Commit graph

2929 commits

Author SHA1 Message Date
Matt Caswell
3bb5e5b09e Add the ability to configure anti-replay via SSL_CONF
This also adds the ability to control this through s_server

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6469)
2018-07-02 15:06:12 +01:00
Matt Caswell
20c0bce506 Only dump session data after we have received it
s_client was dumping session data at the end of the handshake. In TLSv1.3
we don't have session data until receipt of a NewSessionTicket message
which happens post-handshake. Therefore we delay dumping the session data
until that message has arrived if TLSv1.3 has been negotiated.

Fixes #6482

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6590)
2018-06-26 10:07:01 +01:00
捷成吴
3445872e22 apps/speed.c: add missing checks for RAND_bytes()
Function RAND_bytes() may return 0 or -1 on error, simply
goto end label when it fails.

Fixes #6567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6582)
2018-06-24 20:26:37 +02:00
Ana María Martínez Gómez
f223e8fd1c Support directories with "." in x509_load_serial()
Use `strrchr` to get a pointer to the last occurrence of `.` in the
path string, instead of the first one with `strchr`.  This prevent the
path to be wrongly split if it contains several `.`, and not only the
one for the extension.

Fixes https://github.com/openssl/openssl/issues/6489.

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6566)
2018-06-24 15:42:28 +02:00
FdaSilvaYY
991f0355fb apps/ca: fix useless get before delete.
Small simplification by skipping effectively redundant step and
not resuming search from point past deletion.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6195)
2018-06-21 15:14:06 +02:00
Richard Levitte
63871d9f81 openssl ca: open the output file as late as possible
Fixes #6544

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6546)
2018-06-21 06:56:23 +02:00
David von Oheimb
49c9c1b3d0 add 'unsupported cipher mode' diagnostics to evp_lib.c and genpkey.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6217)
2018-06-18 10:45:35 +01:00
Matt Caswell
ac52f42aca Fix no-dsa
Broken by 0336df2fa.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6427)
2018-06-07 09:41:50 +01:00
Georg Schmidt
0336df2fa3 Issue warnings for large DSA and RSA keys
Issue a warning when generating DSA or RSA keys of size greater than
OPENSSL_DSA_MAX_MODULUS_BITS resp. OPENSSL_RSA_MAX_MODULUS_BITS.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6380)
2018-06-05 18:08:01 +02:00
Matt Caswell
5f49783c12 Don't call setsockopt with an invalid fd
This is probably a "should not happen" scenario, but better check anyway.
Found by Coverity.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6373)
2018-05-31 10:39:13 +01:00
Matt Caswell
bdd5f12ea6 Fix a memory leak in an error path
Found by Coverity

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6373)
2018-05-31 10:39:13 +01:00
Matt Caswell
28c73b34df Free a variable
Fix a memory leak in storeutl.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6373)
2018-05-31 10:39:13 +01:00
Matt Caswell
fbccfedf9b Free a variable on an error path
Issue found by Coverity.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6373)
2018-05-31 10:39:13 +01:00
Matt Caswell
6712ba9323 Only set TCP_NODELAY if the protocol is TCP
This doesn't apply if we're doing DTLS, or using UNIX domain sockets.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6373)
2018-05-31 10:39:13 +01:00
Richard Levitte
3190d1dca4 apps: when the 'compat' nameopt has been set, leave it be
XN_FLAG_COMPAT has a unique property, its zero for value.  This means
it needs special treatment; if it has been set (which can only be
determined indirectly) and set alone (*), no other flags should be
set.

(*) if any other nameopt flag has been set by the user, compatibility
mode is blown away.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6382)
2018-05-31 11:00:56 +02:00
Andy Polyakov
2fc45cb805 apps/speed.c: address asan failure with small -bytes and large -misalign.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
2018-05-30 18:26:51 +02:00
Andy Polyakov
44ca7565a6 apps/speed.c: add -aead flag.
Goal is to exercise AEAD ciphers in TLS-like sequence, i.e. 13-byte
AAD followed by payload. Update doc/man1/speed.pod accordingly.

