Commit Graph

302 Commits

Author SHA1 Message Date
Rich Salz
12a765a523 Explicitly test against NULL; do not use !p or similar
Also added blanks lines after declarations in a couple of places.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9916)
2019-10-09 21:32:15 +02:00
Rich Salz
7cfc0a555c Deprecate NCONF_WIN32() function
Extensive documentation added in HISTORY section in doc/man5/config.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9578)
2019-10-06 10:55:02 +02:00
Dr. Matthias St. Pierre
706457b7bd Reorganize local header files
Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like

  '*_lcl.h', '*_local.h', or '*_int.h'

This commit changes the different suffixes to '*_local.h' uniformly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
2019-09-28 20:26:35 +02:00
Dr. Matthias St. Pierre
25f2138b0a Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
2019-09-28 20:26:34 +02:00
Shane Lontis
7bb82f92d9 Add fips module integrity check
Add environment variable for setting CONF .include path

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9769)
2019-09-15 19:55:10 +10:00
Richard Levitte
0cd1b144f9 util/mkerr.pl: make it not depend on the function code
The output C code was made to use ERR_func_error_string() to see if a
string table was already loaded or not.  Since this function returns
NULL always, this check became useless.

Change it to use ERR_reason_error_string() instead, as there's no
reason to believe we will get rid of reason strings, ever.

To top it off, we rebuild all affected C sources.

Fixes #9756

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9756)
2019-09-12 17:59:52 +02:00
Rich Salz
ff988500c2 Replace FUNCerr with ERR_raise_data
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9496)
2019-08-02 11:41:54 +02:00
Rich Salz
46160e6fb9 Deprecate SYSerr, add new FUNCerr macro
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9072)
2019-07-22 16:24:56 +02:00
Rich Salz
56c3a135b2 Add ERR_put_func_error, and use it.
Change SYSerr to have the function name; remove SYS_F_xxx defines
Add a test and documentation.
Use get_last_socket_err, which removes some ifdef's in OpenSSL code.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9072)
2019-07-22 16:24:56 +02:00
Rich Salz
cbfa5b0398 Regenerate mkerr files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9058)
2019-07-16 05:26:28 +02:00
Dr. Matthias St. Pierre
f4a96507fb crypto/conf: openssl_config_int() returns unitialized value
openssl_config_int() returns the uninitialized variable `ret`
when compiled with OPENSSL_SYS_UEFI.

Fixes #9026

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9029)
2019-05-29 10:41:47 +10:00
FdaSilvaYY
23dc8feba8 Coverity: fix two minor NPD issues.
Found by Coverity.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8274)
2019-04-06 19:16:59 +10:00
Richard Levitte
0196ad63d3 Add a bit of tracing in the core conf module runner
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8680)
2019-04-05 12:50:55 +02:00
Richard Levitte
abbc2c4083 Replumbing: add a configuration module for providers
This configuration module supports a configuration structure pretty
much like the engine configuration module, i.e. something like this:

    openssl_conf = openssl_init

    [openssl_init]
    providers = provider_section

    [provider_section]
    # Configure the provider named "foo"
    foo = foo_section
    # Configure the provider named "bar"
    bar = bar_section

    [foo_section]
    # Override name given in the provider section
    identity = myfoo
    # The exact path of the module.  This is platform specific
    module_path = /opt/openssl/modules/foo.so
    # Whether it should be automatically activated.  Value is unimportant
    activate = whatever

    # Anything else goes as well, and becomes parameters that the
    # provider can get
    what = 1
    # sub-sections will be followed as well
    ever = ever_section

    [ever_section]
    cookie = monster

All the configurations in a provider section and its sub-sections
become parameters for the provider to get, i.e. the "foo" provider
will be able to get values for the following keys (with associated
values shown):

    identity            => myfoo
    module_path         => /opt/openssl/modules/foo.so
    activate            => whatever
    what                => 1
    ever.cookie         => monster

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8549)
2019-04-03 11:42:48 +02:00
Pauli
2661d716d9 It isn't necessary to initialise a struct stat before a stat(2) system call.
The initialisation was also flawed, failing to account for padding and
alignment bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8611)
2019-03-29 20:52:00 +10:00
Richard Levitte
905c9a72a7 OPENSSL_config(): restore error agnosticism
Great effort has been made to make initialization more configurable.
However, the behavior of OPENSSL_config() was lost in the process,
having it suddenly generate errors it didn't previously, which is not
how it's documented to behave.

A simple setting of default flags fixes this problem.

Fixes #8528

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8533)
2019-03-20 14:24:46 +01:00
Tomas Mraz
9d5560331d Allow the syntax of the .include directive to optionally have '='
If the old openssl versions not supporting the .include directive
load a config file with it, they will bail out with error.

