Pauli [Thu, 19 May 2022 02:51:07 +0000 (12:51 +1000)]
strcasecmp: implement strcasecmp and strncasecmp
Rather than relying on the locale code working, instead implement these
functions directly.
Fixes #18322
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18344)
(cherry picked from commit
fb4cdca053fb9d3f0e11eeaf31f4b4ff87f69a95)
Pauli [Thu, 19 May 2022 02:23:55 +0000 (12:23 +1000)]
tolower: refine the tolower code to avoid a memory access
This improves the performance of this function and the ones that rely on it
(ossl_lh_strcasehash primarily).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18344)
(cherry picked from commit
286053fc8f78e34828a576830ef879c021640aee)
Richard Levitte [Mon, 23 Aug 2021 07:06:10 +0000 (09:06 +0200)]
Building: For the FIPS module checksum, keep track of configuration,h
The FIPS module checksum needs to know that configuration.h is
generated from configuration.h.in, so that information is conserved.
To make this possible, it's now possible to have attributes with the
GENERATE keyword, and the attribute "skip" is added to make a keyword
a no-op, which makes it informative only.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/16378)
(cherry picked from commit
4d02d500aac80c136e3d6582b908e0fab77bbf42)
Richard Levitte [Mon, 23 Aug 2021 06:54:37 +0000 (08:54 +0200)]
Configuration: produce include/openssl/configuration.h when configuring
The goal is to avoid having too much of the OpenSSL source rebuilt
because include/openssl/configuration.h, or even because it was a
Makefile target that was called upon (some make implementations
consider the use of a target as an update of that target, even if it
wasn't really updated).
To resolve this, we move the production of include/openssl/configuration.h
to configdata.pm, and only update it if there were any actual changes.
Fixes #16377
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/16378)
(cherry picked from commit
2522889620446f1e56338367d1b6b028ea952bb4)
Richard Levitte [Mon, 23 Aug 2021 06:48:02 +0000 (08:48 +0200)]
Configuration: only produce a new configdata.pm if it has changed contents
The goal is to avoid having too much of the OpenSSL source rebuilt
because configdata.pm got a new time stamp. The conditions for
updating configdata.pm are now:
1. its time stamp is older than Configure's, or...
2. its contents has changed.
Fixes #16377
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/16378)
(cherry picked from commit
764cf5b26306a8712e8b3d41599c44dc5ed07a25)
Richard Levitte [Thu, 12 May 2022 07:21:15 +0000 (09:21 +0200)]
mdl: Don't enforce one space after list markers
Common markdown styles usually show 4-column indents to separate the
list marker and the list item text. That's a common template for
writing new markdown files.
On the other hand, we do have some files (such as CHANGES.md) where we
use a different style.
From a markdown perspective, both are perfectly OK, and there's no
reason to enforce either.
Therefore, the best thing is to exclude this particular rule.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18297)
(cherry picked from commit
2046f80bc84deff5f3b8e3f8ffe54528bc684658)
Thomas Bellebaum [Tue, 17 May 2022 11:42:05 +0000 (13:42 +0200)]
Documentation: X509_V_ERR_CERT_CHAIN_TOO_LONG is not unused
The Error `X509_V_ERR_CERT_CHAIN_TOO_LONG` is not unused. See e.g. here:
https://github.com/openssl/openssl/blob/
598bd7741568a1aae678e5472f18aae1ab991e8d/crypto/x509/x509_vfy.c#L3318-L3319
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18330)
(cherry picked from commit
0db53e9312f9648874b283124655f9772dfa1690)
Dmitry Belyavskiy [Thu, 12 May 2022 15:52:21 +0000 (17:52 +0200)]
Missing changes entry about OPENSSL_str[n]casecmp
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18302)
(cherry picked from commit
8b97bfcccc4328c65156bff6886db8733df39fde)
Bernd Edlinger [Mon, 16 May 2022 05:06:42 +0000 (07:06 +0200)]
Fix KTLS with BIO_new_connect
When a socket connection is done using BIO_new_connect,
the ktls_enable is done too early, and fails with ENOTCONN.
Therefore the KLTS ioctl will fail later with ENOPROTOOPT.
Fix that by doing the ktls_enable after the connection
succeeded, not when the socket is created as that will
always fail.
One example where this happens is doit_localhost in
test/ssl_old_test.c, and therefore, contrary to the expectation
the -client_ktls option did never enable the client KTLS
connection, but this was not noticed, because there was no
diagnostic output, and it was only visible with strace output.
