Richard Levitte [Tue, 19 Jul 2016 13:20:00 +0000 (15:20 +0200)]
Fix forgotten goto
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Mon, 18 Jul 2016 19:59:30 +0000 (20:59 +0100)]
Fix building with no-cms
The new fuzzing code broke no-cms
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Tue, 19 Jul 2016 11:52:26 +0000 (13:52 +0200)]
Convert the last uses of sockaddr in apps/* to use BIO_ADDR instead
Reviewed-by: Matt Caswell <matt@openssl.org>
Emilia Kasper [Mon, 4 Jul 2016 18:32:28 +0000 (20:32 +0200)]
Fix two bugs in clienthello processing
- Always process ALPN (previously there was an early return in the
certificate status handling)
- Don't send a duplicate alert. Previously, both
ssl_check_clienthello_tlsext_late and its caller would send an
alert. Consolidate alert sending code in the caller.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Emilia Kasper [Mon, 4 Jul 2016 18:16:14 +0000 (20:16 +0200)]
SSL test framework: port NPN and ALPN tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
mrpre [Sat, 2 Jul 2016 03:49:43 +0000 (11:49 +0800)]
Cleanup after sk_push fail
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1281)
Matt Caswell [Fri, 8 Jul 2016 14:48:26 +0000 (15:48 +0100)]
Update error codes following tls_process_key_exchange() refactor
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 14:41:36 +0000 (15:41 +0100)]
Tidy up tls_process_key_exchange()
After the refactor of tls_process_key_exchange(), this commit tidies up
some loose ends.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 14:26:13 +0000 (15:26 +0100)]
Split out ECDHE from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the ECDHE aspects.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 14:08:50 +0000 (15:08 +0100)]
Split out DHE from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the DHE aspects.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 13:55:56 +0000 (14:55 +0100)]
Split out SRP from tls_process_key_exchange()
Continuing from the previous commit. Refactor tls_process_key_exchange() to
split out into a separate function the SRP aspects.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 11:44:53 +0000 (12:44 +0100)]
Split out the PSK preamble from tls_process_key_exchange()
The tls_process_key_exchange() function is too long. This commit starts
the process of splitting it up by moving the PSK preamble code to a
separate function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 11:20:42 +0000 (12:20 +0100)]
Move the PSK preamble for tls_process_key_exchange()
The function tls_process_key_exchange() is too long. This commit moves
the PSK preamble processing out to a separate function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 11:18:18 +0000 (12:18 +0100)]
Narrow scope of locals vars in tls_process_key_exchange()
Narrow the scope of the local vars in preparation for split up this
function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Mon, 13 Jun 2016 14:10:18 +0000 (15:10 +0100)]
Add more session tests
Add some more tests for sessions following on from the previous commit
to ensure the callbacks are called when appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Mon, 13 Jun 2016 10:24:15 +0000 (11:24 +0100)]
Remove sessions from external cache, even if internal cache not used.
If the SSL_SESS_CACHE_NO_INTERNAL_STORE cache mode is used then we weren't
removing sessions from the external cache, e.g. if an alert occurs the
session is supposed to be automatically removed.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Tue, 19 Jul 2016 09:58:26 +0000 (11:58 +0200)]
Have the Travis builds do a "make update"
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 19 Jul 2016 09:50:42 +0000 (11:50 +0200)]
make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 19 Jul 2016 09:50:31 +0000 (11:50 +0200)]
Fixup a few SSLerr calls in ssl/statem/
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Tue, 19 Jul 2016 09:49:51 +0000 (11:49 +0200)]
Fixup collision between SSL_F_TLS_PROCESS_SKE and SSL_F_TLS_PROCESS_CKE macros
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Mon, 18 Jul 2016 22:59:39 +0000 (23:59 +0100)]
Check and print out boolean type properly.
If underlying type is boolean don't check field is NULL.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Mon, 18 Jul 2016 12:49:38 +0000 (13:49 +0100)]
Refactor Identity Hint handling
Don't call strncpy with strlen of the source as the length. Don't call
strlen multiple times. Eventually we will want to replace this with a proper
PACKET style handling (but for construction of PACKETs instead of just
reading them as it is now). For now though this is safe because
PSK_MAX_IDENTITY_LEN will always fit into the destination buffer.
