Commit Graph

17684 Commits

Author SHA1 Message Date
Gergely Nagy
1bb7310bf8 Fix compilation when using MASM on x86
The generated asm code from x86cpuid.pl contains CMOVE instructions
which are only available on i686 and later CPUs.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1459)
2016-08-16 14:46:55 -04:00
Matt Caswell
2ecb9f2d18 Provide compat macros for SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto()
These functions are no longer relevant to 1.1.0 (we always have auto ecdh
on) - but no reason to break old code that tries to call it. The macros will
only return a dummy "success" result if the app was trying to enable ecdh.
Disabling can't be done in quite this way any more.

Fixes Github Issue #1437

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-08-16 17:11:43 +01:00
Matt Caswell
f9cf774cbd Ensure we unpad in constant time for read pipelining
The read pipelining code broke constant time unpadding. See GitHub
issue #1438

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:53:17 +01:00
Dr. Stephen Henson
0f022f5a22 Corrupt signature earlier.
If -badsig is selected corrupt the signature before printing out
any details so the output reflects the modified signature.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:36 +01:00
Dr. Stephen Henson
34d4d74575 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:36 +01:00
Dr. Stephen Henson
17ebf85abd Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().
Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:35 +01:00
Richard Levitte
1940aa6e6b Remove duplicate ordinals
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 14:16:53 +02:00
Andy Polyakov
05ef4d1980 ARMv8 assembly pack: add Samsung Mongoose results.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 12:47:49 +02:00
Andy Polyakov
9d46752dfe Configure: recognize -static as link option and disable incompatible options.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 12:45:51 +02:00
Andy Polyakov
f4941736a9 test/ssl_test.tmpl: make it work with elderly perl.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 12:43:44 +02:00
David Woodhouse
31c34a3e2f Fix satsub64be() to unconditionally use 64-bit integers
Now we support (u)int64_t this can be very much simpler.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-16 10:24:57 +01:00
Emilia Kasper
e0421bd8b2 SSL tests: send some application data
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 11:00:15 +02:00
Richard Levitte
ffb261ff19 Add a "config" for verbosity and use it with Travis
Modify VMS config.com to match

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Richard Levitte
a4ffbbeef6 Make "make" less verbose in Travis, except for the build only case
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Dr. Stephen Henson
66bcba1457 Limit reads in do_b2i_bio()
Apply a limit to the maximum blob length which can be read in do_d2i_bio()
to avoid excessive allocation.

Thanks to Shi Lei for reporting this.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 00:27:10 +01:00
Dr. Stephen Henson
8b9afbc0fc Check for errors in a2d_ASN1_OBJECT()
Check for error return in BN_div_word().

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 00:19:19 +01:00
Dr. Stephen Henson
07bed46f33 Check for errors in BN_bn2dec()
If an oversize BIGNUM is presented to BN_bn2dec() it can cause
BN_div_word() to fail and not reduce the value of 't' resulting
in OOB writes to the bn_data buffer and eventually crashing.

Fix by checking return value of BN_div_word() and checking writes
don't overflow buffer.

Thanks to Shi Lei for reporting this bug.

CVE-2016-2182

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 00:19:19 +01:00
Tomas Mraz
40c60b0d73 Avoid truncating the pointer on x32 platform.
The 64 bit pointer must not be cast to 32bit unsigned long on
x32 platform.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-15 23:30:45 +01:00
Tomas Mraz
e7e5d608fb Add a comment for the added cast with explanation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-15 23:30:45 +01:00
Tomas Mraz
3f8d1216df Fix af_alg engine failure on 32 bit architectures.
Add extra cast to unsigned long to avoid sign extension when
converting pointer to 64 bit data.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-15 23:30:45 +01:00
Matt Caswell
bb982ce753 Remove a stray unneeded line in 70-test_sslrecords.t
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-15 23:14:30 +01:00
Matt Caswell
78fcddbb8d Address feedback on SSLv2 ClientHello processing
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-15 23:14:30 +01:00
Matt Caswell
a2a0c86bb0 Add some SSLv2 ClientHello tests
Test that we handle a TLS ClientHello in an SSLv2 record correctly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-15 23:14:30 +01:00
Matt Caswell
a01c86a251 Send an alert if we get a non-initial record with the wrong version
If we receive a non-initial record but the version number isn't right then
we should send an alert.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-15 23:14:30 +01:00
Matt Caswell
44efb88a21 Address feedback on SSLv2 ClientHello processing
Feedback on the previous SSLv2 ClientHello processing fix was that it
breaks layering by reading init_num in the record layer. It also does not
detect if there was a previous non-fatal warning.