Also enhanced the ssl_old_test -client_ktls/-server_ktls
options together with -v option to print a summary line
if and how KTLS was negotiated in server and client.
While I am already there adjusted the usage info of
the -s_cert, -s_key commands, and allow -time to print the
timings of ktls connections.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18318)
(cherry picked from commit
598bd7741568a1aae678e5472f18aae1ab991e8d)
Tomas Mraz [Tue, 26 Apr 2022 07:42:01 +0000 (09:42 +0200)]
Fix BIO_get_ktls_send/recv to return 0 or 1 only
Fixes #18176
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18178)
(cherry picked from commit
524bac570702a79366b85ff1f66e07d3e002370c)
Zhou Qingyang [Fri, 8 Apr 2022 13:43:37 +0000 (21:43 +0800)]
Add return value check of EVP_PKEY_copy_parameters () in ssl_set_cert_and_key()
It seems the return value of EVP_PKEY_copy_parameters() in
ssl_set_cert_and_key(), and could lead to null pointer dereference in
EVP_PKEY_eq() function.
However those functions are complicated and this fix is suggested by
a static analyzer, so please advise.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18071)
(cherry picked from commit
6646e015a50e5455117c22a27032011689db710f)
Daniel Fiala [Tue, 10 May 2022 12:39:19 +0000 (14:39 +0200)]
mkdef.pl: Add cmd-line flag to differentiate shared libs and DSO.
Fixes openssl#16984.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18284)
(cherry picked from commit
e5f831a065df1d6e4640ef389f8594a5f10c9c8e)
Tomas Mraz [Tue, 10 May 2022 15:22:24 +0000 (17:22 +0200)]
Always try locale initialization from OPENSSL_strcasecmp
Fixes #18172
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Tue, 10 May 2022 15:00:26 +0000 (17:00 +0200)]
Add fallback in case of locale initialization failure
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Tue, 10 May 2022 14:46:35 +0000 (16:46 +0200)]
Avoid code duplication for locale initialization
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Tue, 10 May 2022 14:31:20 +0000 (16:31 +0200)]
Move OPENSSL_strcasecmp() and related to o_str.c
Otherwise the implementation is unnecessarily duplicated in legacy.so.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Tue, 10 May 2022 13:40:58 +0000 (15:40 +0200)]
int_ctx_new(): Revert extra ossl_init_casecmp call
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Thu, 5 May 2022 10:35:11 +0000 (12:35 +0200)]
Include the e_os.h before string.h
Fixes #18244
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Wed, 4 May 2022 14:58:06 +0000 (16:58 +0200)]
Fix build on OPENSSL_SYS_TANDEM and older POSIXes
It also allows for passing -DOPENSSL_NO_LOCALE as a workaround
to ./Configure command.
Fixes #18233
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18293)
Tomas Mraz [Mon, 9 May 2022 11:57:11 +0000 (13:57 +0200)]
Always try to construct methods as new provider might be added
Otherwise optional properties can be incorrectly ignored.
Fixes #18262
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18269)
(cherry picked from commit
4b1b629725970384d6cf4dafe9e83e54859574cd)
Tomas Mraz [Mon, 9 May 2022 11:23:10 +0000 (13:23 +0200)]
Add test for query invalidation after new provider added
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18269)
(cherry picked from commit
70dc0b6d27a11a7f64fe914a3f376988ad1b1720)
Keith W. Campbell [Wed, 13 Apr 2022 22:14:33 +0000 (18:14 -0400)]
Add quotes around perl scripts
Otherwise, it seems nmake doesn't invoke perl properly.
Signed-off-by: Keith W. Campbell <keithc@ca.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18215)
(cherry picked from commit
3b85d9de443c31e49a0215c1fe3c80828d609062)
Pauli [Fri, 6 May 2022 06:59:26 +0000 (16:59 +1000)]
bn_nist: fix strict aliasing problem
As of clang-14 the strict aliasing is causing code to magically disappear.
By explicitly inlining the code, the aliasing problem evaporates.
Fixes #18225
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18258)
(cherry picked from commit
8712db5e4e0c508de10e887aebf639384dc20710)
Dr. Matthias St. Pierre [Tue, 29 Mar 2022 19:50:21 +0000 (21:50 +0200)]
err: get rid of err_free_strings_int()
Even though the function is not part of the public api, it is not
entirely removed, in order to minimize the chance of breakage,
because it is exported from libcrypto. Instead, we keep a dummy
implementation.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17974)
(cherry picked from commit
1c8787d5e0b01bedfc3cbe5eab5b85290221d8c1)
Dr. Matthias St. Pierre [Mon, 28 Mar 2022 09:47:55 +0000 (11:47 +0200)]
err: fix crash in ERR_load_strings() when configured with no-err
This commit removes the entire initialization and cleanup of the
error string hash table (`int_error_hash`) if `no-err` is configured.
