Commit Graph

21102 Commits

Author SHA1 Message Date
Matt Caswell
99dd374055 Convert ssl3_read_bytes() to use SSLfatal()
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4841)
2017-12-08 16:42:01 +00:00
Matt Caswell
196f2cbb78 Update ssl3_get_record() to use SSLfatal()
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4841)
2017-12-08 16:42:01 +00:00
FdaSilvaYY
a0fda2cf2d Address some code-analysis issues.
Expression '...' is always true.
The 'b->init' variable is assigned values twice successively

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4753)
2017-12-08 10:49:41 -05:00
FdaSilvaYY
cef115ff0c Fix an incoherent test.
Pointer 'o' is set inside a local buffer, so it can't be NULL.
Also fix coding style and add comments

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4754)
2017-12-08 10:25:38 -05:00
Benjamin Kaduk
5f21b44068 Fix test_tls13messages with no-ocsp
s_client -status is not available in this configuration.

While here, remove an outdated TODO(TLS1.3) comment.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
cb091295a9 Wrap more of ocspapitest.c in OPENSSL_NO_OCSP
make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused
once make_dummy_resp() is compiled out, so neither can be included
in the build when OCSP is disabled and strict warnings are active.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
88e09fe79b Fix coverity nit in handshake_helper.c
There's no reason to wrap this call in TEST_true() if we're not
checking the return value of TEST_true() -- all of the surrounding
similar calls do not have the macro wrapping them.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
b6306d8049 Fix coverity-reported errors in ocspapitest
Avoid memory leaks in error paths, and correctly apply
parentheses to function calls in a long if-chain.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Richard Levitte
0488c0bbbe In apps_startup(), call OPENSSL_init_ssl() rather than OPENSSL_init_crypto()
Otherwise, any command that relies on ssl modules may fail, because
SSL_add_ssl_module() will be called after the config file has already
been loaded.

Fixes #4788

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4792)
2017-12-08 16:08:39 +01:00
Richard Levitte
0a90a6831e In OPENSSL_init_ssl(), run the base ssl init before OPENSSL_init_crypto()
IF OPENSSL_init_ssl() is called with the option flag
OPENSSL_INIT_LOAD_CONFIG, any SSL config will be handled wrongly
(i.e. there will be an attempt to load libssl_conf.so or whatever
corresponds to that on non-Unix platforms).  Therefore, at least
SSL_add_ssl_module() MUST be called before OPENSSL_init_crypto() is
called.  The base ssl init does that, plus adds all kinds of ciphers
and digests, which is harmless.

Fixes #4788

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4792)
2017-12-08 16:08:39 +01:00
Bernd Edlinger
a14715888b Add missing range checks on number of multi primes in rsa_ossl_mod_exp
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4862)
2017-12-08 15:38:59 +01:00
Benjamin Kaduk
8a8bc66562 Fix no-ec
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4874)
2017-12-08 08:29:17 -06:00
Andy Polyakov
cded951378 chacha/asm/chacha-x86_64.pl: add AVX512VL code path.
256-bit AVX512VL was estimated to deliver ~50% improvement over AVX2
and it did live up to the expectations.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4838)
2017-12-08 12:57:49 +01:00
Andy Polyakov
7933762870 crypto/x86_64cpuid.pl: suppress AVX512F flag on Skylake-X.
It was observed that AVX512 code paths can negatively affect overall
Skylake-X system performance. But we are talking specifically about
512-bit code, while AVX512VL, 256-bit variant of AVX512F instructions,
is supposed to fly as smooth as AVX2. Which is why it remains unmasked.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4838)
2017-12-08 12:57:09 +01:00
Paul Yang
05de3a5be9 Leave a message in doc to indicate 0 is not acceptable
[to be squashed]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4767)
2017-12-08 12:48:18 +01:00
Paul Yang
b1c05a5049 Fix some issues in apps/req
1. the 'ignore -days' warning should not be printed without '-x509'
2. the 'ignore -days' warning should terminate with new-line

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4767)
2017-12-08 12:48:18 +01:00
Richard Levitte
d68a0eaf45 Remove unicode characters from source
Some compilers react badly to non-ASCII characters

Fixes #4877

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4879)
2017-12-08 11:56:37 +01:00
JitendraLulla
f1138840cb putting the missing static
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
JitendraLulla
7e8a5e3090 make get_cipher_handle static
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
JitendraLulla
a3d7fd2837 fix --strict-warnings
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
JitendraLulla
49ea0f0983 extending afalg with aes-cbc-192/256, afalgtest.c also updated accordingly. comments from matt, Stephen considered
fix  indentation, remove printf from afalgtest.c

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
Rich Salz
cbe2964821 Consistent formatting for sizeof(foo)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4872)
2017-12-07 19:11:49 -05:00
Richard Levitte
e7a2066944 Document how the configuration option 'reconf' works
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
99aeeecb9f Configure: die if there are other arguments with 'reconf'
It's better to inform the user about this than silently ignoring
something that the user might expect to work, somehow.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
a064c6158e Make sure ./config passes options to ./Configure correctly
This is, even when they contain spaces or all kinds of funny quotes

