Commit Graph

26478 Commits

Author SHA1 Message Date
Matt Caswell
1ae7354c04 Make the NULL cipher TLS aware
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:09 +01:00
Matt Caswell
27d4c840fc Change ChaCha20-Poly1305 to be consistent with out ciphers
Other ciphers return the length of the Payload for TLS as a result of an
EVP_DecryptUpdate() operation - but  ChaCha20-Poly1305 did not. We change
it so that it does.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:09 +01:00
Matt Caswell
524cb684ac Make libssl start using the TLS provider CBC support
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:09 +01:00
Matt Caswell
e71fd827bc Add provider support for TLS CBC padding and MAC removal
The previous commits separated out the TLS CBC padding code in libssl.
Now we can use that code to directly support TLS CBC padding and MAC
removal in provided ciphers.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:09 +01:00
Matt Caswell
f0237a6c62 Remove SSL dependencies from tls_pad.c
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:09 +01:00
Matt Caswell
ebacd57bee Split the padding/mac removal functions out into a separate file
We split these functions out into a separate file because we are
preparing to make this file shared between libssl and providers.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:00 +01:00
Matt Caswell
ec27e619e8 Move MAC removal responsibility to the various protocol "enc" functions
For CBC ciphersuites using Mac-then-encrypt we have to be careful about
removing the MAC from the record in constant time. Currently that happens
immediately before MAC verification. Instead we move this responsibility
to the various protocol "enc" functions so that MAC removal is handled at
the same time as padding removal.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
2020-07-06 09:26:00 +01:00
Richard Levitte
1b726e9b91 TEST: update 02-test_errstr.t to have better tests
We now check that if libcrypto hasn't loaded the string for some particular
system error, it gives us "reason(nnn)" instead, where 'nnn' is the system
error number in decimal.

We go through all possible error macros that perl serves us, not only the
POSIX ones.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12343)
2020-07-05 21:13:42 +02:00
Richard Levitte
fa7a807435 SSL: fix misuse of ERR_LIB_SYS
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12343)
2020-07-05 21:13:42 +02:00
Richard Levitte
17b7f89684 TEST: fix test/errtest.c
test/errtest.c used the system error code 1 for EPERM.  However, EPERM
may be coded differently on different systems, so we switch to using
EPERM instead.  However, because we know that the ERR sub-system
truncates system error codes that occupy more than 24 bits, we check
that the reason code in the recorded error matches our EPERM, and skip
the test if not.

To be safe (even though the error string for that code is well defined
in POSIX), we also use strerror() to retrieve the string for that
error code instead of using a hard coded value.

Fixes #12276
Fixes #12217
Fixes #12354

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12343)
2020-07-05 21:13:25 +02:00
Richard Levitte
71f2994b15 ERR: special case system errors
Because system errors can be any positive number that fits in an 'int'
according to POSIX, we can't reasonably expect them to be in the 1..127
range, even though that's the most usual.

Instead of packing them into the OpenSSL error code structure, we
recognise them as a special case and mark them as such by storing them
in our error queue with the highest bit set.  We make OpenSSL specific
error records have their highest bit cleared, and in doing so, we
shift down the library section of the code by one bit.  This still
leaves a very large section for the reason codes.

Of course, we must adapt the error code and reason string extraction
and printing functions accordingly.

With this, we also thrown away the pre-loaded array of system error
strings, and extract them from the system when needed instead, i.e.
when we create error strings.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12343)
2020-07-05 21:13:03 +02:00
Richard Levitte
163b2bcd8b ERR: refactor global error codes
Some ERR_R_ codes overlapped other ERR_R_ codes:

- ERR_R_BUF_LIB vs ERR_R_PASSED_INVALID_ARGUMENT
- ERR_R_DSA_LIB vs ERR_R_INTERRUPTED_OR_CANCELLED

Looking back at history, this was originally not an issue, because
the ERR_R_ codes that weren't ERR_LIB_ aliases had bit 2**6 set.
However, new codes without that bit came in, and we got the overlap
that is mentioned above.

To get rid of the overlap, we repartition the codes as follows:

- ERR_R_{name}_LIB that are aliases for ERR_LIB_{name} are confined to
  the range 1..63.
- Other ERR_R_ codes are confined to 64..99

We also expand the reason codes to 24 bits of data, where the 4 top
bits are for reason code flags.  We also allocate a "fatal" flag
ERR_RFLAG_FATAL.  The reason code ERR_R_FATAL stops acting as a flag,
but is coded in such a way that it still serves as one for code that
happens to use it as such.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12343)
2020-07-05 21:13:03 +02:00
Richard Levitte
dd76b90ef6 CORE: perform post-condition in algorithm_do_this() under all circumstances
When ossl_provider_query_operation() returned NULL, the post-condition
callback wasn't called, and could make algorithm_do_this() falsely
tell the caller that there was an error.  Because of this, a provider
that answered with NULL for a particular operation identity would
effectively block the same query on all following providers.

