openssl.git
4 years agoNISTZ256: owur'ize.
Emilia Kasper [Mon, 27 Apr 2015 16:14:32 +0000 (18:14 +0200)]
NISTZ256: owur'ize.

__owur'ize static methods to catch calling errors within the module.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoNISTZ256: use EC_POINT API and check errors.
Emilia Kasper [Mon, 27 Apr 2015 16:49:43 +0000 (18:49 +0200)]
NISTZ256: use EC_POINT API and check errors.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoCRYPTO_mem_leaks should ignore it's BIO argument.
Rich Salz [Mon, 27 Apr 2015 16:29:39 +0000 (12:29 -0400)]
CRYPTO_mem_leaks should ignore it's BIO argument.

CRYPTO_mem_leaks takes a BIO* argument.  It's not a leak if that
argument hasn't been free'd.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoNISTZ256: don't swallow malloc errors
Emilia Kasper [Mon, 27 Apr 2015 14:16:15 +0000 (16:16 +0200)]
NISTZ256: don't swallow malloc errors

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoNISTZ256: set Z_is_one to boolean 0/1 as is customary.
Emilia Kasper [Mon, 27 Apr 2015 13:41:52 +0000 (15:41 +0200)]
NISTZ256: set Z_is_one to boolean 0/1 as is customary.

Cosmetic, no real effect.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoError checking and memory leak fixes in NISTZ256.
Emilia Kasper [Mon, 27 Apr 2015 14:21:48 +0000 (16:21 +0200)]
Error checking and memory leak fixes in NISTZ256.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoFix Wmaybe-uninitialized: initialize variable
Emilia Kasper [Mon, 27 Apr 2015 13:58:39 +0000 (15:58 +0200)]
Fix Wmaybe-uninitialized: initialize variable

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoFix the check of test apps in util/mk1mf.pl
Richard Levitte [Mon, 27 Apr 2015 09:10:17 +0000 (11:10 +0200)]
Fix the check of test apps in util/mk1mf.pl

The previous check assumed that the variables for each test app, ending
with TEST would be indication enough.  Experience showed that this isn't
the best way.  Instead, simply look for the EXE variable in test/Makefile.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoSmall fixes after the Big apps cleanup
Richard Levitte [Mon, 27 Apr 2015 09:02:36 +0000 (11:02 +0200)]
Small fixes after the Big apps cleanup

This fixes util/mk1mf.pl, which was looking for old variable names from
apps/Makefile.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAdd readline (etc) support
Rich Salz [Mon, 27 Apr 2015 03:45:12 +0000 (23:45 -0400)]
Add readline (etc) support

Compile with -DREADLINE and the appropriate library.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoSimplify parse_yesno; remove local variable
Rich Salz [Mon, 27 Apr 2015 01:28:38 +0000 (21:28 -0400)]
Simplify parse_yesno; remove local variable

Reviewed-by: Tim Hudson <tjh@openssl.org>
4 years agoFix typo in help & comment formatting
Rich Salz [Mon, 27 Apr 2015 01:23:43 +0000 (21:23 -0400)]
Fix typo in help & comment formatting

Reviewed-by: Tim Hudson <tjh@openssl.org>
4 years agoFix error message
Rich Salz [Sun, 26 Apr 2015 20:43:18 +0000 (16:43 -0400)]
Fix error message

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
4 years agoFix main build breakage.
Rich Salz [Sun, 26 Apr 2015 17:12:04 +0000 (13:12 -0400)]
Fix main build breakage.

