Fix more potential leaks in X509_verify_cert()
Fix memory leak in ClientHello test
Fix memory leak in gost2814789 test
Fix potential memory leak in PKCS7_verify()
Fix potential memory leaks in X509_add1_reject_object()
Refactor to use "goto err" in cleanup.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Add DSA tests.
Add tests to verify signatures against public keys. This will also check
that a public key is read in correctly.
Reviewed-by: Ben Laurie <ben@openssl.org>
Enhance the PACKET code readability, and fix a stale comment. Thanks
to Ben Kaduk (bkaduk@akamai.com) for pointing this out.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Use a dynamic engine for ossltest engine so that we can build it without
subsequently deploying it during install. We do not want people accidentally
using this engine.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Two tests are added: one is a simple version tolerance test; the second is
a test to ensure that OpenSSL operates correctly in the case of a zero
length extensions block. The latter was broken inadvertently (now fixed)
and it would have been helpful to have a test case for it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
We could just initialize it, but to be consistent with the rest of the file
it seemed to make more sense to just drop.
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
This reverts commit 704563f04a.
Reverting in favour of the next commit which removes the underlying cause
of the warning.
Reviewed-by: Ben Laurie <ben@openssl.org>
Some of the PACKET functions were returning incorrect data. An unfortunate
choice of test data in the unit test was masking the failure.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Provide more robust (inline) functions to replace n2s, n2l, etc. These
functions do the same thing as the previous macros, but also keep track
of the amount of data remaining and return an error if we try to read more
data than we've got.
Reviewed-by: Tim Hudson <tjh@openssl.org>
The function SSL_set_session_ticket_ext sets the ticket data to be sent in
the ClientHello. This is useful for EAP-FAST. This commit adds a test to
ensure that when this function is called the expected ticket data actually
appears in the ClientHello.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This adds a test for CVE-2015-1793. This adds a new test file
verify_extra_test.c, which could form the basis for additional
verification tests.
Reviewed-by: Stephen Henson <steve@openssl.org>
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX.
This backs that change out, and does it a different way.
Thanks to Timo Teras for the concept.
Reviewed-by: Richard Levitte <levitte@openssl.org>
The function EC_POINT_is_on_curve does not return a boolean value.
It returns 1 if the point is on the curve, 0 if it is not, and -1
on error. Many usages within OpenSSL were incorrectly using this
function and therefore not correctly handling error conditions.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
For librypto to be complete, the stuff in both crypto/ and engines/
have to be built. Doing 'make test' or 'make apps' from a clean
source tree failed to do so.
Corrected by using the new 'build_libcrypto' in the top Makefile.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Almost two months ago, the warning about non-existing config file was
supressed by setting the environment variable OPENSSL_CONF to /dev/null
everywhere. Now that this warning is gone, that practice is no longer
needed.
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
In master, the 'dh' command is gone, so use 'dhparam' instead to
determine if we're compiled with DH.
Also, set "@SECLEVEL=1" for the weak DH test, so that it actually
passes.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Also add more ciphersuite test coverage, and a negative test for
512-bit DHE.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 1ee85aab75)
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Also reorder preferences to prefer prime curves to binary curves, and P-256 to everything else.
The result:
$ openssl s_server -named_curves "auto"
This command will negotiate an ECDHE ciphersuite with P-256:
$ openssl s_client
This command will negotiate P-384:
$ openssl s_client -curves "P-384"
This command will not negotiate ECDHE because P-224 is disabled with "auto":
$ openssl s_client -curves "P-224"
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Following the version negotiation rewrite all of the previous code that was
dedicated to version negotiation can now be deleted - all six source files
of it!!
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
This commit changes the way that we do server side protocol version
negotiation. Previously we had a whole set of code that had an "up front"
state machine dedicated to the negotiating the protocol version. This adds
significant complexity to the state machine. Historically the justification
for doing this was the support of SSLv2 which works quite differently to
SSLv3+. However, we have now removed support for SSLv2 so there is little
reason to maintain this complexity.
The one slight difficulty is that, although we no longer support SSLv2, we
do still support an SSLv3+ ClientHello in an SSLv2 backward compatible
ClientHello format. This is generally only used by legacy clients. This
commit adds support within the SSLv3 code for these legacy format
ClientHellos.
Server side version negotiation now works in much the same was as DTLS,
i.e. we introduce the concept of TLS_ANY_VERSION. If s->version is set to
that then when a ClientHello is received it will work out the most
appropriate version to respond with. Also, SSLv23_method and
SSLv23_server_method have been replaced with TLS_method and
TLS_server_method respectively. The old SSLv23* names still exist as
macros pointing at the new name, although they are deprecated.
Subsequent commits will look at client side version negotiation, as well of
removal of the old s23* code.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Added depencies on the public variants of some keys in test to Makefile.
Added the newly introduced key files from test/ in the list of files
to copy in util/pl/unix.pl.
Reviewed-by: Rich Salz <rsalz@openssl.org>
There are header files in crypto/ that are used by the rest of
OpenSSL. Move those to include/internal and adapt the affected source
code, Makefiles and scripts.
The header files that got moved are:
crypto/constant_time_locl.h
crypto/o_dir.h
crypto/o_str.h
Reviewed-by: Matt Caswell <matt@openssl.org>
Following on from the removal of libcrypto and libssl support for Kerberos
this commit removes all remaining references to Kerberos.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Remove RFC2712 Kerberos support from libssl. This code and the associated
standard is no longer considered fit-for-purpose.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Since COMP_METHOD is now defined in comp_lcl.h, it is no
longer possible to create new TLS compression methods without
using the OpenSSL source. Only ZLIB is supported by default.
Also, since the types are opaque, #ifdef guards to use "char *"
instead of the real type aren't necessary.