The only operative function remaining is `ERR_get_next_error_library()`.
That is the reason why the `err_string_lock` and hence the
`do_err_strings_init()` function can't be removed entirely.
Fixes #17971
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17974)
(cherry picked from commit
11e85b8941cb6f728e37f15502f26e67231db6b6)
basavesh [Sun, 3 Apr 2022 14:04:53 +0000 (16:04 +0200)]
Fix leakage when the cacheline is 32-bytes in CBC_MAC_ROTATE_IN_PLACE
rotated_mac is a 64-byte aligned buffer of size 64 and rotate_offset is secret.
Consider a weaker leakage model(CL) where only cacheline base address is leaked,
i.e address/32 for 32-byte cacheline(CL32).
Previous code used to perform two loads
1. rotated_mac[rotate_offset ^ 32] and
2. rotated_mac[rotate_offset++]
which would leak 2q + 1, 2q for 0 <= rotate_offset < 32
and 2q, 2q + 1 for 32 <= rotate_offset < 64
The proposed fix performs load operations which will always leak 2q, 2q + 1 and
selects the appropriate value in constant-time.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18033)
(cherry picked from commit
3b836385679504579ee1052ed4b4ef1d9f49fa13)
Max Bachmann [Fri, 6 May 2022 10:09:27 +0000 (12:09 +0200)]
remove legacy VxWorks workaround
The same workaround was already removed in sockets.h
in
5c8b7b4caa0faedb69277063a7c6b3a8e56c6308
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18260)
(cherry picked from commit
a6680123643bc3289ecbcbd6bce844a814c1510a)
Tomas Mraz [Thu, 5 May 2022 06:11:24 +0000 (08:11 +0200)]
EVP_PKEY_Q_keygen: Call OPENSSL_init_crypto to init strcasecmp
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18247)
(cherry picked from commit
b807c2fbab2128cf3746bb2ebd51cbe3bb6914a9)
Dimitry Andric [Thu, 5 May 2022 14:23:16 +0000 (16:23 +0200)]
Correct padding mode flag name for EVP_PKEY_decrypt/encrypt() examples
The example code in EVP_PKEY_decrypt(3) and EVP_PKEY_encrypt(3) and uses
a nonexistent padding mode `RSA_OAEP_PADDING`, which should be
`RSA_PKCS1_OAEP_PADDING` instead.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18255)
(cherry picked from commit
ecb1ed1b0e5aea5b71e8a98e95b6f9f022d61c89)
Ahmed JELIJLI [Thu, 5 May 2022 09:33:25 +0000 (11:33 +0200)]
doc: Fix RSA public key parameters
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18253)
(cherry picked from commit
be92036b347e381fd606e100b6c91f1bab4b7718)
Tomas Mraz [Thu, 5 May 2022 12:45:23 +0000 (14:45 +0200)]
Add a testcase for OSSL_PROVIDER_unload() being fully effective
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18254)
(cherry picked from commit
4b4d0ded6df357f76f580b7218abb3fe55f64463)
slontis [Wed, 4 May 2022 02:04:43 +0000 (12:04 +1000)]
Add documentation for key validation that indicates the difference between the
EVP_PKEY_XXX_check() calls for the default and fips providers.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18235)
(cherry picked from commit
0b3d2594d060dc19269d3740ad672f065ec6398a)
Bernd Edlinger [Thu, 5 May 2022 08:07:41 +0000 (10:07 +0200)]
Update .gitignore
add /test/evp_pkey_ctx_new_from_name
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18251)
(cherry picked from commit
ac23650c1e53658227436aecc8de03a7ac3d1b9a)
Daniel Fiala [Thu, 28 Apr 2022 11:35:40 +0000 (13:35 +0200)]
s_serve: Report an error if init-connection fails without an attempt to read.
Fixes: openssl#18047.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18154)
(cherry picked from commit
a6d52f178c4cb4665d0bf235001b5c9c1ff03da7)
Pauli [Wed, 4 May 2022 01:26:02 +0000 (11:26 +1000)]
Correct NEWS entry about required security level for old versions of TLS, DTLS and SSL
The entry was incorrect because suites using RSA key exchange without SHA1
were permitted at security level 1.
