Commits · e66b62b86e7725bdace0f24a76baa61db9c763f8 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Aug 31, 2017

util/mkdef.pl: handle line terminators correctly · e66b62b8

Richard Levitte authored Aug 31, 2017



When parsing the header files, mkdef.pl didn't clear the line
terminator properly.  In most cases, this didn't matter, but there
were moments when this caused parsing errors (such as CRLFs in certain
cases).

Fixes #4267

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4304)

e66b62b8

Various review fixes for PSK early_data support · 0ef28021

Matt Caswell authored Aug 31, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

0ef28021

Test for late client side detection of ALPN inconsistenties · 57dee9bb
Matt Caswell authored Aug 17, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
57dee9bb
Client side sanity check of ALPN after server has accepted early_data · 4be3a7c7
Matt Caswell authored Aug 16, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
4be3a7c7

Add some fixes for Travis failures · fff202e5

Matt Caswell authored Aug 03, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

fff202e5

Add PSK early_data tests · 976e5323

Matt Caswell authored Aug 03, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

976e5323

Add server side sanity checks of SNI/ALPN for use with early_data · 630369d9
Matt Caswell authored Aug 01, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
630369d9

Make sure we save ALPN data in the session · ae8d7d99

Matt Caswell authored Jul 31, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

ae8d7d99

Complain if we are writing early data but SNI or ALPN is incorrect · ffc5bbaa

Matt Caswell authored Jul 21, 2017



SNI and ALPN must be set to be consistent with the PSK. Otherwise this is
an error.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

ffc5bbaa

Add functions for getting/setting SNI/ALPN info in SSL_SESSION · 67738645
Matt Caswell authored Aug 03, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
67738645
Show the error stack if there was an error writing early data in s_client · dd5b98c5
Matt Caswell authored Jul 21, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
dd5b98c5

Update the tests for SNI changes · db919b1e

Matt Caswell authored Aug 01, 2017



If there is no SNI in the session then s_client no longer sends the SNI
extension. Update the tests to take account of that

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

db919b1e

If no SNI has been explicitly set use the one from the session · c5de99a2

Matt Caswell authored Jul 21, 2017



If we have not decided on an SNI value yet, but we are attempting to reuse
a session, and SNI is set in that, then we should use that value by
default.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

c5de99a2

Make sure we use the correct cipher when using the early_secret · 08717544
Matt Caswell authored Jul 19, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
08717544
Add HISTORY and SEE ALSO sections for the new TLSv1.3 PSK functions · e105ae84
Matt Caswell authored Jul 13, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
e105ae84

Add documentation for SSL_SESSION_set_max_early_data() · e17e1df7

Matt Caswell authored Jul 13, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

e17e1df7

Add some PSK early_data tests · 02a3ed5a

Matt Caswell authored Jul 13, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

