Richard Levitte [Fri, 2 Jun 2023 12:32:07 +0000 (14:32 +0200)]
build.info: Introduce special syntax for dependencies on script modules
The DEPEND statement, when applied on files generated with GENERATE, may
be used to specify script modules that the template to be generated from
depends on. In short, this sort of depend:
DEPEND[generated]=util/perl/OpenSSL/something.pm
... would generate a perl run that has the inclusion directory
'util/perl/OpenSSL' and 'something' as the module to be loaded. However,
the package name for this module is 'OpenSSL::something', so to load it the
way it's expected, the inclusion directory should be 'util/perl', and the
module to be loaded should be specified as 'OpenSSL/something' (to be
massaged into a proper module name by the build file template).
To allow this, we introduce a file syntax, where a single '|' is used as a
directory separator, to delineate what part should be used as the inclustion
directory, and which part the module name to be loaded should be derived
from:
DEPEND[generated]=util/perl|OpenSSL/something.pm
Fixes #21112
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21117)
Matt Caswell [Fri, 12 May 2023 10:57:26 +0000 (11:57 +0100)]
Modify ENGINE_pkey_asn1_find_str() to use a read lock instead of a write
ENGINE_pkey_asn1_find_str() does not make any modifications to fields
controlled by the global_engine_lock. The only change made is the struct_ref
field which is controlled separately. Therefore we can afford to only take
a read lock. This also impacts EVP_PKEY_asn1_find_str().
This lock ends up being obtained indirectly from numerous public API
functions including EVP_PKEY_key_gen(), EVP_PKEY_new_raw_public_key_ex(),
EVP_PKEY_copy_parameters() etc. This occurs even if no engines are actually
in use.
Some tests showed this lock being obtained 6 times after a "warmed up"
s_server instance with default configuration processed a handshake from a
default s_client. When processing a resumption handshake from s_client it
was obtained 8 times.
Partially fixes #20286
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20950)
Matt Caswell [Thu, 11 May 2023 13:14:31 +0000 (14:14 +0100)]
Convert the ENGINE struct_ref field to be an atomic
We use atomic primitives to up ref and down the struct_ref field rather
than relying on the global lock for this.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20950)
Alex Bozarth [Fri, 19 May 2023 19:08:41 +0000 (14:08 -0500)]
Add SSL_get0_group_name() to get name of the group used for KEX
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20866)
Michael Baentsch [Mon, 5 Jun 2023 11:09:29 +0000 (13:09 +0200)]
Cast the argument to unsigned char when calling isdigit()
Fixes #21123
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21127)
Tomas Mraz [Tue, 6 Jun 2023 09:32:15 +0000 (11:32 +0200)]
Make link to RFC 1578 in CHANGES.md be a proper link
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21130)
Richard Levitte [Fri, 12 May 2023 08:00:13 +0000 (10:00 +0200)]
Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will translate
OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical
numeric text form. For gigantic sub-identifiers, this would take a very
long time, the time complexity being O(n^2) where n is the size of that
sub-identifier.
To mitigate this, a restriction on the size that OBJ_obj2txt() will
translate to canonical numeric text form is added, based on RFC 2578
(STD 58), which says this:
> 3.5. OBJECT IDENTIFIER values
>
> An OBJECT IDENTIFIER value is an ordered list of non-negative numbers.
> For the SMIv2, each number in the list is referred to as a sub-identifier,
> there are at most 128 sub-identifiers in a value, and each sub-identifier
> has a maximum value of 2^32-1 (
4294967295 decimal).
Fixes otc/security#96
Fixes CVE-2023-2650
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Vladimír Kotal [Thu, 1 Jun 2023 17:55:54 +0000 (19:55 +0200)]
allow to disable http
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21108)
Pauli [Wed, 31 May 2023 23:51:46 +0000 (09:51 +1000)]
doc: note that out ChaCha20 isn't standard compliant.
