Commit graph

16249 commits

Author SHA1 Message Date
FdaSilvaYY
f6c006ea76 Fix a possible leak on NETSCAPE_SPKI_verify failure.
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 20:38:15 +02:00
FdaSilvaYY
c5137473bd Use X509_REQ_get0_pubkey
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 20:38:14 +02:00
FdaSilvaYY
97458daade Add X509_REQ_get0_pubkey method
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 20:38:11 +02:00
FdaSilvaYY
0517538d1a Fix two leaks in X509_REQ_to_X509
Issue #182

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 19:02:51 +02:00
Richard Levitte
6c13488c4e Make sure the rand_byte buffer in padlock engine is cleansed.
Submitted by Michael McConville <mmcco@mykolab.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 17:01:37 +02:00
Andy Polyakov
4b8736a22e crypto/poly1305: don't break carry chains.
RT#4483

[poly1305-armv4.pl: remove redundant #ifdef __thumb2__]
[poly1305-ppc*.pl: presumably more accurate benchmark results]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-04 16:56:20 +02:00
Emilia Kasper
1400f013e1 Fix memory leaks in ASN.1
These leaks affect 1.1.0 dev branch only; introduced around commit
f93ad22f6a

Found with LibFuzzer

Reviewed-by: Ben Laurie <ben@openssl.org>
2016-04-04 13:26:06 +02:00
Michał Trojnara
b5851bbc43 Removed no-ops for the old locking API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-03 22:33:12 -04:00
Viktor Dukhovni
ae6c553eca Fix mixed declarations and code
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 21:49:24 -04:00
Richard Levitte
adb4076ae0 Don't shadow known symbols write, read, puts, gets
It was harmless in this case, but best avoid the annoying warnings.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-04-04 00:26:12 +02:00
Richard Levitte
68cd4e3f99 Makefile et al template: only modify static library with new object files
Previously, we updated the static libraries (libcrypto.a on Unix,
libcrypto.lib on Windows) with all the object files, regardless of if
they were rebuilt or not.  With this change, we only update them with
the object files were rebuilt.

NOTE: this does not apply on VMS, as the expansion of $? may be too
large for a command line.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-04-04 00:24:58 +02:00
Andy Polyakov
51f6d88420 apps/Makefile.in: add tsget rule.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-03 17:13:47 -04:00
Viktor Dukhovni
c3a7e0c565 After saving errno clear it before calls to strtol et. al.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-03 15:36:17 -04:00
Viktor Dukhovni
bb3bdf0507 make update
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 11:37:42 -04:00
Viktor Dukhovni
fbb82a60dc Move peer chain security checks into x509_vfy.c
A new X509_VERIFY_PARAM_set_auth_level() function sets the
authentication security level.  For verification of SSL peers, this
is automatically set from the SSL security level.  Otherwise, for
now, the authentication security level remains at (effectively) 0
by default.

The new "-auth_level" verify(1) option is available in all the
command-line tools that support the standard verify(1) options.

New verify(1) tests added to check enforcement of chain signature
and public key security levels.  Also added new tests of enforcement
of the verify_depth limit.

Updated documentation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 11:35:35 -04:00
Viktor Dukhovni
70dd3c6593 Tidy up x509_vfy callback handling
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 11:35:19 -04:00
Richard Levitte
0f1ef63bf1 Ordinals adjustment
Two renamed functions were forgotten in util/libcrypto.num

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-03 09:15:19 +02:00
Matt Caswell
aa05e7caea Rename get/set_app_data to get0/set0_app_data
Also fixed a style issue

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
a517f7fcdc Various DSA opacity fixups
Numerous fixups based on feedback of the DSA opacity changes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
a60e6a7af4 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
3fe85096bd Added DSA opacity to CHANGES
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
fbaedfdd47 Document functions added as a result of DSA opacity changes
A number of getters/setters have been added for examining DSA objects, as
well as a whole set of functions for creating and buildingup DSA_METHODs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
6e9fa57c6d Make DSA_METHOD opaque
Move the dsa_method structure out of the public header file, and provide
getter and setter functions for creating and modifying custom DSA_METHODs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
1258396d73 Make the DSA structure opaque
Move the dsa_st structure out of the public header file. Add some accessor
functions to enable access to the internal fields, and update all internal
usage to use the new functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Richard Levitte
25c78440d2 Adapt some test recipes to the newer cmdstr()
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 23:13:42 +02:00
Richard Levitte
cb2ceb18f2 Enhance OpenSSL::Test::cmdstr to give cmd string variants
Within OpenSSL::Test, all commands end up existing in two variants,
one that has redirections that are needed internally to work well
together with the test harness, and one without those redirections.

