Commit graph

17168 commits

Author SHA1 Message Date
Andy Polyakov
b53d32574b aes/asm/aesp8-ppc.pl: add XTS subroutines.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:27 +02:00
Rich Salz
a15cfae656 (Temporarily) don't download clang package
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-14 16:58:37 -04:00
Andy Polyakov
1eb12c437b perlasm/x86_64-xlate.pl: add commentary.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:50:47 +02:00
Andy Polyakov
6a4ea0022c perlasm/x86_64-xlate.pl: refactor argument parsing loop.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:50:42 +02:00
David Benjamin
c25278db8e Make x86_64-xlate.pl 'use strict' clean.
use strict would have caught a number of historical bugs in the perlasm
code, some in the repository and some found during review. It even found
a fresh masm-only bug (see below).

This required some tweaks. The "single instance is enough" globals got
switched to proper blessed objects rather than relying on symbolic refs.
A few types need $opcode passed in as a result.

The $$line thing is a little bit of a nuisance. There may be a clearer
pattern to use instead.

This even a bug in the masm code.
9b634c9b37 added logic to make labels
global or function-global based on whether something starts with a $,
seemingly intended to capture the $decor setting of '$L$'. However, it
references $ret which is not defined in label::out. label::out is always
called after label::re, so $ret was always the label itself, so the line
always ran.

I've removed the regular expression so as not to change the behavior of
the script. A number of the assembly files now routinely jump across
functions, so this seems to be the desired behavior now.

GH#1165

Signed-off-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:50:04 +02:00
Richard Levitte
b867c7077a VMS: use BLDDIR rather than BUILDDIR in descrip.mms.tmpl
Just like in the other build file templates

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
932eaf0085 Add a developer target 'build_generated' to rebuild mandatory headers
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
7cae38642e Build file templates: make sure to depend on generated header files
As well as properly generating those that are made from .in files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
27ffb86c20 Move the Configure generated header files to the top build.info
This turns these headers into build file generated ones.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
4f858293a9 Configure: Make it possible to generate mandatory header files
'DEPEND[]=file.h' becomes a special way to say that 'file.h' must be
generated before anything else is built.  It's likely that a number
of source files depend on these header files, this provides a simple
way to make sure they are always generated even it the dependency data
hasn't been added to the build file yet.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Dr. Stephen Henson
7c46746bf2 Fix omitted selector handling.
The selector field could be omitted because it has a DEFAULT value.
In this case *sfld == NULL (sfld can never be NULL). This was not
noticed because this was never used in existing ASN.1 modules.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 19:15:51 +01:00
Kurt Roeckx
2dca984bab Update fuzz corpora
Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2949
2016-06-14 19:30:41 +02:00
Kurt Roeckx
947f3156ec Initialize the session_id
ssl_session_hash() always looks at the first 4 bytes, regardless of the length.
A client can send a session id that's shorter, and the callback could also
generate one that's shorter.  So we make sure that the rest of the buffer is
initliazed to 0 so that we always calculate the same hash.

Found by tis-interpreter, also previously reported as RT #2871

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2911
2016-06-14 19:30:36 +02:00
Matt Caswell
b2e8bd7bd5 Remove an unused variable assignment
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 17:35:30 +01:00
Rich Salz
cda3ae5bd0 RT4562: Fix misleading doc on OPENSSL_config
Also changed the code to use "appname" not "filename"

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-14 12:30:37 -04:00
Matt Caswell
036e61b166 Free memory on an error path
The function a2i_ASN1_STRING can encounter an error after already
allocating a buffer. It wasn't always freeing that buffer on error.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-14 11:45:34 +01:00
Matt Caswell
d285b5418e Avoid a double-free in crl2pl7
The variable |crtflst| could get double freed in an error path.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-14 11:27:10 +01:00
Matt Caswell
a45dca668e Add missing break statement
The -psk option processing was falling through to the -srp option
processing in the ciphers app.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-14 11:21:44 +01:00
Matt Caswell
e7653f3bab Fix comment
Fix a comment following commit c2c49969e2.

RT2388

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 10:41:00 +01:00
Matt Caswell
5ec84dd75f make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 00:16:04 +01:00
Richard Levitte
a8c82fa00f Shorten some symbol names
VMS C doesn't allow symbols longer than 31 characters.  We do the
automatic shortening with the library files, but not otherwise (to
make sure to work the VMS C magic).

For consistency, I shortened other similar symbols in the same manner.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 00:44:29 +02:00
Rich Salz
35096e912c GH1141: Different fix, preferred by Richard.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-13 18:36:35 -04:00
Peter Mosmans
b4b576d3b7 RT3454: Re-enable nistp-64_gcc_128 on windows
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-13 18:33:02 -04:00
Rich Salz
96d06c213d Missed some copyright merge
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-13 16:05:25 -04:00
TJ Saunders
bbaa9dd850 Ensure that NULL r and s parameters cannot be set on DSA_SIG/ECDSA_SIGs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
2016-06-13 15:44:49 -04:00
TJ Saunders
1d454d58a8 Forgot to update the setter argument ordering in the public headers.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
2016-06-13 15:44:49 -04:00
TJ Saunders
7ca3ea22c1 Reorder the setter arguments to more consistently match that of other APIs,
per review comments.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
2016-06-13 15:44:49 -04:00
TJ Saunders
6a571a18dd Implement DSA_SIG_set0() and ECDSA_SIG_set0(), for setting signature values.
SSH2 implementations which use DSA_do_verify() and ECDSA_do_verify() are given
the R and S values, and the data to be signed, by the client.  Thus in order
to validate these signatures, SSH2 implementations will digest and sign
the data -- and then pass in properly provisioned DSA_SIG and ECDSA_SIG objects.

