- Jan 16, 2018
-
-
Matt Caswell authored
Commit 9f944291 changed the semantics of BN_copy() to additionally copy the BN_FLG_CONSTTIME flag if it is set. This turns out to be ill advised as it has unintended consequences. For example calling BN_mod_inverse_no_branch() can sometimes return a result with the flag set and sometimes not as a result. This can lead to later failures if we go down code branches that do not support constant time, but check for the presence of the flag. The original commit was made due to an issue in BN_MOD_CTX_set(). The original PR fixed the problem in that function, but it was changed in review to fix it in BN_copy() instead. The solution seems to be to revert the BN_copy() change and go back to the originally proposed way. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5080) (cherry picked from commit 7d461736)
-
- Jan 15, 2018
-
-
Richard Levitte authored
The same kind of failure that has already been observed on the s_client can sometimes also be observed on s_server, so we need to add the same kind of 50ms delay as was previously added on s_client. Ref: git commit cb2e10f2 : Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5079) (cherry picked from commit d17bdfc2)
-
Richard Levitte authored
This was identified for Windows almost two years ago for VC and msys/mingw. It seems that Cygwin suffers from the same issue, and since Cygwin doesn't define OPENSSL_SYS_WINDOWS, we need to make a special case to have a 50ms pause before closing the TLS connection. Ref: git commit cb2e10f2 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5074) (cherry picked from commit 27da42d8)
-
- Jan 14, 2018
-
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5072) (cherry picked from commit 803141f6)
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5072) (cherry picked from commit 26ec943e)
-
- Jan 13, 2018
-
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5071) (cherry picked from commit 438e57a4)
-
- Jan 10, 2018
-
-
Patrick Schlangen authored
The data argument of SSL_dane_tlsa_add is used read-only, so it should be const. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5056) (cherry picked from commit a41a6120)
-
- Jan 09, 2018
-
-
Matt Caswell authored
In the case of a protocol version alert being sent by a peer the record version number may not be what we are expecting. In DTLS records with an unexpected version number are silently discarded. This probably isn't appropriate for alerts, so we tolerate a mismatch in the minor version number. This resolves an issue reported on openssl-users where an OpenSSL server chose DTLS1.0 but the client was DTLS1.2 only and sent a protocol_version alert with a 1.2 record number. This was silently ignored by the server. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5018) (cherry picked from commit 08455bc9)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5047) (cherry picked from commit 225f980d)
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5039)
-
David von Oheimb authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4994) (cherry picked from commit ab307dc6)
-
- Jan 08, 2018
-
-
Patrick Steuer authored
In apps/engine.pod and crypto/ENGINE_add.pod Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4956) (cherry picked from commit c81c38cb)
-
pass86 authored
CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5029) (cherry picked from commit bebef673)
-
Richard Levitte authored
The uClinux targets included some attributes that would result in circular references of CFLAGS and LDCLAGS. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5034) (cherry picked from commit f720194c)
-
- Jan 07, 2018
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5031) (cherry picked from commit 4b9e91b0)
-
Rich Salz authored
Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4906) (Cherry-picked from commit 9422d45d)
-
- Jan 06, 2018
-
-
Konstantin Shemyak authored
A backport of #4997. Fixes #4996. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5021)
-
Bernd Edlinger authored
Add comments to no longer usable ciphers. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5023) (cherry picked from commit 643d91fe)
-
- Jan 05, 2018
-
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jan 04, 2018
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5016) (cherry picked from commit b44a6551)
-
- Dec 27, 2017
-
-
Andy Polyakov authored
Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4974) (cherry picked from commit 8af7e94d)
-
- Dec 17, 2017
-
-
Daniel Bevenius authored
This commit adds comments to bio_method_st definitions where the function pointers are defined as NULL. Most of the structs have comments but some where missing and not all consitent. CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4881) (cherry picked from commit b4ff6622)
-
- Dec 16, 2017
-
-
Bernd Edlinger authored
Rename bio_info_cb to BIO_info_cb. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4943)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4941)
-
- Dec 15, 2017
-
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4942)
-
- Dec 13, 2017