Partial fix for #18194
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18234)
Richard Levitte [Wed, 4 May 2022 07:15:29 +0000 (09:15 +0200)]
Add method store cache flush and method removal to non-EVP operations
evp_method_store_flush() and evp_method_store_remove_all_provided()
only cover EVP operations, but not encoders, decoders and store loaders.
This adds corresponding methods for those as well. Without this, their
method stores are never cleaned up when the corresponding providers are
deactivated or otherwise modified.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
32e3c071373280b69be02ba91fc3204495e2e1bf)
Richard Levitte [Fri, 29 Apr 2022 06:08:06 +0000 (08:08 +0200)]
For child libctx / provider, don't count self-references in parent
In child library contexts, which contain child "clones" of the
providers the application has in store, one of these children will
always be the provider that creates the child library context; let's
call them self-refering child providers.
For these self-refering child providers, we don't increment the parent
provider reference count, nor do we free the parent provider, as those
become self defeating and hinder the teardown and unloading process
when the application cleans up.
For non self-refering child providers, we must retain this propagation
of reference count to the parent, so that aren't torn down too early,
i.e. when there's still a "foreign" reference (fetched algorithm).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
4da7663b02bf05542830e85db6f74cf90daf1f49)
Richard Levitte [Mon, 25 Apr 2022 05:22:27 +0000 (07:22 +0200)]
Complete the cleanup of an algorithm in OSSL_METHOD_STORE
The `alg_cleanup` didn't properly clear the OPENSSL_SA leaf that it
had just freed the contents of. Fortunately, `ossl_sa_ALGORITHM_doall_arg()`
allows us to pass the store pointer itself as an extra argument, which
allows a modified `alg_cleanup` to complete the job.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
03454ba2a234197c961920f1bac37cc9f4cf3f54)
Richard Levitte [Fri, 22 Apr 2022 14:44:51 +0000 (16:44 +0200)]
Make it possible to remove methods by the provider that provides them
This adds ossl_method_store_remove_all_provided(), which selectively
removes methods from the given store that are provided by the given
provider.
This also adds the EVP specific evp_method_store_remove_all_provided(),
which matches ossl_method_store_remove_all_provided() but can also
retrieve the correct store to manipulate for EVP functions.
This allows us to modify ossl_provider_self_test() to do the job it's
supposed to do, but through clearly defined functions instead of a
cache flushing call that previously did more than that.
ossl_provider_deactivate() is also modified to remove methods associated
with the deactivated provider, and not just clearing the cache.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
2e4d0677ea858c619a33235265dbee19520a9d35)
Richard Levitte [Fri, 22 Apr 2022 09:00:36 +0000 (11:00 +0200)]
Don't empty the method store when flushing the query cache
When evp_method_store_flush() flushed the query cache, it also freed
all methods in the EVP method store, through an unfortunate call of
ossl_method_store_flush_cache() with an argument saying that all
methods should indeed be dropped.
To undo some of the confusion, ossl_method_store_flush_cache() is
renamed to ossl_method_store_cache_flush_all(), and limited to do
only that. Some if the items in the internal ALGORITHM structure are
also renamed and commented to clarify what they are for.
Fixes #18150
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
60640d79ca7ea0980dc09c71fe6a297b5f8588a2)
Richard Levitte [Wed, 20 Apr 2022 16:34:09 +0000 (18:34 +0200)]
Refactor method construction pre- and post-condition
The existing pre- and post-condition functions are supposed to check if
methods have already been created and stored, using provider operation
bits. This is supposed to only be done for "permanent" method stores.
However, the way the pre-condition was called, it could not know if the
set of implementations to be stored is likely to end up in a "permanent"
or a temporary store. It needs access to the |no_store| flag returned
by the provider's operation query function, because that call was done
after the pre-condition was called.
This requires a bit of refactoring, primarly of |algorithm_do_this()|,
but also of |ossl_method_construct_precondition()|.
Fixes #18150
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
10937d5867039afbf869c8514245ed7599b61307)
Richard Levitte [Wed, 20 Apr 2022 14:43:13 +0000 (16:43 +0200)]
Drop ossl_provider_clear_all_operation_bits() and all uses of it
This is a misused function, as it was called during query cache flush,
when the provider operation bits were meant to record if methods for a
certain operation has already been added to the method store.
Fixes #18150
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
(cherry picked from commit
20b6d85ab2b9cfa4cd29d2422d69c3e3f4db0a41)
Vita Batrla [Fri, 18 Mar 2022 21:02:50 +0000 (22:02 +0100)]
s_client -proxy / -starttls shouldn't be mutually exclusive
The option -proxy of openssl s_client works fine. The option
-starttls also works fine. However, try putting both of them
on command line. It breaks, these options don't work together.
