git.openssl.org Git - openssl.git/log

Update provider_util.c to correctly handle ENGINE references

provider_util.c failed to free ENGINE references when clearing a cipher
or a digest. Additionally ciphers and digests were not copied correctly,
which would lead to double-frees if it were not for the previously
mentioned leaks.

Fixes #16845

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)

(cherry picked from commit 86c15ba87488f88e6191f098ff154f79ce91847b)

Ensure pkey_set_type handles ENGINE references correctly

pkey_set_type should not consume the ENGINE references that may be
passed to it.

Fixes #16757

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)

(cherry picked from commit f7d6868d0d48fedd5d9daad0c3e0cbcaef423ff3)

Make sure EVP_CIPHER_CTX_copy works with the dasync engine

Ciphers in the daysnc engine were failing to copy their context properly
in the event of EVP_CIPHER_CTX_copy() because they did not define the
flag EVP_CIPH_CUSTOM_FLAG

Fixes #16844

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)

(cherry picked from commit a0cbc2d222743fc4ffd276b97bd5f8aeacf01122)

Avoid NULL+X UB in bss_mem.c

Fixes #16816

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16818)

(cherry picked from commit a98b26588b683eb024ab81f3bb3549c43acd5188)

Fix the signature newctx documentation

The documentation omitted the propq parameter

Fixes #16755

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16836)

(cherry picked from commit 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0)

Fix lock leak in evp_keymgmt_util_export_to_provider()

Fixes #16847

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16849)

(cherry picked from commit fb0f65fff831d9294e34b6ef6f579c157db54b04)

Raise error when invalid digest used with SM2

Otherwise commands like openssl req -newkey sm2 fail silently without
reporting any error unless -sm3 option is added.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16833)

(cherry picked from commit d5d95daba59adc41ab60ea86acd513f255fca3c0)

test/ssl_old_test.c: Fix potential leak

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16806)

(cherry picked from commit 34563be5368fb8e6ade7d06d8376522ba83cd6ac)

Fix test/recipes/01-test_symbol_presence.t to disregard version info

The output of 'nm -DPg' contains version info attached to the symbols,
which makes the test fail. Simply dropping the version info makes the
test work again.

Fixes #16810 (followup)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16840)

(cherry picked from commit 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc)

Fix another memory leak reported in CIFuzz

Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
    #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11
    #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45
    #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
    #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
    #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
    #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
    #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
    #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
    #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16813)

(cherry picked from commit 19b30f1c596a8df2a522f9d6dfc1c1782790fc78)

Fix a memory leak reported in CIFuzz

Direct leak of 4 byte(s) in 1 object(s) allocated from:
     #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
     #1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
     #2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16
     #3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15
     #4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10
     #5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22
     #6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
     #7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
     #8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
     #9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
     #10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
     #11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
     #12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16813)

(cherry picked from commit 74b485848a608383d8d37c04480821ea7b613110)

Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries

It's a small change to the 'nm' call, to have it look at dynamic symbols
rather than the normal ones.

Fixes #16810

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16822)

(cherry picked from commit a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c)

cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO

Fixes #16787

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/16804)

(cherry picked from commit 374d5cf2f6b8bdf87c04b5e293a7d291f2c23203)

ctrl_params_translate: Fix leak of BN_CTX

Also add a missing allocation failure check.

Fixes #16788

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/16804)

(cherry picked from commit 922422119df1f6aabd2a15e6e4108d98b6143adf)

Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c

This replaces the AES-128-CBC-HMAC-SHA1 cipher with a
non-encrypting version for use the test suite.