This addresses an OCAP Audit issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 11:27:30 +0000 (12:27 +0100)]
Fix up error codes after splitting up tls_construct_key_exchange()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 10:09:02 +0000 (11:09 +0100)]
Some tidy ups after the CKE construction refactor
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 09:43:59 +0000 (10:43 +0100)]
Split out SRP CKE construction into a separate function
Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the SRP
code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 09:07:55 +0000 (10:07 +0100)]
Split out GOST CKE construction into a separate function
Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the GOST
code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 08:51:02 +0000 (09:51 +0100)]
Split out DHE CKE construction into a separate function
Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the ECDHE
code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 8 Jul 2016 08:42:07 +0000 (09:42 +0100)]
Split out DHE CKE construction into a separate function
Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the DHE
code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 7 Jul 2016 13:42:27 +0000 (14:42 +0100)]
Split out CKE construction PSK pre-amble and RSA into a separate function
The tls_construct_client_key_exchange() function is too long. This splits
out the construction of the PSK pre-amble into a separate function as well
as the RSA construction.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 7 Jul 2016 11:47:07 +0000 (12:47 +0100)]
Narrow the scope of local variables in tls_construct_client_key_exchange()
This is in preparation for splitting up this over long function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 7 Jul 2016 14:51:17 +0000 (15:51 +0100)]
Fix bug with s2n et al macros
The parameters should have parens around them when used.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 10:02:32 +0000 (11:02 +0100)]
Errors fix up following break up of CKE processing
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 09:53:29 +0000 (10:53 +0100)]
Remove the f_err lable from tls_process_client_key_exchange()
The f_err label is no longer needed so it can be removed.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 09:51:18 +0000 (10:51 +0100)]
Split out GOST from process CKE code
Continuing from the previous commits, this splits out the GOST code into
a separate function from the process CKE code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 09:33:32 +0000 (10:33 +0100)]
Split out ECDHE from process CKE code
Continuing from the previous commits, this splits out the ECDHE code into
a separate function from the process CKE code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 09:22:51 +0000 (10:22 +0100)]
Split out DHE from process CKE code
Continuing from the previous commit, this splits out the DHE code into
a separate function from the process CKE code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 08:55:31 +0000 (09:55 +0100)]
Split out PSK preamble and RSA from process CKE code
The tls_process_client_key_exchange() function is far too long. This
splits out the PSK preamble processing, and the RSA processing into
separate functions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Wed, 6 Jul 2016 08:24:33 +0000 (09:24 +0100)]
Reduce the scope of some variables in tls_process_client_key_exchange()
In preparation for splitting this function up into smaller functions this
commit reduces the scope of some of the variables to only be in scope for
the algorithm specific parts. In some cases that makes the error handling
more verbose than it needs to be - but we'll clean that up in a later
commit.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 15:58:36 +0000 (17:58 +0200)]
Don't make a difference between building test programs and other programs
This adds a new target 'build_programs' and makes 'build_apps' and
'build_tests' aliases for it, for backward compatibility.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 12:52:51 +0000 (14:52 +0200)]
Use _NO_INST in some build.info files
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 12:52:09 +0000 (14:52 +0200)]
Adapt the build files to the new "install" hash table
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 12:51:23 +0000 (14:51 +0200)]
Document the _NO_INST variants
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 12:28:58 +0000 (14:28 +0200)]
build.info: implement PROGRAM_NO_INST, and dito for ENGINES, SCRIPTS, LIBS
PROGRAM_NO_INST, ENGINES_NO_INST, SCRIPTS_NO_INST and LIBS_NO_INST are
to be used to specify program, engines, scripts and libraries that are
not to be installed in the system. Fuzzers, test programs, that sort
of things are of the _NO_INST type, for example.
For the benefit of build file templates and other templates that use
data from configdata.pm, a new hash table $unified_info{install} is
created. It contains a set of subhashes, one for each type of
installable, each having an array of file names as values. For
example, it can look like this:
"install" =>
{
"engines" =>
[
"engines/afalg/afalg",
"engines/capi",
"engines/dasync",
"engines/padlock",
],
"libraries" =>
[
"libcrypto",
"libssl",
],
"programs" =>
[
"apps/openssl",
],
"scripts" =>
[
"apps/CA.pl",
"apps/tsget",
"tools/c_rehash",
],
},
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Mon, 18 Jul 2016 16:52:56 +0000 (17:52 +0100)]
Fix print of ASN.1 BIGNUM type.
