Dr. David von Oheimb [Tue, 23 May 2023 19:54:26 +0000 (21:54 +0200)]
http_server.c: allow clients to connect with IPv6
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21033)
Matt Caswell [Fri, 11 Aug 2023 10:22:02 +0000 (11:22 +0100)]
Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()
Found via the reproducible error injection in #21668
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21723)
Matt Caswell [Tue, 8 Aug 2023 13:05:58 +0000 (14:05 +0100)]
Fix a use-after-free in quic_tls.c
The comments in quic_tls.c claimed that the dummybio was never used by
us. In fact that is not entirely correct since we set and cleared the
retry flags on it. This means that we have to manage it properly, and update
it in the event of set1_bio() call on the record layer method.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 15:53:24 +0000 (16:53 +0100)]
Add a test for receiving a post-handshake CertificateRequest
This should result in a QUIC PROTOCOL_VIOLATION
We also add tests for a post-handshake KeyUpdate, and a NewSessionTicket
with an invalid max_early_data value.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 14:48:01 +0000 (15:48 +0100)]
Add the ability to send NewSessionTicket messages when we want them
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 13:45:55 +0000 (14:45 +0100)]
TLS KeyUpdate messages are not allowed in QUIC
We already disallowed the sending of TLS KeyUpdate messages. We also treat
the receipt of a TLS KeyUpdate message as an unexpected message.
RFC 9001 section 6:
Endpoints MUST treat the receipt of a TLS KeyUpdate message as a connection
error of type 0x010a, equivalent to a fatal TLS alert of unexpected_message;
see Section 4.8.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 11:21:20 +0000 (12:21 +0100)]
NewSessionTickets with an early_data extension must have a valid max value
The max_early_data value must be 0xffffffff if the extension is present in
a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Tue, 8 Aug 2023 10:23:39 +0000 (11:23 +0100)]
Don't forget we are doing QUIC if we clear the QUIC TLS data
We should retain the TLS1_FLAGS_QUIC setting in in s3.flags even after a
"clear" operation.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Wed, 2 Aug 2023 15:43:11 +0000 (16:43 +0100)]
Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION
An OpenSSL QUIC client does not send the post_handshake_auth extension.
Therefore if a server sends a post-handsahke CertificateRequest then this
would be treated as a TLS protocol violation with an "unexpected message"
alert code. However RFC 9001 specifically requires us to treat this as
QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message"
alert code in this one instance.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Richard Levitte [Mon, 14 Aug 2023 10:38:44 +0000 (12:38 +0200)]
Remove include/internal/decoder.h, as it's superfluous
The routines declared in there are entirely libcrypto internal, so
include/crypto/decoder.h is better suited for them.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21733)
Matt Caswell [Fri, 11 Aug 2023 08:42:36 +0000 (09:42 +0100)]
Fix no-dsa in combination with no-err
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
Matt Caswell [Fri, 11 Aug 2023 08:41:57 +0000 (09:41 +0100)]
Fix no-dtls and no-tls in combination
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
Tomas Mraz [Mon, 7 Aug 2023 18:48:09 +0000 (20:48 +0200)]
ssl_local.h: Define SSL_OP_CISCO_ANYCONNECT if undefined in public headers
Fixes #21626
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 18:41:11 +0000 (20:41 +0200)]
ossl_qrl_enc_level_set_provide_secret(): Clear el->md on error
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 18:04:07 +0000 (20:04 +0200)]
quic_record_test.c: For tests that require ChaCha require also Poly1305
as both algorithms are really needed.
Fixes #21625
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 17:52:32 +0000 (19:52 +0200)]
quicapitest.c: Fix missing wait_until_sock_readable()
Fixes #21624
With OPENSSL_NO_POSIX_IO or OPENSSL_NO_SOCK the function
wait_until_sock_readable() currently does not exist.
Define empty wait_until_sock_readable() when building
with no-posix-io.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 16:34:50 +0000 (18:34 +0200)]
quicserver.c: Use BIO_printf to stderr instead of plain printf
Fixes #21623
Also do not build quicserver with no-stdio as it is a test
utility and tests are disabled with no-stdio anyway.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Matt Caswell [Fri, 11 Aug 2023 10:51:15 +0000 (11:51 +0100)]
Don't call ossl_assert on the result of bn_wexpand
bn_wexpand can fail as the result of a memory allocation failure. We
should not be calling ossl_assert() on its result because it can fail in
normal operation.