The problem is that -proxy option is implemented using starttls_proto
(the option parsing code sets it to PROTO_CONNECT) and -starttls option
overwrites the same variable again based on argument value.
The suggested fix is to independently handle -proxy option before
-starttls so the s_client can connect through HTTP proxy server and
then use STARTTLS command.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17925)
(cherry picked from commit
802cacf34f2db9111becb4f0d3aa00460df13a19)
Allan Jude [Fri, 19 Nov 2021 18:58:51 +0000 (18:58 +0000)]
Detect arm64-*-*bsd and enable assembly optimizations
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17084)
(cherry picked from commit
8e22f9d6d956ad583afe10b986519731c113ac80)
Dr. David von Oheimb [Wed, 27 Apr 2022 17:07:46 +0000 (19:07 +0200)]
crmf_lib.c: Make sure Ed signature for POPO is called without digest
Fixes #18184
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18230)
(cherry picked from commit
de56f726e163e99128ff93a04d74a8461f5a724b)
Daniel Fiala [Fri, 29 Apr 2022 07:33:49 +0000 (09:33 +0200)]
openssl: dhparam: Print warning if -in argument is ignored
Fixes: openssl#18146
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18206)
(cherry picked from commit
6d952291762246f6533e19ca413277390db4aae2)
Matt Caswell [Tue, 3 May 2022 13:32:09 +0000 (14:32 +0100)]
Prepare for 3.0.4
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
Matt Caswell [Tue, 3 May 2022 13:32:01 +0000 (14:32 +0100)]
Prepare for release of 3.0.3
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
Matt Caswell [Tue, 3 May 2022 13:32:01 +0000 (14:32 +0100)]
make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
Tomas Mraz [Tue, 3 May 2022 12:57:08 +0000 (14:57 +0200)]
CHANGES.md: Attribute the OPENSSL_LH_flush() fix properly
Reviewed-by: Matt Caswell <matt@openssl.org>
Release: yes
Matt Caswell [Tue, 3 May 2022 10:48:16 +0000 (11:48 +0100)]
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
Matt Caswell [Tue, 26 Apr 2022 13:39:34 +0000 (14:39 +0100)]
Update CHANGES and NEWS for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
Pauli [Mon, 2 May 2022 08:16:09 +0000 (18:16 +1000)]
Update Paul's pgp key signature
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18219)
Tomas Mraz [Tue, 26 Apr 2022 10:40:24 +0000 (12:40 +0200)]
c_rehash: Do not use shell to invoke openssl
Except on VMS where it is safe.
This fixes CVE-2022-1292.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Fri, 15 Apr 2022 09:22:59 +0000 (10:22 +0100)]
Fix the RC4-MD5 cipher
A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS
AAD data as the MAC key.
CVE-2022-1434
Fixes #18112
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Wed, 13 Apr 2022 15:47:35 +0000 (16:47 +0100)]
Test ocsp with invalid responses and the "-no_cert_checks" option
The "-no_cert_checks" option causes the flag OCSP_NOCHECKS to be set.
The bug fixed in the previous commit will cause the ocsp app to respond with
a success result in the case when the OCSP response signing certificate
fails to verify and -no_cert_checks is used - so we test that it fails in
this case.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Wed, 13 Apr 2022 15:36:54 +0000 (16:36 +0100)]
Fix OCSP_basic_verify signer certificate validation
The function `OCSP_basic_verify` validates the signer certificate on an OCSP
response. The internal function, ocsp_verify_signer, is responsible for this
and is expected to return a 0 value in the event of a failure to verify.
Unfortunately, due to a bug, it actually returns with a postive success
response in this case. In the normal course of events OCSP_basic_verify
will then continue and will fail anyway in the ocsp_check_issuer function
because the supplied "chain" value will be empty in the case that
ocsp_verify_signer failed to verify the chain. This will cause
OCSP_basic_verify to return with a negative result (fatal error). Normally
in the event of a failure to verify it should return with 0.
However, in the case of the OCSP_NOCHECKS flag being used, OCSP_basic_verify
will return with a positvie result. This could lead to callers trusting an
OCSP Basic response when it should not be.
