Commit Graph

33734 Commits

Author SHA1 Message Date
shub-al
d561fe5a0a ssl_get_min_max_version(): Remove unused variable single
CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21768)
2023-08-20 13:26:46 +02:00
Tomas Mraz
6404d064b8 ossl_x509_store_ctx_get_by_subject(): Check return value of X509_STORE_lock()
Fixes Coverity 1539148

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
2023-08-18 15:06:18 +02:00
Tomas Mraz
2b2eedfdd6 cmp_genm.c: Remove superfluous store_ctx != 0 check
This really cannot be ever called with NULL store_ctx
and the check confuses Coverity.

Fixes Coverity 1538865

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
2023-08-18 15:06:18 +02:00
Tomas Mraz
8b940b6945 ssl_old_test.c: Check inconsistent values from SSL_get0_alpn_selected()
Fixes Coverity 1534838

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
2023-08-18 15:06:18 +02:00
Tomas Mraz
20baa24f9f apps/spkac.c: Check result of ASN1_STRING_set()
Fixes Coverity 1027256

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
2023-08-18 15:06:17 +02:00
Tomas Mraz
79cdbe893d quic_new_record_layer(): Change TODO(QUIC) to QUIC FUTURE
Fixes openssl/project#134

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21756)
2023-08-18 10:17:08 +02:00
Rob Stradling
1c8a7f5091 Add two missing entries to the OCSP CRLReason table
CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21743)
2023-08-18 10:05:39 +02:00
Matt Caswell
0577dbad07 Fix a memory leak in tls_new_record_layer
If setting the crypto state has failed then memory might have been
partially allocated to fields within the partially constructed record
layer. We need to call tls_int_free() to properly free it.

Found by the reproducible error patch in openssl#21668

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21753)
2023-08-17 21:35:53 +02:00
vl-loz
4a469cba27 Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons
This change is for feature request #21679.

Adds a couple of setters to aid with custom CRL validation.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21737)
2023-08-17 21:34:12 +02:00
Hugo Landau
51b2a670c8 QUIC: Update SSL_shutdown manpage
Fixes https://github.com/openssl/project/issues/138

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21618)
2023-08-17 14:41:24 +01:00
Hugo Landau
1875642c89 QUIC: Update SSL_accept_stream manpage
Fixes https://github.com/openssl/project/issues/135

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21618)
2023-08-17 14:41:04 +01:00
Matt Caswell
92e3f43aec Don't free the prev BIO prematurely
We shouldn't free the prev BIO in ssl_set_new_record_layer until it is
no longer referenced by s->rlayer.rrlnext.

Found by the reproducible error patch in #21668

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21741)
2023-08-17 08:06:43 +01:00
Matt Caswell
e16c010308 Fix a leak in an error path when duplicating an OSSL_DECODER_CTX.
Make sure we free process_data_dest if it is not actually used.

Found by the reproducible error patch in #21668

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21741)
2023-08-17 08:06:43 +01:00
Neil Horman
e4d808652b issue-21718: remove setting of PTHREAD_MUTEX_NORMAL
issue: https://github.com/openssl/openssl/issues/21718

build break reported:
crypto/threads_pthread.c:76:5: warning: implicit declaration of function 'pthread_mutexattr_settype'; did you mean 'pthread_mutexattr_destroy'? [-Wimplicit-function-declaration]
   76 |     pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~
      |     pthread_mutexattr_destroy
crypto/threads_pthread.c:76:38: error: 'PTHREAD_MUTEX_NORMAL' undeclared (first use in this function); did you mean 'PTHREAD_MUTEX_TIMED_NP'?
   76 |     pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL);
      |                                      ^~~~~~~~~~~~~~~~~~~~
      |                                      PTHREAD_MUTEX_TIMED_NP

This occurs because PTHREAD_MUTEX_NORMAL is only defined in glibc if
__USE_UNIX98 or __USE_XOPEN2K8 is defined, which is derived from setting
__USE_POSIX_C_SOURCE or __XOPEN_SOURCE is selected in the glibc feature
set for a build.  Since openssl selects no specific feature set from
glibc, the build break occurs

