Matt Caswell [Tue, 25 Oct 2022 15:29:43 +0000 (16:29 +0100)]
Check whether buffers have actually been allocated/freed
In the sslbuffertest we test the operation of SSL_alloc_buffers() and
SSL_free_buffers(). However this was done entirely using the public API,
and did not confirm that the buffers were actually allocated/freed. We
now extend the test to confirm this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19472)
Matt Caswell [Fri, 21 Oct 2022 15:44:08 +0000 (16:44 +0100)]
Remove some unused OSSL_RECORD_METHOD functions
Remove two function pointers from the OSSL_RECORD_METHOD. Those functions
were no-ops and were never called.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19472)
Matt Caswell [Fri, 21 Oct 2022 15:12:31 +0000 (16:12 +0100)]
Make SSL_alloc_buffers() and SSL_free_buffers() work again
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19472)
Paul Kehrer [Wed, 19 Oct 2022 14:29:25 +0000 (09:29 -0500)]
add dependabot to keep actions versions up-to-date
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19441)
slontis [Wed, 26 Oct 2022 01:10:50 +0000 (11:10 +1000)]
Use RSA CRT parameters in FIPS self tests.
Fixes #19488
Use the correct OSSL_PKEY_PARAM_RSA CRT names fior the self tests.
The invalid names cause CRT parameters to be silently ignored.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19501)
Pauli [Tue, 25 Oct 2022 09:01:12 +0000 (20:01 +1100)]
rand: remove the ossl_rand_pool_add_additional_data() function.
This function isn't called from anywhere and cannot easily be used
by the current RNG infrastructure.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/19493)
Todd C. Miller [Mon, 24 Oct 2022 14:00:48 +0000 (08:00 -0600)]
ssl_cipher_process_rulestr: don't read outside rule_str buffer
If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer. This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop. It is safest to just return
early in this case since the condition occurs inside a nested loop.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19166)
Richard Levitte [Thu, 6 Oct 2022 11:05:39 +0000 (13:05 +0200)]
Fix 32-bit Windows issues related to QUIC Wire functions
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19345)
Richard Levitte [Thu, 6 Oct 2022 09:43:16 +0000 (11:43 +0200)]
Fix 32-bit Windows issues related to QUIC_STREAM
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19345)
Richard Levitte [Wed, 5 Oct 2022 08:52:59 +0000 (10:52 +0200)]
Fix 32-bit Windows issues related to QUIC_ACKM / QUIC_CC
The re-occuring surprise is that in Win32, size_t is 32 bits...
Fixed by changing size_t to uint64_t in QUIC_CC
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19345)
Richard Levitte [Wed, 5 Oct 2022 08:20:35 +0000 (10:20 +0200)]
Fix definitions of SHUT_RD and SHUT_WR
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19345)
Richard Levitte [Wed, 5 Oct 2022 07:34:11 +0000 (09:34 +0200)]
Github Actions: Enable building QUIC on Windows
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19345)
Matt Caswell [Mon, 24 Oct 2022 08:22:01 +0000 (09:22 +0100)]
Fix a lock in provider_remove_store_methods()
We were taking a read lock. It should have been a write lock.
Fixes #19474
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19481)
Matt Caswell [Fri, 21 Oct 2022 13:32:51 +0000 (14:32 +0100)]
Fix test_tls13_encryption()
This test was disabled during the record write record layer refactor.
We can now enable it again.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19470)
Matt Caswell [Mon, 24 Oct 2022 08:18:34 +0000 (09:18 +0100)]
Fix a compilation failure in bio_comp_test.c
Compiling with clang, --strict-warnings and enable-zlib-dynamic resulted
in a compilation failure. This fixes it.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19480)
Daniel Fiala [Mon, 10 Oct 2022 08:53:14 +0000 (10:53 +0200)]
openssl list: Fix help text about -cipher-algorithms option
Fixes openssl#19133
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19370)
Tomas Mraz [Thu, 20 Oct 2022 14:14:29 +0000 (16:14 +0200)]
Workaround egd rand source deficiencies
With egd as the rand source the reseed after fork confuses the egd.