Found via the reproducible error injection in #21668
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/21725)
Hugo Landau [Wed, 9 Aug 2023 07:36:38 +0000 (08:36 +0100)]
Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Fri, 28 Jul 2023 17:03:10 +0000 (18:03 +0100)]
QUIC CHANNEL: Tune RXFC default parameters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:29:42 +0000 (16:29 +0100)]
QUIC TEST: Fix double close of FD (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:24:34 +0000 (16:24 +0100)]
QUIC UINT_SET: Fix null dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:23:20 +0000 (16:23 +0100)]
QUIC TSERVER: Handle return value correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:17:33 +0000 (16:17 +0100)]
QUIC APL: Add missing unlock call (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:16:32 +0000 (16:16 +0100)]
QUIC: Check block_until_pred return value in shutdown (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:11:45 +0000 (16:11 +0100)]
QUIC QTX: Handle negative IV values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:06:42 +0000 (16:06 +0100)]
QUIC QTLS: Fix NULL dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:05:18 +0000 (16:05 +0100)]
QUIC QRX: Handle negative IV length values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:00:39 +0000 (16:00 +0100)]
QUIC CC TEST: Fix memory leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:57:51 +0000 (15:57 +0100)]
EVENT QUEUE: Fix memory leak (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:54 +0000 (15:56 +0100)]
QUIC FIFD: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:44 +0000 (15:56 +0100)]
QUIC FC: TEST: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:19 +0000 (15:56 +0100)]
QUIC TEST: Coverity - Ensure stream names are non-NULL
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:02 +0000 (15:56 +0100)]
QUIC SSTREAM: Fix test which was not being executed fully
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:55:34 +0000 (15:55 +0100)]
QUIC UINT_SET: Fix regression after list refactor
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 13:47:31 +0000 (14:47 +0100)]
QUIC TXP: Re-enable accidentially disabled tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 12:50:45 +0000 (13:50 +0100)]
QUIC TEST: STREAM, MAX_DATA and MAX_STREAM_DATA testing
Fixes https://github.com/openssl/project/issues/76
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 12:35:26 +0000 (13:35 +0100)]
QUIC TXP: Fix bug where TXPIM PKT could be used after free
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 10:24:39 +0000 (11:24 +0100)]
QUIC TEST: RESET_STREAM, STOP_SENDING
Fixes https://github.com/openssl/project/issues/80
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Connection closure reason testing
Fixes https://github.com/openssl/project/issues/82
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC APL/CHANNEL: Wire up connection closure reason
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test repeated HANDSHAKE_DONE, non-minimal encoding
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test NEW_CONN_ID frames
Fixes https://github.com/openssl/project/issues/86
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test malformed crypto stream data, excess buffering
Fixes https://github.com/openssl/project/issues/85
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Ensure bogus BLOCKED frames are ignored
Fixes https://github.com/openssl/project/issues/81
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Ensure PATH_RESPONSE is ignored
Fixes https://github.com/openssl/project/issues/77
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test ACK frame generation
Fixes https://github.com/openssl/project/issues/75
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Ensure PING causes ACK generation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Fault Injection: PADDING
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Dr. David von Oheimb [Tue, 8 Aug 2023 20:47:50 +0000 (22:47 +0200)]
OSSL_HTTP_{REQ_CTX_set_request_line(),_set1_request()}: backward compat w.r.t. path parameter
Fixes #17923
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21690)
Bernd Edlinger [Tue, 8 Aug 2023 08:32:12 +0000 (10:32 +0200)]
Fix an init-deadlock in OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
A recursive OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS) call
may happen if an out-of-memory error happens at the first callstack,
and the dead-lock happens at the second callstack, because ossl_err_get_state_int
calls OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS) although that
call is currently already executing.
At least on posix system this causes the process to freeze at this
point, and must be avoided whatever it takes.
The fix is using err_shelve_state around the critical region, which
makes ossl_err_get_state_int return early and not call the recursive
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS).
This can be reproduced with my error injection patch.