Fixes #12293

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12365)
2020-07-05 14:07:14 +02:00
Dr. David von Oheimb
1dc1ea182b Fix many MarkDown issues in {NOTES*,README*,HACKING,LICENSE}.md files
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12109)
2020-07-05 11:29:43 +02:00
Dr. David von Oheimb
036cbb6bbf Rename NOTES*, README*, VERSION, HACKING, LICENSE to .md or .txt
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12109)
2020-07-05 11:29:43 +02:00
Dr. David von Oheimb
915e7e75a4 util/markdownlint.rb: Add two rule exceptions: MD023 and MD026
exclude_rule 'MD023' # Headers must start at the beginning of the line
exclude_rule 'MD026' # Trailing punctuation in header

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12109)
2020-07-05 11:29:43 +02:00
Pauli
c996f71bab apps: remove NULL check imn release_engine since ENGINE_free also does it.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
2020-07-05 13:20:09 +10:00
Pauli
2f142901ca coverity 1464983: null pointer dereference
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
2020-07-05 13:20:09 +10:00
Pauli
6f924bb89e coverity 1464984: Null pointer dereferences
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
2020-07-05 13:20:09 +10:00
Pauli
9283e9bd11 cmp: remove NULL check.
Instead appease coverity by marking 1464986 as a false positive.
Coverity is confused by the engine reference counting.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
2020-07-05 13:20:09 +10:00
Pauli
c4d0221405 coverity: CID 1464987: USE AFTER FREE
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
2020-07-05 13:20:09 +10:00
Pauli
22f7f42433 rand: avoid caching RNG parameters.
The strength and max_length DRBG parameters were being cached in the EVP_RAND
layer.  This commit removes the caching.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12321)
2020-07-05 13:18:08 +10:00
Pauli
7dc38bea94 Refactor the EVP_RAND code to make locking issues less likely
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12321)
2020-07-05 13:18:08 +10:00
Pauli
132abb21f9 rand: fix recursive locking issue.
The calls to query the DRBG strength, state and maximum output size all used
nested locks.  This removes the nesting.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12321)
2020-07-05 13:17:43 +10:00
Gustaf Neumann
8c1cbc7210 Fix typos and repeated words
CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12320)
2020-07-05 01:49:20 +02:00
Richard Levitte
3a19f1a9dd Configuration and build: Fix solaris tags
The shared_target attrribute for Solaris built with gcc wasn't right
and shared libraries couldn't be properly built.

Fixes #12356

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12360)
2020-07-04 10:38:46 +02:00
Richard Levitte
1cafbb799a util/perl/OpenSSL/config.pm: Fix /armv[7-9].*-.*-linux2/
This entry added the macro B_ENDIAN when it shouldn't have.

Fixes #12332

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12335)
2020-07-04 10:34:58 +02:00
Richard Levitte
16328e9f6c NOTE.WIN: suggest the audetecting configuration variant as well
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12339)
2020-07-04 10:32:49 +02:00
Richard Levitte
b2bed3c6e5 util/perl/OpenSSL/config.pm: move misplaced Windows and VMS entries
OpenSSL::config::guess_system() is supposed to return system triplets.
However, for Windows and VMS, it returned the final OpenSSL config
target instead.  We move the entries for them to the table that
OpenSSL::config::map_guess() uses, so it can properly convert the
input triplet to an OpenSSL config target.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12339)
2020-07-04 10:32:49 +02:00
Matt Caswell
bb2d726d75 Fix a typo in the i2d_TYPE_fp documentation
Thanks to Michael Mueller on the openssl-users list for the suggested
improvement.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12338)
2020-07-03 17:37:53 +01:00
Matt Caswell
5b393802ed Don't run the cmp_cli tests if using FUZZING_BUILD_MODE
[extended tests]

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12275)
2020-07-03 17:20:38 +01:00
Matt Caswell
ca3245a619 If an empty password is supplied still try to use it
If an empty password was supplied we ignored it and were trying to use
the fallback method to read the password instead (i.e. read from stdin).
However if that failed (which it always does if the cmp option -batch is
used) then we were reporting that we had successfully read the password
without actually setting one.

Instead, if an empty password is explicitly provided we should use it. If
no password is supplied explicitly and we have no fallback method then we
assume the empty password.

