Commit graph

19970 commits

Author SHA1 Message Date
Rich Salz
dea0eb2c54 Fix URL links in comment
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3365)
2017-05-02 10:53:10 -04:00
Rich Salz
e5db7fcf93 Add some man page cross-references
The old/deprecated servername callback should refer back to the
new/preferred early callback mechanism, as well as indicate that
it is superseded by the early callback.

The early callback should also mention the API for turning the
raw cipherlist octets from the client into usable data structures.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3338)
2017-05-02 09:08:08 -04:00
Rich Salz
1f9d203dac Convert danetest, ssl_test_ctx_test
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3256)
2017-05-02 08:32:26 -04:00
Todd Short
c649d10d3f TLS1.3 Padding
Add padding callback for application control
Standard block_size callback
Documentation and tests included
Configuration file/s_client/s_srver option

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3130)
2017-05-02 09:44:43 +01:00
Todd Short
20ee2bf138 Fix time offset calculation.
ASN1_GENERALIZEDTIME and ASN1_UTCTIME may be specified using offsets,
even though that's not supported within certificates.

To convert the offset time back to GMT, the offsets are supposed to be
subtracted, not added. e.g. 1759-0500 == 2359+0100 == 2259Z.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2654)
2017-05-02 10:38:54 +02:00
Rich Salz
ee6b68ce4c Fix a stack smash
It occurs when memory compares are made that are larger
than the on stack temporary buffers (either malloced or supplied).

Rework the test test so it doesn't use a macro with a branch.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3155)
2017-05-01 14:38:49 -04:00
Benjamin Kaduk
96db26919d Remove duplicates from clang_devteam_warnings
Since the clang_devteam_warnings are appended to the gcc_devteam_warnings
when strict-warnings are requested, any items present in both the gcc
and clang variables will be duplicated in the cflags used for clang builds.
Remove the extra copy from the clang-specific flags in favor of the
gcc_devteam_warnings that are used for all strict-warnings builds.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Benjamin Kaduk
f44903a428 Address some -Wold-style-declaration warnings
gcc's -Wextra pulls in -Wold-style-declaration, which triggers when a
declaration has a storage-class specifier as a non-initial qualifier.
The ISO C formal grammar requires the storage-class to be the first
component of the declaration, if present.

Seeint as the register storage-class specifier does not really have any effect
anymore with modern compilers, remove it entirely while we're here, instead of
fixing up the order.

Interestingly, the gcc devteam warnings do not pull in -Wextra, though
the clang ones do.

[extended tests]

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Benjamin Kaduk
560ad13c74 Add -Wextra to gcc devteam warnings
clang already has it; let's flip the switch and deal with the fallout.
Exclude -Wunused-parameter, as we have many places where we keep unused
parameters to conform to a uniform vtable-like interface.
Also exclude -Wmissing-field-initializers; it's okay to rely on
the standard-mandated behavior of filling out with 0/NULL.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Andy Polyakov
1ff86c5efa test/asn1_encode_test.c: test "next negative minimum" corner case.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-30 15:18:47 +02:00
Andy Polyakov
1e93d619b7 asn1/a_int.c: fix "next negative minimum" corner case in c2i_ibuf.
"Next" refers to negative minimum "next" to one presentable by given
number of bytes. For example, -128 is negative minimum presentable by
one byte, and -256 is "next" one.

Thanks to Kazuki Yamaguchi for report, GH#3339

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-30 15:17:03 +02:00
Rich Salz
595b2a4237 Check fflush on BIO_ctrl call
Bug found and fix suggested by Julian Rüth.
Push error if fflush fails

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3266)
2017-04-28 14:14:59 -04:00
Richard Levitte
5cc9776191 Update the pyca-cryptography submodule to version 1.8.1
It was released a couple of days after our latest update

[extended tests]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3346)
2017-04-28 18:04:52 +02:00
Rich Salz
9a837f220a Ensure blank lines between tests.
Also add a comment describing the file format.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3337)
2017-04-28 10:09:39 -04:00
Pauli
f5a140f7e9 Refactor crltest.c to separate the test cases into individual functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3327)
2017-04-28 16:03:35 +02:00
Richard Levitte
0918b94c9c testutil: Remove test_puts_std{out,err}, they are superfluous
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
68e49bf223 testutil: Add OpenSSL error stack printing wrapper TEST_openssl_errors
Also added a internal error printing callback to be used both with
ERR_print_errors_cb() and with CRYPTO_mem_leaks_cb