A variable declaration got dropped during a merge.
And if a compiler inlines strcmp() and you put a strcmp in an
assert message, the resultant stringification exceeds ANSI string
limits.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
4 years agoRemove the special list-xxxx commands
Rich Salz [Sun, 26 Apr 2015 14:31:48 +0000 (10:31 -0400)]
Remove the special list-xxxx commands

There's a new "list" command, which takes a flag to say what
to list.  Removing the old hacky commands.  Re-ordered some
functions to remove some needless declarations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoRT2962: add -keytab and -krb5svc flags.
Rich Salz [Sun, 26 Apr 2015 03:08:00 +0000 (23:08 -0400)]
RT2962: add -keytab and -krb5svc flags.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoFree malloc data on encoding errors.
Rich Salz [Sun, 26 Apr 2015 02:55:36 +0000 (22:55 -0400)]
Free malloc data on encoding errors.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoapps-cleanup: the doc fixes
Rich Salz [Sat, 25 Apr 2015 20:07:28 +0000 (16:07 -0400)]
apps-cleanup: the doc fixes

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoQuote HTML entities in s_server output
Rich Salz [Sat, 25 Apr 2015 20:06:19 +0000 (16:06 -0400)]
Quote HTML entities in s_server output

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoRT2206: Add -issuer flag to ocsp command
Rich Salz [Sat, 25 Apr 2015 20:04:42 +0000 (16:04 -0400)]
RT2206: Add -issuer flag to ocsp command

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoRemove EFENCE support.
Rich Salz [Sat, 25 Apr 2015 20:03:07 +0000 (16:03 -0400)]
Remove EFENCE support.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoRT2451: Add telnet to s_client -starttls
Rich Salz [Sat, 25 Apr 2015 20:01:21 +0000 (16:01 -0400)]
RT2451: Add telnet to s_client -starttls

Also add -xmpphost and -smtphost flags.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoAdd -nocommands to s_client.
Rich Salz [Sat, 25 Apr 2015 19:58:22 +0000 (15:58 -0400)]
Add -nocommands to s_client.

Add flag to disable the 'command letters' from s_client.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agofewer NO_ENGINE #ifdef's
Rich Salz [Sat, 25 Apr 2015 19:41:29 +0000 (15:41 -0400)]
fewer NO_ENGINE #ifdef's

Make setup_engine be a dummy if NO_ENGINE is enabled.
The option is not enabled if NO_ENGINE is enabled, so the one "wasted"
variable just sits there. Removes some variables and code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoAdd missing BIO_flush() calls
Rich Salz [Sat, 25 Apr 2015 13:26:48 +0000 (09:26 -0400)]
Add missing BIO_flush() calls

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoBig apps cleanup (option-parsing, etc)
Rich Salz [Fri, 24 Apr 2015 19:26:15 +0000 (15:26 -0400)]
Big apps cleanup (option-parsing, etc)

This is merges the old "rsalz-monolith" branch over to master.  The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt.  Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that.  There have been many other changes and code-cleanup, see
bullet list below.

Special thanks to Matt for the long and detailed code review.

TEMPORARY:
        For now, comment out CRYPTO_mem_leaks() at end of main

Tickets closed:
        RT3515: Use 3DES in pkcs12 if built with no-rc2
        RT1766: s_client -reconnect and -starttls broke
        RT2932: Catch write errors
        RT2604: port should be 'unsigned short'
        RT2983: total_bytes undeclared #ifdef RENEG
        RT1523: Add -nocert to fix output in x509 app
        RT3508: Remove unused variable introduced by b09eb24
        RT3511: doc fix; req default serial is random
        RT1325,2973: Add more extensions to c_rehash
        RT2119,3407: Updated to dgst.pod
        RT2379: Additional typo fix
        RT2693: Extra include of string.h
        RT2880: HFS is case-insensitive filenames
        RT3246: req command prints version number wrong

Other changes; incompatibilities marked with *:
        Add SCSV support
        Add -misalign to speed command
        Make dhparam, dsaparam, ecparam, x509 output C in proper style
        Make some internal ocsp.c functions void
        Only display cert usages with -help in verify
        Use global bio_err, remove "BIO*err" parameter from functions
        For filenames, - always means stdin (or stdout as appropriate)
        Add aliases for -des/aes "wrap" ciphers.
        *Remove support for IISSGC (server gated crypto)
        *The undocumented OCSP -header flag is now "-header name=value"
        *Documented the OCSP -header flag

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoFix error checking and memory leaks in NISTZ256 precomputation.
Emilia Kasper [Fri, 24 Apr 2015 13:38:24 +0000 (15:38 +0200)]
Fix error checking and memory leaks in NISTZ256 precomputation.