Unfortunately, the existing OpenSSL-1.1.0 APIs do not allow for directly setting
those R and S values in these objects, which makes using OpenSSL for such
SSH2 implementations much more difficult.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
2016-06-13 15:44:49 -04:00
Matt Caswell
d356dc5619 Add some missing return value checks
Some misc return value checks

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:38:39 +01:00
Matt Caswell
c887104f4a Update sslapitest to use the test framework
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Matt Caswell
ec02df83e6 Update the SSL_set_session() documentation
Update the SSL_set_session() documentation to reflect the fact that old
bad sessions are removed from the cache if necessary.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Matt Caswell
2cb4b5f63a Add some session API tests
This commit adds some session API tests, and in particular tests the
modified behaviour of SSL_set_session() introduced in the last commit. To
do this I have factored out some common code from the asynciotest into a
new ssltestlib.c file. I've also renamed getsettest to sslapitest as this
more closely matches what it now is!

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Matt Caswell
e70656cf1c Ensure SSL_set_session clears the old session from cache if it is bad
SSL_clear() and SSL_free() will remove a session from the cache if it is
considered "bad". However SSL_set_session() does not do this for the session
it is replacing.

SSL_clear() clears an SSL object ready for reuse. It does not clear the
session though. This means that:

  SSL_clear(s)
  SSL_set_session(s, sess);

and
  SSL_set_session(s, sess);
  SSL_clear(s);

do not do the same thing, although logically you would expect that they
would.

The failure of SSL_set_session() to remove bad sessions from the cache
should be considered a bug, so this commit fixes it.

RT#597

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Emilia Kasper
b02929802c SSL test: only write out server2 when testing SNI
The SNI tests introduced a redundant "server2" section into every test
configuration. Copy this automatically from "server" unless testing SNI,
to reduce noise in the generated confs.

Also remove duplicate SSL_TEST_CTX_create (merge conflict error).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 18:31:33 +02:00
Matt Caswell
25b9d11c00 Handle inability to create AFALG socket
Some Linux platforms have a suitably recent kernel to support AFALG, but
apparently you still can't actually create an afalg socket. This extends
the afalg_chk_platform() function to additionally check whether we can
create an AFALG socket. We also amend the afalgtest to not report a
failure to load the engine as a test failure. A failure to load is almost
certainly due to platform environmental issues, and not an OpenSSL problem.

RT 4434

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-13 17:28:40 +01:00
Emilia Kasper
74726750ef Port DTLS version negotiation tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 16:13:13 +02:00
Emilia Kasper
81fc33c951 Clean up following new SNI tests
- Only send SNI in SNI tests. This allows us to test handshakes without
  the SNI extension as well.
- Move all handshake-specific machinery to handshake_helper.c
- Use enum types to represent the enum everywhere
  (Resorting to plain ints can end in sign mismatch when the enum is
  represented by an unsigned type.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 16:03:06 +02:00
Rich Salz
a7be5759cf RT3809: basicConstraints is critical
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-06-13 09:18:22 -04:00
Andy Polyakov
7d6284057b bn/bn_add.c: favour counted loops over ifs and breaks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 12:35:39 +02:00
Andy Polyakov
2ac68bd6f1 doc/crypto/OPENSSL_ia32cap.pod update.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 12:26:07 +02:00
Dr. Stephen Henson
6ec6d52071 Don't skip leading zeroes in PSK keys.
Don't use BN_hex2bn() for PSK key conversion as the conversion to
BN and back removes leading zeroes, use OPENSSL_hexstr2buf() instead.

RT#4554

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-12 19:44:17 +01:00
John Denker
a3ef2c1679 RT2759: Don't read TTY when already at EOF.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-12 08:52:40 -04:00
Rich Salz
7315ce80de Avoid memory leaks if options repeated.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-12 08:02:46 -04:00
Phillip Hellewell
6b3602882e RT3053: Check for NULL before dereferencing
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-12 07:50:32 -04:00
TJ Saunders
6d6e8070c2 Ensure that the EVP_MD_meth_new docs properly match the declared functions;
it looks like these names have shifted a little over time.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1203)
2016-06-11 12:12:18 -04:00
Kurt Roeckx
f3cf2251de Avoid creating illegal pointers
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1179
2016-06-11 16:43:53 +02:00
Kurt Roeckx
0a3206539a include stdlib for malloc() and free()
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1174
2016-06-11 16:43:49 +02:00
Kurt Roeckx
325cfa8531 Don't compare a just free()d pointer
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1173
2016-06-11 16:43:49 +02:00
Kurt Roeckx
4b68cb41d1 Specify array sizes
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1172
2016-06-11 16:43:49 +02:00
Kurt Roeckx
8c918b7b9c Avoid creating an illegal pointer.
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1166
2016-06-11 16:43:48 +02:00