[extended tests]

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16693)

(cherry picked from commit 64da15c40d15aac58e211fd25d00e9ae84d0379b)

Extend custom extension testing

Test the scenario where we add a custom extension to a cetificate
request and expect a response in the client's certificate message.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16634)

(cherry picked from commit 0db3a9904fa00569905be130854a31dab7b8f49d)

New extensions can be sent in a certificate request

Normally we expect a client to send new extensions in the ClientHello,
which may be echoed back by the server in subsequent messages. However the
server can also send a new extension in the certificate request message to
be echoed back in a certificate message

Fixes #16632

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16634)

(cherry picked from commit cbb862fbaaa1ec5a3e33836bc92a6dbea97ceba0)

doc: OPENSSL_CORE_CTX should never be cast to OSSL_LIB_CTX

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16771)

(cherry picked from commit 2b80a7490d5008fa40417b804ea16e8fee13d93d)

Bugfix: unsafe return check of EVP_PKEY_fromdata

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16783)

(cherry picked from commit d11cab47810715ba472070300b180944a1d93633)

Bugfix: unsafe return check of EVP_PKEY_fromdata_init

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16783)

(cherry picked from commit 5e199c356d09aca3b625b5ea16966b36d24b0201)

doc: document that property names are unique

Both queries and definitions only support each individual name appearing once.
It is an error to have a name appear more than once.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16716)

(cherry picked from commit 78de5a94d8e2b0a27ae026de29c195e944a49c6d)

test: add failure testing for property parsing

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16716)

(cherry picked from commit 747d142318c5c9ecd80de3f061f54d7af4189039)

property: produce error if a name is duplicated

Neither queries nor definitions handle duplicated property names well.
Make having such an error.

Fixes #16715

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16716)

(cherry picked from commit 8e61832ed7f59c15da003aa86aeaa4e5f44df711)

Bindhost/bindport should be freed

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16775)

(cherry picked from commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9)

Fix unsafe BIO_get_md_ctx check

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16768)

(cherry picked from commit 59a3e7b29574ff45f62e825f6e9923f45060f142)

Fix heading in random generator man7 page

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16753)

(cherry picked from commit 0c75a7387d940468a530ee7470e0afce30f5a227)

apps/x509: Fix self-signed check to happen before setting issuer name

Fixes #16720

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16747)

Fix a memory leak in the afalg engine

Fixes: #16743
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16744)

(cherry picked from commit 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc)

Fix for the dasync engine

Fixes: #16724
Fixes: #16735
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16734)

(cherry picked from commit 59cd0bc1364b5ea817af7f6d36df89c93610cdb5)

Test for DANE cross cert fix

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

Prioritise DANE TLSA issuer certs over peer certs

When building the certificate chain, prioritise any Cert(0) Full(0)
certificates from TLSA records over certificates received from the peer.

This is important when the server sends a cross cert, but TLSA records include
the underlying root CA cert. We want to construct a chain with the issuer from
the TLSA record, which can then match the TLSA records (while the associated
cross cert may not).

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

BIO_f_ssl.pod: Make clear where an SSL BIOs are expected as an argument

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16688)

(cherry picked from commit 34901b0c39ed8fe7ddb81de4ad9fc0a7b2c45a0d)

Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16688)

(cherry picked from commit dce910af3bb135bd6d7c5a4cc512043b3ad4acc1)

doc: crypto(7) - fix typo

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16695)

(cherry picked from commit ce2892940902124b4a807c27a7df458f5049189f)

Fully initialise cipher/digest app handles

This avoids a crash in e.g. `openssl chacha20` as reported by
Steffen Nurpmeso on openssl-users.

Resolves: #16713

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16714)

(cherry picked from commit a8cc0efe0d8fdd7bfa1d40b3c008d7d6ddf970db)

openssl-x509.pod.in: Reflect better that -signkey is an alias for -key option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16618)

APPS/{x509,req}: Fix description and diagnostics of -key, -in, etc. options

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16618)

doc/man3/SSL_set_fd.pod: add note about Windows compiler warning

According to an old stackoverflow thread [1], citing an even older comment by
Andy Polyakov (1875e6db29, Pull up Win64 support from 0.9.8., 2005-07-05),
a cast of 'SOCKET' (UINT_PTR) to 'int' does not create a problem, because although
the documentation [2] claims that the upper limit is INVALID_SOCKET-1 (2^64 - 2),
in practice the socket() implementation on Windows returns an index into the kernel
handle table, the size of which is limited to 2^24 [3].