Fixes #19396
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19454)
(cherry picked from commit
0b3fec502298f9a16889d2507948a916416e71cf)
xkernel [Wed, 19 Oct 2022 16:40:25 +0000 (00:40 +0800)]
Checking the return of BIO_new_fp(). If it returns NULL, then it is unnecessary to build the BIO chain and better make the caller directly return NULL
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19445)
Pauli [Thu, 20 Oct 2022 23:29:09 +0000 (10:29 +1100)]
doc: fix copy/paste error
Fixes #19460
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19461)
Daniel Fiala [Fri, 21 Oct 2022 06:23:54 +0000 (08:23 +0200)]
Fix coverity
1516101 deadcode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19464)
Čestmír Kalina [Fri, 21 Oct 2022 17:49:21 +0000 (19:49 +0200)]
crypto: thread: remove ossl_crypto_thread_native_terminate
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19473)
Tomas Mraz [Thu, 13 Oct 2022 11:05:20 +0000 (13:05 +0200)]
Errors raised from OPENSSL_sk_set should have ERR_LIB_CRYPTO
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19400)
Tomas Mraz [Thu, 13 Oct 2022 09:39:35 +0000 (11:39 +0200)]
Document the stack functions that are forgiving
I.e., those that can be called with NULL stack parameter or invalid index.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19400)
Tomas Mraz [Wed, 12 Oct 2022 08:36:20 +0000 (10:36 +0200)]
stack: Do not add error if pop/shift/value accesses outside of the stack
This partially reverts commit
30eba7f35983a917f1007bce45040c0af3442e42.
This is legitimate use of the stack functions and no error
should be reported apart from the NULL return value.
Fixes #19389
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19400)
Tomas Mraz [Wed, 19 Oct 2022 13:40:40 +0000 (15:40 +0200)]
Remove changes entry for RIPEMD160 in 3.2
It is already in 3.0.7.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19438)
Tomas Mraz [Wed, 19 Oct 2022 13:40:00 +0000 (15:40 +0200)]
Add changes entry for RIPEMD160 in 3.0.7
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19438)
xkernel [Wed, 19 Oct 2022 17:11:16 +0000 (01:11 +0800)]
Replace BIO_free(bio_err) with BIO_free_all(bio_err)
dup_bio_err() can return a BIO chain when 'OPENSSL_SYS_VMS' is defined.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19446)
Sam James [Wed, 19 Oct 2022 23:18:35 +0000 (00:18 +0100)]
test: driver: fix -Wunused-but-set-variable
The value of 'num_failed_inner' isn't ever used.
Fixes this error with Clang 15:
```
test/testutil/driver.c:341:17: error: variable 'num_failed_inner' set but not used [-Werror,-Wunused-but-set-variable]
int num_failed_inner = 0;
^
1 error generated.
```
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
Sam James [Wed, 19 Oct 2022 23:14:53 +0000 (00:14 +0100)]
x509: fix -Wunused-but-set-variable
The value of 'l' isn't ever actually used.
Fixes this error with Clang 15:
```
crypto/x509/x_name.c:506:9: error: variable 'l' set but not used [-Werror,-Wunused-but-set-variable]
int l, i;
^
1 error generated.
```
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
Sam James [Wed, 19 Oct 2022 23:10:27 +0000 (00:10 +0100)]
txt_db: fix -Wunused-but-set-variable
The loop never uses the value of 'ln'.
Fixes this error with Clang 15:
```
crypto/txt_db/txt_db.c:24:10: error: variable 'ln' set but not used [-Werror,-Wunused-but-set-variable]
long ln = 0;
^
1 error generated.
```
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
Sam James [Wed, 19 Oct 2022 22:58:39 +0000 (23:58 +0100)]
pem: fix -Wunused-but-set-variable
The loop never uses the value of 'line'.
Fixes this error with Clang 15:
```
crypto/pem/pem_lib.c:821:14: error: variable 'line' set but not used [-Werror,-Wunused-but-set-variable]
int len, line, ret = 0, end = 0, prev_partial_line_read = 0, partial_line_read = 0;
^
1 error generated.
```
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
Sam James [Wed, 19 Oct 2022 22:04:25 +0000 (23:04 +0100)]
CI: add Clang 15
We have to use the PPA provided by LLVM because Clang 15 isn't
officially part of Ubuntu 22.04 (or any other Ubuntu release yet),
see https://apt.llvm.org/ for details.
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
ramin [Wed, 28 Sep 2022 09:41:29 +0000 (11:41 +0200)]
Add af_alg errors to the error queue
If the kernel operation failed the EVP functions
just returned without any error message.
This commit adds them.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19289)
Čestmír Kalina [Fri, 21 Oct 2022 09:08:24 +0000 (11:08 +0200)]
test: threads: replace test_thread_noreturn
While POSIX threads are cancellable and may be asynchronously cancelled,
their cancellation is not guaranteed by the POSIX standard.
test_thread_noreturn, which simulates a long-running possibly
unresponsive thread:
THREAD #1 THREAD #2
LOCK L1
SPAWN #2
LOCK L1
On MacOS, cancelling such thread only queues cancellation request, but
the following pthread_join hangs.
