Commit graph

16400 commits

Author SHA1 Message Date
Matt Caswell
0263b99288 Add documentation for following DH and DH_METHOD opacity
A number of new functions have been added following the DH and DH_METHOD
opacity commits. This commit provides documentation for those functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
998f2cb8c4 Fix double free bug in error path
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
cf430d0593 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
17e01abbb0 Make DH_METHOD opaque
Move the dh_method structure into an internal header file and provide
relevant accessors for the internal fields.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
32bf92f9c8 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
0aeddcfa61 Make DH opaque
Move the dh_st structure into an internal header file and provide
relevant accessors for the internal fields.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Rich Salz
b9aec69ace Add SSL_DANE typedef for consistency.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-04-08 09:30:23 -04:00
Rich Salz
506e28b3e3 Add OCSP to mkdef
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-08 08:02:41 -04:00
Andy Polyakov
20b88bb160 PPC assembly pack: remove branch hints.
As it turns out branch hints grew as kind of a misconception. In
addition their interpretation by GNU assembler is affected by
assembler flags and can end up with opposite meaning on different
processors. As we have to loose quite a lot on misinterprerations,
especially on newer processors, we just omit them altogether.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-07 21:27:24 +02:00
Andy Polyakov
463a7b8cb0 Clean-up *_DEBUG options.
Since NDEBUG is defined unconditionally on command line for release
builds, we can omit *_DEBUG options in favour of effective "all-on"
in debug builds exercised though CI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 21:18:00 +02:00
Andy Polyakov
c32cbe9787 Configurations/10-main.conf: omit now redundant -D_WINDLL.
... and refine /MT vs. /MD flag handling.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 21:13:02 +02:00
Andy Polyakov
d237d69914 windows-makefile.tmpl: clean up after DLL link failure.
Without proper cleanup after DLL link failure second attempt to
run nmake would actually proceed and failure will be "shifted" to
run time. This is because libcrypto.lib import library is generated
even if DLL link fails.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 21:12:10 +02:00
Andy Polyakov
02b91dcf1c test/[dane|evp_]test.c: BIO-fy file I/O.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 21:09:22 +02:00
Andy Polyakov
800b299b0a bio/bss_file.c: since VS2015 one can't tell apart own and "alien" FILE
pointers, except for minimal std[in|out|err].

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 21:08:08 +02:00
Viktor Dukhovni
a4ccf06808 make update
Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
Viktor Dukhovni
43341433a8 Suppress CT callback as appropriate
Suppress CT callbacks with aNULL or PSK ciphersuites that involve
no certificates.  Ditto when the certificate chain is validated via
DANE-TA(2) or DANE-EE(3) TLSA records.  Also skip SCT processing
when the chain is fails verification.

Move and consolidate CT callbacks from libcrypto to libssl.  We
also simplify the interface to SSL_{,CTX_}_enable_ct() which can
specify either a permissive mode that just collects information or
a strict mode that requires at least one valid SCT or else asks to
abort the connection.

Simplified SCT processing and options in s_client(1) which now has
just a simple pair of "-noct" vs. "-ct" options, the latter enables
the permissive callback so that we can complete the handshake and
report all relevant information.  When printing SCTs, print the
validation status if set and not valid.

Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
Viktor Dukhovni
c636c1c470 Fix client verify mode to check SSL_VERIFY_PEER
The original check for != SSL_VERIFY_NONE can give surprising results
when flags SSL_VERIFY_PEER is not set, but other flags are.  Note
that SSL_VERIFY_NONE (0) is not a flag bit, it is rather the absense
of all other flag bits.

Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
David Benjamin
6afef8b1fb Fix memory leak on invalid CertificateRequest.
Free up parsed X509_NAME structure if the CertificateRequest message
contains excess data.

The security impact is considered insignificant. This is a client side
only leak and a large number of connections to malicious servers would
be needed to have a significant impact.

This was found by libFuzzer.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-07 19:22:20 +01:00
Richard Levitte
d1094383df OpenSSL::Test: when moving directory, affect env as well
The environment variables TOP, SRCTOP, BLDTOP, ...  are used to affect
the testing framework.  However, subprocesses may want to use them as
well, and therefore need their values corrected when we move to a
different directory.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:52:01 +02:00
Emilia Kasper
1d352bb192 Allow generate_ssl_tests.pl to find testlib
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 14:48:50 +02:00
Emilia Kasper
53ff6ac159 Remove redundant symlink
We used to symlink generate_ssl_tests.pl to the build directory.
Now that the build scripts look for sources in both directories, this
is no longer necessary (see commit
fbd361eaf8).