Add this note to the manual page to avoid unnecessary roundtrips to StackOverflow.

[1] https://stackoverflow.com/questions/1953639/is-it-safe-to-cast-socket-to-int-under-win64
[2] https://docs.microsoft.com/en-us/windows/win32/winsock/socket-data-type-2
[3] https://docs.microsoft.com/en-us/windows/win32/sysinfo/kernel-objects

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16699)

(cherry picked from commit f8dd5869bca047a23599ac925aace70efcf487ad)

BIO_ctrl: Avoid spurious error being raised on NULL bio parameter

Some of the functions are being called on NULL bio with the
expectation that such call will not raise an error.

Fixes #16681

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16686)

(cherry picked from commit 398ae8231650c4bd8ddff0e5efd38233c23b1ca0)

Fix return value of BIO_free

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16682)

(cherry picked from commit d8f6c533cfcbcad350c9cfb2c112eb9f938ba83c)

Fix some documentation errors

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16684)

(cherry picked from commit 9efdf4ad6b130aa4e206a8fd612539925c0b1e45)

ssl: Correct comment for ssl3_read_bytes()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16680)

(cherry picked from commit 105af0ad923a665ca5fee296b52dbf34b524a2aa)

Add sm2 encryption test case from GM/T 0003.5-2012

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16511)

(cherry picked from commit 8ba65c35ea3af347c3b2adc8e665066b541a1c35)

Fix variable name mis-match in example code

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16676)

(cherry picked from commit 29a84567fb859ee6ae7245115b0c347994b03012)

EVP_PKEY_keygen_init has no argument named pkey

int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);

So it should not mention it in the man page description.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16675)

(cherry picked from commit ce0502ce1246046f78dc1e2b26a2790eceedd8b1)

ssl: Correct filename in README

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16671)

(cherry picked from commit 8b6a7da304d4fdd0de38ddd6037d8a02491e3e4e)

FIPS and KTLS may interfere

New Linux kernels (>= 5.11) enable KTLS CHACHA which is not
FIPS-suitable.

Fixes #16657

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16658)

(cherry picked from commit a5d8a2f8f10b83e5afb297698fe72cee77b1837f)

Update 15-ios.conf

CLA: trivial

I assume this has been an error in the initial ios conf file. In order to build for ios the shared engine library, needs to be disabled because iOS doesn't have the concept of shared libraries. But instead of only disabling `dynamic-engine` (or like in this commit disabled the `shared`) option the previous config did disable `engine` and with that the `static-engine` compilation as well. This restores the `static-engine` option being enabled by default, but keeping compilation going on iOS.

Cheers!

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16659)

(cherry picked from commit aa58071e4b8b245db1564f476731c978738e7e98)

Explicitly #include <synchapi.h> is unnecessary

The header is already included by <windows.h> for WinSDK 8 or later.
Actually this causes problem for WinSDK 7.1 (defaults for VS2010) that
it does not have this header while SRW Locks do exist for Windows 7.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16603)

(cherry picked from commit eeb612021e220de734e1ff08499f42bb962c3916)

doc: Fix include syntax

Internal headers should be included using "" instead of <>.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16647)

(cherry picked from commit 50aba7ffde860dbc5a8d1eb3f5d9f49c58ebc2ce)

Remove extra comma in man page example code

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16643)

(cherry picked from commit c249f48778473ebca46a44282b0b0ff40b8665b8)

rand: don't free an mis-set pointer on error

This is adding robustness to the code. The fix to not mis-set the pointer
is in #16636.