The ASN.1 BIGNUM type needs to be handled in a custom way as it is
not a generic ASN1_STRING type.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Mon, 18 Jul 2016 13:17:42 +0000 (14:17 +0100)]
Fix formatting in statem_srvr.c based on review feedback
Also elaborated a comment based on feedback.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Fri, 15 Jul 2016 09:46:01 +0000 (10:46 +0100)]
Ensure Travis tests SSLv3
Switch on Travis testing of SSLv3.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Fri, 15 Jul 2016 09:36:42 +0000 (10:36 +0100)]
Try and make the transition tests for CKE message clearer
The logic testing whether a CKE message is allowed or not was a little
difficult to follow. This tries to clean it up.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Fri, 15 Jul 2016 09:04:11 +0000 (10:04 +0100)]
Simplify key_exchange_expected() logic
The static function key_exchange_expected() used to return -1 on error.
Commit
361a119127 changed that so that it can never fail. This means that
some tidy up can be done to simplify error handling in callers of that
function.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 22:22:00 +0000 (23:22 +0100)]
Fix client auth test_ssl_new failures when enabling/disabling protocols
If configuring for anything other than the default TLS protocols then
test failures were occuring.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 13:37:57 +0000 (14:37 +0100)]
Make sure we call ssl3_digest_cached_records() when necessary
Having received a ClientKeyExchange message instead of a Certificate we
know that we are not going to receive a CertificateVerify message. This
means we can free up the handshake_buffer. However we better call
ssl3_digest_cached_records() instead of just freeing it up, otherwise we
later try and use it anyway and a core dump results. This could happen,
for example, in SSLv3 where we send a CertificateRequest but the client
sends no Certificate message at all. This is valid in SSLv3 (in TLS
clients are required to send an empty Certificate message).
Found using the BoringSSL test suite.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 18:43:46 +0000 (19:43 +0100)]
Fix SSLv3 alert if no Client Ceritifcate sent after a request for one
In TLS if the server sends a CertificateRequest and the client does not
provide one, if the server cannot continue it should send a
HandshakeFailure alert. In SSLv3 the same should happen, but instead we
were sending an UnexpectedMessage alert. This is incorrect - the message
isn't unexpected - it is valid for the client not to send one - its just
that we cannot continue without one.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 18:41:03 +0000 (19:41 +0100)]
Fix SSLv3 ClientAuth alert checking
In TLS during ClientAuth if the CA is not recognised you should get an
UnknownCA alert. In SSLv3 this does not exist and you should get a
BadCertificate alert.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 15:34:26 +0000 (16:34 +0100)]
Fix Client Auth tests
The Client Auth tests were not correctly setting the Protocol, so that this
aspect had no effect. It was testing the same thing lots of times for
TLSv1.2 every time.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Wed, 22 Jun 2016 13:31:32 +0000 (14:31 +0100)]
Prepare the client certificate earlier
Move the preparation of the client certificate to be post processing work
after reading the CertificateRequest message rather than pre processing
work prior to writing the Certificate message. As part of preparing the
client certificate we may discover that we do not have one available. If
we are also talking SSLv3 then we won't send the Certificate message at
all. However, if we don't discover this until we are about to send the
Certificate message it is too late and we send an empty one anyway. This
is wrong for SSLv3.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Mon, 18 Jul 2016 09:29:46 +0000 (10:29 +0100)]
Fix mingw build
Mingw builds on Travis were failing because INT_MAX was undeclared.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Mon, 18 Jul 2016 09:28:45 +0000 (10:28 +0100)]
Fix strict-warnings build
The i2d_SCT_LIST function is declared as __owur, therefore we need to check
the result or a --strict-warnings build will fail.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Sun, 3 Jul 2016 14:53:14 +0000 (16:53 +0200)]
aes/asm/aesfx-sparcv9.pl: switch to fshiftorx to improve single-block
and short-input performance.
[Fix bug in misaligned output handling.]
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Fri, 1 Jul 2016 16:10:10 +0000 (18:10 +0200)]
SPARC assembly pack: enforce V8+ ABI constraints.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Sat, 23 Apr 2016 17:22:53 +0000 (19:22 +0200)]
evp/e_aes.c: wire new CBC and CTR subroutines from aesfx-sparcv9.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Sat, 23 Apr 2016 17:21:18 +0000 (19:21 +0200)]
aes/asm/aesfx-sparcv9.pl: add "teaser" CBC and CTR subroutines.
[Also optimize aligaddr usage in single-block subroutines.]