The test vector has been validated on the master branch:
$ ERROR_INJECT=
1692279870 ../util/shlib_wrap.sh ./asn1parse-test ./corpora/asn1parse/
027f6e82ba01d9db9a9167b83e56cc9f2c602550
ERROR_INJECT=
1692279870
#0 0x7f280b42fef8 in __sanitizer_print_stack_trace ../../../../src/libsanitizer/asan/asan_stack.cpp:86
#1 0x5610a3f396b4 in my_malloc fuzz/test-corpus.c:114
#2 0x7f280a2eb94c in CRYPTO_malloc crypto/mem.c:177
#3 0x7f280a2dafdb in OPENSSL_LH_insert crypto/lhash/lhash.c:114
#4 0x7f280a1c87fe in err_load_strings crypto/err/err.c:264
#5 0x7f280a1c87fe in err_load_strings crypto/err/err.c:259
#6 0x7f280a1c87fe in ERR_load_strings_const crypto/err/err.c:301
#7 0x7f280a6f513b in ossl_err_load_PROV_strings providers/common/provider_err.c:233
#8 0x7f280a1cf015 in ossl_err_load_crypto_strings crypto/err/err_all.c:109
#9 0x7f280a2e9b8c in ossl_init_load_crypto_strings crypto/init.c:190
#10 0x7f280a2e9b8c in ossl_init_load_crypto_strings_ossl_ crypto/init.c:181
#11 0x7f2808cfbf67 (/lib/x86_64-linux-gnu/libc.so.6+0x99f67)
#12 0x7f280a32301e in CRYPTO_THREAD_run_once crypto/threads_pthread.c:154
#13 0x7f280a2ea1da in OPENSSL_init_crypto crypto/init.c:553
#14 0x5610a3f38e2f in FuzzerInitialize fuzz/asn1parse.c:29
#15 0x5610a3f38783 in main fuzz/test-corpus.c:194
#16 0x7f2808c8bd8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
#17 0x7f2808c8be3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
#18 0x5610a3f38d34 in _start (/home/runner/work/openssl/openssl/fuzz/asn1parse-test+0x3d34)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==27629==ERROR: AddressSanitizer: ABRT on unknown address 0x03e900006e23 (pc 0x7f2808cfbef8 bp 0x7f280b36afe0 sp 0x7ffd545b2460 T0)
#0 0x7f2808cfbef8 (/lib/x86_64-linux-gnu/libc.so.6+0x99ef8)
#1 0x7f280a32301e in CRYPTO_THREAD_run_once crypto/threads_pthread.c:154
#2 0x7f280a2ea1da in OPENSSL_init_crypto crypto/init.c:553
#3 0x7f280a1c935e in ossl_err_get_state_int crypto/err/err.c:705
#4 0x7f280a1cf1f9 in ERR_new crypto/err/err_blocks.c:20
#5 0x7f280a2eb9ac in CRYPTO_malloc crypto/mem.c:205
#6 0x7f280a2dafdb in OPENSSL_LH_insert crypto/lhash/lhash.c:114
#7 0x7f280a1c87fe in err_load_strings crypto/err/err.c:264
#8 0x7f280a1c87fe in err_load_strings crypto/err/err.c:259
#9 0x7f280a1c87fe in ERR_load_strings_const crypto/err/err.c:301
#10 0x7f280a6f513b in ossl_err_load_PROV_strings providers/common/provider_err.c:233
#11 0x7f280a1cf015 in ossl_err_load_crypto_strings crypto/err/err_all.c:109
#12 0x7f280a2e9b8c in ossl_init_load_crypto_strings crypto/init.c:190
#13 0x7f280a2e9b8c in ossl_init_load_crypto_strings_ossl_ crypto/init.c:181
#14 0x7f2808cfbf67 (/lib/x86_64-linux-gnu/libc.so.6+0x99f67)
#15 0x7f280a32301e in CRYPTO_THREAD_run_once crypto/threads_pthread.c:154
#16 0x7f280a2ea1da in OPENSSL_init_crypto crypto/init.c:553
#17 0x5610a3f38e2f in FuzzerInitialize fuzz/asn1parse.c:29
#18 0x5610a3f38783 in main fuzz/test-corpus.c:194
#19 0x7f2808c8bd8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
#20 0x7f2808c8be3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
#21 0x5610a3f38d34 in _start (/home/runner/work/openssl/openssl/fuzz/asn1parse-test+0x3d34)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: ABRT (/lib/x86_64-linux-gnu/libc.so.6+0x99ef8)
==27629==ABORTING
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21683)
MscVZoltan [Wed, 9 Aug 2023 06:43:40 +0000 (08:43 +0200)]
Don't use C++ reserved word template for function arguments
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21692)
Olga Batyshkina [Mon, 7 Aug 2023 12:51:53 +0000 (14:51 +0200)]
Do not raise CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA error in CMS_ContentInfo_free
This happens if this function is called for signed content.