Fixes #16631

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16640)

(cherry picked from commit caf569a5b3271c2860732ee44509f3825a179fd5)

doc: remove end of line whitespace

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16641)

(cherry picked from commit 57cd10dd1ee9659b94cfa8a8e74c5a151632975e)

Avoid double-free on unsuccessful getting PRNG seeding

Fixes #16631

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16636)

(cherry picked from commit 52dcc011191ad1a40fd52ae92ef009309deaca52)

Fix util/mkpod2html.pl to call pod2html with absolute paths

It turns out that on VMS, pod2html only recognises VMS directory
specifications if they contain a device name, which is accomplished by
making them absolute.  Otherwise, a VMS build that includes building
the document HTML files ends up with an error like this:

    $ perl [---.downloads.openssl-3_0-snap-20210916.util]mkpod2html.pl -i [---.downloads.openssl-3_0-snap-20210916.doc.man1]CA.pl.pod -o [.DOC.HTML.MAN1]CA.PL.HTML -t "CA.pl" -r "[---.downloads.openssl-3_0-snap-20210916.doc]"
    [---.downloads.openssl-3_0-snap-20210916.util]mkpod2html.pl: error changing to directory -/-/-/downloads/openssl-3_0-snap-20210916/doc/: no such file or directory
    %SYSTEM-F-ABORT, abort

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16626)

(cherry picked from commit dc18f036f161e1e49e1d001046716c77d1699e70)

ci: add copyright header to CI scripts

There is quite a bit of creative effort in these and even more trouble-
shooting effort. I.e. they are non-trivial from a copyright perspective.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16628)

(cherry picked from commit 08d8c2d87ec782e95c28ff795e096c2f6f590d63)

Add missing mention of mandatory function OSSL_FUNC_keymgmt_has

The manual page provider-keymgmt.pod is missing the mention of the
required function OSSL_FUNC_keymgmt_has. The function
keymgmt_from_algorithm raise EVP_R_INVALID_PROVIDER_FUNCTIONS
if keymgmt->has == NULL

CLA: trivial
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16621)

Document that the openssl fipsinstall self test callback may not be used.

Fixes #16260

If the user autoloads a fips module from a config file, then it will run the self tests early (before the self test callback is set),
and they may not get triggered again during the fipsinstall process.
In order for this to happen there must already be a valid fips config file.
As the main purpose of the application is to generate the fips config file, this case has just been documented.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16475)

(cherry picked from commit 8d257d0dc6ed9d5aeb8366de6be0af01538557ea)

Configurations/platform/Unix.pm: account for variants in sharedlib_simple()

OpenSSL 1.1.1 links the simple libcrypto.so to libcrypto_variant.so,
this was inadvertently dropped.

Fixes #16605

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16608)

(cherry picked from commit bfbb62c3b0a8f8d223f84ebf7507594cee99f135)

Correct the documentation for SSL_set_num_tickets()

The behaviour for what happens in a resumption connection was not quite
described correctly.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16582)

(cherry picked from commit 4603b782e6dbed493d2f38db111abc05df66fb99)

Clarify what SSL_get_session() does on the server side in TLSv1.3

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16582)

(cherry picked from commit 9e51f877930dbd4216438a5da3c9612bf4d0a918)

APPS/cmp.c: Move warning on overlong section name to make it effective again

Fixes #16585

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16586)

(cherry picked from commit 39a8d4e13219580c8c89a234d6db5d261408cadb)

providers: Do not use global EVP_CIPHERs and EVP_MDs

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16600)

(cherry picked from commit e59bfbaa2dbd680f77e1121e382502bd522a466c)

80-test_cmp_http.t: Fix handling of empty HTTP proxy string

Fixes #16546

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16593)

(cherry picked from commit 1ed3249f253e4490a813279e2eb253c8e5cfaabb)

MacOS prior to 10.12 does not support random API correctly

Fixes #16517

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16591)

convert tabs to spaces in two distributed Perl scripts

Also fix indentation in c_rehash.in to 4 spaces, where a mixture of 4 and 8
spaces was used before, in addition to tabs.