CVE-2022-1343
Fixes #18053
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Dmitry Belyavskiy [Fri, 29 Apr 2022 12:22:24 +0000 (14:22 +0200)]
Improving locale test
Fixes #18205
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18211)
(cherry picked from commit
93983e555531a8d9bf70d12e4cfdb5ce2f337e3b)
Tomas Mraz [Thu, 28 Apr 2022 15:04:05 +0000 (17:04 +0200)]
fix_dh_paramgen_type: Avoid crash with invalid paramgen type
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18202)
(cherry picked from commit
359dad5178285d5471f2a57a5aa99c1f588dffcb)
Dr. David von Oheimb [Thu, 28 Apr 2022 13:35:13 +0000 (15:35 +0200)]
http_client.c: check expected content type only if HTTP status code is 200 (OK)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18204)
(cherry picked from commit
e3477d3e5ccd971da3d8a90a7d5096b47372d288)
Richard Levitte [Tue, 26 Apr 2022 09:04:49 +0000 (11:04 +0200)]
Fix memleak in test/provider_test.c
This memory leak is triggered when configuring with 'no-legacy'
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18179)
(cherry picked from commit
49d874e0b7514cb270e817103ff0e13d4689e1f0)
Tomas Mraz [Thu, 21 Apr 2022 15:33:26 +0000 (17:33 +0200)]
poly1305: Properly copy the whole context on dup
Also reset the updated flag when Poly1305_Init is called.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18143)
(cherry picked from commit
bbe909d00e9a593bd5954dfca4d3020467977565)
Hugo Landau [Mon, 4 Apr 2022 13:36:20 +0000 (14:36 +0100)]
Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions
Currently we do not have any way to retrieve these values once set.
Fixes #18035.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18038)
(cherry picked from commit
948cf521798a801cfde47a137343e6f958d71f04)
Jan Engelhardt [Mon, 25 Apr 2022 08:51:00 +0000 (10:51 +0200)]
doc: replace "symmetric cipher" phrase in EVP_MD manpages
CLA: trivial
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18169)
(cherry picked from commit
ae2efd63c6fcd9b7e043692184762da19c5eb99b)
Jon Spillett [Thu, 21 Apr 2022 06:49:04 +0000 (16:49 +1000)]
Prefer GNU library initialization mechanism over platform one
If GNU toolchain is used, use the __attribute__((constructor))
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18147)
(cherry picked from commit
2dc3a4a4a57eca0d9bebd87234c7d682506188fc)
Tomas Mraz [Thu, 21 Apr 2022 15:13:44 +0000 (17:13 +0200)]
Test that SipHash_Final() fails on uninited context
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
(cherry picked from commit
4b694f29ea78ab8a94e67c89d4d81df18c5e3bf1)
Tomas Mraz [Thu, 21 Apr 2022 15:09:14 +0000 (17:09 +0200)]
siphash: Properly set mac size in sipcopy
Also fully duplicate the context on dup
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
(cherry picked from commit
905fec4f4d6bb8a978476cbce0f293ffc683b5fd)
Tomas Mraz [Thu, 21 Apr 2022 15:07:40 +0000 (17:07 +0200)]
siphash: Fail finalization on uninitialized siphash context
Fixes #18140
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
(cherry picked from commit
650b142c2e4c1d57868bdbbe1f7f4549ee77f8eb)
EasySec [Sun, 24 Apr 2022 16:57:39 +0000 (18:57 +0200)]
pem_password_cb(3): References to other man pages
Refer to OSSL_ENCODER_to_bio and OSSL_DECODER_from_bio man pages.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18164)
(cherry picked from commit
7510aee28a3262cde442230c06daffa1e7609fd6)
Dmitry Belyavskiy [Fri, 22 Apr 2022 17:26:08 +0000 (19:26 +0200)]
Testing the EVP_PKEY_CTX_new_from_name without preliminary init
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18175)
Dmitry Belyavskiy [Fri, 22 Apr 2022 16:16:56 +0000 (18:16 +0200)]
Ensure we initialized the locale before evp_pkey_name2type
Fixes #18158
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18175)
Jon Spillett [Thu, 21 Apr 2022 02:08:16 +0000 (12:08 +1000)]
Use .s extension for ia64 assembler
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18136)
(cherry picked from commit
6009997abd2594d5a7c0606176f404190922b74d)
Hugo Landau [Thu, 21 Apr 2022 15:10:33 +0000 (16:10 +0100)]
Fix bug in OPENSSL_LH_flush
Fixes #18139.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18141)
(cherry picked from commit
e5da68183410c06f7b350a0721bc2bd6057e438e)
Hugo Landau [Fri, 22 Apr 2022 13:17:44 +0000 (14:17 +0100)]
Add support for new release commit review requirement bypass
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18155)
(cherry picked from commit
a625354d82aad711141172efb3b39b7689318fe2)
Tomas Mraz [Thu, 21 Apr 2022 10:44:18 +0000 (12:44 +0200)]
Add Tomas Mraz key to release key fingerprints
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18138)
(cherry picked from commit
2c0a944c69dc92cb280147997696cd88acd7b395)
Kirill A. Korinsky [Thu, 7 Apr 2022 13:07:37 +0000 (15:07 +0200)]
Never use `__atomic_*` on macOS 10.7 and 10.8
macOS 10.7 and 10.8 had a bit wired clang which is detected as
`__GNUC__` which has `__ATOMIC_ACQ_REL` but it excepts one option at
`__atomic_is_lock_free` instead of 2.