Depending on what the result is going to be used for, the caller may
want one for or the other, so we give them the possibility.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 23:13:42 +02:00
Kirill Marinushkin
d3e6d6bcdf moved structure bio_buf_mem_st from headers to bss_mem.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 16:57:07 -04:00
Kirill Marinushkin
fc9755ee0d sizeof() updated to cover coding style
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 16:57:07 -04:00
Kirill Marinushkin
9fe9d0461e Optimized BIO mem read - without reallocation
Currently on every BIO mem read operation the remaining data is reallocated.
This commit solves the issue.
BIO mem structure includes additional pointer to the read position.
On every read the pointer moves instead of reallocating the memory for the remaining data.
Reallocation accures before write and some ioctl operations, if the read pointer doesn't point on the beginning of the buffer.
Also the flag is added to rewind the read pointer without losing the data.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 16:57:07 -04:00
Mat
6b88864310 Fix: CRYPTO_THREAD_run_once
InitOnceExecuteOnce returns nonzero on success:
MSDN: "If the function succeeds, the return value is nonzero."

So return 1 if it is nonzero, 0 others.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 16:56:09 -04:00
Richard Levitte
b286cb8eac apps/opt.c: next was only used when NDEBUG undefined, move it inside guard
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 22:34:05 +02:00
Richard Levitte
e3d8185880 make depend: Check that find returned a non-empty string rather than an empty
The logic to find out of there are any .d files newer than Makefile is
sound.  Checking the result was less so.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 20:10:03 +02:00
Dr. Stephen Henson
fa0a9d715e Fix X509_PUBKEY cached key handling.
Don't decode a public key in X509_PUBKEY_get0(): that is handled when
the key is parsed using x509_pubkey_decode() instead.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-02 17:34:27 +01:00
Coty Sutherland
2d5a1cfab8 Correcting typo that causes make install fail
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-02 17:20:55 +02:00
Richard Levitte
488e2b0f5a Add the C macro NDEBUG when configuring for release
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-01 22:48:12 +02:00
Richard Levitte
368058d0a7 Force argv to be an array of long pointers on VMS
Reverts commit 087ca80ad8

Instead of battling the odd format of argv given to main() in default
P64 mode, tell the compiler to make it an array of 64-bit pointers
when compiling in P64 mode.

A note is added in NOTES.VMS regarding minimum DEC C version.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-04-01 16:23:35 +02:00
Richard Levitte
5902821d81 Make the use of perl more consistent
- In Configure, register the perl interpreter used to run Configure,
  so that's the one being used throughout instead of something else
  that Configure happens to find.  This is helpful for using a perl
  version that's not necessarely first in $PATH:

    /opt/perl/5.22.1/bin/perl ./Configure

- Make apps/tsget a generated file, just like apps/CA.pl, so the
  perl interpreter registered by Configure becomes the hashbang path
  instead of a hardcoded /usr/bin/perl