Reviewed-by: Rich Salz <rsalz@openssl.org>
Kurt Roeckx [Sat, 16 Jul 2016 11:41:33 +0000 (13:41 +0200)]
fuzzers: print and convert it back
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1323
Kurt Roeckx [Sat, 16 Jul 2016 14:56:54 +0000 (16:56 +0200)]
Return error when trying to print invalid ASN1 integer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1322
Andy Polyakov [Fri, 15 Jul 2016 11:11:52 +0000 (13:11 +0200)]
INSTALL: clarify --cross-compile-prefix.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Sat, 16 Jul 2016 11:10:02 +0000 (13:10 +0200)]
crypto/LPdir_win.c: rationalize temporary allocations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Fri, 15 Jul 2016 13:21:00 +0000 (15:21 +0200)]
crypto/LPdir_win.c: harmonize with o_fopen.c.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:13:17 +0000 (18:13 +0200)]
Make fuzzer and fuzz tester builds less magic
Instead of having fuzz/build.info.fuzz magically and conditionally
included along with the other build.info files, incorporate it in
fuzz/build.info and add the conditions there instead.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Miroslav Franc [Thu, 14 Jul 2016 15:14:08 +0000 (17:14 +0200)]
fix memory leaks
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1313)
Richard Levitte [Fri, 15 Jul 2016 16:41:37 +0000 (18:41 +0200)]
Remove the silly CVS markers from LPdir_*.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 15 Jul 2016 16:40:53 +0000 (18:40 +0200)]
Add back lost copyright and license text in LPdir_win.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 15 Jul 2016 15:57:35 +0000 (17:57 +0200)]
Fix: dummy definition of rand_hw_seed() should also return int
Reviewed-by: Stephen Henson <steve@openssl.org>
Richard Levitte [Fri, 15 Jul 2016 11:31:26 +0000 (13:31 +0200)]
Fix ASN.1 private encode of EC_KEY to not change the input key
RT#4611
Reviewed-by: Stephen Henson <steve@openssl.org>
Dr. Stephen Henson [Sat, 18 Jun 2016 14:46:13 +0000 (15:46 +0100)]
check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Fri, 15 Jul 2016 10:57:27 +0000 (12:57 +0200)]
Windows: allow input and output flags to end with a space, or not
With a number of tools, especially those coming with Visual Studio,
some command options are separated from their argument with a space,
others with a space. Since we parametrise them, we can't know
beforehand which it will be, so we must allow the input and output
options to have either.
However, spaces at the end of nmake macro values are trimmed, so allow
spaces to exist by adding a reference to an undefined macro at the end.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Andy Polyakov [Sun, 10 Jul 2016 10:05:43 +0000 (12:05 +0200)]
crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Thu, 14 Jul 2016 19:13:24 +0000 (21:13 +0200)]
Small fixes in unix-Makefile.tmpl
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Thu, 14 Jul 2016 19:11:46 +0000 (21:11 +0200)]
Install applink.c with the public header files.
This is only done for the platforms where 'OPENSSL_USE_APPLINK' is defined.
Also, change the docs of OPENSSL_Applink to say where to find applink.c
in the installation directory.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Thu, 14 Jul 2016 07:23:36 +0000 (09:23 +0200)]
Windows: take care of manifest files
The easiest way to take care of manifest files is to integrate them
into the associated binary (.exe or .dll). MT (the Manifest Tool) is
the utility to use for this.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Wed, 13 Jul 2016 13:20:49 +0000 (14:20 +0100)]
make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Wed, 13 Jul 2016 13:20:15 +0000 (14:20 +0100)]
Add OCSP accessors.
RT#4605
Reviewed-by: Rich Salz <rsalz@openssl.org>
David Benjamin [Mon, 11 Jul 2016 03:35:04 +0000 (23:35 -0400)]
Fix DH error-handling in tls_process_key_exchange.
The set0 setters take ownership of their arguments, so the values should
be set to NULL to avoid a double-free in the cleanup block should
ssl_security(SSL_SECOP_TMP_DH) fail. Found by BoringSSL's WeakDH test.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1299)
Viktor Dukhovni [Tue, 12 Jul 2016 15:10:05 +0000 (11:10 -0400)]
Make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
Viktor Dukhovni [Mon, 11 Jul 2016 00:36:02 +0000 (20:36 -0400)]
Perform DANE-EE(3) name checks by default
In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records. Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Wed, 22 Jun 2016 12:36:08 +0000 (13:36 +0100)]
Extend mkcert.sh to support nameConstraints generation and more complex
subject alternate names.