Thanks to Brian Smith for reporting these issues.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoCorrectly set Z_is_one on the return value in the NISTZ256 implementation.
Emilia Kasper [Fri, 24 Apr 2015 13:19:15 +0000 (15:19 +0200)]
Correctly set Z_is_one on the return value in the NISTZ256 implementation.

Also add a few comments about constant-timeness.

Thanks to Brian Smith for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoFix CRYPTO_strdup
Loganaden Velvindron [Wed, 22 Apr 2015 15:16:30 +0000 (16:16 +0100)]
Fix CRYPTO_strdup

The function CRYPTO_strdup (aka OPENSSL_strdup) fails to check the return
value from CRYPTO_malloc to see if it is NULL before attempting to use it.
This patch adds a NULL check.

RT3786

Signed-off-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 37b0cf936744d9edb99b5dd82cae78a7eac6ad60)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 20d21389c8b6f5b754573ffb6a4dc4f3986f2ca4)

4 years agoSSL_CIPHER lookup functions.
Dr. Stephen Henson [Tue, 21 Apr 2015 14:48:02 +0000 (15:48 +0100)]
SSL_CIPHER lookup functions.

Add tables to convert between SSL_CIPHER fields and indices for ciphers
and MACs.

Reorganise ssl_ciph.c to use tables to lookup values and load them.

New functions SSL_CIPHER_get_cipher_nid and SSL_CIPHER_get_digest_nid.

Add documentation.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAvoid "no config file" warning message
Rich Salz [Tue, 21 Apr 2015 20:57:29 +0000 (16:57 -0400)]
Avoid "no config file" warning message

Set config to /dev/null when doing make rehash.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agossltest output cleanup
Rich Salz [Tue, 21 Apr 2015 19:52:51 +0000 (15:52 -0400)]
ssltest output cleanup

Make only errors go to stderr.
Print count and size before the loop, so you can see it's an 838K
message that will take a few moments.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agotest/Makefile dclean cleans out a few files too many.
Richard Levitte [Mon, 20 Apr 2015 23:40:36 +0000 (01:40 +0200)]
test/Makefile dclean cleans out a few files too many.

The files removed are the ones that were symbolic links before, but
aren't now, so we should not remove them any more.

Reviewed-by: Stephen Henson <steve@openssl.org>
4 years agoRepair EAP-FAST session resumption
Emilia Kasper [Tue, 21 Apr 2015 16:12:58 +0000 (18:12 +0200)]
Repair EAP-FAST session resumption

EAP-FAST session resumption relies on handshake message lookahead
to determine server intentions. Commits
980bc1ec6114f5511b20c2e6ca741e61a39b99d6
and
7b3ba508af5c86afe43e28174aa3c53a0a24f4d9
removed the lookahead so broke session resumption.

This change partially reverts the commits and brings the lookahead back
in reduced capacity for TLS + EAP-FAST only. Since EAP-FAST does not
support regular session tickets, the lookahead now only checks for a
Finished message.

Regular handshakes are unaffected by this change.

Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoEngage ec/asm/ecp_nistz256-sparcv9 module.
Andy Polyakov [Sun, 22 Feb 2015 17:16:22 +0000 (18:16 +0100)]
Engage ec/asm/ecp_nistz256-sparcv9 module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAdd ec/asm/ecp_nistz256-sparcv9.pl.
Andy Polyakov [Sun, 22 Feb 2015 17:11:28 +0000 (18:11 +0100)]
Add ec/asm/ecp_nistz256-sparcv9.pl.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agomodes/asm/ghashv8-armx.pl: additional performance data.
Andy Polyakov [Mon, 20 Apr 2015 13:36:35 +0000 (15:36 +0200)]
modes/asm/ghashv8-armx.pl: additional performance data.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoaes/asm/aesni-x86.pl: fix typo affecting Windows build.
Andy Polyakov [Mon, 20 Apr 2015 15:49:29 +0000 (17:49 +0200)]
aes/asm/aesni-x86.pl: fix typo affecting Windows build.