We could select a feature set of course, but that seems like a
significant discussion to have prior to doing so. Instead, the simpler
solution is to just not set the mutex type at all, given that
pthread_mutexattr_init sets the default mutex type, which should be akin
to normal anyway (i.e. no mutex error checking or allowed-recursive
behavior)

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21726)
2023-08-17 08:02:15 +01:00
slontis
39ed7636e0 Fix decoders so that they use the passed in propq.
Fixes #21198

decoder objects were setting propq as NULL.
Added a set_ctx/settable_ctx to all decoders that should supply
a property query parameter to internal functions.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21219)
2023-08-16 18:02:51 +02:00
Neil Horman
a25715be77 Improve documentation for BIO_s_mem
Recent leak discovered by valgrind:
==1007580== at 0x483C815: malloc (vg_replace_malloc.c:431)
==1007580== by 0x2C2689: CRYPTO_zalloc (in /home/vien/microedge-c/test)
==1007580== by 0x295A17: BUF_MEM_new (in /home/vien/microedge-c/test)
==1007580== by 0x295A78: BUF_MEM_new_ex (in /home/vien/microedge-c/test)
==1007580== by 0x28CACE: mem_new (in /home/vien/microedge-c/test)
==1007580== by 0x285EA8: BIO_new_ex (in /home/vien/microedge-c/test)
==1007580== by 0x231894: convert_pubkey_ECC (tpm2_driver.c:221)
==1007580== by 0x232B73: create_ephemeral_key (tpm2_driver.c:641)
==1007580== by 0x232E1F: tpm_gen_keypair (tpm2_driver.c:695)
==1007580== by 0x22D60A: gen_keypair (se_driver_api.c:275)
==1007580== by 0x21FF35: generate_keypair (dhkey.c:142)
==1007580== by 0x24D4C8: __test_dhkey (dhkey_test.c:55)

led me to find that BIO_get_mem_data is informative only, it does not
transer ownership of a BIO_s_mems data structure to the caller.
Additionally treating it as such leads to the above leak, or possibly
data corruption in the event that BIO_set_close(bio, BIO_NOCLOSE) is not
set properly prior to calling BIO_free.

Made an attempt to fix it in a minimally invasive manner in the 3.1
branch, but based on discussion, its just not safe to do in an API
compatible way, so just document the sematics a little more clearly
here, and fix it properly in a future release

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21724)

(cherry picked from commit 66d1658b4d)
2023-08-16 14:53:51 +02:00
Pauli
cdd916313a quic: process stateless resets
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21649)
2023-08-16 12:07:17 +02:00
3lswear
945fde53a3 Check i2d_X509_NAME return in X509_NAME_hash_ex/old
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21697)
2023-08-16 10:46:14 +02:00
Dr. David von Oheimb
830b6a13f9 http_server.c: allow clients to connect with IPv6
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21033)
2023-08-15 20:41:26 +02:00
Matt Caswell
3d254b3134 Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()
Found via the reproducible error injection in #21668

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21723)
2023-08-15 14:50:37 +01:00
Matt Caswell
643f542a89 Fix a use-after-free in quic_tls.c
The comments in quic_tls.c claimed that the dummybio was never used by
us. In fact that is not entirely correct since we set and cleared the
retry flags on it. This means that we have to manage it properly, and update
it in the event of set1_bio() call on the record layer method.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
644ef0bb69 Add a test for receiving a post-handshake CertificateRequest
This should result in a QUIC PROTOCOL_VIOLATION

We also add tests for a post-handshake KeyUpdate, and a NewSessionTicket
with an invalid max_early_data value.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
614c08c239 Add the ability to send NewSessionTicket messages when we want them
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
50a0af2e41 TLS KeyUpdate messages are not allowed in QUIC
We already disallowed the sending of TLS KeyUpdate messages. We also treat
the receipt of a TLS KeyUpdate message as an unexpected message.