This change allows using the .include = <filename> syntax which
is interpreted as variable assignment by the old openssl
config file parser.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8141)
2019-02-11 15:24:12 +01:00
Daniel DeFreez
758229f7d2 Fix null pointer dereference in ssl_module_init
CLA: Trivial

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8183)
2019-02-11 08:30:46 +10:00
Viktor Dukhovni
df1f538f28 More configurable crypto and ssl library initialization
1.  In addition to overriding the default application name,
    one can now also override the configuration file name
    and flags passed to CONF_modules_load_file().

2.  By default we still keep going when configuration file
    processing fails.  But, applications that want to be strict
    about initialization errors can now make explicit flag
    choices via non-null OPENSSL_INIT_SETTINGS that omit the
    CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far been
    both undocumented and unused).

3.  In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG
    if the options already include OPENSSL_INIT_NO_LOAD_CONFIG.

4.  Don't set up atexit() handlers when called with INIT_BASE_ONLY.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7986)
2019-01-07 14:02:28 -05:00
Viktor Dukhovni
b2f16a2271 Update generator copyright year.
Some Travis builds appear to fail because generated objects get
2019 copyrights now, and the diff complains.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7986)
2019-01-07 14:01:58 -05:00
Matt Caswell
51adf14a94 make update
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/7972)
2019-01-03 09:21:39 +00:00
Richard Levitte
2044d38232 Following the license change, modify the boilerplates in crypto/conf/
[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7785)
2018-12-06 14:43:29 +01:00
Richard Levitte
fcd2d5a612 Refactor the computation of API version limits
Previously, the API version limit was indicated with a numeric version
number.  This was "natural" in the pre-3.0.0 because the version was
this simple number.

With 3.0.0, the version is divided into three separate numbers, and
it's only the major number that counts, but we still need to be able
to support pre-3.0.0 version limits.

Therefore, we allow OPENSSL_API_COMPAT to be defined with a pre-3.0.0
style numeric version number or with a simple major number, i.e. can
be defined like this for any application:

    -D OPENSSL_API_COMPAT=0x10100000L
    -D OPENSSL_API_COMPAT=3

Since the pre-3.0.0 numerical version numbers are high, it's easy to
distinguish between a simple major number and a pre-3.0.0 numerical
version number and to thereby support both forms at the same time.

Internally, we define the following macros depending on the value of
OPENSSL_API_COMPAT:

    OPENSSL_API_0_9_8
    OPENSSL_API_1_0_0
    OPENSSL_API_1_1_0
    OPENSSL_API_3

They indicate that functions marked for deprecation in the
corresponding major release shall not be built if defined.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
2018-12-06 12:24:48 +01:00
Pauli
5c39a55d04 Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.

CPU processor override flags are unchanged.

Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)
2018-09-24 11:21:18 +10:00
Matt Caswell
1212818eb0 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7176)
2018-09-11 13:45:17 +01:00
Tomas Mraz
60c526975a Deallocate previously loaded SSL CONF module data
If application explicitly calls CONF_modules_load_file() the SSL
conf module will be initialized twice and the module data would leak.
We need to free it before initializing it again.

Fixes #6835

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6948)
2018-08-14 17:43:36 -04:00
Richard Levitte
85aebfcc6e def_load_bio(): Free |biosk| more carefully
If there's anything in the |biosk| stack, the first element is always
the input BIO.  It should never be freed in this function, so we must
take careful steps not to do so inadvertently when freeing the stack.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6769)
2018-07-24 09:50:56 +02:00
Andy Polyakov
f20aa69e33 crypto/*: address standard-compilance nits.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6745)
2018-07-20 13:40:30 +02:00
Pauli
c9ecb13191 NCONF_get_number refix.
Fix the NULL check lack in a different way that is more compatible with
non-NULL branch.  Refer #6632

Also mark and pop the error stack instead of clearing all errors when something
goes awry in CONF_get_number.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6643)
2018-07-11 09:03:22 +10:00
Pauli
c36b39b5cd Check for NULL conf in NCONF_get_number
The problematic case falls back to a NULL conf which returns the result
of getenv(2).  If this returns NULL, everything was good.  If this returns
a string an attempt to convert it to a number is made using the function
pointers from conf.