This prevents OpenSSL to be compiled on such systems.
Fixes: #18055
Signed-off-by: Kirill A. Korinsky <kirill@korins.ky>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18056)
(cherry picked from commit
d39de4792dbdb6ab5f78c79d52d0210b44584538)
Dmitry Belyavskiy [Tue, 12 Apr 2022 10:30:08 +0000 (12:30 +0200)]
str[n]casecmp => OPENSSL_strncasecmp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18103)
Dmitry Belyavskiy [Tue, 12 Apr 2022 10:35:25 +0000 (12:35 +0200)]
Minimal test checking we can get public key in Turkish locale
(cherry picked from commit
6ae39acaf0c3578850be6699026a3a5c3f4bdfce)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18103)
Dmitry Belyavskiy [Wed, 13 Apr 2022 10:33:21 +0000 (12:33 +0200)]
FIPS provider modifications
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18103)
Dmitry Belyavskiy [Wed, 13 Apr 2022 10:32:14 +0000 (12:32 +0200)]
Public API functions OPENSSL_str[n]casecmp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18103)
Daniel Fiala [Mon, 28 Mar 2022 12:53:08 +0000 (12:53 +0000)]
Clear incorrectly reported errors in cms_io.
Fixes openssl#17841.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18109)
(cherry picked from commit
45a3c592b94b66cab72e5bffbaf9d810c3fb29c0)
Zhou Qingyang [Wed, 6 Apr 2022 16:48:09 +0000 (00:48 +0800)]
Fix a possible NULL pointer dereference in create_cert_store()
In create_cert_store(), X509_STORE_new() is called and there is a
dereference of it in following function X509_STORE_add_lookup()
without check, which could lead to NULL pointer dereference.
Fix this by adding a NULL check of X509_STORE_new()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18057)
(cherry picked from commit
3f075967f664aac12951a1d7aa3124d9235cd299)
Zhou Qingyang [Mon, 11 Apr 2022 16:25:26 +0000 (00:25 +0800)]
Fix wild pointer dereference in make_ocsp_response()
The function OCSP_basic_add1_status() will return NULL on malloc failure.
However the return value is not checked before being passed to
OCSP_SINGLERESP_add1_ext_i2d(), and there is a wild field pointer,
which could lead to wild pointer dereference.
Fix this by adding return value check
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18081)
(cherry picked from commit
4d50a5467b0a208c61d163239a3544bae06343ea)
Tomas Mraz [Tue, 12 Apr 2022 15:58:23 +0000 (17:58 +0200)]
Avoid undefined behavior of provided macs on EVP_MAC reinitialization
When the context is reinitialized, i.e. the same key should be used
we must properly reinitialize the underlying implementation.
However in POLY1305 case it does not make sense as this special MAC
should not reuse keys. We fail with this provided implementation
when reinitialization happens.
Fixes #17811
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18100)
(cherry picked from commit
c9ddc5af5199909d196ee80ccd7abcff2eb42a34)
Tomas Mraz [Tue, 12 Apr 2022 14:35:56 +0000 (16:35 +0200)]
evp_test: Try computing MACs twice with reinitialization of EVP_MAC_CTX
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18100)
(cherry picked from commit
e58ba181de6b0dfad0dc371f8d962c82138a906e)
EasySec [Wed, 13 Apr 2022 11:02:44 +0000 (13:02 +0200)]
doc: Clarify that calling SSL_set_session(ssl, NULL) is a correct use case.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18101)
(cherry picked from commit
e763b1861fb2a138371464b7d3996dbde85ff5e8)
Bernd Edlinger [Mon, 11 Apr 2022 08:12:48 +0000 (10:12 +0200)]
Fix an assertion in the DTLS server code
This fixes an internal error alert from the server and
an unexpected connection failure in the release version,
but a failed assertion and a server crash in the
debug version.