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoaes/asm/aesni-x86[_64].pl update.
Andy Polyakov [Fri, 23 Jan 2015 16:27:10 +0000 (17:27 +0100)]
aes/asm/aesni-x86[_64].pl update.

This addresses

- request for improvement for faster key setup in RT#3576;
- clearing registers and stack in RT#3554 (this is more of a gesture to
see if there will be some traction from compiler side);
- more commentary around input parameters handling and stack layout
(desired when RT#3553 was reviewed);
- minor size and single block performance optimization (was lying around);

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoAdd assembly support for 32-bit iOS.
Andy Polyakov [Thu, 2 Apr 2015 08:17:42 +0000 (10:17 +0200)]
Add assembly support for 32-bit iOS.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoConfigure: Engage ecp_nistz256-armv8 module.
Andy Polyakov [Mon, 20 Apr 2015 12:58:01 +0000 (14:58 +0200)]
Configure: Engage ecp_nistz256-armv8 module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoAdd ecp_nistz256-armv8 module.
Andy Polyakov [Sun, 15 Feb 2015 21:26:08 +0000 (22:26 +0100)]
Add ecp_nistz256-armv8 module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoConfigure: add initial support for 64-bit Android.
Andy Polyakov [Thu, 2 Apr 2015 21:18:10 +0000 (23:18 +0200)]
Configure: add initial support for 64-bit Android.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agocrypto/ec/ecp_nistp[224|521].c: fix formatting.
Andy Polyakov [Fri, 13 Mar 2015 10:47:24 +0000 (11:47 +0100)]
crypto/ec/ecp_nistp[224|521].c: fix formatting.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoec/ecp_nistp*.c: fix SEGVs.
Andy Polyakov [Fri, 13 Mar 2015 10:28:16 +0000 (11:28 +0100)]
ec/ecp_nistp*.c: fix SEGVs.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoConfigure: engage ARMv8 Montgomery multiplication module.
Andy Polyakov [Sat, 21 Mar 2015 12:54:55 +0000 (13:54 +0100)]
Configure: engage ARMv8 Montgomery multiplication module.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAdd ARMv8 Montgomery multiplication module.
Andy Polyakov [Sat, 21 Mar 2015 12:54:17 +0000 (13:54 +0100)]
Add ARMv8 Montgomery multiplication module.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoaes/asm/vpaes-armv8.pl: make it compile on iOS.
Andy Polyakov [Mon, 20 Apr 2015 12:30:50 +0000 (14:30 +0200)]
aes/asm/vpaes-armv8.pl: make it compile on iOS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoRemove SET oid config file and SET certs
Rich Salz [Mon, 20 Apr 2015 11:24:23 +0000 (07:24 -0400)]
Remove SET oid config file and SET certs

Reviewed-by: Andy Polyakov <appro@openssl.org>
4 years agoUse 2K RSA and SHA256 in tests
Rich Salz [Mon, 20 Apr 2015 11:23:04 +0000 (07:23 -0400)]
Use 2K RSA and SHA256 in tests

Reviewed-by: Andy Polyakov <appro@openssl.org>
4 years agoFix encoding bug in i2c_ASN1_INTEGER
Dr. Stephen Henson [Thu, 16 Apr 2015 15:43:09 +0000 (16:43 +0100)]
Fix encoding bug in i2c_ASN1_INTEGER

Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as
negative.

Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and
Hanno Böck <hanno@hboeck.de> for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoError out immediately on empty ciphers list.
Emilia Kasper [Wed, 15 Apr 2015 12:18:55 +0000 (14:18 +0200)]
Error out immediately on empty ciphers list.

