Commit graph

17393 commits

Author SHA1 Message Date
Dr. Stephen Henson
31a7d80d0d Send alert for bad DH CKE
RT#4511

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-22 15:55:38 +01:00
Dr. Stephen Henson
0ed26acce3 Fix OOB read in TS_OBJ_print_bio().
TS_OBJ_print_bio() misuses OBJ_txt2obj: it should print the result
as a null terminated buffer. The length value returned is the total
length the complete text reprsentation would need not the amount of
data written.

CVE-2016-2180

Thanks to Shi Lei for reporting this bug.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-22 15:15:17 +01:00
Emilia Kasper
d0c4415de5 SSL tests: compress generated output a little
Don't emit duplicate server/client sections when they are
identical. Instead, just point to the same section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 15:54:26 +02:00
Emilia Kasper
d972af2b5e Make boolean SSL test conf values case-insensitive
Undo review mistake: I changed the wrong strcmp in a previous pull
request. Add test.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 15:54:12 +02:00
Dr. Stephen Henson
bd19d1aa04 Clarify digest change in HMAC_Init_ex()
RT#4603

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 14:02:38 +01:00
Dr. Stephen Henson
3770b877ea Add mask for newly created symlink.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
ee8f785873 Check suffixes properly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
f22ff0eb16 use correct name for duplicate
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 12:07:13 +01:00
Richard Levitte
912c258fc9 Have load_buildtin_compression in ssl/ssl_ciph.c return RUN_ONCE result
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 11:56:45 +02:00
Richard Levitte
82c78ee480 VMS: Rearrange installation targets for shared libraries
The way it was implemented before this change, the shared libraries
were installed twice.  On a file system that supports file
generations, that's a waste.  Slightly rearranging the install targets
solves the problem.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 09:25:26 +02:00
Emilia Kasper
11279b13f5 Test client-side resumption
Add tests for resuming with a different client version.

This happens in reality when clients persist sessions on disk through
upgrades.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-21 15:44:36 +02:00
Kurt Roeckx
2980ae2e78 Add all publicly avaiable asn1 types to the asn1 fuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1331
2016-07-20 19:25:16 +02:00
Kurt Roeckx
1618679ac4 Cast to an unsigned type before negating
llvm's ubsan reported:
runtime error: negation of -9223372036854775808 cannot be represented in type
'long'; cast to an unsigned type to negate this value to itself

Found using afl

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1325
2016-07-20 19:25:16 +02:00
Kurt Roeckx
69588edbaa Check for errors allocating the error strings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
2016-07-20 19:20:53 +02:00
Dr. Stephen Henson
8cc44d970c Don't allocate r/s in DSA_SIG and ECDSA_SIG
To avoid having to immediately free up r/s when setting them
don't allocate them automatically in DSA_SIG_new() and ECDSA_SIG_new().

RT#4590

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-20 14:02:54 +01:00
Richard Levitte
36b53720eb Install shared libraries in runtime install
On non-Windows platforms, shared libraries are both development and
runtime files.  We only installed them as development files, this
makes sure they get installed as runtime files as well.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-20 14:16:11 +02:00
Richard Levitte
1bcb2b3130 VMS: fix typo, shared libraries have the extension .EXE, not .OLB
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-20 14:16:11 +02:00
Matt Caswell
2e7dc7cd68 Never expose ssl->bbio in the public API.
This is adapted from BoringSSL commit 2f87112b963.

This fixes a number of bugs where the existence of bbio was leaked in the
public API and broke things.

- SSL_get_wbio returned the bbio during the handshake. It must always return
  the BIO the consumer configured. In doing so, some internal accesses of
  SSL_get_wbio should be switched to ssl->wbio since those want to see bbio.

- The logic in SSL_set_rfd, etc. (which I doubt is quite right since
  SSL_set_bio's lifetime is unclear) would get confused once wbio got
  wrapped. Those want to compare to SSL_get_wbio.

- If SSL_set_bio was called mid-handshake, bbio would get disconnected and
  lose state. It forgets to reattach the bbio afterwards. Unfortunately,
  Conscrypt does this a lot. It just never ended up calling it at a point
  where the bbio would cause problems.

- Make more explicit the invariant that any bbio's which exist are always
  attached. Simplify a few things as part of that.

RT#4572

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-20 13:08:08 +01:00
Emilia Kasper
590ed3d7ea SSL test framework: port resumption tests
Systematically test every server-side version downgrade or upgrade.