Fixes #21095
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21098)
Matt Caswell [Fri, 12 May 2023 15:15:21 +0000 (16:15 +0100)]
Don't take a write lock to retrieve a value from a stack
ossl_x509_store_ctx_get_by_subject() was taking a write lock for the
store, but was only (usually) retrieving a value from the stack of
objects. We take a read lock instead.
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20952)
Matt Caswell [Fri, 12 May 2023 14:52:07 +0000 (15:52 +0100)]
Avoid an unneccessary lock if we didn't add anything to the store
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20952)
Dmitry Belyavskiy [Thu, 1 Jun 2023 15:49:30 +0000 (17:49 +0200)]
Remove pointless warning on pkcs12 import
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21107)
Tomas Mraz [Fri, 2 Jun 2023 14:08:28 +0000 (16:08 +0200)]
Update fuzz/corpora submodule to latest data
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21118)
Darana [Thu, 25 May 2023 18:58:16 +0000 (23:58 +0500)]
Fix documentation where openssl-genrsa is listed as
deprecated since OpenSSL 3.0
openssl-genrsa is not deprecated however the OpenSSL documentation
states that it is the case from OpenSSL 3.0. This has been fixed in the
documentation, specifically in manpage 1.
Fixes #21055
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21059)
Pauli [Mon, 29 May 2023 00:43:48 +0000 (10:43 +1000)]
possible workaround
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
Pauli [Sun, 21 May 2023 22:09:48 +0000 (08:09 +1000)]
Update .gitignore
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
Pauli [Mon, 8 May 2023 22:08:15 +0000 (08:08 +1000)]
gcm: use the new faster param location mechanism.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
Pauli [Fri, 5 May 2023 01:52:58 +0000 (11:52 +1000)]
params: provide a faster TRIE based param lookup.
The separate file is a Perl script that generates the appropriate define
directives for inclusion in core_names.h. By having this separation it
will be possible to prebuild data structures to give faster access when
looking up parameters by name.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
Jairus Christensen [Mon, 27 Feb 2023 16:36:15 +0000 (09:36 -0700)]
[feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes it available
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20248)
Matt Caswell [Wed, 10 May 2023 11:26:56 +0000 (12:26 +0100)]
Avoid taking a write lock in ossl_provider_doall_activated()
We refactor ossl_provider_doall_activated() so that we only need to take
a read lock instead of a write lock for the flag_lock. This should improve
performance by avoiding the lock contention. We achieve this by protecting
the activatecnt via atomics rather than via a lock and by avoiding the full
provider activation/deactivation procedure where it is not needed.
Partial fix for #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20927)
Matt Caswell [Mon, 15 May 2023 14:30:10 +0000 (15:30 +0100)]
Enable obtaining certain DRBG params without a lock
Even if a DRBG has locking enabled on it, there are certain parameters
which are still safe to obtain even without a lock. The max_request
value is constant for all our DRBGs. The reseed_counter does not matter
if we get it wrong - so it is safe to avoid the lock. So if all we are
reading are those parameters then we take no lock at all.
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20970)
Matt Caswell [Mon, 15 May 2023 10:33:01 +0000 (11:33 +0100)]
Refactor the DRBG implementations to manage locking themselves
Previously the EVP layer would call lock and unlock functions on the
underlying DRBG implementation to say when a lock should be acquired and
released. This gives the DRBG implementation no say as to what kind of
lock should obtained (e.g. read/write) or even whether a lock is actually
needed or not.
In reality we know whether a DRBG is supposed to be in locking mode or
not because the "enable_locking()" function will have been called if
locks should be used. Therefore we re-interpret the lock and unlock
functions as "hints" from the EVP layer which we ignore. Instead we
acquire locks only when we need them. By knowing the context we can obtain
either a read or a write lock as appropriate.
This may mean that in some rare cases we acquire the locks more than once
for a single EVP call, if the EVP call makes several calls to the underlying
DRBG. But in practice almost all EVP calls only make one such call.