A 0-length ciphers list is never permitted. The old code only used to
reject an empty ciphers list for connections with a session ID. It
would later error out on a NULL structure, so this change just moves
the alert closer to the problem source.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoUse -Wall -Wextra with clang
Emilia Kasper [Tue, 14 Apr 2015 14:04:40 +0000 (16:04 +0200)]
Use -Wall -Wextra with clang

The disabled set of -Weverything is hard to maintain across versions.
Use -Wall -Wextra but also document other useful warnings that currently trigger.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoSunOS non-posix shells do not grok export name=value
Viktor Dukhovni [Fri, 17 Apr 2015 05:06:46 +0000 (01:06 -0400)]
SunOS non-posix shells do not grok export name=value

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoCode style: space after 'if'
Viktor Dukhovni [Thu, 16 Apr 2015 05:50:03 +0000 (01:50 -0400)]
Code style: space after 'if'

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoRemove code for deleted function from ssl.h
Emilia Kasper [Thu, 16 Apr 2015 14:02:53 +0000 (16:02 +0200)]
Remove code for deleted function from ssl.h

ssl_cert_inst was removed in 2c3823491d8812560922a58677e3ad2db4b2ec8d

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
4 years agoReject empty generation strings.
Dr. Stephen Henson [Wed, 15 Apr 2015 23:21:05 +0000 (00:21 +0100)]
Reject empty generation strings.

Reported by Hanno Böck <hanno@hboeck.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoLimit depth of nested sequences when generating ASN.1
Dr. Stephen Henson [Wed, 15 Apr 2015 23:00:40 +0000 (00:00 +0100)]
Limit depth of nested sequences when generating ASN.1

Reported by Hanno Böck <hanno@hboeck.de>
PR#3800

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoRemove obsolete options for debug-steve*
Dr. Stephen Henson [Wed, 15 Apr 2015 12:58:38 +0000 (13:58 +0100)]
Remove obsolete options for debug-steve*

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAdd -Wtype-limits to strict warnings.
Dr. Stephen Henson [Wed, 15 Apr 2015 12:57:51 +0000 (13:57 +0100)]
Add -Wtype-limits to strict warnings.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoInitialize variable
Emilia Kasper [Tue, 14 Apr 2015 15:42:42 +0000 (17:42 +0200)]
Initialize variable

newsig may be used (freed) uninitialized on a malloc error.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoFix ssl_get_prev_session overrun
Matt Caswell [Fri, 10 Apr 2015 15:49:33 +0000 (16:49 +0100)]
Fix ssl_get_prev_session overrun

If OpenSSL is configured with no-tlsext then ssl_get_prev_session can read
past the end of the ClientHello message if the session_id length in the
ClientHello is invalid. This should not cause any security issues since the
underlying buffer is 16k in size. It should never be possible to overrun by
that many bytes.

This is probably made redundant by the previous commit - but you can never be
too careful.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoCheck for ClientHello message overruns
Matt Caswell [Fri, 10 Apr 2015 16:25:27 +0000 (17:25 +0100)]
Check for ClientHello message overruns

The ClientHello processing is insufficiently rigorous in its checks to make
sure that we don't read past the end of the message. This does not have
security implications due to the size of the underlying buffer - but still
needs to be fixed.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agofree NULL cleanup 9
Rich Salz [Sat, 11 Apr 2015 20:32:54 +0000 (16:32 -0400)]
free NULL cleanup 9

Ongoing work to skip NULL check before calling free routine.  This gets:
    ecp_nistz256_pre_comp_free nistp224_pre_comp_free nistp256_pre_comp_free
    nistp521_pre_comp_free PKCS7_free PKCS7_RECIP_INFO_free
    PKCS7_SIGNER_INFO_free sk_PKCS7_pop_free PKCS8_PRIV_KEY_INFO_free
    PKCS12_free PKCS12_SAFEBAG_free PKCS12_free sk_PKCS12_SAFEBAG_pop_free
    SSL_CONF_CTX_free SSL_CTX_free SSL_SESSION_free SSL_free ssl_cert_free
    ssl_sess_cert_free

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
4 years agoFix memory leak
Rich Salz [Sat, 11 Apr 2015 14:53:27 +0000 (16:53 +0200)]
Fix memory leak