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16459)

(cherry picked from commit ea0d79db9be9066de350c44c160bd8b17f2be666)

Fix the build file templates where uplink matters

We changed the manner in which a build needing applink is detected,
but forgot to change the installation targets accordingly.

Fixes #16570

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16577)

linux-x86-clang target: Add -latomic

Fixes #16572

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16578)

(cherry picked from commit 7ea01f521d08d6585a62c7cfd9358c0f191bd903)

Fix nc_email to check ASN1 strings with NULL byte in the middle

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16524)

(cherry picked from commit 485d0790ac1a29a0d4e7391d804810d485890376)

install_fips: Create the OPENSSLDIR as it might not exist

Fixes #16564

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16569)

(cherry picked from commit 85efdaab4d068f7de354b0a18f70f1737941dc7f)

Fix 'openssl speed' information printout

Most of all, this reduces the following:

built on: built on: Wed Sep 8 19:41:55 2021 UTC

to:

built on: Wed Sep 8 19:41:55 2021 UTC

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16563)

dh_ameth: Fix dh_cmp_parameters to really compare the params

This is legacy DH PKEY only code.

Fixes #16562

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16568)

(cherry picked from commit cf1a231d44db81f8565ecae5498a4f1f6f0168c9)

VMS: Fix descrip.mms template

away the use of $(DEFINES), which does get populated with defines
given through configuration. This makes it impossible to configure
with extra defines on VMS. Uncommenting and moving $(DEFINES) to a
more proper spot gives the users back that ability.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16561)

Fixed state transitions for the HTML version of the life_cycle-kdf.pod.
The MAN version was fine and so are kdf.dot and lifecycles.ods from doc/life-cycles

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16559)

(cherry picked from commit e82fc27bcd34f246e1acd42a61e8ba62907e1d19)

OpenSSL::Ordinals::set_version() should only be given the short version

This function tried to shave off the pre-release and build metadata
text from the the version number it gets, but didn't do that quite
right. Since this isn't even a documented behaviour, the easier, and
arguably more correct path is for that function not to try to shave
off anything, and for the callers to feed it the short version number,
"{MAJOR}.{MINOR}.{PATCH}", nothing more.

The build file templates are adjusted accordingly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16556)

(cherry picked from commit 435981cbadad2c58c35bacd30ca5d8b4c9bea72f)

Remove end of line whitespace to appease CI checks

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16567)

Fix some documentation errors

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16553)

(cherry picked from commit 5ecf10a0d2fb1c858b25afd5e48eafe6ef76edd4)

Fix the example SSH KDF code.

A salt was being set instead of a session ID.

Fixes #16525

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16550)

(cherry picked from commit 81280137a1f33685d7d7fc531ea8fbac38e9a4b7)

Fix test/recipes/90-test_fipsload.t to use bldtop_file for the FIPS module

It used bldtop_dir(), which is incorrect for files.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16532)

(cherry picked from commit c6ee5d5b42e27b407dfc1fc8845e08c5a75e2221)

DOCS: Update the page for 'openssl passwd' to not duplicate some info

The options -1 and -apr1 were mentioned in DESCRIPTION, not mentioning
any other options or even mentioning that there are more algorithms.
The simple fix is to remove that sentence and let the OPTIONS section
speak for itself.

Fixes #16529

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16531)

(cherry picked from commit 116799ff6a8fc803ec4685fc432c7329d0511e23)

Prepare for 3.0.1

Reviewed-by: Tomas Mraz <tomas@openssl.org>

Prepare for release of 3.0.0

Reviewed-by: Tomas Mraz <tomas@openssl.org>

make update

Reviewed-by: Tomas Mraz <tomas@openssl.org>

dev/release.sh: Adjust release branch names to votes

The OTC voted today that the release branch for OpenSSL 3.0 should be
openssl-3.0 rather than openssl-3.0.x. The release script is changed
accordingly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16481)

(cherry picked from commit 8e706c8ae5d6abf69b1b0aa0c4ab3517607522d0)

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16534)

Last minute NEWS and CHANGES entries for the 3.0 release

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16533)