EVP_RAND_generate() is an example of a call where multiple DRBG calls may
be made. One of these gets the "max_request" parameter (which is constant
for all of our own DRBGs) and it may make several calls to the DRBG generate
call - but only if the requested size is very large which will rarely be
the case.
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20970)
Dr. David von Oheimb [Tue, 30 May 2023 19:09:57 +0000 (21:09 +0200)]
openssl-cmp.pod.in: tweak doc of -subject, -issuer, -keep_alive, and -untrusted
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Tue, 30 May 2023 19:15:09 +0000 (21:15 +0200)]
cmp_mock_srv.c: improve comment on cert to be produced from request template
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Tue, 30 May 2023 19:10:18 +0000 (21:10 +0200)]
cmp_client.c: add comment on certConf and add 'ossl_unused' to two functions
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Tue, 30 May 2023 19:09:26 +0000 (21:09 +0200)]
apps.c: add comment to do_X509_sign() referring to question #19805
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Tue, 30 May 2023 19:14:51 +0000 (21:14 +0200)]
apps/cmp.c: make management of http_cb_arg pointer more robust
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Tue, 30 May 2023 19:11:58 +0000 (21:11 +0200)]
apps/cmp.c: improve warnings on option use
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)
Dr. David von Oheimb [Thu, 25 May 2023 15:46:48 +0000 (17:46 +0200)]
CMS_ContentInfo_free(): fix mem leak on encrypted content key
Fixes #21026
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21058)
Dr. David von Oheimb [Thu, 25 May 2023 15:48:04 +0000 (17:48 +0200)]
SMIME_crlf_copy(): check for NULL pointer arguments
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21058)
Yuri Penkin [Tue, 23 May 2023 20:32:23 +0000 (23:32 +0300)]
Ignore the fetch error when a legacy algorithm is found
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21035)
(cherry picked from commit
cb1f87f59d0b290eca9207ec4ef36d8073e6feec)
Dr. David von Oheimb [Fri, 3 Dec 2021 17:17:50 +0000 (18:17 +0100)]
CMP: add support for genm/genp messages with id-it-caCerts
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19231)
Pauli [Fri, 26 May 2023 01:23:48 +0000 (11:23 +1000)]
QUIC: CID conformance
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21078)
Pauli [Thu, 25 May 2023 01:31:36 +0000 (11:31 +1000)]
doc: update FIPS provider version information
With 3.0.8 validated, we need to note this in the documentation.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21049)
Pauli [Tue, 30 May 2023 02:22:53 +0000 (12:22 +1000)]
tags: fix `make tags` target for out of tree builds
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21079)
Kurt Roeckx [Tue, 13 Dec 2022 21:10:47 +0000 (22:10 +0100)]
Add PEM fuzzer
This fuzzer can find CVE-2022-4450
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20242)
Tomas Mraz [Mon, 22 May 2023 13:08:38 +0000 (15:08 +0200)]
Compute RSA-PSS algorithm params in libcrypto for legacy
Fixes regression of RSA signatures for legacy keys caused
by quering the provider for the algorithm id with parameters.
Legacy keys do not have a method that would create the
algorithm id. So we revert to what was done in 3.0.7 and
earlier versions for these keys.
