Fix unbounded memory growth when using no-cached-fetch When OpenSSL has been compiled with no-cached-fetch we do not cache algorithms fetched from a provider. When we export an EVP_PKEY to a provider we cache the details of that export in the operation cache for that EVP_PKEY. Amoung the details we cache is the EVP_KEYMGMT that we used for the export. When we come to reuse the key in the same provider that we have previously exported the key to, we check the operation cache for the cached key data. However because the EVP_KEYMGMT instance was not cached then instance will be different every time and we were not recognising that we had already exported the key to the provider. This causes us to re-export the key to the same provider everytime the key is used. Since this consumes memory we end up with unbounded memory growth. The fix is to be more intelligent about recognising that we have already exported key data to a given provider even if the EVP_KEYMGMT instance is different. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23841)
plug potential memory leak in error code path Function `module_add()` may leak stack of modules when it fails to initialize newly added module. Fixes #23835 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23836)
Add Content Type OID for id-ct-rpkiSignedPrefixList References: draft-ietf-sidrops-rpki-prefixlist Title: "A profile for Signed Prefix Lists for Use in the Resource Public Key Infrastructure (RPKI)" OID assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23426)
Limit the number of http headers when receiving the http response Change introduces a default limit on HTTP headers we expect to receive from server to 256. If limit is exceeded http client library indicates HTTP_R_RESPONSE_TOO_MANY_HDRLINES error. Application can use OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines() to change default. Setting limit to 0 implies no limit (current behavior). Fixes #22264 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23781)
PKCS7: Remove one of the duplicate checks There are two consecutive identical checks "if (i <= 0)". We can remove one of them to make the code clear. CLA: trivial Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23741)
Fix BIO_get_new_index() to return an error when it is exhausted. Fixes #23655 BIO_get_new_index() returns a range of 129..255. It is set to BIO_TYPE_START (128) initially and is incremented on each call. >= 256 is reserved for the class type flags (BIO_TYPE_DESCRIPTOR) so it should error if it reaches the upper bound. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23732)
Gate setting of ipi_spec_dst on not building for freebsd some variants of FreeBSD (notably Dells OneFS) implement IP_PKTINFO partially, and as such the build breaks for those variants. specifically, it supports IP_PKTINFO, but the in_pktinfo struct has no defined ipi_spec_dst field. Work around this by gating the setting of that variable on not building for FreeBSD Fixes #23739 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23753)
crypto/cmp: add OSSL_CMP_MSG_get0_certreq_publickey(); fix coding style nit Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21660)
apps/cmp: add -reqout_only option for dumping/saving just the initial CMP request message Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21660)
Add appropriate lower bound checks for GeneralizedTime and UTCTime ITU-T X.690 / ISO/IEC 8825-1 section 11.7 and section 11.8 impose specific constraints on how GeneralizedTime and UTCTime can be encoded in BER/CER/DER. Following from these constraints a minimum length can be derived. Checking the length in this context can potentially help prevent applications from interpreting an invalid GeneralizedTime as a valid UTCTime. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23483)
Apply the AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100 Performance improvements range from 18% to 32%. Change-Id: Ifb89eeac3c0625a582a25ff07cf7f9c9ec8f5ba6 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23651)
chachap10-ppc.pl: Fix truncated relocation Fix error: relocation truncated to fit: R_PPC64_REL14 (stub) against symbol `ChaCha20_ctr32_vsx_8x' CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23618)
OpenSSL License is applied for some source files, change to Apache 2 The following files include/openssl/hpke.h crypto/hpke/hpke.c crypto/ec/asm/ecp_sm2p256-armv8.pl crypto/chacha/asm/chacha-loongarch64.pl still seem to be released under the OpenSSL License instead of the Apache 2 license. Fixes #23570 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23576)
Check for NULL cleanup function before using it in encoder_process encoder_process assumes a cleanup function has been set in the currently in-use encoder during processing, which can lead to segfaults if said function hasn't been set Add a NULL check for this condition, returning -1 if it is not set Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23069)