Added ossl_cms_env_enc_content_free() for cleaning enveloped content.
Fixed indentation in ossl_cms_env_enc_content_free
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21676)
Bernd Edlinger [Tue, 8 Aug 2023 04:48:33 +0000 (06:48 +0200)]
Fix ChaCha assembly code on 32-bit HPUX itanium systems
This fixes the reported crashes 32-bit HPUX systems due to
raw out and inp pointer values, and adds one nop instruction
on 64-bit systems, like it is done in other assembly modules
for those systems.
The fix was tested by @johnkohl-hcl see:
https://github.com/openssl/openssl/issues/17067#issuecomment-
1668468033
Fixes #17067
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21681)
Tom Cosgrove [Thu, 3 Aug 2023 18:43:17 +0000 (19:43 +0100)]
Fix handling of the "0:" label in arm-xlate.pl
When $label == "0", $label is not truthy, so `if ($label)` thinks there isn't
a label. Correct this by looking at the result of the s/// command.
Verified that there are no changes in the .S files created during a normal
build, and that the "0:" labels appear in the translation given in the error
report (and they are the only difference in the before and after output).
Fixes #21647
Change-Id: I5f2440100c62360bf4bdb7c7ece8dddd32553c79
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21653)
Matt Caswell [Fri, 14 Jul 2023 15:34:01 +0000 (16:34 +0100)]
make update
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21560)
Matt Caswell [Wed, 26 Jul 2023 11:18:44 +0000 (12:18 +0100)]
Provide an introductory page to the whole OpenSSL guide
Supply some initial overview information and some links to the other pages
of the guide.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21560)
Matt Caswell [Fri, 14 Jul 2023 15:29:39 +0000 (16:29 +0100)]
Incorporate the ssl man page into the OpenSSL guide
We also rewrite quite a lot of the content to update it for QUIC and to make
it flow better as part of the guide.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21560)
Matt Caswell [Thu, 13 Jul 2023 14:02:40 +0000 (15:02 +0100)]
Incorporate the crypto man page into the OpenSSL guide
Some content has been moved out into the general libraries introduction.
Reformat and fill in some gaps with what remains.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21560)
Matt Caswell [Thu, 13 Jul 2023 14:02:09 +0000 (15:02 +0100)]
Provide an introduction to the OpenSSL libraries
Give an overview of the two libraries and some key concepts common to
both.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21560)
Tomas Mraz [Mon, 24 Jul 2023 16:05:47 +0000 (18:05 +0200)]
Resolve some of the TODO(QUIC) items
For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH
designation to indicate these do not need to be resolved
in QUIC MVP release.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539)
Tomas Mraz [Mon, 24 Jul 2023 15:13:15 +0000 (17:13 +0200)]
bio_ssl.c: Support most ctrls with QUIC based BIO_SSL
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539)
Tomas Mraz [Mon, 17 Jul 2023 19:07:59 +0000 (21:07 +0200)]
QUIC fault testing TODOs are changed into regular comments
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539)
Hugo Landau [Thu, 3 Aug 2023 10:56:12 +0000 (11:56 +0100)]
QUIC TLS: Rethink error handling
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Wed, 2 Aug 2023 19:35:25 +0000 (20:35 +0100)]
QUIC: Fix nit
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 1 Aug 2023 09:02:08 +0000 (10:02 +0100)]
QUIC: Move string conversion functions into a source file
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Fri, 28 Jul 2023 16:48:14 +0000 (17:48 +0100)]
QUIC CHANNEL: Improve error reporting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC: Test crypto stream FC limits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC CONFORMANCE: Test that CRYPTO frames with bad offsets/lengths are rejected
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC WIRE: RFC 9000 s. 19.6
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC CHANNEL: Apply flow control to CRYPTO streams
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC FC: Rename stream count mode to reflect actual function
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC CHANNEL: Fix typo
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC QRX: Test for 1-RTT processing restriction
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC QRX: Don't process 1-RTT packets until handshake is complete
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:25 +0000 (11:32 +0100)]
QUIC QRX: Enforce PN monotonicity with key updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC CHANNEL, TXP: Discard INITIAL EL correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC: Update no-TPARAM test for correct error code
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC TLS: Report TLS errors properly as QUIC protocol errors
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC CHANNEL: Send correct alert code if no TPARAMs received
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC TXP: Allow PATH_RESPONSE to force padding
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC CFQ: Unreliable transmission for PATH_RESPONSE
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Hugo Landau [Tue, 25 Jul 2023 10:32:24 +0000 (11:32 +0100)]
QUIC: Echo PATH_CHALLENGE frames as PATH_RESPONSE frames
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Samuel Thibault [Sat, 6 May 2023 14:46:56 +0000 (16:46 +0200)]
Add hurd-x86_64 support
This also upgrades flags similarly to the Linux configuration.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20896)
atishkov [Fri, 28 Jul 2023 10:12:38 +0000 (13:12 +0300)]
asn1: add ASN1_STRING_set() check result
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21587)
ihciah [Thu, 11 May 2023 09:30:14 +0000 (09:30 +0000)]
bio: pass flags on BIO_ctrl to make flush retriable
Co-authored-by: suikammd <suikalala@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21298)
Bernd Kuhls [Fri, 28 Jul 2023 15:11:25 +0000 (17:11 +0200)]
Add linux-x86-latomic target
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21590)
Rohan McLure [Wed, 31 May 2023 04:32:26 +0000 (14:32 +1000)]
ec: powerpc64le: Add asm implementation of felem_{square,mul}
Add an assembly implementation of felem_{square,mul}, which will be
implemented whenever Altivec support is present and the core implements
ISA 3.0 (Power 9) or greater.
