Commit graph

17600 commits

Author SHA1 Message Date
Matt Caswell
9a7169870e Add some SSL BIO tests
This adds some simple SSL BIO tests that check for pushing and popping of
BIOs into the chain. These tests would have caught the bugs fixed in the
previous three commits, if combined with a crypto-mdebug build.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
b46fe860fe Fix BIO_pop for SSL BIOs
The BIO_pop implementation assumes that the rbio still equals the next BIO
in the chain. While this would normally be the case, it is possible that it
could have been changed directly by the application. It also does not
properly cater for the scenario where the buffering BIO is still in place
for the write BIO.

Most of the existing BIO_pop code for SSL BIOs can be replaced by a single
call to SSL_set_bio(). This is equivalent to the existing code but
additionally handles the scenario where the rbio has been changed or the
buffering BIO is still in place.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
eddef30589 Fix BIO_push ref counting for SSL BIO
When pushing a BIO onto an SSL BIO we set the rbio and wbio for the SSL
object to be the BIO that has been pushed. Therefore we need to up the ref
count for that BIO. The existing code was uping the ref count on the wrong
BIO.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
8e3854ac88 Don't double free the write bio
When setting the read bio we free up any old existing one. However this can
lead to a double free if the existing one is the same as the write bio.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
7fb4c82035 Add a test for SSL_set_bio()
The SSL_set_bio() function has some complicated ownership rules. This adds a
test to make sure it all works as expected.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
0647719d80 Make the checks for an SSLv2 style record stricter
SSLv2 is no longer supported in 1.1.0, however we *do* still accept an SSLv2
style ClientHello, as long as we then subsequently negotiate a protocol
version >= SSLv3. The record format for SSLv2 style ClientHellos is quite
different to SSLv3+. We only accept this format in the first record of an
initial ClientHello. Previously we checked this by confirming
s->first_packet is set and s->server is true. However, this really only
tells us that we are dealing with an initial ClientHello, not that it is
the first record (s->first_packet is badly named...it really means this is
the first message). To check this is the first record of the initial
ClientHello we should also check that we've not received any data yet
(s->init_num == 0), and that we've not had any empty records.

GitHub Issue #1298

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-29 12:42:40 +01:00
Rich Salz
1a62777163 Various doc fixes.
Cannot nest B<> tags
Document "openssl speed" command.
Fix doc nits: missing NAME/SYNOPSIS stuff

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-07-28 17:00:05 -04:00
Emilia Kasper
29df3061b3 Add memory sanitizer config, and run on travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-28 21:43:27 +02:00
Dr. Stephen Henson
976ef6adcc Note cipher BIO write errors too.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 22:42:31 +01:00
David Benjamin
e125c12f57 Use sk_CONF_VALUE_pop_free in do_ext_nconf error path.
8605abf135 fixed the nval leak, but it
used free instead of pop_free. nval owns its contents, so it should be
freed with pop_free. See the pop_free call a few lines down.

This is a no-op as, in this codepath, we must have nval == NULL or
sk_CONF_VALUE_num(nval) == 0. In those cases, free and pop_free are
identical. However, variables should be freed consistently.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1351)
2016-07-26 16:03:42 -04:00
Kurt Roeckx
abdb0c7b4e Skip non-existing files.
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1324
2016-07-26 21:01:05 +02:00
Kurt Roeckx
5a3a546678 Add Hurd shared extension
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1345
2016-07-26 21:00:03 +02:00
Jon Loeliger
1abd292585 RT4639: Typo when -DSSL_DEBUG
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-26 12:48:51 -04:00
Dr. Stephen Henson
ee6ce5cc36 Set error if EVP_CipherUpdate fails.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:51:49 +01:00
Dr. Stephen Henson
ba1a1c3783 Deprecate X509_LU_FAIL, X509_LU_RETRY
Instead of X509_LU_FAIL, X509_LU_RETRY use 0/1 for return values.

RT#4577

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:23:02 +01:00
Dr. Stephen Henson
0946a19886 Use X509_LOOKUP_TYPE for lookup type consistently.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:23:02 +01:00
Dr. Stephen Henson
4c4a2f670b Move X509_LU_RETRY, X509_LU_FAIL
X509_LU_RETRY and X509_LU_FAIL are not X509_OBJECT types so don't include
them in the enum.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:23:02 +01:00
Dr. Stephen Henson
fc9d1ef39c Remove current_method from X509_STORE_CTX
Remove current_method: it was intended as a means of retrying
lookups bit it was never used. Now that X509_verify_cert() is
a "one shot" operation it can never work as intended.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:23:02 +01:00
Richard Levitte
61d81f0ac9 Update the example in proxy_certificates.txt
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 09:43:21 +02:00
FdaSilvaYY
9d7bfb14dd Discard BIO_set(BIO* bio) method
Simplify BIO init using OPENSSL_zalloc().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1261)
2016-07-25 13:48:32 -04:00
russor
78a01b3f69 zero pad DHE public key in ServerKeyExchange message for interop
Some versions of the Microsoft TLS stack have problems when the DHE public key
is encoded with fewer bytes than the DHE prime.