It should have freed them when != NULL, not when == NULL.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
4 years agodo_dirname: Don't change gen on failures
Kurt Roeckx [Sat, 11 Apr 2015 14:39:13 +0000 (16:39 +0200)]
do_dirname: Don't change gen on failures

It would set gen->d.dirn to a freed pointer in case X509V3_NAME_from_section
failed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoX509_VERIFY_PARAM_free: Check param for NULL
Kurt Roeckx [Sat, 11 Apr 2015 15:08:38 +0000 (17:08 +0200)]
X509_VERIFY_PARAM_free: Check param for NULL

Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
4 years agofree NULL cleanup 10
Rich Salz [Sat, 11 Apr 2015 14:22:36 +0000 (10:22 -0400)]
free NULL cleanup 10

Avoid checking for NULL before calling free functions.  This gets
ssl.*free:
    ssl_sess_cert_free ssl_free ssl_excert_free ssl_cert_free
    SSL_free SSL_SRP_CTX_free SSL_SESSION_free SSL_CTX_free
    SSL_CTX_SRP_CTX_free SSL_CONF_CTX_free

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
4 years agoThe wrong ifdef is used to guard usage of PSK code
Kurt Cancemi [Thu, 9 Apr 2015 13:54:38 +0000 (09:54 -0400)]
The wrong ifdef is used to guard usage of PSK code

PR#3790

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoDon't set *pval to NULL in ASN1_item_ex_new.
Dr. Stephen Henson [Thu, 2 Apr 2015 12:45:14 +0000 (13:45 +0100)]
Don't set *pval to NULL in ASN1_item_ex_new.

While *pval is usually a pointer in rare circumstances it can be a long
value. One some platforms (e.g. WIN64) where
sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field.

*pval is initialised correctly in the rest of ASN1_item_ex_new so setting it
to NULL is unecessary anyway.

Thanks to Julien Kauffmann for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoFix ECDH detection, add ECDH keyid test.
Dr. Stephen Henson [Fri, 10 Apr 2015 01:31:16 +0000 (02:31 +0100)]
Fix ECDH detection, add ECDH keyid test.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoFix ECDH key identifier support.
Dr. Stephen Henson [Fri, 10 Apr 2015 01:33:44 +0000 (02:33 +0100)]
Fix ECDH key identifier support.

PR#3789

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoPolish shell script to avoid needless complexity.
Viktor Dukhovni [Fri, 10 Apr 2015 16:25:30 +0000 (12:25 -0400)]
Polish shell script to avoid needless complexity.

No need for here documents, just use "yes" or </dev/null.
No need for "|| exit 1" clauses, just use "set -e".

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agofix to "test script cleanup"
Rich Salz [Fri, 10 Apr 2015 15:37:53 +0000 (11:37 -0400)]
fix to "test script cleanup"

Fix commit 30f54ad295d58ff8c6d28c1fd612d23c2c343d19 which used
non-portable syntax for checking exit status.

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoFix read_ahead issue
Matt Caswell [Fri, 10 Apr 2015 14:33:45 +0000 (15:33 +0100)]
Fix read_ahead issue

Fix a "&" that should have been "!" when processing read_ahead.

RT#3793

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agotest script cleanup
Rich Salz [Fri, 10 Apr 2015 14:06:17 +0000 (10:06 -0400)]
test script cleanup

Removed commented-out tests

Standardize on doing
        cmd ... || exit 1
instead of
        cmd ...
        if [ $? != 0] ; then
           exit 1
        fi
where that if statement has ben one, three, or four lines, variously.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoHave mkerr.pl treat already existing multiline string defs properly
Richard Levitte [Wed, 8 Apr 2015 17:26:11 +0000 (19:26 +0200)]
Have mkerr.pl treat already existing multiline string defs properly

Since source reformat, we ended up with some error reason string
definitions that spanned two lines.  That in itself is fine, but we
sometimes edited them to provide better strings than what could be
automatically determined from the reason macro, for example:

    {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
     "Peer haven't sent GOST certificate, required for selected ciphersuite"},

However, mkerr.pl didn't treat those two-line definitions right, and
they ended up being retranslated to whatever the macro name would
indicate, for example:

    {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
     "No gost certificate sent by peer"},

Clearly not what we wanted.  This change fixes this problem.