This fix uses the strtol(3) function instead, we don't have the
configuration settings and this behaves as the default would.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6632)
2018-07-03 13:14:17 +10:00
Matt Caswell
83cf7abf8e Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6371)
2018-05-29 13:16:04 +01:00
Kurt Roeckx
3cb7c5cfef Use void in all function definitions that do not take any arguments
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #6208
2018-05-11 14:37:48 +02:00
Pavel Kopyl
aebd0e5ca1 Fix memory leaks in CA related functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4700)
2018-05-02 08:35:32 +02:00
Richard Levitte
28428130db Update copyright year
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5990)
2018-04-17 15:18:40 +02:00
Dr. Matthias St. Pierre
a9b7a06ed8 Fix false positives of IS_*() macros for 8-bit ASCII characters
Fixes #5778, #5840

The various IS_*() macros did not work correctly for 8-bit ASCII
characters with the high bit set, because the CVT(a) preprocessor
macro and'ed the given ASCII value with 0x7F, effectively folding
the high value range 128-255 over the low value range 0-127.
As a consequence, some of the IS_*() erroneously returned TRUE.

This commit fixes the issue by adding range checks instead of
cutting off high order bits using a mask. In order avoid multiple
evaluation of macro arguments, most of the implementation was moved
from macros into a static function is_keytype().

Thanks to Румен Петров for reporting and analyzing the UTF-8 parsing
issue #5840.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5903)
2018-04-08 20:12:01 +02:00
Matt Caswell
d8f031e890 Move the loading of the ssl_conf module to libcrypto
The GOST engine needs to be loaded before we initialise libssl. Otherwise
the GOST ciphersuites are not enabled. However the SSL conf module must
be loaded before we initialise libcrypto. Otherwise we will fail to read
the SSL config from a config file properly.

Another problem is that an application may make use of both libcrypto and
libssl. If it performs libcrypto stuff first and OPENSSL_init_crypto()
is called and loads a config file it will fail if that config file has
any libssl stuff in it.

This commit separates out the loading of the SSL conf module from the
interpretation of its contents. The loading piece doesn't know anything
about SSL so this can be moved to libcrypto. The interpretation of what it
means remains in libssl. This means we can load the SSL conf data before
libssl is there and interpret it when it later becomes available.

Fixes #5809

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5818)
2018-04-05 15:30:12 +01:00
Bernd Edlinger
284f4f6b70 Don't use getenv for critical functions when run as setuid/setgid
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5856)
2018-04-04 14:45:49 +02:00
Rich Salz
cdb10bae3f Set error code on alloc failures
Almost all *alloc failures now set an error code.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5842)
2018-04-03 11:31:16 -04:00
Matt Caswell
92565101ca Remove some code
This commit removes the contribution of a user that we cannot trace to
gain their consent for the licence change.

After this commit the various IS_*() macros in the auto-generated file
conf_def.h may incorrectly return true if the supplied character has its
most significant bit set. The IS_*() macros should be able to correctly
handle 8-bit characters. Note that UTF-8 support is not a requirement.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5767)
2018-03-28 16:11:30 +01:00
Rich Salz
69e2b8d67d Revise and cleanup; use strict,warnings
Use shorter names for some defines, so also had to change the .c file
that used them.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5669)
2018-03-19 10:23:28 -04:00
Richard Levitte
4f7c840a4d CONF: On VMS, treat VMS syntax inclusion paths correctly
non-VMS syntax inclusion paths get the same treatment as on Unix.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5587)
2018-03-12 23:01:02 +01:00
Tomas Mraz
b524b808a1 Add support for .include directive in config files
Either files or directories of *.cnf or *.conf files
can be included.
Recursive inclusion of directories is not supported.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5351)
2018-03-05 13:32:40 +00:00
Matt Caswell
0d66475908 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-27 13:59:42 +00:00
Rich Salz
97d37b85d4 Generate copyright year properly
Output copyright year depends on any input file(s) and the script.
This is not perfect, but better than what we had.
Also run 'make update'

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5350)
2018-02-13 13:22:30 -05:00
Andy Polyakov
3a63c0edab Resolve warnings in VC-WIN32 build, which allows to add /WX.
It's argued that /WX allows to keep better focus on new code, which
motivates its comeback...

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
2017-11-13 10:58:57 +01:00
KaoruToda
26a7d938c9 Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
2017-10-18 16:05:06 +01:00
Pauli
1f5e0f9280 Use safestack.h exclusively internally.
Remove all stack headers from some includes that don't use them.

Avoid a genearic untyped stack use.

Update stack POD file to include the OPENSSL_sk_ API functions in the notes
section.  They were mentioned in the name section but not defined anywhere.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4430)
2017-09-28 13:14:33 +10:00
Pauli
07016a8a31 Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:44 +10:00
Pauli
677963e5a4 e_os.h removal from other headers and source files.
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).

Added e_os.h into the files that need it now.

Directly reference internal/nelem.h when required.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:43 +10:00
Rich Salz
176db6dc51 Use "" not <> for internal/ includes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4217)
2017-08-22 09:54:20 -04:00