Client version upgrade or downgrade could be tested analogously but will
be done in a later change.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-20 13:55:53 +02:00
Dr. Stephen Henson
23dd0c9f8d fix crypto-mdebug build
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-20 12:41:31 +01:00
FdaSilvaYY
2f8e53d794 Fix if/for/while( in docs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
2016-07-20 07:21:53 -04:00
FdaSilvaYY
e8aa8b6c8f Fix a few if(, for(, while( inside code.
Fix some indentation at the same time

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
2016-07-20 07:21:53 -04:00
Hannes Magnusson
c106eaa8ed Remove reduntant X509_STORE_CTX_set_verify_cb declaration
f0e0fd51fd added X509_STORE_CTX_set_verify_cb
with a typedef'd argument, making the original one redundant.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-20 11:42:35 +01:00
FdaSilvaYY
7606c231c9 Simplify buffer limit checking, and reuse BIO_snprintf returned value.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
edbff8da9b Code factorisation and simplification
Fix some code indentation

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
f6c460e8f6 Fix double calls to strlen
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
cdd202f254 Simplify code related to tmp_email_dn.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
FdaSilvaYY
1c72f70df4 Use more X509_REQ_get0_pubkey & X509_get0_pubkey
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
Todd Short
415e7c488e OCSP_request_add0_id() inconsistent error return
There are two failure cases for OCSP_request_add_id():
1. OCSP_ONEREQ_new() failure, where |cid| is not freed
2. sk_OCSP_ONEREQ_push() failure, where |cid| is freed

This changes makes the error behavior consistent, such that |cid| is
not freed when sk_OCSP_ONEREQ_push() fails. OpenSSL only takes
ownership of |cid| when the function succeeds.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1289)
2016-07-20 01:24:57 -04:00
Dr. Stephen Henson
52eede5a97 Sanity check in ssl_get_algorithm2().
RT#4600

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-20 00:09:46 +01:00
Dr. Stephen Henson
fb9339827b Send alert on CKE error.
RT#4610

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-20 00:03:43 +01:00
Coty Sutherland
2a5f907edf Resolve over command syntax error which causes 'make install' to fail
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1312)
2016-07-19 18:15:17 -04:00
Richard Levitte
0a5228543c Document the slight change in CRYPTO_mem_ctrl()
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 23:49:54 +02:00
Richard Levitte
c1c26660df Document the slight change in ERR_get_next_error_library()
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 23:49:54 +02:00
Richard Levitte
963f043d04 make update
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 23:49:54 +02:00
Richard Levitte
c2e4e5d248 Change all our uses of CRYPTO_THREAD_run_once to use RUN_ONCE instead
That way, we have a way to check if the init function was successful
or not.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 23:49:54 +02:00
Richard Levitte
925d17f3ee Define a few internal macros for easy use of run_once functions
Because pthread_once() takes a function taking no argument and
returning nothing, and we want to be able to check if they're
successful, we define a few internal macros to get around the issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 23:49:54 +02:00
Rich Salz
aebb9aac48 RT4593: Add space after comma (doc nits)
Update find-doc-nits to find errors in SYNOPSIS (the most common
place where they were missing).

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-19 09:29:53 -04:00
Richard Levitte
d6accd5040 Fix forgotten goto
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 15:26:40 +02:00
Matt Caswell
df0aa7770e Fix building with no-cms
The new fuzzing code broke no-cms

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 14:01:33 +01:00
Richard Levitte
642a166ce1 Convert the last uses of sockaddr in apps/* to use BIO_ADDR instead
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-19 14:32:39 +02:00
Emilia Kasper
70c22888c1 Fix two bugs in clienthello processing
- Always process ALPN (previously there was an early return in the
  certificate status handling)
- Don't send a duplicate alert. Previously, both
  ssl_check_clienthello_tlsext_late and its caller would send an
  alert. Consolidate alert sending code in the caller.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 14:18:03 +02:00
Emilia Kasper
ce2cdac278 SSL test framework: port NPN and ALPN tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 14:17:48 +02:00
mrpre
02f730b347 Cleanup after sk_push fail
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1281)
2016-07-19 07:27:47 -04:00
Matt Caswell
4fa88861ee Update error codes following tls_process_key_exchange() refactor
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00
Matt Caswell
e1e588acae Tidy up tls_process_key_exchange()
After the refactor of tls_process_key_exchange(), this commit tidies up
some loose ends.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00
Matt Caswell
ff74aeb1fa Split out ECDHE from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the ECDHE aspects.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00
Matt Caswell
e01a610db8 Split out DHE from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the DHE aspects.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00
Matt Caswell
25c6c10cd7 Split out SRP from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the SRP aspects.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00
Matt Caswell
7dc1c64774 Split out the PSK preamble from tls_process_key_exchange()
The tls_process_key_exchange() function is too long. This commit starts
the process of splitting it up by moving the PSK preamble code to a
separate function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:18:46 +01:00