add tags/TAGS
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 9d6253cfd3)
2014-08-30 10:09:01 -04:00
Rich Salz
6aa9dbab0f RT2119,3407: Updated to dgst.pod
Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-08-30 10:05:19 -04:00
James Westby
c1071ab4f1 RT1941: c_rehash.pod is missing
Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit cf2239b3b3)
2014-08-30 09:51:36 -04:00
Rich Salz
5decce4db0 RT2379: Bug in BIO_set_accept_port.pod
The doc says that port can be "*" to mean any port.
That's wrong.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 07e3b31fae)
2014-08-29 16:46:16 -04:00
Jim Reid
12dabfc560 RT2880: HFS is case-insensitive filenames
Add Darwin to list of case-insensitive filenames when
installing manapges.  When doing this, I noticed that
we weren't setting "filecase" for the HTML doc install.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 82d9185ae5)
2014-08-29 16:39:38 -04:00
Dr. Stephen Henson
39d64e9351 update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-28 18:24:14 +01:00
Dr. Stephen Henson
f9784baf0e Fix comments, add new test.
Fix comments in ssltest.c: return value of 0 now means extension is
omitted and add_cb is not called for servers if the corresponding
extension is absent in ClientHello.

Test add_cb is not called if extension is not received.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit f47e203975)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
8fb57b29d6 Custom extension documentation.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit f3f56c2a87)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
cf8d6c1000 Rename some callbacks, fix alignment.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 0cfefe4b6d)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
4164d631bb Use consistent function naming.
Instead of SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_srv_ext
use SSL_CTX_add_client_custom_ext and SSL_CTX_add_server_custom_ext.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 8cafe9e8bf)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
46a1b9ef4f New function SSL_extension_supported().
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit c846a5f567)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
6db2239c60 New extension callback features.
Support separate parse and add callback arguments.
Add new callback so an application can free extension data.
Change return value for send functions so < 0 is an error 0
omits extension and > 0 includes it. This is more consistent
with the behaviour of other functions in OpenSSL.

Modify parse_cb handling so <= 0 is an error.

Make SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_cli_ext argument
order consistent.

NOTE: these changes WILL break existing code.

Remove (now inaccurate) in line documentation.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 33f653adf3)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
423ceb8319 Callback revision.
Use "parse" and "add" for function and callback names instead of
"first" and "second".

Change arguments to callback so the extension type is unsigned int
and the buffer length is size_t. Note: this *will* break existing code.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit de2a9e38f3)
2014-08-28 18:10:21 +01:00
Dr. Stephen Henson
cd2e17020e Remove serverinfo checks.
Since sanity checks are performed for all custom extensions the
serverinfo checks are no longer needed.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 707b026d78)

Conflicts:

	ssl/ssl3.h
	ssl/t1_lib.c
2014-08-28 18:09:59 +01:00
Dr. Stephen Henson
9346c75cb8 Add custom extension sanity checks.
Reject attempts to use extensions handled internally.

Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 28ea0a0c6a)
2014-08-28 18:09:39 +01:00
Dr. Stephen Henson
0a4fe37fc6 Custom extension revision.
Use the same structure for client and server custom extensions.

Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit ecf4d66090)

Conflicts:

	ssl/ssl_lib.c
	ssl/ssl_locl.h
	ssl/t1_lib.c
2014-08-28 18:09:05 +01:00
Dr. Stephen Henson
da67a0ae34 Revision of custom extension code.
Move custom extension structures from SSL_CTX to CERT structure.

This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit b83294fe30)

Conflicts:

	ssl/ssl.h
	ssl/ssl_cert.c
	ssl/ssl_locl.h
2014-08-28 17:06:50 +01:00
Emilia Kasper
9a9b0c0401 Constant-time utilities
Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
(cherry picked from commit 5a3d21c058)

Conflicts:
	ssl/s3_cbc.c
	test/Makefile
2014-08-28 16:26:01 +02:00
Raphael Spreitzer
b85d461cdf RT2400: ASN1_STRING_to_UTF8 missing initializer
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit f9fb43e176)
2014-08-27 22:59:40 -04:00
Rich Salz
089f10e69e RT2308: Add extern "C" { ... } wrapper
Add the wrapper to all public header files (Configure
generates one).  Don't bother for those that are just
lists of #define's that do renaming.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Cherry-pick of commit 17e80c6bd0
2014-08-27 21:45:09 -04:00
Emilia Kasper
7f7c05ca63 Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
2014-08-27 19:50:15 +02:00
Matt Caswell
2083f7c465 RT3065: automatically generate a missing EC public key
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28)
2014-08-27 19:50:15 +02:00
Adam Langley
1f2b943254 RT3065: ec_private_key_dont_crash
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit b391570bdeb386d4fd325917c248d593d3c43930)
2014-08-27 19:50:15 +02:00
Mihai Militaru
dc5c3d7370 RT2210: Add missing EVP_cleanup to example
I also removed some trailing whitespace and cleaned
up the "see also" list.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 7b3e11c544)
2014-08-27 13:25:36 -04:00
John Fitzgibbon
383f0e349f RT2724: Remove extra declaration
Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h
causes -Werror builds to fail.

Cherry-picked from 3609b02305

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-26 16:55:54 -04:00
David Gatwood
0a64a864b4 RT1744: SSL_CTX_set_dump_dh() doc feedback
The description of when the server creates a DH key is
confusing.  This cleans it up.
(rsalz: also removed trailing whitespace.)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2014-08-26 13:38:27 -04:00
Jan Schaumann
dec128313b RT1804: fix EXAMPLE in EVP_EncryptInit.pod
The EXAMPLE that used FILE and RC2 doesn't compile due to a
few minor errors.  Tweak to use IDEA and AES-128. Remove
examples about RC2 and RC5.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-25 10:26:17 -04:00
Matt Caswell
1d4f214eaf Typo fixes to evp documentation.
This patch was submitted by user "Kox" via the wiki

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 2dd8cb3b95)
2014-08-24 21:26:02 +01:00
Adam Langley
3aac17a82f RT3060: Limit the number of empty records.
Limit the number of empty records that will be processed consecutively
in order to prevent ssl3_get_record from never returning.

Reported by "oftc_must_be_destroyed" and George Kadianakis.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
2014-08-22 15:36:06 +02:00
Adam Langley
e19c93811f RT3061: Don't SEGFAULT when trying to export a public DSA key as a private key.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-22 15:21:12 +02:00
Emilia Kasper
108e907645 Improve EVP_PKEY_sign documentation
Clarify the intended use of EVP_PKEY_sign. Make the code example compile.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit d64c533a20)
2014-08-22 15:05:55 +02:00
Emilia Kasper
8958be3946 define inline for Visual Studio
In Visual Studio, inline is available in C++ only, however __inline is available for C, see
http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit f511b25a73)
2014-08-21 16:07:44 +02:00
Emilia Kasper
ebf221ee25 Fix build when BSAES_ASM is defined but VPAES_ASM is not
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit da92be4d68)
2014-08-21 15:48:10 +02:00
Andy Polyakov
ef90877721 bn/asm/rsaz-*.pl: allow spaces in Perl path name.
RT: 2835

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 15735e4f0e)
2014-08-21 00:19:24 +02:00