Add nameConstraints tests incluing DNS, IP and email tests both in
subject alt name extension and subject name.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Mon, 4 Jul 2016 13:46:08 +0000 (14:46 +0100)]
make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Sun, 3 Jul 2016 20:41:57 +0000 (21:41 +0100)]
Add nameConstraints commonName checking.
New hostname checking function asn1_valid_host()
Check commonName entries against nameConstraints: any CN components in
EE certificate which look like hostnames are checked against
nameConstraints.
Note that RFC5280 et al only require checking subject alt name against
DNS name constraints.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Viktor Dukhovni [Mon, 11 Jul 2016 01:09:38 +0000 (21:09 -0400)]
Don't rely on implicit rsa.h inclusion
With no-deprecated, some nested includes don't happen by default.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Sat, 9 Jul 2016 09:06:44 +0000 (11:06 +0200)]
VMS: Adjust the engines directory by adding the pointer size to its name
With OpenSSL 1.1 and on, the engines are tightly tied to the shared
library they're to be used with. That makes them depend on the
pointer size as well as the shared library version, and this gets
reflected in the name of the directory they're installed in.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:38:31 +0000 (18:38 +0200)]
VMS: Small cleanups
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:35:38 +0000 (18:35 +0200)]
VMS: OSSL$EXE: needs to reflect that programs are installed in two places
We're installing architecture dependent (compiled) programs in
architecture specific directories, while architecture independent
programs (scripts) get installed in the general programs directory.
OSSL$EXE: reflects that by having two values.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:34:21 +0000 (18:34 +0200)]
VMS: Document the changed logical names in VMS/openssl_staryup.com.in
Since there's been quite some changes, documentation needs updating
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:30:43 +0000 (18:30 +0200)]
VMS: Present OPENSSLDIR according to the VMS setup.
This mostly affects 'openssl version -a', which might as well display
what we're actually looking at.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 16:27:56 +0000 (18:27 +0200)]
VMS: Simplify the spec of the default certs & keys area.
We previously had a number of logical names for the different parts.
There's really no need for that, the default directories are in one
directory tree. So we only define OSSL$DATAROOT: and make everything
related to that one.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rich Salz [Fri, 8 Jul 2016 20:19:38 +0000 (16:19 -0400)]
Update ordinals
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Tue, 28 Jun 2016 17:05:24 +0000 (13:05 -0400)]
Platform sanity test
Replace nptest with sanity test.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Sat, 2 Jul 2016 00:10:03 +0000 (20:10 -0400)]
GH1278: Removed error code for alerts
Commit
aea145e removed some error codes that are generated
algorithmically: mapping alerts to error texts. Found by
Andreas Karlsson. This restores them, and adds two missing ones.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Fri, 8 Jul 2016 16:55:45 +0000 (12:55 -0400)]
Replace all #define's in pod pages.
Function-like macros are replaced with prototypes and a note
that they are implemented as macros. Constants are just
referenced in-line in the text.
Tweak BIO_TYPE_... documentation.
Also fix RT4592.
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 13:01:04 +0000 (15:01 +0200)]
VMS: openssl_ivp must call versioned openssl_startup and openssl_utils
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Thu, 7 Jul 2016 10:05:31 +0000 (11:05 +0100)]
Disallow multiple protocol flags to s_server and s_client
We shouldn't allow both "-tls1" and "-tls1_2", or "-tls1" and "-no_tls1_2".
The only time multiple flags are allowed is where they are all "-no_<prot>".
This fixes Github Issue #1268
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 11:33:27 +0000 (13:33 +0200)]
Unix: Set the execute permission on installed shared libraries
Some Unix variants require shared libraries to have the execute
permissions set, or they won't be loadable or executable when loaded.
Among others, cygwin has this requirement.
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Fri, 8 Jul 2016 12:11:43 +0000 (14:11 +0200)]
Reorganize .gitignore to make better use of its features
It's possible to have a very few rules for some directories and trust
that other patterns further along will take care of whatever is left.
.gitignore should therefore be loosely organised from least generic to
most generic, allowing things like this:
# Keep any file with extensions, such as foo.c, bar.h, ...
!/dir/*.*
# ....
# Remove all object files
*.o
*.obj
With this change, we implement some very generic rules for what will
and will not be ignored in the fuzz subdirectory, and truse that
patterns later on (such as *.o, *.obj, *.exe) will take care of
everything we didn't specifically specify for the fuzz subdirectory.
Reviewed-by: Rich Salz <rsalz@openssl.org>
projects / openssl.git / log