Commits · 70a56b914772e6b21cda2a5742817ae4bb7290f1 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jun 23, 2016

utils/mkdir-p: check if dir exists also after mkdir failed · 70a56b91

Sebastian Andrzej Siewior authored Jun 10, 2016



with "make install -j8" it happens very often that two or more make
instances are creating the same directory in parallel. As a result one
instace creates the directory and second mkdir fails because the
directory exists already (but it did not while testing for it earlier).

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1204)

70a56b91

RT2867: des_ede3_cfb1 ignored "size in bits" flag · fe2d1491

Rich Salz authored Jun 23, 2016



Code and tests by Steve.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

fe2d1491

Drop extraneous printf argument in mkcert.sh · 615dd78b
Viktor Dukhovni authored Jun 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
615dd78b
Update fuzz corpora · d0ba3119
Kurt Roeckx authored Jun 15, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2986
```
d0ba3119

Add checks on sk_TYPE_push() returned result · 3c82e437

FdaSilvaYY authored Jun 04, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

3c82e437

Rework error handling from asn1_do_lock method. · 687b4868

FdaSilvaYY authored May 29, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

687b4868

Jun 22, 2016
- Fix generation of expired CA certificate. · b58614d7
  Dr. Stephen Henson authored Jun 22, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  b58614d7
- OpenSSL::Test: Fix directory calculations in __cwd() · 768a3eca
  Richard Levitte authored Jun 22, 2016
```
The previous fix contained a mistake, where any absolute path in
%directories would be cleared away instead of just being left alone.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  768a3eca
- rand/randfile.c: make it non-ASCII-savvy. · fc6076ca
  Andy Polyakov authored Jun 21, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  fc6076ca
- Move OS-specific fopen quirks to o_fopen.c. · 09487816
  Andy Polyakov authored Jun 21, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  09487816
- crypto/cryptlib.c: omit OPENSSL_ia32cap_loc(). · eeac54ef
  Andy Polyakov authored Jun 17, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  eeac54ef
Jun 21, 2016

Spelling... and more spelling · f430ba31

FdaSilvaYY authored Jun 19, 2016



Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1245)

f430ba31

segmentation fault with 'openssl s_client -prexit -keymatexport' · 1d8b4eb2

mmiyashita authored Jun 21, 2016



Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1243)

1d8b4eb2

Avoid creating an illegal pointer. · 5388b8d4

Kurt Roeckx authored Jun 18, 2016



Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1230

5388b8d4

Make RSA key exchange code actually constant-time. · 5b8fa431

David Benjamin authored Jun 16, 2016

Using RSA_PKCS1_PADDING with RSA_private_decrypt is inherently unsafe.
The API requires writing output on success and touching the error queue
on error. Thus, although the padding check itself is constant-time as of
294d1e36, and the logic after the
decryption in the SSL code is constant-time as of
adb46dbc

, the API boundary in the middle
still leaks whether the padding check succeeded, giving us our
much-loved Bleichenbacher padding oracle.

Instead, PKCS#1 padding must be handled by the caller which uses
RSA_NO_PADDING, in timing-sensitive code integrated with the
Bleichenbacher mitigation. Removing PKCS#1 padding in constant time is
actually much simpler when the expected length is a constant (and if
it's not a constant, avoiding a padding oracle seems unlikely), so just
do it inline.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1222

5b8fa431

buf2hexstr: properly deal with empty string · 01238aec

Kurt Roeckx authored Jun 19, 2016



It wrote before the start of the string

found by afl

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #2994

01238aec

Fix typo · 28bd8e94

Petr Vaněk authored Jun 21, 2016



Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1241)

28bd8e94

Appveyor: test install as well, via a fake deploy_script · 14c42019
Richard Levitte authored Jun 02, 2016
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
14c42019
Travis: When testing install, install docs as well · a3414dc8
Richard Levitte authored Jun 02, 2016
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
a3414dc8

OpenSSL::Test: Fix directory calculations in __cwd() · 3da9eeb1

Richard Levitte authored Jun 20, 2016



We recalculate the location of the directories we keep track of.
However, we did so after having moved to the new directory already, so
the data we did the calculations from were possibly not quite correct.