[While we are at it, address even some styling and readability issues.]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
2018-05-30 18:26:21 +02:00
Andy Polyakov
ffcca684ec apps/speed.c: clean up SIGARM handling.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
2018-05-30 18:25:36 +02:00
Dmitry Belyavskiy
f3a246c63e Text description of GOST signature algorithms
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6168)
2018-05-30 09:14:04 +01:00
Todd Short
02a7e0a9f6 Replace strdup() with OPENSSL_strdup()
It's freed with OPENSSL_free()

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6331)
2018-05-29 17:08:39 +01:00
Matt Caswell
a0abb6a10f Add a sanity check on the length of pkeyutl inputs
When signing or verifying a file using pkeyutl the input is supposed to
be a hash. Some algorithms sanity check the length of the input, while
others don't and silently truncate. To avoid accidents we check that the
length of the input looks sane.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6284)
2018-05-24 17:26:03 +01:00
Kurt Roeckx
693cf80c6f Enable SSL_MODE_AUTO_RETRY by default
Because TLS 1.3 sends more non-application data records some clients run
into problems because they don't expect SSL_read() to return and set
SSL_ERROR_WANT_READ after processing it.

This can cause problems for clients that use blocking I/O and use
select() to see if data is available. It can be cleared using
SSL_CTX_clear_mode().

Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #6260
2018-05-22 22:45:28 +02:00
Andy Polyakov
6671c775e6 apps/s_socket.c: address rare TLSProxy failures on Windows.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2018-05-21 21:52:42 +02:00
Rich Salz
8e51a340f4 Check malloc failure via app_malloc
Thanks to GitHUb user murugesandins for reporting this.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6322)
2018-05-21 10:28:16 -04:00
Todd Short
dad886806f Fix no-srtp build warnings
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6255)
2018-05-20 10:07:03 +02:00
Matt Caswell
f3021aca4a Allow the ca application to use EdDSA
Using the ca application to sign certificates with EdDSA failed because it
is not possible to set the digest to "null". This adds the capability and
updates the documentation accordingly.

Fixes #6201

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6286)
2018-05-18 10:14:29 +01:00
Matt Caswell
394159da60 Allow configuation of the number of TLSv1.3 session tickets via SSL_CONF
Also allows the apps to set it.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5227)
2018-05-17 16:48:25 +01:00
FdaSilvaYY
1c534560dc apps/speed: Add brainpool curves support
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6133)
2018-05-12 20:19:03 +02:00
FdaSilvaYY
5c6a69f539 apps/speed: fix possible OOB access in some EC arrays
because there are actually 18 curves defined, but only 16 are plugged for
ecdsa test.
Deduce array size using OSSL_NELEM and so remove various magic numbers,
which required some declarations moving.
Implement OPT_PAIR list search without a null-ending element.
Fix some comparison between signed and unsigned integer expressions.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6133)
2018-05-12 20:16:40 +02:00
Matt Caswell
f478c8a7c0 Don't set TCP_NODELAY on a UDP socket
This was preventing DTLS connections from being made from the command line.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6159)
2018-05-11 14:20:57 +01:00
Kurt Roeckx
3cb7c5cfef Use void in all function definitions that do not take any arguments
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #6208
2018-05-11 14:37:48 +02:00
Matt Caswell
6f6da2fe17 Fix s_client and s_server so that they correctly handle the DTLS timer
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6170)
2018-05-08 09:40:17 +01:00
FdaSilvaYY
48bc0d99af apps/speed.c: merge parameters defining EC curves to test ...
... and unify 'bits' declarations and printing format.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6132)
2018-05-02 21:46:08 +02:00
Pavel Kopyl
aebd0e5ca1 Fix memory leaks in CA related functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4700)
2018-05-02 08:35:32 +02:00
Richard Levitte
ff25dd1a47 apps/s_server.c: Avoid unused variable due to 'no-dtls'
Fixes #6098

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6104)
2018-04-27 11:10:19 +02:00
Dr. Matthias St. Pierre
32c6985349 Fix mixed indentation (and other whitespace issues)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6094)
2018-04-26 21:34:46 +02:00
Richard Levitte
e6a833cb97 openssl rehash: exit 0 on warnings, same as c_rehash
Fixes #6083

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6084)
2018-04-25 19:59:36 +02:00
Matt Caswell
bdb59d97a6 Fix documentation for the -showcerts s_client option
This option shows the certificates as sent by the server. It is not the
full verified chain.