The changes are actually minor. Adding missing copyright to some
files makes the diff misleadingly big.
Reviewed-by: Matt Caswell <matt@openssl.org>
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"
Reviewed-by: Tim Hudson <tjh@openssl.org>
This is just to make sure that option is tested on a Unix build. This
option is already present in ms/testss.bat, so it's an easy steal.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Compiling OpenSSL code with MSVC and /W4 results in a number of warnings.
One category of warnings is particularly interesting - C4701 (potentially
uninitialized local variable 'name' used). This warning pretty much means
that there's a code path which results in uninitialized variables being used
or returned. Depending on compiler, its options, OS, values in registers
and/or stack, the results can be nondeterministic. Cases like this are very
hard to debug so it's rational to fix these issues.
This patch contains a set of trivial fixes for all the C4701 warnings (just
initializing variables to 0 or NULL or appropriate error code) to make sure
that deterministic values will be returned from all the execution paths.
RT#3835
Signed-off-by: Matt Caswell <matt@openssl.org>
Matt's note: All of these appear to be bogus warnings, i.e. there isn't
actually a code path where an unitialised variable could be used - its just
that the compiler hasn't been able to figure that out from the logic. So
this commit is just about silencing spurious warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy. Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.
Reviewed-by: Richard Levitte <levitte@openssl.org>
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Don't check for NULL before calling free functions. This gets:
ERR_STATE_free
ENGINE_free
DSO_free
CMAC_CTX_free
COMP_CTX_free
CONF_free
NCONF_free NCONF_free_data _CONF_free_data
A sk_free use within OBJ_sigid_free
TS_TST_INFO_free (rest of TS_ API was okay)
Doc update for UI_free (all uses were fine)
X509V3_conf_free
X509V3_section_free
X509V3_string_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
This gets BN_.*free:
BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: Richard Levitte <levitte@openssl.org>
There's a new "list" command, which takes a flag to say what
to list. Removing the old hacky commands. Re-ordered some
functions to remove some needless declarations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Make only errors go to stderr.
Print count and size before the loop, so you can see it's an 838K
message that will take a few moments.
Reviewed-by: Richard Levitte <levitte@openssl.org>
The files removed are the ones that were symbolic links before, but
aren't now, so we should not remove them any more.
Reviewed-by: Stephen Henson <steve@openssl.org>
No need for here documents, just use "yes" or </dev/null.
No need for "|| exit 1" clauses, just use "set -e".
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Removed commented-out tests
Standardize on doing
cmd ... || exit 1
instead of
cmd ...
if [ $? != 0] ; then
exit 1
fi
where that if statement has ben one, three, or four lines, variously.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Output a consistent "start" marker for each test.
Remove "2>/dev/null" from Makefile command lines.
Add OPENSSL_CONFIG=/dev/null for places where it's needed, in
order to suppress a warning message from the openssl CLI.
Reviewed-by: Richard Levitte <levitte@openssl.org>
With no more symlinks, there's no need for those variables, or the links
target. This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.
Also, removed METHTEST from test/Makefile. It looks like an old test that's
forgotten...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/crypto-lib.com - catch up with the OCSP changes
test/maketest.com and test/tests.com - catch up with the addition of test_evp_extra
Reviewed-by: Rich Salz <rsalz@openssl.org>
Includes VMS fixes from Richard.
Includes Kurt's destest fixes (RT 1290).
Closes tickets 1290 and 1291
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Making a specific variable $failure_code and a bit of commenting in the
VMS section should help clear things up.
Reviewed-by: Andy Polyakov <appro@openssl.org>
catch up with the Unix build.
A number of new tests, among others test/tocsp.com
Define INTERNAL in ssl/ssl-lib.com to allow for '#include "internal/foo.h"'
Reviewed-by: Andy Polyakov <appro@openssl.org>
Add INSTALLDIRS variable, list of directories where things get
installed. Change install_html_docs to use perl mkdir-p script.
Add uninstall, uninstall_sw, uninstall_docs, uninstall_html_docs
to Makefile.org. The actions of these targets were figured out
by "inverting" the install target.
Recurse into subdirs to do uninstall as needed. Added uninstall
targets whose actions were similarly figured out by "inverting"
the install target.
Also remove some 'space before tab' complaints in Makefile.org
Reviewed-by: Tim Hudson <tjh@openssl.org>
for dummytest if gost is compiled out, since the name of the test is not
standard (dummytest segfaults). Also the old name caused problems for git
because the executable was not in the .gitignore file
Reviewed-by: Emilia Käsper <emilia@openssl.org>
The fips test utilities are only build if an FIPS module is being
built from source. As this isn't done in master these are redundant.
Reviewed-by: Tim Hudson <tjh@openssl.org>
The call to setenv in gost2814789t.c is not portable and may
not reflect the location of the GOST ENGINE on all platforms anyway.
Instead set OPENSSL_ENGINES in test/Makefile
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Defines SETUP_TEST_FIXTURE and EXECUTE_TEST, and updates ssl/heartbeat_test.c
using these macros. SETUP_TEST_FIXTURE makes use of the new TEST_CASE_NAME
macro, defined to use __func__ or __FUNCTION__ on platforms that support those
symbols, or to use the file name and line number otherwise. This should fix
several reported build problems related to lack of C99 support.
Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this
avoids the nonce generation which would otherwise break the test.
Reinstate ecdsatest.
MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
(cherry picked from commit f306b87d76)
Contributed by: Florian Weimer <fweimer@redhat.com>
Fixes to X509 hostname and email address checking. Wildcard matching support.
New test program and manual page.
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable. However, since there's
been no release on this branch yet, it should be harmless.
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
here.
* test/clean-test.com: A new script for cleaning up.