RFC 9001 section 6:
Endpoints MUST treat the receipt of a TLS KeyUpdate message as a connection
error of type 0x010a, equivalent to a fatal TLS alert of unexpected_message;
see Section 4.8.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
04c7fb53e0 NewSessionTickets with an early_data extension must have a valid max value
The max_early_data value must be 0xffffffff if the extension is present in
a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
0f2add9e8d Don't forget we are doing QUIC if we clear the QUIC TLS data
We should retain the TLS1_FLAGS_QUIC setting in in s3.flags even after a
"clear" operation.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
b644a9323f Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION
An OpenSSL QUIC client does not send the post_handshake_auth extension.
Therefore if a server sends a post-handsahke CertificateRequest then this
would be treated as a TLS protocol violation with an "unexpected message"
alert code. However RFC 9001 specifically requires us to treat this as
QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message"
alert code in this one instance.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Richard Levitte
98d81174d3 Remove include/internal/decoder.h, as it's superfluous
The routines declared in there are entirely libcrypto internal, so
include/crypto/decoder.h is better suited for them.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21733)
2023-08-15 15:23:16 +02:00
Matt Caswell
4efd84fdd6 Fix no-dsa in combination with no-err
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
2023-08-15 15:20:42 +02:00
Matt Caswell
fb32f6ea42 Fix no-dtls and no-tls in combination
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
2023-08-15 15:20:42 +02:00
Tomas Mraz
f7b2942c04 ssl_local.h: Define SSL_OP_CISCO_ANYCONNECT if undefined in public headers
Fixes #21626

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:55:33 +02:00
Tomas Mraz
9d005bafac ossl_qrl_enc_level_set_provide_secret(): Clear el->md on error
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:55:33 +02:00
Tomas Mraz
4cc16b0557 quic_record_test.c: For tests that require ChaCha require also Poly1305
as both algorithms are really needed.

Fixes #21625

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:55:33 +02:00
Tomas Mraz
a5df3fc093 quicapitest.c: Fix missing wait_until_sock_readable()
Fixes #21624

With OPENSSL_NO_POSIX_IO or OPENSSL_NO_SOCK the function
wait_until_sock_readable() currently does not exist.

Define empty wait_until_sock_readable() when building
with no-posix-io.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:54:08 +02:00
Tomas Mraz
4dec9285d3 quicserver.c: Use BIO_printf to stderr instead of plain printf
Fixes #21623

Also do not build quicserver with no-stdio as it is a test
utility and tests are disabled with no-stdio anyway.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:53:44 +02:00
Matt Caswell
69b9a99296 Don't call ossl_assert on the result of bn_wexpand
bn_wexpand can fail as the result of a memory allocation failure. We
should not be calling ossl_assert() on its result because it can fail in
normal operation.

Found via the reproducible error injection in #21668

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/21725)
2023-08-14 14:32:06 +01:00
Hugo Landau
f2609004df Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
89b0948e53 QUIC CHANNEL: Tune RXFC default parameters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
410a90f598 QUIC TEST: Fix double close of FD (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
8761efb2cc QUIC UINT_SET: Fix null dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
f540b6b4f6 QUIC TSERVER: Handle return value correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
4669a3d79b QUIC APL: Add missing unlock call (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
23406e304f QUIC: Check block_until_pred return value in shutdown (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
a2d4915ab2 QUIC QTX: Handle negative IV values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
4d6ca88599 QUIC QTLS: Fix NULL dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:51 +01:00
Hugo Landau
b538ae4fbf QUIC QRX: Handle negative IV length values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:50 +01:00
Hugo Landau
3887546dcf QUIC CC TEST: Fix memory leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:50 +01:00
Hugo Landau
77a66117ab EVENT QUEUE: Fix memory leak (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:50 +01:00
Hugo Landau
565d2987cd QUIC FIFD: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:50 +01:00
Hugo Landau
451055d288 QUIC FC: TEST: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:50 +01:00