There's some public acknowledgement of the bug at these links:

https://connect.microsoft.com/IE/feedback/details/1253526/tls-serverkeyexchange-with-1024-dhe-may-encode-dh-y-as-127-bytes-breaking-internet-explorer-11
https://connect.microsoft.com/IE/feedback/details/1104905/wininet-calculation-of-mac-in-tls-handshake-intermittently-fails-for-dhe-rsa-key-exchange

This encoding issue also causes the same errors with 2048-bit DHE, if the
public key is encoded in fewer than 256 bytes and includes the TLS stack on
Windows Phone 8.x.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1320)
2016-07-25 13:41:33 -04:00
Richard Levitte
fe0169b097 Make it possible for external code to set the certiciate proxy path length
This adds the functions X509_set_proxy_pathlen(), which sets the
internal pc path length cache for a given X509 structure, along with
X509_get_proxy_pathlen(), which retrieves it.

Along with the previously added X509_set_proxy_flag(), this provides
the tools needed to manipulate all the information cached on proxy
certificates, allowing external code to do what's necessary to have
them verified correctly by the libcrypto code.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:36:39 +02:00
Richard Levitte
3067095e8a Add X509_STORE lock and unlock functions
Since there are a number of function pointers in X509_STORE that might
lead to user code, it makes sense for them to be able to lock the
store while they do their work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:33:41 +02:00
Richard Levitte
c1b4fa6ded make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:24:43 +02:00
Richard Levitte
0e82e0e1d0 Document the X509_STORE and X509_STORE_CTX setters and getters
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:20:58 +02:00
Richard Levitte
0a5fe2eb94 Add setter and getter for X509_STORE's check_policy
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:20:58 +02:00
Richard Levitte
1060a50b6d Add getters / setters for the X509_STORE_CTX and X509_STORE functions
We only add setters for X509_STORE function pointers except for the
verify callback function.  The thought is that the function pointers
in X509_STORE_CTX are a cache for the X509_STORE functions.
Therefore, it's preferable if the user makes the changes in X509_STORE
before X509_STORE_CTX_init is called, and otherwise use the verify
callback to override any results from OpenSSL's internal
calculations.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:20:58 +02:00
Steffen Nurpmeso
d49cfa3bd5 RT4627: Doc patch: fix constant names
Reviewed-by: Matt Caswell <matt@openssl.org>
Signed-off-by: Rich Salz <rsalz@openssl.org>
2016-07-25 09:50:27 -04:00
FdaSilvaYY
1e4c66f953 explicit init
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
ceab33e2cf Typo and comment fix
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
fefa4d5507 Unused variable, and cleanups
Break two long messages.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
5f7d5125fd Unused variable cleanup
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
55e0d0b462 Discard a dead option
Old inactive inherited code, a code relic for sure.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
67c93e6d9f Discard some unused typedefs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
2016-07-25 08:35:39 -04:00
FdaSilvaYY
c7d13c138c Constify X509|X509_CRL|X509_REVOKED_get_ext
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
7569362ebb Constify ... X509|X509_CRL|X509_REVOKED|_get_ext*()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
fdaf7beec5 Constify ...
X509_REVOKED_get0_extensions
X509_check_private_key

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
84de54b91e Constify (X509|X509V3|X509_CRL|X509_REVOKED)_get_ext_d2i ...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
a6a283b394 Constify i2s_ASN1_INTEGER, X509V3_get_d2i
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
333ed02c8a Constify input parameters of methods :
- X509_NAME_entry_count, X509_ATTRIBUTE_count
 - X509_NAME_add_entry_by_OBJ, X509_NAME_ENTRY_create_by_OBJ, X509_NAME_ENTRY_set_object

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
d3d5dc607a Enforce and explicit some const casting
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
e83f154f6c Constify i2t_ASN1_OBJECT, i2d_ASN1_OBJECT, i2a_ASN1_OBJECT.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
dbf89a9b94 Constify ASN1_buf_print
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
08275a29c1 Constify ASN1_TYPE_get, ASN1_STRING_type, ASN1_STRING_to_UTF8, ASN1_TYPE_get_octetstring & co...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
0aa25a68c0 Constify SXNET_add_id_*
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
25d57dc71b Constify EC_KEY_*_oct2priv() input buffer
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
c17dd597ac Constify CMS_decrypt_set1_key input buffer
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
b4bb825fff Constify engine/eng_cnf.c internal method.
simplify and reindent some related code.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
Matt Caswell
80f397e2c6 Fix no-tls1_2
Misc fixes impacting no-tls1_2. Also fixes no-dtls1_2.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:24:32 +01:00
Matt Caswell
3e82ae573a Fix no-dtls*
Also fixes some other options like no-dgram and no-sock.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:24:32 +01:00