(cherry picked from commit 95a444c9adcad04035704ab3b5d749a185ef0960)

Mention the concept of providers in NEWS.md and CHANGES.md

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16528)

fix documentation error caused by commit 6882652e65d39310c98ba506ceb55a87c702d419

CLA:trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16502)

(cherry picked from commit 6d55d27b2da7a84c9f4b872060be979b5f64af2c)

fix documentation error caused by commit 9067cf6ccdce0a73922f06937e54c2fce2752038

CLA:trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16502)

(cherry picked from commit 48b3ad05680ba3e3668bcb6491bf4447033464ed)

imporve documentation

CLA:trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16502)

(cherry picked from commit b9f96f30eea550650a8d9f8000cea940c6ee8150)

Added a NEWS entry about the enhanced 'openssl list'

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16522)

Add missing OSSL_DECODER entry in NEWS.md and CHANGES.md

The text in CHANGES.md got fleshed out a bit more as well.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16522)

Correct the "Out of memory" EVP tests

This affects test/recipes/30-test_evp_data/evpkdf_scrypt.txt and
test/recipes/30-test_evp_data/evppkey_kdf_scrypt.txt, where the "Out
of memory" stanza weren't up to the task, as they didn't hit the
default scrypt memory limit like they did in OpenSSL 1.1.1.

We solve this by setting the |n| value to the next power of two, and
correcting the expected result.

Fixes #16519

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16521)

Fix a few tests that fail on VMS

In one spot, files aren't properly closed, so the sub-process program
that's supposed to read them can't, because it's locked out.

In another spot, srctop_file() was used where srctop_dir() should be
used to properly format a directory specification.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16518)

Configuration: support building for OpenVMS for x86_64

OpenVMS for x86_64 is currently out on a field test. Building
programs for it is currently done with cross compilation on Itanium.
The cross compilation tools are made available by running a script,
which makes cross-compilation variants of most commands available, and
adds the cross-compilation C compiler XCC.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16498)

(cherry picked from commit 6929c8fb5b46c9c2a383a7c212ee052e0dcef021)

test/recipes/25-test_verify.t: Add a couple of tests of mixed PEM files

Fixes #16224

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16466)

(cherry picked from commit d4458e59f62b0d102069e53da41f1d5305a66912)

ENCODER PROV: Add encoders with EncryptedPrivateKeyInfo output

Since EncryptedPrivateKeyInfo is a recognised structure, it's
reasonable to think that someone might want to specify it.

To be noted is that if someone specifies the structure PrivateKeyInfo
but has also passed a passphrase callback, the result will still
become a EncryptedPrivateKeyInfo structure.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16466)

(cherry picked from commit 0195cdd28fde7d0897e368fdcd4e92509425faad)

Adjust test/endecoder_test.c

The protected tests need to specify the structure EncryptedPrivateKeyInfo
rather than PrivateKeyInfo, since that's the outermost structure.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16466)

(cherry picked from commit 602bfb8b98125f6745cd40dbc5fce9614ae5e418)

OSSL_STORE 'file:' scheme: Set input structure for certificates and CRLs

When the user expects to load a certificate or a CRL through the
OSSL_STORE loading function, the 'file:' implementation sets the
corresponding structure names in the internal decoder context.
This is especially geared for PEM files, which often contain a mix of
objects, and password prompting should be avoided for objects that
need them, but aren't what the caller is looking for.

Fixes #16224

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16466)

(cherry picked from commit 821b3956ec698927281a5b29c55cd87eb7b2793d)

PEM to DER decoder: Specify object type and data structure more consistently

The data structure wasn't given for recognised certificates or CRLs.
It's better, though, to specify it for those objects as well, so they
can be used to filter what actually gets decoded, which will be
helpful for our OSSL_STORE 'file:' scheme implementation.

Fixes #16224

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16466)

(cherry picked from commit 98408852c167d895a662dcda824fd5170cad3f7d)