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 14:17:24 +02:00
Richard Levitte
2d5a82570a Better use BIO_snprintf() than snprintf(), in case the later isn't available
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-07 13:35:24 +02:00
Richard Levitte
e9c2b10014 Fix forgotten adaptation to opaque RSA and RSA_METHOD
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-07 02:17:35 +02:00
Dr. Stephen Henson
26f2412d9b always use field names
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 18:57:48 +01:00
Richard Levitte
f246f90e6a Perl: foreach (@list) { code } is better
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-06 17:30:01 +02:00
Richard Levitte
ef65305307 Add apps/tsget and test/ssltest_old to .gitignore
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 16:33:10 +02:00
Richard Levitte
c014a7cb82 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:21 +02:00
Richard Levitte
36297463a5 Update CHANGES with the new about RSA and RSA_METHOD
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:21 +02:00
Richard Levitte
cd35e6c06d Document RSA_METHOD creators/destructor/accessors/writers
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:20 +02:00
Richard Levitte
b72c912137 Make the RSA_METHOD structure opaque
Move rsa_meth_st away from public headers.
Add RSA_METHOD creator/destructor functions.
Add RSA_METHOD accessor/writer functions.
Adapt all other source to use the creator, destructor, accessors and writers.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:20 +02:00
Richard Levitte
b879882a4b Document RSA accessors/writers
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:20 +02:00
Richard Levitte
9862e9aa98 Make the RSA structure opaque
Move rsa_st away from public headers.
Add accessor/writer functions for the public RSA data.
Adapt all other source to use the accessors and writers.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:17 +02:00
Matt Caswell
3e41ac3528 Fix no-ocsp
Misc fixes for no-ocsp

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 14:57:45 +01:00
Matt Caswell
7626fbf2ef Remove some OPENSSL_NO_ASYNC guards in init
When config'd with "no-async" the ASYNC_NULL implementation is used, so
async symbols still exist. We should still init the NULL implementation so
that when we get the async ctx it is NULL rather than undefined.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 14:51:42 +01:00
Richard Levitte
2110febb11 Perl cleanup: don't create lists unnecessarily
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 15:21:27 +02:00
Richard Levitte
1c9f511793 VMS: Fix special case for [.test]ssltest_old.c
[.test]ssltest.c was renamed to [.test]ssltest_old.c, reflect that in
descrip.mms.tmpl.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-06 13:56:49 +02:00
Andy Polyakov
ad7c9c9faf Configure: add BLAKE_DEBUG to --strict-warnings set.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 12:29:02 +02:00
FdaSilvaYY
f0e1fe7cc3 Add missing mem leak test activation and checks
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 06:17:21 -04:00
Andrea Grandi
570c0716e3 Add a check of the FD_SETSIZE before the call to select()
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 09:09:51 +01:00
Emilia Kasper
69853045e1 Rename ssltest -> ssltest_old
ssltest_old.c is deprecated. New tests should use ssl_test.c, and the
recipes in 80-test_ssl_new.t

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 17:07:09 +02:00
Emilia Kasper
ababe86b96 testutil: return 1 on success
Require that test methods return 1 on success (not 0). This is more
customary for OpenSSL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-05 17:05:40 +02:00
Dr. Stephen Henson
6e863f0737 fix memory leak in ca
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-05 14:06:39 +01:00
Emilia Kasper
453dfd8d5e New SSL test framework
Currently, SSL tests are configured via command-line switches to
ssltest.c. This results in a lot of duplication between ssltest.c and
apps, and a complex setup. ssltest.c is also simply old and needs
maintenance.

Instead, we already have a way to configure SSL servers and clients, so
we leverage that. SSL tests can now be configured from a configuration
file. Test servers and clients are configured using the standard
ssl_conf module. Additional test settings are configured via a test
configuration.

Moreover, since the CONF language involves unnecessary boilerplate, the
test conf itself is generated from a shorter Perl syntax.

The generated testcase files are checked in to the repo to make
it easier to verify that the intended test cases are in fact run; and to
simplify debugging failures.

To demonstrate the approach, min/max protocol tests are converted to the
new format. This change also fixes MinProtocol and MaxProtocol
handling. It was previously requested that an SSL_CTX have both the
server and client flags set for these commands; this clearly can never work.

Guide to this PR:
 - test/ssl_test.c - test framework
 - test/ssl_test_ctx.* - test configuration structure
 - test/handshake_helper.* - new SSL test handshaking code
 - test/ssl-tests/ - test configurations
 - test/generate_ssl_tests.pl - script for generating CONF-style test
   configurations from perl inputs

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 13:44:46 +02:00
FdaSilvaYY
173f613b6a Fix a shadow symbol warning
... comes from c5137473bd.
Fix Travis builds.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 18:51:23 -04:00
Viktor Szakats
3e3957816c set exec attribute for .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 18:44:47 -04:00
Viktor Szakats
b2be6ed050 fix perl shebang
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 18:44:47 -04:00
Viktor Szakats
76c1183dee use whitespace more consistently
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 18:44:47 -04:00
Rich Salz
e771eea6d8 Revert "various spelling fixes"
This reverts commit 620d540bd4.
It wasn't reviewed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 16:11:43 -04:00
Rich Salz
9f2a142b13 Revert "Fix an error code spelling."
This reverts commit 2b0bcfaf83.
It wasn't reviewed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 16:11:04 -04:00
FdaSilvaYY
2b0bcfaf83 Fix an error code spelling.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 15:06:32 -04:00