Reproduce this issue with a DTLS server/client like that:
./openssl s_server -dtls -mtu 1500
./openssl s_client -dtls -maxfraglen 512
In the debug version a crash happens in the Server now:
./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ssl/statem/statem_dtls.c:269: OpenSSL internal error: Assertion failed: len == written
Aborted (core dumped)
While in the release version the handshake exceeds the
negotiated max fragment size, and fails because of this:
$ ./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ERROR
4057152ADA7F0000:error:
0A0000C2:SSL routines:do_dtls1_write:exceeds max fragment size:ssl/record/rec_layer_d1.c:826:
shutting down SSL
CONNECTION CLOSED
From the client's point of view the connection fails
with an Internal Error Alert:
$ ./openssl s_client -dtls -maxfraglen 512
Connecting to ::1
CONNECTED(
00000003)
40B76343377F0000:error:
0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_d1.c:613:SSL alert number 80
and now the connection attempt fails unexpectedly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18093)
(cherry picked from commit
e915c3f5381cd38ebdc1824c3ba9896ea7160103)
Tomas Mraz [Thu, 31 Mar 2022 09:01:33 +0000 (11:01 +0200)]
Add error code for unsupported explicit parameters
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
(cherry picked from commit
53137462f42f8673fbd5b0831f8ea051ddea509f)
Tomas Mraz [Wed, 30 Mar 2022 15:00:01 +0000 (17:00 +0200)]
endecode_test: Handle expected failures for non-fips ec keys
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
(cherry picked from commit
e8a4145968eea576788761f39c5e4cb68b7c4a42)
Tomas Mraz [Mon, 28 Mar 2022 16:14:47 +0000 (18:14 +0200)]
Import only named params into FIPS module
Fixes #17978
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
(cherry picked from commit
638c3a28af45bd81a1c90b81efd8e10449eace1b)
tangyiqun [Tue, 12 Apr 2022 08:07:17 +0000 (16:07 +0800)]
Check the return of EVP_KDF_fetch()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18096)
(cherry picked from commit
02119faee397565525151eb2ce39c424d129d287)
Zhou Qingyang [Sun, 10 Apr 2022 18:05:19 +0000 (02:05 +0800)]
Add return value check of X509V3_add_value() in X509V3_parse_list()
X509V3_add_value() will return 0 on malloc failure, which could lead to
err logic in X509V3_parse_list().
Fix this by adding return value check of X509V3_add_value().
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18077)
(cherry picked from commit
bcd5645b34c319b8e4d72d6850ead80e85f18921)
Daniel Fiala [Mon, 4 Apr 2022 17:41:32 +0000 (19:41 +0200)]
SSL_conf_cmd: Allow DH Parameters at any position.
Fixes openssl#17326.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18041)
(cherry picked from commit
b2b8d1883a3b7e64006b0b4ada0cbcf3eb6dba1a)
Todd Short [Fri, 1 Apr 2022 14:54:45 +0000 (10:54 -0400)]
Fix -no-tls1_2 in tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18019)
(cherry picked from commit
40fb5a4ce3e90c9e8702aad0fcf43eb9f6edf419)
Tomas Mraz [Wed, 30 Mar 2022 14:04:55 +0000 (16:04 +0200)]
Add test for openssl ecparam with fips and base providers
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
(cherry picked from commit
269c349a7688daae48d95e582e62ff181888c854)
Tomas Mraz [Mon, 28 Mar 2022 16:09:18 +0000 (18:09 +0200)]
ec_export: Other parameters are exportable with domain parameters
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
(cherry picked from commit
e20af37d063514c27567c64e975fa5b3208707a9)
Tomas Mraz [Wed, 6 Apr 2022 08:29:54 +0000 (10:29 +0200)]
Add test for resetting SM2 dist ID
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
(cherry picked from commit
707d4e06eba71fb8a8b2faa77a2072511189544d)
Tomas Mraz [Wed, 6 Apr 2022 08:03:22 +0000 (10:03 +0200)]
sm2: Allow setting 0 length SM2 dist ID param
Fixes #18022
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
(cherry picked from commit
2904d0a2ae0ec6ce23d5cec66ce8c7bdb005d4e5)
yuanjungong [Thu, 7 Apr 2022 04:35:59 +0000 (12:35 +0800)]
Crypto/evp: Fix null pointer dereference
Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)
(cherry picked from commit
5f1424c6bdca8ddb9d5d88a78a1d738be19c4ea8)
Pauli [Thu, 31 Mar 2022 21:06:17 +0000 (08:06 +1100)]
kdf: avoid NULL dereference on malloc failure in sshkdf
Fixes #18009
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18011)
(cherry picked from commit
148176ca323e3dfce5d5cdb5578c113c8d2440bb)