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoDrop CA.sh for CA.pl
Rich Salz [Wed, 8 Apr 2015 18:07:39 +0000 (14:07 -0400)]
Drop CA.sh for CA.pl

Remove CA.sh script and use CA.pl for testing, etc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoconsistent test-start logging
Rich Salz [Wed, 8 Apr 2015 16:28:15 +0000 (12:28 -0400)]
consistent test-start logging

Output a consistent "start" marker for each test.
Remove "2>/dev/null" from Makefile command lines.
Add OPENSSL_CONFIG=/dev/null for places where it's needed, in
order to suppress a warning message from the openssl CLI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoIgnore the non-dll windows specific build directories
Richard Levitte [Wed, 1 Apr 2015 09:36:18 +0000 (11:36 +0200)]
Ignore the non-dll windows specific build directories

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAppease clang -Wshadow
Richard Levitte [Sat, 4 Apr 2015 14:53:44 +0000 (16:53 +0200)]
Appease clang -Wshadow

The macros BSWAP4 and BSWAP8 have statetemnt expressions
implementations that use local variable names that shadow variables
outside the macro call, generating warnings like this

e_aes_cbc_hmac_sha1.c:263:14: warning: declaration shadows a local variable
      [-Wshadow]
    seqnum = BSWAP8(blocks[0].q[0]);
             ^
../modes/modes_lcl.h:41:29: note: expanded from macro 'BSWAP8'
                            ^
e_aes_cbc_hmac_sha1.c:223:12: note: previous declaration is here
    size_t ret = 0;
           ^

Have clang be quiet by modifying the macro variable names slightly
(suffixing them with an underscore).

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAppease clang -Wgnu-statement-expression
Richard Levitte [Sat, 4 Apr 2015 14:33:20 +0000 (16:33 +0200)]
Appease clang -Wgnu-statement-expression

We use GNU statement expressions in crypto/md32_common.h, surrounded
by checks that GNU C is indeed used to compile.  It seems that clang,
at least on Linux, pretends to be GNU C, therefore finds the statement
expressions and then warns about them.

The solution is to have clang be quiet about it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAppease clang -Wempty-translation-unit
Richard Levitte [Sat, 4 Apr 2015 14:22:26 +0000 (16:22 +0200)]
Appease clang -Wempty-translation-unit

ebcdic.c:284:7: warning: ISO C requires a translation unit to contain at least one
      declaration [-Wempty-translation-unit]
      ^
1 warning generated.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoupdate ordinals
Dr. Stephen Henson [Mon, 30 Mar 2015 19:28:52 +0000 (20:28 +0100)]
update ordinals

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agomake depend
Dr. Stephen Henson [Mon, 30 Mar 2015 19:24:44 +0000 (20:24 +0100)]
make depend

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoremove asn1_mac.h
Dr. Stephen Henson [Mon, 30 Mar 2015 19:11:02 +0000 (20:11 +0100)]
remove asn1_mac.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoRemove old ASN.1 functions.
Dr. Stephen Henson [Mon, 30 Mar 2015 19:31:34 +0000 (20:31 +0100)]
Remove old ASN.1 functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoRemove unnecessary use of ASN1_const_CTX
Dr. Stephen Henson [Fri, 3 Apr 2015 17:28:06 +0000 (18:28 +0100)]
Remove unnecessary use of ASN1_const_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoRewrite ssl_asn1.c using new ASN.1 code.
Dr. Stephen Henson [Sun, 29 Mar 2015 13:07:06 +0000 (14:07 +0100)]
Rewrite ssl_asn1.c using new ASN.1 code.