Fixes #21008
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21019)
Xiaokang Qian [Mon, 15 May 2023 09:14:39 +0000 (09:14 +0000)]
Fix arm64 asm code back compatible issue with gcc 4.9.4
Fix: #20963
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20967)
dependabot[bot] [Thu, 25 May 2023 15:57:31 +0000 (15:57 +0000)]
Bump actions/setup-python from 4.6.0 to 4.6.1
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.6.0...v4.6.1)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21047)
Dr. David von Oheimb [Sat, 25 Dec 2021 12:38:23 +0000 (13:38 +0100)]
CMS, PKCS7, and CRMF: simplify use of EVP_PKEY_decrypt() by helper function
Also remove needless constant_time_* and ERR_clear_error() calls
from OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17354)
Dr. David von Oheimb [Mon, 29 May 2023 04:43:29 +0000 (06:43 +0200)]
ssl/statem_srvr.c: clean up handling of EVP_PKEY_decrypt() outlen
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17354)
Dr. David von Oheimb [Fri, 14 May 2021 13:12:54 +0000 (15:12 +0200)]
cmp_http.c: Remove obsolete comment w.r.t. ERR_clear_error()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17354)
Rajarshi Karmakar [Mon, 22 May 2023 16:51:57 +0000 (16:51 +0000)]
OSSL_sleep(): Calling sleep() function if sleepTime > 1sec
On some systems usleep() func does not support time >1sec.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21010)
Matt Caswell [Fri, 12 May 2023 16:06:10 +0000 (17:06 +0100)]
Optimise locking in rsa_get_blinding()
We optimise locking in rsa_get_blinding() so that we normally take a
read lock, and only fallback to a write lock if we need to. This will
be very slightly slower in the case of single use RSA objects, but should
be significantly better when an RSA object is reused in a multi-threaded
environment. It's probably worth the trade off.
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20953)
Matt Caswell [Thu, 11 May 2023 10:25:07 +0000 (11:25 +0100)]
When we're just reading EX_CALLBACK data just get a read lock
The crypto_ex_data code was always obtaining a write lock in all functions
regardless of whether we were only reading EX_CALLBACK data or actually
changing it. Changes to the EX_CALLBACK data are rare, with many reads so
we should change to a read lock where we can.
We hit this every time we create or free any object that can have ex_data
associated with it (e.g. BIOs, SSL, etc)
Partially fixes #20286
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20943)
Matt Caswell [Wed, 10 May 2023 13:44:17 +0000 (14:44 +0100)]
Avoid taking a write lock in RAND_get_rand_method()
The function RAND_get_rand_method() is called every time RAND_bytes() or
RAND_priv_bytes() is called. We were obtaining a write lock in order to
find the default random method - even though we rarely write. We change
this to a read lock and only fallback to a write lock if we need to.
Partial fix for #20286
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20929)
Matt Caswell [Wed, 10 May 2023 15:27:03 +0000 (16:27 +0100)]
Don't take a write lock when freeing an EVP_PKEY
When freeing the last reference to an EVP_PKEY there is no point in
taking the lock for the key. It is the last reference and is being freed
so must only be being used by a single thread.
This should not have been the source of any contention so its unclear to
what extent this will improve performance. But we should not be locking
when we don't need to.
Partially fixes #20286
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20932)
Clemens Lang [Wed, 24 May 2023 11:12:54 +0000 (13:12 +0200)]
x509: Handle ossl_policy_level_add_node errors
The invocation of ossl_policy_level_add_node in tree_calculate_user_set
did not have any error handling. Add it to prevent a memory leak for the
allocated extra policy data.
Also add error handling to sk_X509_POLICY_NODE_push to ensure that if
a new node was allocated, but could not be added to the stack, it is
freed correctly.
Fix error handling if tree->user_policies cannot be allocated by
returning 0, indicating failure, rather than 1.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21040)
Clemens Lang [Wed, 24 May 2023 10:22:25 +0000 (12:22 +0200)]
x509: Fix possible use-after-free when OOM
ossl_policy_level_add_node() first adds the new node to the level->nodes
stack, and then attempts to add extra data if extra_data is true. If
memory allocation or adding the extra data to tree->extra_data fails,
the allocated node (that has already been added to the level->nodes
stack) is freed using ossl_policy_node_free(), which leads to
a potential use after free.
Additionally, the tree's node count and the parent's child count would
not be updated, despite the new node being added.
