Commit Graph

27604 Commits

Author SHA1 Message Date
Richard Levitte
457856f27a UI: Use OPENSSL_zalloc() in general_allocate_prompt()
This is to ensure that fields we don't set explicitly are always zero.

Fixes #13340

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13346)
2020-11-10 10:57:16 +01:00
Daniel Bevenius
ecd1550be9 Fix REF_PRINT_COUNT argument in ecx_key_free
Currently, when configuring OpenSSL using -DREF_PRINT the following
compilation error is generated:

In file included from include/crypto/ecx.h:21,
                 from crypto/ec/ecx_key.c:11:
crypto/ec/ecx_key.c: In function 'ecx_key_free':
crypto/ec/ecx_key.c:65:32: error: 'r' undeclared
(first use in this function)
   65 |     REF_PRINT_COUNT("ECX_KEY", r);
      |                                ^
include/internal/refcount.h:169:40: note: in definition of macro
'REF_PRINT_COUNT'
  169 |         fprintf(stderr, "%p:%4d:%s\n", b, b->references, a)
      |                                        ^
crypto/ec/ecx_key.c:65:32: note: each undeclared identifier is reported
only once for each function it appears in
   65 |     REF_PRINT_COUNT("ECX_KEY", r);
      |                                ^
include/internal/refcount.h:169:40: note: in definition of macro
'REF_PRINT_COUNT'
  169 |         fprintf(stderr, "%p:%4d:%s\n", b, b->references, a)
      |                                        ^
make[1]: *** [Makefile:14929: crypto/ec/libcrypto-lib-ecx_key.o] Error 1

This commit updates the argument passed in to be the ECX_KEY* key.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13298)
2020-11-10 13:00:27 +10:00
Shane Lontis
8016faf156 Remove test that breaks on AIX.
The offending test checks that fopen("anydir/") fails. This looks fairly platform
specific. For the test involved this creates a file called
"anydir" on an AIX test machine.

This change was introduced on (Sept 24)
29844ea5b3

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13309)
2020-11-09 07:56:56 +10:00
Bernd Edlinger
07af94416f This should fix a lock-order-inversion
Calling OPENSSL_init_crypto before acquiring the
ossl_property_read_lock in ossl_method_store_fetch
makes the second call to OPENSSL_init_crypto
from ossl_ctx_global_properties unnecessary.

Fixes #12869

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13321)
2020-11-08 07:44:28 +01:00
Richard Levitte
e6774a7289 test/evp_extra_test.c: Modify to reflect provider support in test_EVP_PKEY_check
With our providers, RSA now supports public key check and key parameter check.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13334)
2020-11-07 12:31:24 +01:00
Richard Levitte
dc56deddee EVP: Have all EVP_PKEY check functions export to provider if possible
Fixes #13322

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13334)
2020-11-07 12:31:24 +01:00
Richard Levitte
914079d1c3 Fix test/recipes/80-test_ca.t to skip_all properly in a subtest
It's perfectlt ok to 'plan skip_all' in a subtest, but in that case,
it must really be inside the subtest.

Fixes #13330

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13331)
2020-11-07 12:24:49 +01:00
Matt Caswell
5800d0414b Correct system guessing for solaris64-x86_64-* targets
Previously the system guessing script was choosing a target that did not
exist for these platforms.

Fixes #13323

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13327)
2020-11-06 17:20:54 +00:00
Matt Caswell
3eb84c6285 Don't complain about uninitialized values when running Configure
If a system understands `uname -X` then the Configure script will attempt
to use uninitialized values.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13327)
2020-11-06 17:20:54 +00:00
Matt Caswell
b9b2135d22 Don't clear the whole error stack when loading engines
Loading the various built-in engines was unconditionally clearing the
whole error stack. During config file processing processing a .include
directive which fails results in errors being added to the stack - but
we carry on anyway. These errors were then later being removed by the
engine loading code, meaning that problems with the .include directive
never get shown.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13311)
2020-11-06 10:34:48 +00:00
Matt Caswell
b8ae4a83de Don't clear errors on failure in CONF_modules_load_file_ex()
The call to CONF_modules_load() in CONF_modules_load_file_ex() can
return a negative number to indicate failure. This was incorrectly
being interpreted as "success" and therefore errors were being cleared
incorrectly.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13311)
2020-11-06 10:34:48 +00:00
David von Oheimb
3309c4b716 x509_vfy.c: Call verification callback individually per strict check in check_chain()
Fixes #13283

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13312)
2020-11-06 11:17:23 +01:00
David von Oheimb
6e5e118c2a x509_vfy.c: Introduce CHECK_CB macro simplifying use of cert verification cb function
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13312)
2020-11-06 11:17:22 +01:00
David von Oheimb
0e071fbce4 CHANGES.md: Mention (strict) checks recently added to X509_verify_cert()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13312)
2020-11-06 11:17:22 +01:00
David von Oheimb
bbc8343478 Improve doc of X509_verify_cert(), also in openssl.pod
in particular regarding the checks due to X509_V_FLAG_X509_STRICT/-x509_strict