Fixes #4933

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6067)
2018-04-25 10:50:54 +01:00
Richard Levitte
4522e130c8 apps/opt.c: Remove the access checks of input and output files
open() will take care of the checks anyway

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6033)
2018-04-25 11:44:26 +02:00
Richard Levitte
c36e909391 Better check of return values from app_isdir and app_access
[extended tests]

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6033)
2018-04-25 11:44:26 +02:00
Richard Levitte
96de2e590b Revert "Check directory is able to create files for various -out option"
This reverts commit 555c94a0db.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6033)
2018-04-25 11:44:26 +02:00
Richard Levitte
b47b665016 Revert "Add VMS version of app_dirname()"
This reverts commit 215a6730f1.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6033)
2018-04-25 11:44:25 +02:00
Richard Levitte
b9a354d088 Revert "Check on VMS as well"
This reverts commit f6d765988f.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6033)
2018-04-25 11:44:25 +02:00
Richard Levitte
25642ad29e Fix openssl ca, to correctly make output file binary when using -spkac
On Unix, this doesn't matter, but on other platforms, it may.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6050)
2018-04-23 11:07:46 +02:00
Richard Levitte
10b37541dc Fix late opening of output file
For 'openssl dhparams', the output file was opened after calculations
were made, which is a waste of cycles and time if the output file
turns out not to be writable.

Fixes #3404

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6051)
2018-04-23 10:51:36 +02:00
Richard Levitte
bd982b48dc Enable all implemented digests
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6025)
2018-04-19 21:03:53 +02:00
A. Schulze
aa3b328541 correct spelling errors detected by Debian lintian
CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5801)
2018-04-19 11:10:17 +02:00
Matt Caswell
c324ecfb2d Fix ocsp app exit code
If we run the ocsp command line app and the responder returns a
non-successful status code then the app should exit with a failure code.

Based on an original patch by Tatsuhiro Tsujikawa.

Fixes #2387

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5998)
2018-04-19 08:39:42 +01:00
Viktor Dukhovni
a4107d73d5 Add missing index_index() when reloading OCSP responder
Also, future-proof index_index() return codes by requiring success
to return a positive value.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2018-04-18 22:29:35 -04:00
Andy Polyakov
b3199e54d6 apps/s_socket.c: fix memory sanitizer problem in ACCEPT printout.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5994)
2018-04-18 20:08:05 +02:00
Andy Polyakov
826e154481 apps/s_socket.c: print only dynamically allocated port in do_server.
For formal backward compatibility print original "ACCEPT" message for
fixed port and "ACCEPT host:port" for dynamically allocated.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5956)
2018-04-17 16:41:01 +02:00
Richard Levitte
362ff3c397 openssl rehash: use libcrypto variables for default dir
X509_get_default_cert_dir_env() returns the default environment
variable to check for certificate directories.
X509_get_default_cert_dir() returns the default configured certificate
directory.

Use these instead of hard coding our own values, and thereby be more
integrated with the rest of OpenSSL.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5937)
2018-04-12 15:34:58 +02:00
Andy Polyakov
f69d050ee3 apps/{s_client.c|s_socket}.c: omit usleep calls.
Even though removed calls were oiriginally added on Windows, problem
they tried to mitigate is not Windows-specific.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5887)
2018-04-08 11:42:35 +02:00
Andy Polyakov
dcf3d83faf apps/s_socket.c: disable the Nagle algorithm.
Without TCP_NODELAY alerts risk to be dropped between shutdown and close.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5887)
2018-04-08 11:42:30 +02:00
Kaoru Toda
69b1500291 Duplicate code refactored
add_attribute_object and add_DN_object have similar code, so move
it into a common function build_data.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4566)
2018-04-06 08:42:31 -04:00
Matt Caswell
e65c959f1f Add a note and better error if using Ed25519/Ed448 in dgst
Fixes #5873

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
2018-04-06 10:10:05 +01:00
Richard Levitte
5540eb7040 openssl s_server: print the accepting address and socket
The line saying ACCEPT is extended with a space followed by the the
address and port combination on which s_server accepts connections.
The address is written in such a way that s_client should be able to
accepts as argument for the '-connect' option.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5843)
2018-04-04 20:24:26 +02:00
Bernd Edlinger
1518c55a79 Change the "offset too large" message to more generic wording
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:17 +02:00
Bernd Edlinger
21db0e1afd Remove an unnecessary cast in the param to BUF_MEM_grow
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:17 +02:00
Bernd Edlinger
16e1eea6a6 Fix range checks with -offset and -length in asn1parse
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:17 +02:00
Bernd Edlinger
18ada952d1 Use strtol instead of atoi in asn1parse
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:17 +02:00
Bernd Edlinger
b998745a45 Improve diagnostics for invalid arguments in asn1parse -strparse
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:16 +02:00
Bernd Edlinger
752837e066 Fix a crash in the asn1parse command
Thanks to Sem Voigtländer for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
2018-04-03 16:02:16 +02:00
Bernd Edlinger
2d1b5717b9 Previously this x509 command line was working, restore that
openssl x509 -in server.pem -signkey privkey.pem -out server.pem