Complete reimplementation of d2i_SSL_SESSION and i2d_SSL_SESSION using
new ASN.1 code and eliminating use of old ASN.1 macros.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoAdd macro to implement static encode functions.
Dr. Stephen Henson [Sun, 29 Mar 2015 16:51:43 +0000 (17:51 +0100)]
Add macro to implement static encode functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoFewer newlines in comp method output
Rich Salz [Thu, 2 Apr 2015 19:58:10 +0000 (15:58 -0400)]
Fewer newlines in comp method output

Print "supported compression methods" all on one line.

Reviewed-by: Andy Polyakov <appro@openssl.org>
4 years agomodes/asm/ghashv8-armx.pl: up to 90% performance improvement.
Andy Polyakov [Fri, 23 Jan 2015 16:04:19 +0000 (17:04 +0100)]
modes/asm/ghashv8-armx.pl: up to 90% performance improvement.

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agosha/asm/sha*-armv8.pl: add Denver and X-Gene esults.
Andy Polyakov [Sat, 28 Mar 2015 21:01:59 +0000 (22:01 +0100)]
sha/asm/sha*-armv8.pl: add Denver and X-Gene esults.

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoaes/asm/aesv8-armx.pl: optimize for Cortex-A5x.
Andy Polyakov [Tue, 3 Mar 2015 21:05:25 +0000 (22:05 +0100)]
aes/asm/aesv8-armx.pl: optimize for Cortex-A5x.

ARM has optimized Cortex-A5x pipeline to favour pairs of complementary
AES instructions. While modified code improves performance of post-r0p0
Cortex-A53 performance by >40% (for CBC decrypt and CTR), it hurts
original r0p0. We favour later revisions, because one can't prevent
future from coming. Improvement on post-r0p0 Cortex-A57 exceeds 50%,
while new code is not slower on r0p0, or Apple A7 for that matter.

[Update even SHA results for latest Cortex-A53.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
4 years agoperlasm/arm-xlate.pl update (fix end-less loop and prepare for 32-bit iOS).
Andy Polyakov [Mon, 30 Mar 2015 14:48:38 +0000 (16:48 +0200)]
perlasm/arm-xlate.pl update (fix end-less loop and prepare for 32-bit iOS).

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agoConfigure: android-arm facelift.
Andy Polyakov [Mon, 30 Mar 2015 14:47:57 +0000 (16:47 +0200)]
Configure: android-arm facelift.

Reviewed-by: Rich Salz <rsalz@openssl.org>
4 years agomake update
Emilia Kasper [Wed, 1 Apr 2015 14:19:47 +0000 (16:19 +0200)]
make update

Reviewed-by: Matt Caswell <matt@openssl.org>
4 years agoRemove SSL_TASK, the DECnet Based SSL Engine - addendum
Richard Levitte [Tue, 31 Mar 2015 20:19:22 +0000 (22:19 +0200)]
Remove SSL_TASK, the DECnet Based SSL Engine - addendum

A bit of cleanup was forgotten.

Reviewed-by: Tim Hudson <tjh@openssl.org>
4 years agoRemove SSL_TASK, the DECnet Based SSL Engine
Richard Levitte [Tue, 31 Mar 2015 19:50:21 +0000 (21:50 +0200)]
Remove SSL_TASK, the DECnet Based SSL Engine

This engine is for VMS only, and isn't really part of the core OpenSSL
but rather a side project of its own that just happens to have tagged
along for a long time.  The reasons why it has remained within the
OpenSSL source are long lost in history, and there not being any real
reason for it to remain here, it's time for it to move out.

This side project will appear as a project in its own right, the
location of which will be announced later on.

Reviewed-by: Tim Hudson <tjh@openssl.org>
4 years agoRemove old ASN.1 code from evp_asn1.c
Dr. Stephen Henson [Sat, 28 Mar 2015 13:27:11 +0000 (13:27 +0000)]
Remove old ASN.1 code from evp_asn1.c

Rewrite ASN1_TYPE_set_int_octetstring and ASN1_TYPE_get_int_octetstring
to use the new ASN.1 code instead of the old macros.

Reviewed-by: Rich Salz <rsalz@openssl.org>