Fix this by either performing the function's purpose completely, or not
at all by reverting the changes on error.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21040)
Tomas Mraz [Thu, 25 May 2023 14:58:04 +0000 (16:58 +0200)]
Add missing CHANGES.md entries
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21057)
(cherry picked from commit
3afa246520852ba3bfc16c7c976cb3c2064a3baa)
Hugo Landau [Wed, 24 May 2023 15:06:22 +0000 (16:06 +0100)]
SSL_handle_events(): Minor fixes to documentation
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Thu, 18 May 2023 12:10:36 +0000 (13:10 +0100)]
QUIC: Rename SSL_tick etc. in s_client
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Thu, 18 May 2023 12:07:00 +0000 (13:07 +0100)]
QUIC: Rename SSL_tick etc. in man(7) docs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:27:58 +0000 (19:27 +0100)]
QUIC: Update documentation to reflect compatibility of DTLS APIs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:22:15 +0000 (19:22 +0100)]
QUIC APL: Allow DTLSv1 APIs to be used for compatibility
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:16:13 +0000 (19:16 +0100)]
QUIC: Update documentation for SSL_get_event_timeout
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:09:05 +0000 (19:09 +0100)]
QUIC APL: Change SSL_get_event_timeout API design
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:01:12 +0000 (19:01 +0100)]
QUIC: Rename SSL_tick, SSL_get_tick_timeout
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Hugo Landau [Wed, 3 May 2023 18:00:03 +0000 (19:00 +0100)]
QUIC Documentation: Rename SSL_tick, SSL_get_tick_timeout
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
Anis-cpu-13 [Tue, 2 May 2023 12:59:11 +0000 (14:59 +0200)]
Replace __attribute__((malloc)) with __attribute__((__malloc__)) in macros.h
Fix macro attribute conflict with cmocka
Fixes #20776
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20869)
Watson Ladd [Fri, 19 May 2023 20:55:08 +0000 (13:55 -0700)]
Clarify how to return string data
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21004)
minyong.ha [Mon, 22 May 2023 05:44:13 +0000 (14:44 +0900)]
Fix a bug where the result of rehash is unstable
The root cause is that the file entries targeted for rehash are not actually sorted.
Sort was skipped because the compare function was null.
So a compare function has been implemented to allow file entries to be sorted.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21013)
Dr. David von Oheimb [Tue, 16 May 2023 08:24:35 +0000 (10:24 +0200)]
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_number()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20971)
Dr. David von Oheimb [Tue, 16 May 2023 08:17:03 +0000 (10:17 +0200)]
APPS: replace awkward and error-prone pattern by calls to new app_conf_try_string()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20971)
Dr. David von Oheimb [Mon, 15 May 2023 17:59:16 +0000 (19:59 +0200)]
APPS/ca: remove spurious errors when certain config file entries are not provided
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20971)
Matt Caswell [Mon, 22 May 2023 14:23:21 +0000 (15:23 +0100)]
Create internal/ssl.h
We create the internal/ssl.h header file and move the typedef for
ossl_msg_cb. This is needed by both the QUIC code (which generally doesn't
include ssl_local.h) and the rest of libssl.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 22 May 2023 14:00:00 +0000 (15:00 +0100)]
Rename msg_callback_s to msg_callback_ssl for greater clarity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 22 May 2023 13:54:43 +0000 (14:54 +0100)]
Use the %llu format specifier for uint64_t
We change to use %llu when printing uint64_t types for consistency with
what we've done elsewhere.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Thu, 18 May 2023 14:46:58 +0000 (15:46 +0100)]
Create setter functions for the msg_callback and msg_callback_arg
We create setter functions for the msg_callback and msg_callback_arg so
that these values can be properly propagated to the QRX/QTX/TXP even
after the channel has been created.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Tue, 9 May 2023 12:22:38 +0000 (13:22 +0100)]
Add a test for the new QUIC tracing capability
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Tue, 9 May 2023 14:20:04 +0000 (15:20 +0100)]
Fix an SSL_trace bug
Ensure that SSL_trace can print certificate data even with a non-default
libctx.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Tue, 9 May 2023 11:00:18 +0000 (12:00 +0100)]
Update the msg_callback documentation
We provide information about the new QUIC support related to the
msg_callback. We also document SSL_trace() which was previously missing
from the man pages.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 8 May 2023 13:26:30 +0000 (14:26 +0100)]
Add more trace details for the remaining frame types
Prior to this commit we were just printing the fact that we had received
or sent a frame of a particular type. We now provide more details about
those frames.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 8 May 2023 12:51:39 +0000 (13:51 +0100)]
Properly handling stream/crypto frames while tracing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 8 May 2023 10:32:04 +0000 (11:32 +0100)]
Enable tracing of datagrams we have sent
Extend the tracing capability to also trace when we have a datagram to the
peer.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Fri, 5 May 2023 15:51:43 +0000 (16:51 +0100)]
Enable tracing of packets that have been sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Fri, 5 May 2023 13:46:01 +0000 (14:46 +0100)]
Extend tracing of frames to transmitted frames
Previously we were only doing tracing of frames received from the peer.
