llvm's ubsan reported:
runtime error: negation of -9223372036854775808 cannot be represented in type
'long'; cast to an unsigned type to negate this value to itself
Found using afl
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1325
New hostname checking function asn1_valid_host()
Check commonName entries against nameConstraints: any CN components in
EE certificate which look like hostnames are checked against
nameConstraints.
Note that RFC5280 et al only require checking subject alt name against
DNS name constraints.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte
Reviewed-by: Stephen Henson <steve@openssl.org>
The selector field could be omitted because it has a DEFAULT value.
In this case *sfld == NULL (sfld can never be NULL). This was not
noticed because this was never used in existing ASN.1 modules.
Reviewed-by: Rich Salz <rsalz@openssl.org>
The function a2i_ASN1_STRING can encounter an error after already
allocating a buffer. It wasn't always freeing that buffer on error.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1074)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1074)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1074)
Add missing error raise call, as it is done everywhere else.
and as CRYPTO_THREAD_lock_new don't do it internally.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/997)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/997)
We can call memcpy() with a pointer 1 past the last allocated byte and length
of 0 and you can argue that that's undefined behaviour.
Reported by tis-interpreter
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1132
Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK
Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE
Make lhash stuff opaque.
Use typedefs for function pointers; makes the code simpler.
Remove CHECKED_xxx macros.
Add documentation; remove old X509-oriented doc.
Add API-compat names for entire old API
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.
Thanks to David Benjamin <davidben@google.com> for reporting this bug.
This was found using libFuzzer.
RT#4364 (part)CVE-2016-2108.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Building with -DCHARSET_EBCDIC and using --strict-warnings resulted in
lots of miscellaneous errors. This fixes it.
Reviewed-by: Andy Polyakov <appro@openssl.org>
If the ASN.1 BIO is presented with a large length field read it in
chunks of increasing size checking for EOF on each read. This prevents
small files allocating excessive amounts of data.
CVE-2016-2109
Thanks to Brian Carpenter for reporting this issue.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
The Unix build was the last to retain the classic build scheme. The
new unified scheme has matured enough, even though some details may
need polishing.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Add copyright to most .pl files
This does NOT cover any .pl file that has other copyright in it.
Most of those are Andy's but some are public domain.
Fix typo's in some existing files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
The check_defer() function was used to ensure that EVP_cleanup() was always
called before OBJ_cleanup(). The new cleanup code ensures this so it is
no longer needed.
Remove obj_cleanup() call in OID config module: it is not needed
any more either.
Reviewed-by: Matt Caswell <matt@openssl.org>
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
There was a lot of naming inconsistency, so we try and standardise on
one form.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
OBJ_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Move the the BIO_METHOD and BIO structures into internal header files,
provide appropriate accessor methods and update all internal code to use
the new accessors where appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
BIO_new, etc., don't need a non-const BIO_METHOD. This allows all the
built-in method tables to live in .rodata.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Don't free up passed EVP_MD_CTX in ASN1_item_sign_ctx(). This
simplifies handling and retains compatiblity with previous behaviour.
PR#4446
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
Make PKCS8_PRIV_KEY_INFO opaque. Several accessor functions already exist
for this structure. Two new ones were added to handle attributes.
The old handling of broken formats has been removed and the corresponding
structures simplified.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Add support for application supplied any defined by callback. An
application can change the selector value if it wishes. This is
mainly intended for values which are only known at runtime, for
example dynamically created OIDs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
- In error paths, EVP_MD_CTX allocated by the callee is not released.
- Checking method before accessing
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Simplifies calling code. Also fixed up any !ptr tests that were
nearby, turning them into NULL tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
This takes us away from the idea that we know exactly how our static
libraries are going to get used. Instead, we make them available to
build shareable things with, be it other shared libraries or DSOs.
On the other hand, we also have greater control of when the shared
library cflags. They will never be used with object files meant got
binaries, such as apps/openssl or test/test*.
With unified, we take this a bit further and prepare for having to
deal with extra cflags specifically to be used with DSOs (dynamic
engines), libraries and binaries (applications).
Reviewed-by: Rich Salz <rsalz@openssl.org>
All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was. Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Don't require an application to work out the appropriate buffer size for
ASN1_bn_print(), which is unsafe. Ignore the supplied buffer and allocate
it internally instead.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files. They have been generated from the
Makefiles in the same directories. Things that are platform specific
will appear in later commits.
Reviewed-by: Andy Polyakov <appro@openssl.org>
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Applications wishing to include their own stacks now just need to include
DEFINE_STACK_OF(foo)
in a header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rename to OPENSSL_mem_debug_{push,pop}.
Remove simple calls; keep only calls used in recursive functions.
Ensure we always push, to simplify so that we can always pop
Reviewed-by: Richard Levitte <levitte@openssl.org>
Just like *_clear_free routines. Previously undocumented, used
a half-dozen times within OpenSSL source.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
When a decoding error in ASN.1 occurs only free up the partial structure
at the top level. This simplifies embedded handling and fixes freeing
up of structures when presented with malformed input.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>
+Replace FILE BIO's with dummy ops that fail.
+Include <stdio.h> for sscanf() even with no-stdio (since the declaration
is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
variable, since it can be larger than a 'long'. And we don't rely on the
availability of strtoull().
+Remove OPENSSL_stderr(); not used.
+Make OPENSSL_showfatal() do nothing (currently without stdio there's
nothing we can do).
+Remove file-based functionality from ssl/. The function
prototypes were already gone, but not the functions themselves.
+Remove unviable conf functionality via SYS_UEFI
+Add fallback definition of BUFSIZ.
+Remove functions taking FILE * from header files.
+Add missing DECLARE_PEM_write_fp_const
+Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
so remove its prototype.
+Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
+Eliminate SRP_VBASE_init() and supporting functions. Users will need to
build the verifier manually instead.
+Eliminate compiler warning for unused do_pk8pkey_fp().
+Disable TEST_ENG_OPENSSL_PKEY.
+Disable GOST engine as is uses [f]printf all over the place.
+Eliminate compiler warning for unused send_fp_chars().
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
When an OID is decoded see if it exists in the registered OID table
and if so return the shared OID instead of dynamically allocating
an ASN1_OBJECT.
Reviewed-by: Rich Salz <rsalz@openssl.org>