-
-
Viktor Dukhovni authored
Also improved documentation of TRUSTED_FIRST Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Kaduk authored
Fix a typo for "retrieve" and some indentation. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (cherry picked from commit eb48052e ) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4723)
-
Benjamin Kaduk authored
make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused once make_dummy_resp() is compiled out, so neither can be included in the build when OCSP is disabled and strict warnings are active. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit cb091295) (Merged from https://github.com/openssl/openssl/pull/4723)
-
Benjamin Kaduk authored
Avoid memory leaks in error paths, and correctly apply parentheses to function calls in a long if-chain. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit b6306d80) (Merged from https://github.com/openssl/openssl/pull/4723)
-
Rich Salz authored
Reviewed-by: Ben Kaduk <kaduk@mit.edu> (cherry picked from commit b741fcd2 ) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4723)
-
Ben Kaduk authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit f1d3de71 ) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4723)
-
Benjamin Kaduk authored
Some of the OCSP APIs (such as the recently added OCSP_resp_get0_signer) do not really merit inclusion in the ocsp(1) utility, but we should still have unit tests for them. For now, only test OCSP_resp_get0_signer(), but it should be easy to add more tests in the future. Provide an X509 cert and private key in the test's data directory to use for signing responses, since constructing those on the fly is more effort than is needed. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 27da1343 ) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4723)
-
Benjamin Kaduk authored
Add a new function OCSP_resp_get0_signer() that looks in the certs bundled with the response as well as in additional certificates provided as a function argument, returning the certificate that signed the given response (if present). Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit ce5886dd ) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4723)
-
- Dec 12, 2017
-
-
Patrick Steuer authored
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4916) (cherry picked from commit 14716754)
-
Richard Levitte authored
If OPENSSL_init_crypto() hasn't been called yet when ERR_get_state() is called, it need to be called early, so the base initialization is done. On some platforms (those who support DSO functionality and don't define OPENSSL_USE_NODELETE), that includes a call of ERR_set_mark(), which calls this function again. Furthermore, we know that ossl_init_thread_start(), which is called later in ERR_get_state(), calls OPENSSL_init_crypto(0, NULL), except that's too late. Here's what happens without an early call of OPENSSL_init_crypto(): => ERR_get_state(): => CRYPTO_THREAD_get_local(): <= NULL; # no state is found, so it gets allocated. => ossl_init_thread_start(): => OPENSSL_init_crypto(): # Here, base_inited is set to 1 # before ERR_set_mark() call => ERR_set_mark(): => ERR_get_state(): => CRYPTO_THREAD_get_local(): <= NULL; # no state is found, so it gets allocated!!!!! => ossl_init_thread_start(): => OPENSSL_init_crypto(): # base_inited is 1, # so no more init to be done <= 1 <= => CRYPTO_thread_set_local(): <= <= <= <= 1 <= => CRYPTO_thread_set_local() # previous value removed! <= Result: double allocation, and we have a leak. By calling the base OPENSSL_init_crypto() early, we get this instead: => ERR_get_state(): => OPENSSL_init_crypto(): # Here, base_inited is set to 1 # before ERR_set_mark() call => ERR_set_mark(): => ERR_get_state(): => OPENSSL_init_crypto(): # base_inited is 1, # so no more init to be done <= 1 => CRYPTO_THREAD_get_local(): <= NULL; # no state is found, so it gets allocated # let's assume we got 0xDEADBEEF => ossl_init_thread_start(): => OPENSSL_init_crypto(): # base_inited is 1, # so no more init to be done <= 1 <= 1 => CRYPTO_thread_set_local(): <= <= <= <= 1 => CRYPTO_THREAD_get_local(): <= 0xDEADBEEF <= 0xDEADBEEF Result: no leak. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4913) (cherry picked from commit aef84bb4)
-
- Dec 11, 2017
-
-
Benjamin Kaduk authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4903)
-
Matt Caswell authored
SSL_trace() has a case which was inadvertently falling through. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4888)
-
- Dec 10, 2017
-
-
FdaSilvaYY authored
check is already made 10 line above. clean commented code Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4885) (cherry picked from commit df364297)
-
Daniel Bevenius authored
I noticed that some of the BIO_METHOD structs are placing the name on the same line as the type and some don't. This commit places the name on a separate line for consistency (which looks like what the majority do) CLA: trivial Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4878) (cherry picked from commit 27ab9195)
-
- Dec 08, 2017
-
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4876)
-