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
17f1661724 Have all relevant config targets use the env() function rather than $ENV
This way, any of the relevant environment variables for the platform
being configured are preserved and don't have to be recalled manually
when reconfiguring.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
1786733e51 Document the possibility for command line argument env assignments
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
89bea0830d Make it possible to add env var assignments as Configure options
In other words, make the following possible:

    ./config CC=clang

or

    ./Configure CC=clang linux-x86_64

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
7ecdf18d80 Save away the environment variables we rely on
There are cases when we overwrite %ENV values, and while this is
perfectly fine on some platforms, it isn't on others, because the
Configure script isn't necessarely run in a separate process, and
thus, changing %ENV may very well change the environment of the
calling shell.  VMS is such a platform.

Furthermore, saving away values that we use also allow us to save them
in configdata.pm in an effective way, and recall those values just as
effectively when reconfiguring.  Also, this makes sure that we do use
the saved away values when reconfiguring, when the actual environment
variables might otherwise affect us.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Matt Caswell
e84282cbda Fix the buffer sizing in the fatalerrtest
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4867)
2017-12-07 14:35:30 +00:00
Matt Caswell
f47270e10b Update CHANGES and NEWS for new release
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-12-06 15:44:39 +00:00
Matt Caswell
97652f0b3a Add a test for CVE-2017-3737
Test reading/writing to an SSL object after a fatal error has been
detected. This CVE only affected 1.0.2, but we should add it to other
branches for completeness.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2017-12-06 15:37:49 +00:00
Andy Polyakov
77d7599365 test/bntest.c: add rsaz_1024_mul_avx2 regression test.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-12-06 15:36:20 +00:00
Andy Polyakov
5630661aec bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.
Credit to OSS-Fuzz for finding this.

CVE-2017-3738

Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-12-06 15:36:08 +00:00
Matt Caswell
e1dd8fa00a Fix the check_fatal macro
The check_fatal macro is supposed to only be called if we are already
expecting to be in the fatal state. The macro asserts that we are and
puts us into the fatal state if not.

This issue combined with the problem fixed in the previous commit meant
that the fuzzer detected a crash at a point in the processing when we
should have already been in the fatal state.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4847)
2017-12-06 14:56:28 +00:00
Matt Caswell
2894e9cb6d Fix bug in TLSv1.3 PSK processing
The recent SSL error overhaul left a case where an error occurs but
SSLfatal() is not called.

Credit to OSSfuzz for finding this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4847)
2017-12-06 14:56:28 +00:00
Patrick Steuer
723a7c5af0 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4846)
2017-12-05 17:57:29 -05:00
Rich Salz
40866074c2 Add link for more SECLEVEL info
Thanks to Michel Sales for the suggestion.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4849)
2017-12-05 10:53:45 -05:00
Daniel Bevenius
0759f93445 Fix minor typo in comment in rsa_st
CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4845)
2017-12-05 14:33:16 +00:00
MerQGh
b35bb37a3d Update eng_fat.c
This line will allow use private keys, which created by Crypto Pro, to
sign with OpenSSL.

CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4836)
2017-12-04 17:42:54 +01:00
Andy Polyakov
603ebe0352 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4830)
2017-12-04 17:21:23 +01:00
Andy Polyakov
aa7bf31698 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4830)
2017-12-04 17:21:20 +01:00
Andy Polyakov
9ee020f8dc modes/asm/ghashv8-armx.pl: modulo-schedule loop.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4830)
2017-12-04 17:21:15 +01:00
Andy Polyakov
7ff2fa4b92 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
This initial commit is unoptimized reference version that handles
input lengths divisible by 4 blocks.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4830)
2017-12-04 17:20:25 +01:00
Patrick Steuer
a00cceb22c key_A and key_B had 3 references, only 2 were freed.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4837)
2017-12-04 10:23:24 -05:00
Patrick Steuer
546fda260e apps/speed.c: use 32 byte key material as default
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4834)
2017-12-04 14:55:50 +01:00
Patrick Steuer
64daf14d9c apps/speed.c: add -seconds and -bytes options
Add speed tool options to run cipher, digest and rand benchmarks for a
single buffer size specified by -bytes over a time interval specified
by -seconds.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4834)
2017-12-04 14:54:40 +01:00
Matt Caswell
dd5a4279f9 Fix some formatting nits
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
2017-12-04 13:37:01 +00:00
Matt Caswell
e7d961e994 Remove spurious whitespace
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
2017-12-04 13:31:48 +00:00
Matt Caswell
8e7677aeac Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
The most likely explanation for us ending up at this point in the code
is that we were called by the user application incorrectly - so use an
appropriate error code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
2017-12-04 13:31:48 +00:00