Adapted from BoringSSL. Added a test.
The extension parsing code is already attempting to already handle this for
some individual extensions, but it is doing so inconsistently. Duplicate
efforts in individual extension parsing will be cleaned up in a follow-up.
Reviewed-by: Stephen Henson <steve@openssl.org>
All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was. Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.
Reviewed-by: Rich Salz <rsalz@openssl.org>
When OPENSSL_NO_ASYNC is set, make ASYNC_{un,}block_pause() do nothing.
This prevents md_rand.c from failing to build. Probably better to do it
this way than to wrap every instance in an explicit #ifdef.
A bunch of new socket code got added to a new file crypto/bio/b_addr.c.
Make it all go away if OPENSSL_NO_SOCK is defined.
Allow configuration with no-ripemd, no-ts, no-ui
We use these for the UEFI build.
Also remove the 'Really???' comment from no-err and no-locking. We use
those too.
We need to drop the crypto/engine directory from the build too, and also
set OPENSSL_NO_ENGINE
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Commit e634b448c ("Defines OSSL_SSIZE_MAX") introduced a definition of
OSSL_SSIZE_MAX which broke the UEFI build. Fix that by making UEFI take
the same definition as Ultrix (ssize_t == int).
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
- Make use of the functions given through CRYPTO_set_mem_functions().
- CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_secure_free() now receive
__FILE__ and __LINE__.
- The API for CRYPTO_set_mem_functions() and CRYPTO_get_mem_functions()
is slightly changed, the implementation for free() now takes a couple
of extra arguments, taking __FILE__ and __LINE__.
- The CRYPTO_ memory functions will *always* receive __FILE__ and __LINE__
from the corresponding OPENSSL_ macros, regardless of if crypto-mdebug
has been enabled or not. The reason is that if someone swaps out the
malloc(), realloc() and free() implementations, we can't know if they
will use them or not.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Removes SSIZE_MAX definition from bss_bio.c and changes that file to use
OSSL_SSIZE_MAX.
No need to account for OPENSSL_SYS_VXWORKS, since that never actually
gets defined anywhere. It must be a historical artifact.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
To enable heartbeats for DTLS, configure with enable-heartbeats.
Heartbeats for TLS have been completely removed.
This addresses RT 3647
Reviewed-by: Richard Levitte <levitte@openssl.org>
If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.
Reviewed-by: Rich Salz <rsalz@openssl.org>
The new init functions can fail if the library has already been stopped. We
should be able to indicate failure with a 0 return value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This was a developer debugging feature and was never a useful public
interface.
Added all missing X509 error codes to the verify(1) manpage, but
many still need a description beyond the associated text string.
Sorted the errors in x509_txt.c by error number.
Reviewed-by: Stephen Henson <steve@openssl.org>
The old building scripts get removed, they are hopelessly gone in bit
rot by now.
Also remove the old symbol hacks. They were needed needed to shorten
some names to 31 characters, and to resolve other symbol clashes.
Because we now compile with /NAMES=(AS_IS,SHORTENED), this is no
longer required.
Reviewed-by: Rich Salz <rsalz@openssl.org>
As part of this, change util/mkdef.pl to stop adding libraries to
depend on in its output. mkdef.pl should ONLY output a symbol
vector.
Because symbol names can't be longer than 31 characters, we use the
compiler to shorten those that are longer down to 23 characters plus
an 8 character CRC. To make sure users of our header files will pick
up on that automatically, add the DEC C supported extra headers files
__decc_include_prologue.h and __decc_include_epilogue.h.
Furthermore, we add a config.com, so VMS people can configure just as
comfortably as any Unix folks, thusly:
@config
Reviewed-by: Rich Salz <rsalz@openssl.org>
The logic to figure out the combinations of --prefix and --openssldir
has stayed in Configure so far, with Unix paths as defaults.
However, since we're making Configure increasingly platform agnostic,
these defaults need to change and adapt to the platform, along with
the logic to combine them.
The easiest to provide for this is to move the logic and the defaults
away from Configure and into the build files.
This also means that the definition of the macros ENGINESDIR and
OPENSSLDIR move away from include/openssl/opensslconf.h and into the
build files.
Makefile.in is adapted accordingly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit provides the basis and core code for an auto initialisation
and deinitialisation framework for libcrypto and libssl. The intention is
to remove the need (in many circumstances) to call explicit initialise and
deinitialise functions. Explicit initialisation will still be an option,
and if non-default initialisation is needed then it will be required.
Similarly for de-initialisation (although this will be a lot easier since
it will bring all de-initialisation into a single function).
Reviewed-by: Richard Levitte <levitte@openssl.org>
As documented both SSL_get0_dane_authority() and SSL_get0_dane_tlsa()
are expected to return a negative match depth and nothing else when
verification fails. However, this only happened when verification
failed during chain construction. Errors in verification of the
constructed chain did not have the intended effect on these functions.
This commit updates the functions to check for verify_result ==
X509_V_OK, and no longer erases any accumulated match information
when chain construction fails. Sophisticated developers can, with
care, use SSL_set_verify_result(ssl, X509_V_OK) to "peek" at TLSA
info even when verification fail. They must of course first check
and save the real error, and restore the original error as quickly
as possible. Hiding by default seems to be the safer interface.
Introduced X509_V_ERR_DANE_NO_MATCH code to signal failure to find
matching TLSA records. Previously reported via X509_V_ERR_CERT_UNTRUSTED.
This also changes the "-brief" output from s_client to include
verification results and TLSA match information.
Mentioned session resumption in code example in SSL_CTX_dane_enable(3).
Also mentioned that depths returned are relative to the verified chain
which is now available via SSL_get0_verified_chain(3).
Added a few more test-cases to danetest, that exercise the new
code.
Resolved thread safety issue in use of static buffer in
X509_verify_cert_error_string().
Fixed long-stating issue in apps/s_cb.c which always sets verify_error
to either X509_V_OK or "chain to long", code elsewhere (e.g.
s_time.c), seems to expect the actual error. [ The new chain
construction code is expected to correctly generate "chain
too long" errors, so at some point we need to drop the
work-arounds, once SSL_set_verify_depth() is also fixed to
propagate the depth to X509_STORE_CTX reliably. ]
Reviewed-by: Rich Salz <rsalz@openssl.org>
Previous commit 7bb196a71 attempted to "fix" a problem with the way
SSL_shutdown() behaved whilst in mid-handshake. The original behaviour had
SSL_shutdown() return immediately having taken no action if called mid-
handshake with a return value of 1 (meaning everything was shutdown
successfully). In fact the shutdown has not been successful.
Commit 7bb196a71 changed that to send a close_notify anyway and then
return. This seems to be causing some problems for some applications so
perhaps a better (much simpler) approach is revert to the previous
behaviour (no attempt at a shutdown), but return -1 (meaning the shutdown
was not successful).
This also fixes a bug where SSL_shutdown always returns 0 when shutdown
*very* early in the handshake (i.e. we are still using SSLv23_method).
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Adds a new function BIO_ADDR_clear to reset a BIO_ADDR back to an
unitialised state, and to set the family to AF_UNSPEC.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