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5746)
2018-03-26 15:11:47 +02:00
Bernd Edlinger
5281435258 Fix dsaparam -genkey with DER outform
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5744)
2018-03-26 15:10:23 +02:00
Bernd Edlinger
4bdc25b07f Fix ecparam -genkey with point compression or DER outform
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5741)
2018-03-25 11:12:46 +02:00
Rich Salz
8390062853 Fix resource files
Add it to apps as well as libraries.
Fix the copyright year generation.
Thanks to user RTT for pointing this out.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5704)
2018-03-22 10:53:22 -04:00
Pauli
aed3df20c1 Don't call strsignal, just print the signal number.
The strsignal call is not supported by some machines, so avoid its use.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5658)
2018-03-22 09:42:44 +10:00
FdaSilvaYY
1fb6b0bf3e Unify s_client/s_server srtp profiles option handling
Add missing guards around STRP-related fields
Remove two unneeded global variables: my 2'cents to #4679
Merge definition and instantiation of srpsrvparm global.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4908)
2018-03-21 16:15:50 -04:00
Bernd Edlinger
0870c8ea93 Cleanup the s_time command.
Various code-cleanups.
Use SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY) insead of handling
SSL_ERROR_WANT_READ everywhere.
Turn off the linger option on connected sockets to avoid failure.
Add BIO_set_conn_mode(conn, BIO_SOCK_NODELAY) to improve thruput.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3952)
2018-03-21 16:23:57 +01:00
Eric Covener
a9dd51a800 aix compat fixes for ocsp.c
WCOREDUMP and vsyslog are not portable

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5657)
2018-03-21 06:35:53 +10:00
Johannes Bauer
f6add6ac2c Make pkeyutl a bit more user-friendly
Give meaningful error messages when the user incorrectly uses pkeyutl.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3987)
2018-03-20 19:08:10 +00:00
Matt Caswell
e46931108a Fix the OCSP responder mode
Broken by commit 3e3c7c36.

Fixes #5681

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5688)
2018-03-20 15:53:05 +00:00
Matt Caswell
b0edda11cb Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5689)
2018-03-20 13:08:46 +00:00
Richard Levitte
8f8be103fd s_client, s_server: do generic SSL configuration first, specialization after
We did the SSL_CONF_cmd() pass last of all things that could affect
the SSL ctx.  However, the results of this, for example:

    -max_protocol TLSv1.3 -tls1_2

... would mean that the protocol min got set to TLSv1.2 and the
protocol max to TLSv1.3, when they should clearly both be TLSv1.2.

However, if we see the SSL_CONF_cmd() switches as generic and those
internal to s_client and s_server as specialisations, we get something
that makes a little more sense.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5679)
2018-03-19 22:40:05 +00:00
Richard Levitte
43110de041 Support "-min_protocol" and "-max_protocol" in s_server and s_client
If for nothing else, they are needed when doing a regression test

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5663)
2018-03-19 18:24:30 +01:00
Matt Caswell
1a54618ba6 Fix no-posix-io compile failure
The fix in conf_include_test.c  seems to be required because some
compilers give an error if you give an empty string for the second
argument to strpbrk(). It doesn't really make sense to send an empty
string for this argument anyway, so make sure it has at least one character
in it.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5666)
2018-03-19 16:37:28 +00:00
Jack Lloyd
3d328a445c Add SM2 signature and ECIES schemes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4793)
2018-03-19 14:33:25 +01:00
Richard Levitte
ca1ed2904e VMS: add alias macros to avoid 31 character symbol name limit warning
Affected symbol names:

generate_stateless_cookie_callback
verify_stateless_cookie_callback

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5633)
2018-03-15 22:27:49 +01:00
Matt Caswell
01985122ae Fix a memory leak in the ca application
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
5af88441f4 Allow multiple entries without a Subject even if unique_subject == yes
It is quite likely for there to be multiple certificates with empty
subjects, which are still distinct because of subjectAltName. Therefore
we allow multiple certificates with an empty Subject even if
unique_subject is set to yes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
2cedf79474 Report a readable error on a duplicate cert in ca app
Commit 87e8feca (16 years ago!) introduced a bug where if we are
attempting to insert a cert with a duplicate subject name, and
duplicate subject names are not allowed (which is the default),
then we get an unhelpful error message back (error number 2). Prior
to that commit we got a helpful error message which displayed details
of the conflicting entry in the database.

That commit was itself attempting to fix a bug with the noemailDN option
where we were setting the subject field in the database too early
(before extensions had made any amendments to it).