This change moves the calculations to happen before moving to the new
directory.

This issue is sporadic, and possibly dependent on the platform.

Reviewed-by: Matt Caswell <matt@openssl.org>

3da9eeb1

More doc cleanup · c952780c

Rich Salz authored Jun 21, 2016



Add missing entries to NAME section
Add SYNOPSIS lines, remove old NAME entries
Update find-doc-nits; better regexp's for parsing SYNOPSIS sections.
Rename a couple of files to have an API name.
Remove RSA_private_decrypt; it was duplicate content
Update for recent doc additions

Reviewed-by: Matt Caswell <matt@openssl.org>

c952780c

Jun 20, 2016

Avoid using latest clang since repo not available · 6feb3c58
Rich Salz authored Jun 20, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
6feb3c58

Make arm-xlate.pl set use strict. · abeae4d3

David Benjamin authored Jun 20, 2016



It was already nearly clean. Just one undeclared variable.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1240)

abeae4d3

Add verification of proxy certs to 25-test_verify.t · aa951ef3
Richard Levitte authored Jun 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
```
aa951ef3

Create some proxy certificates · 8dfb2021

Richard Levitte authored Jun 19, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

8dfb2021

Make it possible to generate proxy certs with test/certs/mkcert.sh · 71c8cd20

Richard Levitte authored Jun 19, 2016



This extends 'req' to take more than one DN component, and to take
them as full DN components and not just CN values.  All other commands
are changed to pass "CN = $cn" instead of just a CN value.

This adds 'genpc', which differs from the other 'gen*' commands by not
calling 'req', and expect the result from 'req' to come through stdin.

Finally, test/certs/setup.sh gets the commands needed to generate a
few proxy certificates.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

71c8cd20

make update · d0ba7bc8

Richard Levitte authored Jun 19, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

d0ba7bc8

Allow proxy certs to be present when verifying a chain · a392ef20
Richard Levitte authored Jun 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
```
a392ef20

Fix proxy certificate pathlength verification · ed17c7c1

Richard Levitte authored Jun 19, 2016



While travelling up the certificate chain, the internal
proxy_path_length must be updated with the pCPathLengthConstraint
value, or verification will not work properly.  This corresponds to
RFC 3820, 4.1.4 (a).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

ed17c7c1

Check that the subject name in a proxy cert complies to RFC 3820 · c8223538

Richard Levitte authored Jun 19, 2016



The subject name MUST be the same as the issuer name, with a single CN
entry added.

RT#1852

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

c8223538

RT3925: Remove trailing semi from macro · 54f24e3e
Dr. Matthias St. Pierre authored Jun 20, 2016
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
54f24e3e
apps/req.c: Increment the right variable when parsing '+' · 14d3c0dd
Richard Levitte authored Jun 20, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
14d3c0dd

Remove pointless free loop in X509_TRUST_cleanup() · 5e6e650d

Kurt Cancemi authored Jun 09, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1194)

5e6e650d

Remove pointless free loop in X509_PURPOSE_cleanup() · fa3a0286

Kurt Cancemi authored Jun 08, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1194)

fa3a0286

doc and comment fixes · 14f46560

huangqinjin authored Jun 20, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1233)

14f46560

crypto/evp/e_aes_cbc_hmac_sha256.c: Remove spurious memset · b88e95f3

Kurt Cancemi authored May 28, 2016



Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1231)

b88e95f3

RT3136: Remove space after issuer/subject · fb0303f3
Jiri Horky authored Jun 12, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
fb0303f3

Make DSA_SIG and ECDSA_SIG getters const. · 9267c11b

Emilia Kasper authored Jun 09, 2016



Reorder arguments to follow convention.

Also allow r/s to be NULL in DSA_SIG_get0, similarly to ECDSA_SIG_get0.

This complements GH1193 which adds non-const setters.

Reviewed-by: Rich Salz <rsalz@openssl.org>

9267c11b

rand/randfile.c: remove obsolete commentary. · b73cfb13
Andy Polyakov authored Jun 20, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b73cfb13

Tests should check validation status directly · 876a1a83

Rob Percival authored Jun 07, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

876a1a83