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21471)
Rohan McLure [Wed, 12 Jul 2023 02:25:22 +0000 (12:25 +1000)]
ec: 56-bit Limb Solinas' Strategy for secp384r1
Adopt a 56-bit redundant-limb Solinas' reduction approach for efficient
modular multiplication in P384. This has the affect of accelerating
digital signing by 446% and verification by 106%. The implementation
strategy and names of methods are the same as that provided in
ecp_nistp224 and ecp_nistp521.
As in Commit
1036749883cc ("ec: Add run time code selection for p521
field operations"), allow for run time selection of implementation for
felem_{square,mul}, where an assembly implementation is proclaimed to
be present when ECP_NISTP384_ASM is present.
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21471)
Rohan McLure [Fri, 23 Jun 2023 06:41:48 +0000 (16:41 +1000)]
ec: Use static linkage on nistp521 felem_{square,mul} wrappers
Runtime selection of implementations for felem_{square,mul} depends on
felem_{square,mul}_wrapper functions, which overwrite function points in
a similar design to that of .plt.got sections used by program loaders
during dynamic linking.
There's no reason why these functions need to have external linkage.
Mark static.
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21471)
Tomas Mraz [Fri, 21 Jul 2023 15:45:32 +0000 (17:45 +0200)]
endecode_test.c: Add tests for decoding with 0 selection
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21519)
Tomas Mraz [Fri, 21 Jul 2023 15:40:31 +0000 (17:40 +0200)]
When exporting/importing decoded keys do not use 0 as selection
When decoding 0 as the selection means to decode anything
you get.
However when exporting and then importing the key data 0 as
selection is not meaningful.
So we set it to OSSL_KEYMGMT_SELECT_ALL to make the export/import
function export/import everything that we have decoded.
Fixes #21493
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21519)
Tomas Mraz [Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)]
Avoid exporting bogus (empty) data if empty selection is used
This is already correct in the rsa_kmgmt.c but other
implementations are wrong.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21519)
Pauli [Wed, 2 Aug 2023 00:44:47 +0000 (10:44 +1000)]
no_autoload: make the no-autoload-config option work again.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21621)
Pauli [Wed, 2 Aug 2023 01:36:46 +0000 (11:36 +1000)]
test: skip FIPS config auto loading based tests if feature is disabled
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21621)
Pauli [Wed, 2 Aug 2023 00:44:37 +0000 (10:44 +1000)]
provider test: don't run configuration based tests if configuration isn't loaded
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21621)
Pauli [Wed, 2 Aug 2023 00:41:22 +0000 (10:41 +1000)]
PBE test: load providers if auto config load is turned off
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21621)
Pauli [Wed, 2 Aug 2023 00:40:23 +0000 (10:40 +1000)]
testutil: allow a failure return from setup_tests that doesn't print help
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21621)
Pauli [Tue, 25 Jul 2023 02:06:45 +0000 (12:06 +1000)]
quic: using #defined constant rather than a magic number
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429)
Pauli [Thu, 20 Jul 2023 02:40:49 +0000 (12:40 +1000)]
quic compliance: 10.2.3 dropping instead of closing
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429)