[extended tests]

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12275)
2020-07-03 17:20:38 +01:00
Matt Caswell
5a640713f3 Ensure a string is properly terminated in http_client.c
In HTTP_new_bio(), if the host has a trailing '/' we took a copy of the
hostname but failed to terminate it properly.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12275)
2020-07-03 17:18:41 +01:00
Dr. David von Oheimb
64bb6276d1 81-test_cmp_cli.t: Correct subroutine quote_spc_empty and its use
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12280)
2020-07-03 13:39:20 +02:00
Dr. David von Oheimb
8913760960 81-test_cmp_cli.t: Streamline {start,stop}_mock_server and improve port setting
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12280)
2020-07-03 13:39:20 +02:00
Dr. David von Oheimb
94fcec0902 test/run_tests.pl: Add alias REPORT_FAILURES{,_PROGRESS} for VF and VFP
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12279)
2020-07-03 10:12:22 +02:00
Dr. David von Oheimb
a812549108 test/run_tests.pl: Add visual separator after failed test case for VFP and VFP modes
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12279)
2020-07-03 10:12:22 +02:00
Dr. David von Oheimb
e4522e1059 test/run_tests.pl: Enhance the semantics of HARNESS_VERBOSE_FAILURES (VF)
Make the improved semantics of VFO replace the previous VF and remove VFO
Add warnings about overriding use of HARNESS_VERBOSE* variables

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12279)
2020-07-03 10:12:22 +02:00
Richard Levitte
ea4ee152a7 Configure: fix handling of build.info attributes with value
This line wasn't properly handled:

    SCRIPTS{misc,linkname=tsget}=tsget.pl

It generated an attribute "linkname=tsget" with the value 1, instead of
what it should have, an attribute "linkname" with the value "tsget".

Fixes #12341

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12344)
2020-07-03 09:12:07 +02:00
Jon Spillett
e7869ef137 Fix up build issue when running cpp tests
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12334)
2020-07-03 10:00:12 +10:00
Jakub Wilk
0c4444121c doc: Remove stray backtick
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12329)
2020-07-03 09:51:11 +10:00
Richard Levitte
610e2b3b70 Configure: Check source and build dir equality a little more thoroughly
'absolutedir' does a thorough job ensuring that we have a "real" path
to both source and build directory, unencumbered by symbolic links.
However, that isn't enough on case insensitive file systems on Unix
flavored platforms, where it's possible to stand in, for example,
/PATH/TO/Work/openssl, and then do this:

    perl ../../work/openssl/Configure

... and thereby having it look like the source directory and the build
directory aren't the same.

We solve this by having a closer look at the computed source and build
directories, and making sure they are exactly the same strings if they
are in fact the same directory.

This is especially important when making symbolic links based on this
directories, but may have other ramifications as well.

Fixes #12323

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12337)
2020-07-02 18:53:25 +02:00
Nicola Tuveri
9576c498ca [test/README.md] minor fix of examples missing the test target
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12326)
2020-07-02 16:48:15 +03:00
Nicola Tuveri
af3e8c298a Travis: default to HARNESS_JOBS=4
We can run tests in parallel by setting the HARNESS_JOBS environment
variable.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12326)
2020-07-02 16:48:15 +03:00
Nicola Tuveri
a20c9075d6 Run tests in parallel
The environment variable `HARNESS_JOBS` can be used to control how many
jobs to run in parallel.  The default is still to run jobs sequentially.

This commit does not define custom `rules`, and different versions of
`TAP::Harness` come with different strategies regarding the default
`rules` that define which test recipes can be run in parallel.
In recent versions of Perl, unless specified otherwise any task can be
run in parallel.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12326)
2020-07-02 16:47:17 +03:00
Nicola Tuveri
587e4e53f8 Fix memory leaks on OSSL_SERIALIZER_CTX_new_by_EVP_PKEY
Fixes #12303

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12304)
2020-07-02 16:45:14 +03:00
Miłosz Kaniewski
94941cada2 Free pre_proc_exts in SSL_free()
Usually it will be freed in tls_early_post_process_client_hello().
However if a ClientHello callback will be used and will return
SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello()
may never come to the point where pre_proc_exts is freed.

Fixes #12194

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12330)
2020-07-01 17:25:48 -07:00
Pauli
69f982679e doc: remove reference to the predecessor of SHA-1.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12322)
2020-07-02 09:08:33 +10:00
Matt Caswell
0577959cea Don't forget our provider ctx when resetting
A number of the KDF reset functions were resetting a little too much

Fixes #12225

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12229)
2020-07-01 11:31:45 +01:00
Dr. David von Oheimb
b4cb9498c9 X509v3_cache_extensions(): Improve coding style and doc, fix case 'sha1 == NULL'
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10587)
2020-07-01 11:14:54 +02:00