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
603ddbdb75 testutil: Add commodity printing functions test_printf_std{out,err}
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
c5657cb710 testutil: make subtest_level() internal
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
579d0fabcd testutil: Move printing function declarations to "internal" header
These functions aren't meant to be used directly by the test programs,
reflect that by making the declarations a little harder to reach, but
still available enough if there's a need to override them.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
FdaSilvaYY
36b2cfb191 Add checks on return code when applying some settings.
Remove hardcoded bound checkings.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3141)
2017-04-28 15:49:36 +02:00
FdaSilvaYY
67887855af Output prog name within error message
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3141)
2017-04-28 15:49:36 +02:00
FdaSilvaYY
28e5ea88a8 Add a 'max_send_frag' option to configure maximum size of send fragments
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3141)
2017-04-28 15:49:36 +02:00
Todd Short
9ff2cebf29 Fix s_client when no-dtls
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3344)
2017-04-28 15:42:41 +02:00
Bernd Edlinger
8f3f9623a4 Fix a pedantic gcc-7 warning.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3328)
2017-04-28 15:04:08 +02:00
Richard Levitte
46d5e2b42e TLSProxy: When in debug mode, show the exact subprocess commands
When you want to debug a test that goes wrong, it's useful to know
exactly what subprocess commands are run.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3342)
2017-04-28 09:20:05 +02:00
Rich Salz
f2150cd74f Remove (broken) diagnostic print
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3336)
2017-04-27 11:38:17 -04:00
Andy Polyakov
b12ae4a912 fuzz/{client,server}.c: omit _time64 "overload method".
Approach was opportunistic in Windows context from its inception
and on top of that it was proven to be error-prone at link stage.
Correct answer is to introduce library-specific time function that
we can control in platform-neutral manner.  Meanwhile we just let
be attempts to override time on Windows.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3320)
2017-04-27 13:01:08 +02:00
Matt Caswell
11ba87f2ff Ensure s_client sends an SNI extension by default
Enforcement of an SNI extension in the initial ClientHello is becoming
increasingly common (e.g. see GitHub issue #2580). This commit changes
s_client so that it adds SNI be default, unless explicitly told not to via
the new "-noservername" option.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2614)
2017-04-27 11:43:55 +01:00
Bernd Edlinger
37659ea430 Add parentheses on public macros where appropriate.
Fixes #3063.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3100)
2017-04-27 11:31:09 +01:00
Bernd Edlinger
237bc6c997 Remove unnecessary loop in pkey_rsa_decrypt.
It is not necessary to remove leading zeros here because
RSA_padding_check_PKCS1_OAEP_mgf1 appends them again. As this was not done
in constant time, this might have leaked timing information.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3313)
2017-04-26 20:47:37 -04:00
Rich Salz
cf10df81e1 Fix ISO C function/object pointer issue
Showed up on GCC with strict warnings.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3325)
2017-04-26 16:43:54 -04:00
Rich Salz
710756a9b3 Convert sslapitest to test framework
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3252)
2017-04-26 13:42:57 -04:00
Rich Salz
30bea14be6 Convert bntest to TEST_ framework
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3265)
2017-04-26 12:48:24 -04:00
Graham Edgecombe
e596c68c31 Return success in custom_ext_parse_old_cb_wrap if parse_cb is NULL
This fixes a segfault if a NULL parse_cb is passed to
SSL_CTX_add_{client,server}_custom_ext, which was supported in the
pre-1.1.1 implementation.

This behaviour is consistent with the other custom_ext_*_old_cb_wrap
functions, and with the new SSL_CTX_add_custom_ext function.

CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3310)
2017-04-26 17:37:30 +01:00
Rich Salz
8ed9a26616 Convert dtls_mtu_test, dtlsv1listentest
Also converted most of ssltestlib but left the packet_dump output
as-is (for now).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3257)
2017-04-26 12:20:44 -04:00
Dr. Stephen Henson
aa24cd1bfb Fix no-ec
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3321)
2017-04-26 17:12:23 +01:00
Tatsuhiro Tsujikawa
8e1634ec36 Don't treat PACKET_remaining() as boolean
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3244)
2017-04-26 16:56:37 +01:00
Tatsuhiro Tsujikawa
bf5c84f5d1 Break before && operator
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3244)
2017-04-26 16:56:36 +01:00
Tatsuhiro Tsujikawa
735d5b59df Call init and finalization functions per extension message
Previously, init and finalization function for extensions are called
per extension block, rather than per message.  This commit changes
that behaviour, and now they are called per message.  The parse
function is still called per extension block.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3244)
2017-04-26 16:56:35 +01:00
Matt Caswell
b89646684d Clarify that SSL_CTX_remove_session() marks a session as non-resumable
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:46:47 +01:00
Matt Caswell
5b3e5f00a6 More SSL_SESSION documentation tweaks based on feedback
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:46:47 +01:00
Matt Caswell
35ea9edfb2 Tweak SSL_get_session.pod wording
Based on feedback received.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:46:46 +01:00
Matt Caswell
150840b944 Always duplicate the session on NewSessionTicket in TLSv1.3
Because NST messages arrive post-handshake, the session may have already
gone into the cache. Once in the cache a session must be immutable -
otherwise you could get multi-thread issues.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:42:29 +01:00
Matt Caswell
6ff7149468 Documentation updates for TLSv1.3 sessions
Add documentation for SSL_SESSION_is_resumable(). Also describe the interaction
of the various session functions and TLSv1.3 post-handshake sessions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:42:29 +01:00
Matt Caswell
e586eac885 Add support for SSL_SESSION_is_resumable()
Provide a way to test whether the SSL_SESSION object can be used to resume a
sesion or not.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:42:29 +01:00
Matt Caswell
3348fc7e89 Remove TLS1.3 TODO around testing for session id length
TLSv1.3 will do the same thing as TLSv1.2 with tickets with regards to session
ids, i.e. it will create a synthetic session id when the session is established,
so it is reasonable to check the session id length, even in TLSv1.3.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
2017-04-26 16:42:29 +01:00
Rich Salz
b6e3250671 Fix unit-tests when no-srp configured
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3274)
2017-04-26 11:21:29 -04:00
Rich Salz
58e754fcb8 Convert modular exponentiation tests to new framework
Updated due to test framework changes
Updates after code review
Missed some checks

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3269)
2017-04-26 11:02:09 -04:00
Matt Caswell
975922fd0c Add tests for version/ciphersuite sanity checks
The previous commits added sanity checks for where the max enabled protocol
version does not have any configured ciphersuites. We should check that we
fail in those circumstances.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)
2017-04-26 14:31:00 +01:00