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-04-01 07:24:04 +02:00
Rich Salz
475965f2ef Use return "" not set a var and return.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-31 16:27:52 -04:00
Andy Polyakov
1fab06a665 crypto/blake2: make lowest-level function handle multiple blocks..
This minimizes inter-block overhead. Performance gain naturally
varies from case to case, up to 10% was spotted so far. There is
one thing to recognize, given same circumstances gain would be
higher faster computational part is. Or in other words biggest
improvement coefficient would have been observed with assembly.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 21:34:00 +02:00
Richard Levitte
349232d149 OpenSSL::Test: have cmdstr() return the true command.
On the other hand, have run() display the display variant.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 19:54:37 +02:00
Richard Levitte
d8a52304ae When looking for executables, don't forget the extension
Because some operating systems have executable extensions, typically
".exe", we need to append it when looking for files in test() and
app() (or rather, their subroutines).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 19:54:37 +02:00
Pauli
580731aff3 RT4458: Fix #ifndef line for GOST
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-31 11:19:15 -04:00
Richard Levitte
923b1857de Fix "no-ui" configuration
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-31 13:32:01 +02:00
Richard Levitte
4de9913b8c Make the '-in' option in apps/passwd.c less mandatory
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-31 08:31:50 +02:00
Matt Caswell
b3895f42a9 Remove the CRYPTO_mem_leaks adjustment for the BIO
CRYPTO_mem_leaks attempts to adjust the count of bytes leaks to not
include the BIO that is being used to print the results out. However this
does not work properly. In all internal cases we switch off recording
the memory allocation during creation of the BIO so it makes no difference.
In other cases if the BIO allocates any additional memory during
construction then the adjustment will be wrong anyway. It also skips over
the BIO memory during print_leak anyway, so the BIO memory is never
added into the total. In other words this was broken in lots of ways and
has been since it was first added.

The simplest solution is just to make it the documented behaviour that
you must turn off memory logging when creating the BIO, and remove all
the adjustment stuff completely. The adjustment code was only ever in
master and never made it to a release branch so there is no loss of
functionality.

This commit also fixes a compilation failure when using
enable-crypto-mdebug.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 00:12:47 +01:00
Ben Laurie
79c7f74d6c Fix buffer overrun in ASN1_parse().
Fix buffer overrun in asn1_get_length().

Reproducer: asn1parse-reproduce crash-6bfd417f47bc940f6984f5e639b637fd4e6074bc

Fix length calculations.

Reproducer: asn1parse-reproduce crash-1819d0e54cd2b0430626c59053e6077ef04c2ffb
Reproducer: asn1parse-reproduce crash-9969db8603e644ddc0ba3459b51eac7a2c4b729b

Make i long.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-30 20:28:44 +01:00
Richard Levitte
087ca80ad8 Fix pointer size issues with argv on VMS
The argument 'argv' in 'main' is a short pointer to a short pointer on
VMS, regardless of initial pointer size.  We must therefore make sure
that 'copy_argv' gets a 32-bit pointer for argv, and that the copied
argv is used for the rest of main().

This introduces the local type argv_t, which will have correct pointer
size in all cases (and be harmless on all other platforms) as well as
the macro Argv, which is defined as 'copied_argv' or 'argv', as the
case may be.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-30 20:25:08 +02:00
Richard Levitte
90dbd25097 Fix pointer size issue with setbuf() on VMS
setbuf() is only for 32-bit pointers.  If compiled with /POINTER_SIZE=64,
we get a nasty warning about possible loss of data.  However, since
the only pointer used in the call is a FILE *, and the C RTL shouldn't
give us a pointer above the first 4GB, it's safe to turn off the
warning for this call.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-30 20:25:08 +02:00
Richard Levitte
fcd9c8c014 Fix pointer size issues on VMS
On VMS, the C compiler can work with 32-bit and 64-bit pointers, and
the command line determines what the initial pointer size shall be.

However, there is some functionality that only works with 32-bit
pointers.  In this case, it's gethostbyname(), getservbyname() and
accompanying structures, so we need to make sure that we define our
own pointers as 32-bit ones.

Furthermore, there seems to be a bug in VMS C netdb.h, where struct
addrinfo is always defined with 32-bit pointers no matter what, but
the functions handling it are adapted to the initial pointer size.
This leads to pointer size warnings when compiling with
/POINTER_SIZE=64.  The workaround is to force struct addrinfo to be
the 64-bit variant if the initial pointer size is 64.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-30 20:25:08 +02:00
Richard Levitte
622c7e99a9 Rearrange the use of 'proto' in BIO_lookup
'proto' wasn't properly used as a fallback in all appropriate cases.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-30 18:45:33 +02:00