This is an alternative approach that directly tracks in the record layer
whether this is the first record.

GitHub Issue #1298

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-15 23:14:30 +01:00
Rob Percival
c35d339d98 Replaces CT_POLICY_EVAL_CTX_set0 entries with new setters in libcrypto.num
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1408)
2016-08-15 12:57:00 -04:00
Rob Percival
11c68ceaa6 Make CT_POLICY_EVAL_CTX_set1_{cert,issuer} into boolean functions
They may fail if they cannot increment the reference count of the
certificate they are storing a pointer for. They should return 0 if this
occurs.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1408)
2016-08-15 12:56:47 -04:00
Rob Percival
a1bb7708ce Improves CTLOG_STORE setters
Changes them to have clearer ownership semantics, as suggested in
https://github.com/openssl/openssl/pull/1372#discussion_r73232196.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1408)
2016-08-15 12:56:47 -04:00
Richard Levitte
a0ef6bb687 Skip the SRP tests in 80-test_ssl_old.t if no TLS versions is enabled
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-15 17:16:47 +02:00
Dr. Stephen Henson
0a699a0723 Fix no-ec
Fix no-ec builds by having separate functions to create keys based on
an existing EVP_PKEY and a curve id.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-15 14:07:33 +01:00
Jakub Zelenka
0818dbadf3 Never return -1 from BN_exp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1455)
2016-08-14 20:52:13 +01:00
Dr. Stephen Henson
3d9a51f7ed update CHANGES
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:06 +01:00
Dr. Stephen Henson
c082201a36 add documentation
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
23143e4da6 Print out names of other temp key algorithms.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
bc7bfb83b7 Remove old EC based X25519 code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
ec24630ae2 Modify TLS support for new X25519 API.
When handling ECDH check to see if the curve is "custom" (X25519 is
currently the only curve of this type) and instead of setting a curve
NID just allocate a key of appropriate type.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
3bca6c2731 Add encoded points to other EC curves too.
Add encoded point ctrl support for other curves: this makes it possible
to handle X25519 and other EC curve point encoding in a similar way
for TLS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
c06f2aaa08 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
5d6aaf8a9d Add point ctrls to X25519
Add ctrl operations to set or retrieve encoded point in
EVP_PKEY structures containing X25519 keys.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
10f8d0eaa5 Update X25519 key format in evptests.txt
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
262bd85fde Add X25519 methods to internal tables
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Dr. Stephen Henson
873feeb9cf add to build.info
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Dr. Stephen Henson
59bf0f031f make errors
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Dr. Stephen Henson
756b198d24 X25519 public key methods
Add X25519 methods to match current key format defined in
draft-ietf-curdle-pkix-02

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Dr. Stephen Henson
a4cb54d257 Fix type of ptr field.
Since "ptr" is used to handle arbitrary other types it should be
void *.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Dr. Stephen Henson
4950f8885c Use OIDs from draft-ietf-curdle-pkix-02
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Rich Salz
e928132343 GH1446: Add SSL_SESSION_get0_cipher
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1451)
2016-08-12 15:23:48 -04:00
Rich Salz
ce7a2232f8 Check for bad filename in evp_test
Thanks to Brian Carpter for reporting this.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-08-12 14:04:53 -04:00
Dr. Stephen Henson
721f398023 Update documentation for DSA_SIG and ECDSA_SIG.
RT#4590

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-12 14:21:21 +01:00
Andy Polyakov
d40a13af5d crypto/sparcv9cap.c: add missing declaration.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-12 10:26:20 +02:00