Now we do that for transmitted frames as well.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Thu, 4 May 2023 16:18:01 +0000 (17:18 +0100)]
Support trace for QUIC Frames
Extend the existing QUIC tracing capability for frames.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Thu, 4 May 2023 14:47:32 +0000 (15:47 +0100)]
Support trace for QUIC Packets
We enable SSL_trace support for when we receive QUIC Packets. This is
called after header protection is removed, but before the packet is
decrypted.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Tue, 2 May 2023 12:26:47 +0000 (13:26 +0100)]
Support trace for QUIC datagrams
Extend SSL_trace so that it knows how to dump information about the
receipt of a QUIC datagram.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 1 May 2023 14:40:28 +0000 (15:40 +0100)]
Add initial QUIC support for the msg_callback
At this stage we just support msg_callback on receipt of a datagram.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Hugo Landau [Mon, 22 May 2023 12:37:17 +0000 (13:37 +0100)]
Resolve a djgpp function name conflict
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:26:03 +0000 (13:26 +0100)]
Add note about Windows LONG
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:24:38 +0000 (13:24 +0100)]
Make testutil text output functions thread safe (tsan)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:24:02 +0000 (13:24 +0100)]
QUIC APL: Unlock mutex before freeing (clang tsan error)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:23:40 +0000 (13:23 +0100)]
Remove an unused variable (clang 16 warning)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 06:40:40 +0000 (07:40 +0100)]
QUIC: Add to threads sanitizer CI
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 06:40:31 +0000 (07:40 +0100)]
QUIC Glossary: Add QCTX
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Wed, 17 May 2023 12:59:21 +0000 (13:59 +0100)]
Add no-threads build to CI
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Wed, 17 May 2023 12:15:01 +0000 (13:15 +0100)]
QUIC: Fix bugs where threading is disabled
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Tue, 2 May 2023 17:21:07 +0000 (18:21 +0100)]
QUIC TSERVER: Use a random port in the tserver test
Fixes nondeterministic failures where BIO_bind would fail on some
platforms.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Tue, 2 May 2023 16:59:04 +0000 (17:59 +0100)]
QUIC MSMT: macOS robustness fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC APL: Make SSL_get_error per-stream, error raising refactor
This refactors the error raising code in the APL to automatically raise
errors in the correct SSL object, either a QCSO or QSSO depending on the
circumstances. The QCTX structure's responsibilities are expanded to
facilitate this. This further drives towards a unified mechanism for
generic dispatch precondition checking and error raising.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC MSMT TESTS: Add tests to exercise MAX_STREAMS
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC RXDP: Ensure all stream-related frames autocreate a stream
RFC requirement.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC FC: Correct operation of stream count mode
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC QSM: Correct the logic for determining stream count limits
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC QSM: Allow QSM to know if we are in the server role
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC MSMT: Stress tests, support for repeating test opoerations
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:33 +0000 (16:56 +0100)]
QUIC MSMT: Add a basic multithreading test
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)