This PR moves the check for a conflicting Subject name until after all
changes to the Subject have been made by extensions etc.

This also, co-incidentally fixes the ca crashing bug described in issue
5109.

Fixes #5109

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
c845ff070d Revert "Don't allow an empty Subject when creating a Certificate"
This reverts commit e505f1e868.

Empty Subjects should be permissible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
62e394de91 Revert "Don't crash on a missing Subject in index.txt"
This reverts commit 1e05c6d07f.

Empty subjects should be permissible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
f929439f61 Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key()
Renamed to EVP_PKEY_new_raw_private_key()/EVP_new_raw_public_key() as per
feedback.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5520)
2018-03-15 12:47:27 +00:00
Matt Caswell
e32b52a27e Add support for setting raw private HMAC keys
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5520)
2018-03-15 12:47:27 +00:00
Matt Caswell
e54b3ccdbe Update s_time to be allow configuration of TLSv1.3 ciphersuites
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
Matt Caswell
f865b08143 Split configuration of TLSv1.3 ciphers from older ciphers
With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
Tim Hudson
3b855b1f89 update SRP copyright notice
As per discussion with Peter Sylvester

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5603)
2018-03-13 18:33:44 +10:00
Richard Levitte
d3bc941df4 openssl rehash: no more need to massage the files on VMS
OPENSSL_DIR_read() now returns unique file names on VMS, no generation
number.  We therefore do not need to handle that case in apps/rehash.c
any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5602)
2018-03-12 23:02:18 +01:00
Benjamin Saunders
3fa2812f32 Introduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb
These functions are similar to SSL_CTX_set_cookie_{generate,verify}_cb,
but used for the application-controlled portion of TLS1.3 stateless
handshake cookies rather than entire DTLSv1 cookies.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5463)
2018-03-12 19:34:13 +00:00
Richard Levitte
b971b05ec6 Restore the display of options with 'openssl version -a'
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5572)
2018-03-09 14:28:51 +01:00
Steven Noonan
0244234d5d speed: add ecdhx448 to ecdh choices
CLA: trivial
Signed-off-by: Steven Noonan <steven@uplinklabs.net>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5551)
2018-03-09 07:15:20 -05:00
Matt Caswell
e73c6eaeff Tolerate TLSv1.3 PSKs that are a different size to the hash size
We also default to SHA256 as per the spec if we do not have an explicit
digest defined.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5554)
2018-03-09 11:22:23 +00:00
Viktor Dukhovni
a7fb4fa170 Make OCSP "multi" compatible with "no-sock" builds.
Reviewed-by: Matt Caswell <matt@openssl.org>
2018-03-08 17:14:52 -05:00
Richard Levitte
abe256e795 Make "make variables" config attributes for overridable flags
With the support of "make variables" comes the possibility for the
user to override them.  However, we need to make a difference between
defaults that we use (and that should be overridable by the user) and
flags that are crucial for building OpenSSL (should not be
overridable).

Typically, overridable flags are those setting optimization levels,
warnings levels, that kind of thing, while non-overridable flags are,
for example, macros that indicate aspects of how the config target
should be treated, such as L_ENDIAN and B_ENDIAN.

We do that differentiation by allowing upper case attributes in the
config targets, named exactly like the "make variables" we support,
and reserving the lower case attributes for non-overridable project
flags.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5534)
2018-03-08 17:24:02 +01:00
FdaSilvaYY
d420729b9e Duplicate entries ssl_handshake_tbl trace entries...
... and add some missing known values.
Sort ssl/tls extension array list

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5304)
2018-03-08 10:32:34 -05:00
Viktor Dukhovni
3e3c7c3646 Implement multi-process OCSP responder.
With "-multi" the OCSP responder forks multiple child processes,
and respawns them as needed.  This can be used as a long-running
service, not just a demo program.  Therefore the index file is
automatically re-read when changed.  The responder also now optionally
times out client requests.

Reviewed-by: Matt Caswell <matt@openssl.org>
2018-03-07 11:03:43 -05:00
Viktor Dukhovni
c7d5ea2670 Prepare to detect index changes in OCSP responder.
Retain open file handle and previous stat data for the CA index
file, enabling detection and index reload (upcoming commit).

Check requirements before entering accept loop.

Reviewed-by: Matt Caswell <matt@openssl.org>
2018-03-07 11:03:01 -05:00
Tomas Mraz
b524b808a1 Add support for .include directive in config files
Either files or directories of *.cnf or *.conf files
can be included.
Recursive inclusion of directories is not supported.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5351)
2018-03-05 13:32:40 +00:00