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13312)
2020-11-06 11:17:22 +01:00
Dmitry Belyavskiy
7bfd934049 Check the configuration file by default
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13310)
2020-11-05 20:45:20 +03:00
Matt Caswell
ecabd00644 Prepare for 3.0 alpha 9
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-05 14:04:11 +00:00
Matt Caswell
20d7295cb0 Prepare for release of 3.0 alpha 8
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-05 14:03:50 +00:00
Matt Caswell
29d3af0404 Update copyright year
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13324)
2020-11-05 13:37:26 +00:00
Pauli
649bd87cb4 defltprov: remove duplicate algorithm names.
Ed25519 and Ed448 contained aliases that were the same as the primary name.
This removes the aliases leaving ED25519 and ED448 as the canonical names.

Matching is case insensitive, so no functionality is lost.  The FIPS provider
didn't include the duplicates.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13308)
2020-11-05 18:54:20 +10:00
Randall S. Becker
9750b4d39c Moved OPENSSL_fork_prepare,_parent,_child from init.c to threads_pthread.c.
These methods should ultimately be deprecated. The move is to insulate
non-UNIX platforms from these undefined symbols.

CLA: Permission is granted by the author to the OpenSSL team to use
these modifications.

Fixes #13273

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13276)
2020-11-04 17:02:38 +01:00
Hu Keping
23fb3661cf Do not export the submodules gost-engine
Remove gost-engine from the distribution tarball.

Signed-off-by: Hu Keping <hukeping@huawei.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13301)
2020-11-04 16:09:25 +03:00
Ichinose Shogo
3ee3c4d2ab fix typo in README
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13289)
2020-11-03 17:58:12 +01:00
Benjamin Kaduk
e7a8fecd0b Add more diagnostics to ossl_shim
We had several cases where the connection failed but we did not
have an error message to differentiate which failure condition had
been triggered.  Add some more messages to help clarify what is
going wrong.

[extended tests]

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13251)
2020-11-02 11:28:24 -08:00
Benjamin Kaduk
467dc32524 Adjust error reason for ssl_get_min_max_version() failure
Use SSL_R_NO_PROTOCOLS_AVAILABLE instead of ERR_R_INTERNAL_ERROR,
to match what the BoringSSL tests expect for this case.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13251)
2020-11-02 11:28:24 -08:00
Benjamin Kaduk
a92c9648cd Clear error queue entries from bad DLTS records
DTLS by design ignores records/packets with bad MAC or failed AEAD tag
validation.  However, recent changes to have provided cipher
implementations caused tls1_enc() to leave an entry on the error queue
for invalid GCM tags, e.g.:

800BEAEF487F0000:error::Provider routines:gcm_stream_update:cipher operation failed:providers/implementations/ciphers/ciphercommon_gcm.c:306

The BoringSSL tests check for entries on the error queue with
SSL_get_error() and so we were seeing spurious test failures
due to the additional item on the error queue.  To avoid leaving
such spurious entries on the error queue, set a mark before calling
the ssl3_enc 'enc' method, and pop to that mark before ignoring
invalid packets.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13251)
2020-11-02 11:28:24 -08:00
jwalch
3d7e7e7c48 Prevent potential UAF in init_thread_deregister()
I discovered the potential for use-after-free on glob_tevent_reg &
its members in this function as a consequence of some static (de-)initialization
fiasco in C++ client code.

Long story short, an EVP_PKEY_free() was happening after
OPENSSL_cleanup(). Aside from being freed the EVP_PKEY object wasn't
actually being used after cleanup, it was basically just an
ordering issue.

Obviously the application behavior here is somewhat suspect,
but IMO is basically benign. Crashing (most typical outcome
of a UAF) doesn't seem the optimal response.

At any rate, the issue can be avoided (at least with regard to this function)
by simply updating the pointer to NULL rather than leaving it pointing
to the freed memory, as is the typical practice.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13267)
2020-11-02 18:03:22 +01:00
Daniel Bevenius
d1ca391123 EVP: Fix typo in EVP_PKEY_gen comment
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13282)
2020-11-02 16:35:16 +01:00
jwalch
3d4c81b09b Initialize outl in evp_enc.c to 0, protect against NULL
Fixes #12734

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13268)
2020-11-02 16:32:19 +01:00
Shane Lontis
8ea761bf40 Add AES KW inverse ciphers to the EVP layer
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13272)
2020-11-02 09:22:14 +10:00
Randall S. Becker
769302a68b Remove FLOSS from all OSS builds on NonStop except for SPT threading.
The Standard POSIX Threads (SPT) implementation hangs in some test cases
if FLOSS is not used.

CLA: Permission is granted by the author to the OpenSSL team to use
these modifications.