02a3ed5a

Add SSL_SESSION_set_max_early_data() · 98e1d934

Matt Caswell authored Jul 08, 2017



Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

98e1d934

Enable the ability to use an external PSK for sending early_data · add8d0e9
Matt Caswell authored Jul 05, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
```
add8d0e9

Fixed address family test error for AF_UNIX in BIO_ADDR_make · 17750375

Zhu Qun-Ying authored Aug 30, 2017



CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4298)

17750375

Aug 30, 2017

Add documentation for ARIA GCM modes. · 5859722c

Pauli authored Aug 31, 2017



Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4300)

5859722c

Add ARIA as an alias for all ARIA based modes. · ea78d1ec

Pauli authored Aug 31, 2017



Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4300)

ea78d1ec

Introduce SSL_CIPHER_get_protocol_id · 50966bfa

Paul Yang authored Aug 23, 2017



The returned ID matches with what IANA specifies (or goes on the
wire anyway, IANA notwithstanding).

Doc is added.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4107)

50966bfa

Add two missing SSL_CIPHER_* functions · 22d1a340

Paul Yang authored Aug 07, 2017



This is yet another 'code health' commit to respond to this round of code health
Tuesday

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4107)

22d1a340

Fix return value of ASN1_TIME_compare · e44d3761

Todd Short authored Aug 25, 2017



Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4264)

e44d3761

Configure: base compiler-specific decisions on pre-defines. · 54cf3b98

Andy Polyakov authored Aug 29, 2017



The commit subject is a bit misleading in sense that decisions affect
only gcc and gcc-alikes, like clang, recent icc...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4281)

54cf3b98

Revert "Allow --strict-warnings with the icc compiler as well" · e295d046

Andy Polyakov authored Aug 29, 2017

This reverts commit a610934c

.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4281)

e295d046

Implement Aria GCM/CCM Modes and TLS cipher suites · bc326738

Jon Spillett authored Aug 22, 2017

AEAD cipher mode implementation is based on that used for AES:

  https://tools.ietf.org/html/rfc5116

TLS GCM cipher suites as specified in:

  https://tools.ietf.org/html/rfc6209



Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4287)

bc326738

Fix potential null pointer dereference in ARIA implementation · 1c2ac294

Jon Spillett authored Aug 30, 2017



Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4286)

1c2ac294

Aug 29, 2017

Move OPENSSL_CONF from e_os.h to cryptlib.h · 198c42f5

Pauli authored Aug 24, 2017



Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

198c42f5

Move e_os.h to be the very first include. · 07016a8a

Pauli authored Aug 24, 2017


cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

07016a8a

Remove the X_OK define, it is unused. · 9590da2c

Pauli authored Aug 22, 2017



Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

9590da2c

Move the REF_PRINT support from e_os.h to internal/refcount.h. · cd420b0b

Pauli authored Aug 22, 2017



Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

cd420b0b

e_os.h removal from other headers and source files. · 677963e5

Pauli authored Aug 18, 2017



Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).

Added e_os.h into the files that need it now.

Directly reference internal/nelem.h when required.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

677963e5

Aug 28, 2017

Make the global DRBGs static · 58891025

Kurt Roeckx authored Aug 27, 2017



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
GH: #4268

58891025

Don't auto-instantiate a DRBG when trying to use it and it's not · 0b14a5b7

Kurt Roeckx authored Aug 27, 2017



The one creating the DRBG should instantiate it, it's there that we
know which parameters we should use to instantiate it.

This splits the rand init in two parts to avoid a deadlock
because when the global drbg is created it wands to call
rand_add on the global rand method.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
GH: #4268

0b14a5b7

Avoid out-of-bounds read · b2317174

Rich Salz authored Aug 22, 2017



Fixes CVE 2017-3735

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4276)

b2317174

If 'tests' is disabled, then so should 'external-tests' · 302eba3f
Richard Levitte authored Aug 28, 2017
```
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4274)
```
302eba3f

DRBG: Remove 'randomness' buffer from 'RAND_DRBG' · 6969a3f4

Dr. Matthias St. Pierre authored Aug 25, 2017



The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed
in such a way that the randomness buffer does not have to be allocated
by the calling function. It receives the address of a dynamically
allocated buffer from get_entropy() and returns this address to
cleanup_entropy(), where it is freed. If these two calls are properly
paired, the address can be stored in a stack local variable of the
calling function, so there is no need for having a 'randomness' member
(and a 'filled' member) in 'RAND_DRBG'.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)

6969a3f4

RAND: Rename the RAND_poll_ex() callback and its typedef · 4871fa49

Dr. Matthias St. Pierre authored Aug 25, 2017



With the introduction of RAND_poll_ex(), the `RAND_add()` calls were
replaced by meaningless cb(...). This commit changes the 'cb(...)'
calls back to 'rand_add(...)' calls by changing the signature as follows:

-int RAND_poll_ex(RAND_poll_fn cb, void *arg);
+int RAND_poll_ex(RAND_poll_cb rand_add, void *arg);

Changed the function typedef name to 'RAND_poll_cb' to emphasize the fact
that the function type represents a callback function.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)

4871fa49