Fixes #13277

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13279)
2020-11-01 06:27:09 +01:00
Richard Levitte
08312719ba test/recipes/90-test_shlibload.t: Skip when address sanitizer enabled
Because this test loads the shared libraries dynamically, there are
cases where that results in errors because the ASAN library wasn't
loaded first.  That makes this test unsuitable in an ASAN build.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13281)
2020-11-01 06:01:09 +01:00
Richard Levitte
3b1bfd2160 util/find-doc-nits: ignore OSSL_DEPRECATED*, alongside other reserved symbols
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13240)
2020-11-01 05:57:42 +01:00
Richard Levitte
d14e7df852 Simplify and clarify doc/internal/man7/deprecation.pod
doc/internal/man7/deprecation.pod was unclear in some areas, and
included general documentation that has no place there.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13240)
2020-11-01 05:57:42 +01:00
jwalch
908cf7cefb Patch leak in EVP_PKEY2PKCS8() error path
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13278)
2020-10-30 22:38:25 +03:00
Matt Caswell
62a3614372 Allow empty deprecation macros to be passed as macro arguments
The OSSL_DEPRECATEDIN_3_0 macro introduced in PR #13074 is intended to
be passed as a parameter to the various PEM declaration macros. However,
in some cases OSSL_DEPRECATEDIN_3_0 is defined to be empty, and it is
not allowed to pass empty macro arguments in C90. Therefore we ensure
these macros are always defined. In the case where they were empty
previously we use a no-op value instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13227)
2020-10-30 14:56:29 +00:00
Matt Caswell
e82f45982c Fix some missed usage of DEFINE_LHASH_OF()
PR#12860 fixed issues with the Lhash code. It replaced usage of
DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple
of instances.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13274)
2020-10-30 14:24:30 +00:00
Richard Levitte
140eee2b3b Add easy to digest selector macros for EVP_PKEYs
These are meant to be used with functions like
OSSL_ENCODER_CTX_new_by_EVP_PKEY()

The OSSL_ENCODER_CTX_new_by_EVP_PKEY() manual is also expanded on the
topics of output types and selections.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13189)
2020-10-30 13:09:52 +01:00
Richard Levitte
f79289389e test/recipes/15-test_gendh.t: don't try DER params
There is no option to output DH params in DER form.  -outform doesn't
apply to -genparam with 'openssl genpkey', and it shouldn't.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13266)
2020-10-30 13:07:38 +01:00
Benjamin Kaduk
231849bc9c Unify ssl3_get_cipher_by_std_name() implementation
The handling for the SCSVs was the same as for regular ciphers;
just merge them into the same table-driven handler.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13010)
2020-10-29 13:10:51 -07:00
Ard Biesheuvel
fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication
PAC pointer authentication signs the return address against the value
of the stack pointer, to prevent stack overrun exploits from corrupting
the control flow. However, this requires that the AUTIASP is issued with
SP holding the same value as it held when the PAC value was generated.
The Poly1305 armv8 code got this wrong, resulting in crashes on PAC
capable hardware.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13256)
2020-10-29 17:17:21 +01:00
Pauli
728d03b576 afalg: add a NULL pointer check
Fixes #13260

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13261)
2020-10-29 16:38:03 +03:00
Randall S. Becker
648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations.
CLA: Permission is granted by the author to the OpenSSL team to use
these modifications.

Fixes #13237

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13238)
2020-10-28 17:18:26 +01:00
Richard Levitte
28e1d588f1 DH: stop setting the private key length arbitrarily
The private key length is supposed to be a user settable parameter.
We do check if it's set or not, and if not, we do apply defaults.

Fixes #12071

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13140)
2020-10-27 15:13:54 +01:00
Richard Levitte
09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter.
Fixes #13221
Fixes #12743
Fixes #12078

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13225)
2020-10-27 10:17:19 +01:00
Shane Lontis
5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc'
cipher_hw_generic_##mode has been renamed to ossl_cipher_hw_generic_##mode.
There were a few missing renames for t4 in .inc files.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13213)
2020-10-27 15:32:59 +10:00
Matt Caswell
47b422c90a Ensure we raise SSLfatal on error
We were missing a call to SSLfatal. A comment claimed that we had already
called it - but that is incorrect.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13229)
2020-10-26 09:07:20 -07:00
Richard Levitte
22dddfb925 APPS: Remove the format argument where it's not used
Also, restore a behaviour change, where load_cert() would look at
stdin when the input file name is NULL, and make sure to call
load_cert_pass() with a corresponding argument where load_cert() was
used in OpenSSL 1.1.1.

Fixes #13235

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13236)
2020-10-26 09:43:39 +01:00
Kan
b6120b5f54 Add parentheses to fix PCLINT Info:773
Fixes #7930
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12927)
2020-10-26 06:23:55 +01:00
Nicola Tuveri
d1fb6b481b Constify OSSL_FUNC_keymgmt_validate()
The keydata argument of OSSL_FUNC_keymgmt_validate() should be read-only.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13201)
2020-10-23 17:54:40 +03:00