Replace this implementation by an unbounded sequence of sleeps instead.
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19433)
Čestmír Kalina [Tue, 18 Oct 2022 12:41:21 +0000 (08:41 -0400)]
crypto: thread: serialize concurrent joins
Multiple concurrent joins with a running thread suffer from a race
condition that allows concurrent join calls to perform concurrent arch
specific join calls, which is UB on POSIX, or to concurrently execute
join and terminate calls.
As soon as a thread T1 exists, one of the threads that joins with T1
is selected to perform the join, the remaining ones await completion.
Once completed, the remaining calls immediately return. If the join
failed, another thread is selected to attempt the join operation.
Forcefully terminating a thread that is in the process of joining
another thread is not supported.
Common code from thread_posix and thread_win was refactored to use
common wrapper that handles synchronization.
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19433)
Daniel Fiala [Sun, 9 Oct 2022 06:43:29 +0000 (08:43 +0200)]
openssl list: add an empty row at the end of each printed list of commands and algorithms
Fixes openssl#19140
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19372)
Todd Short [Wed, 19 Oct 2022 14:22:29 +0000 (10:22 -0400)]
Fix coverity
1516095 deadcode
Unless multiple compression algorithms are configured, test 3 is
not run, so anything looking at `test == 3` is considered dead code.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19440)
Todd Short [Wed, 19 Oct 2022 14:13:35 +0000 (10:13 -0400)]
Fix coverity
1516094 uninit
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19440)
Todd Short [Wed, 19 Oct 2022 14:12:57 +0000 (10:12 -0400)]
Fix coverity
1516093 tainted scalar
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19440)
Paul Kehrer [Wed, 19 Oct 2022 14:21:37 +0000 (09:21 -0500)]
update pyca cryptography to 38.0.2
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19439)
Paul Kehrer [Wed, 19 Oct 2022 14:07:32 +0000 (09:07 -0500)]
link the pyca tests against the correct openssl
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19439)
Matt Caswell [Thu, 20 Oct 2022 16:12:20 +0000 (17:12 +0100)]
Fix make update
The recent DTLS write record layer code and the certificate compression
code both added new SSL_R_ reason codes. The numbers are conflicting due
to rebase issues and causing make update to fail.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19457)
Richard Levitte [Sun, 16 Oct 2022 05:52:09 +0000 (07:52 +0200)]
Finer grained error records for provider load/init failures
When a provider is activated, these three cases would record that the
provider init function failed (implying that it was called):
- failure to load the provider module (in case it's a dynamically
loadable module)
- the init function not being present (i.e. being NULL)
- the init function being called and returning an error indication
(i.e. returning a false value)
This is confusing.
Separating the three cases so that they record different errors will
make it easier to determine causes of failure.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19419)
Gibeom Gwon [Tue, 11 Oct 2022 17:53:00 +0000 (02:53 +0900)]
Fix no longer implicitly refresh the cached TBSCertificate
This reverts commit
9249a34b076df9a9d55ab74ab465d336980cae6a.
Fixes #19388
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19393)
Matt Caswell [Tue, 18 Oct 2022 11:23:40 +0000 (12:23 +0100)]
Move freeing of BIOs as late as possible
Calling SSL_free() will call BIO_free_all() on the rbio and wbio. We
keep references to the rbio and wbio inside the record layer object.
References to that object are held directly, as well as in fragment
retransmission queues. We need to ensure all record layer objects are
cleaned up before we call BIO_free_all() on rbio/wbio - otherwise the
"top" BIO may not have its reference count drop to 0 when BIO_free_all()
is called. This means that the rest of the BIOs in the chain don't get
freed and a memory leak can occur.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 15:33:40 +0000 (16:33 +0100)]
Remove some redundant code
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 14:46:02 +0000 (15:46 +0100)]
Remove the old buffer management code
We no longer use the old buffer management code now that it has all been
moved to the new record layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 14:13:18 +0000 (15:13 +0100)]
Remove some TODO(RECLAYER) comments now that DTLS has been moved
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 14:07:47 +0000 (15:07 +0100)]
Remove dtls_write_records
The dtls_write_records function, after the previous series of commits,
was functionally equivalent to tls_write_records_default - so it can be
removed completely.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 13:42:09 +0000 (14:42 +0100)]
Move sequence increment to post encryption processing
This change make dtls_write_records virtuall the same as
tls_write_records_default, which will enable us to merge them in a
subsequent commit.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 13:37:32 +0000 (14:37 +0100)]
Remove supurious set of the record type
We already set the record type on the SSL3_RECORD structure. We don't
need to do it again (inconsistently).
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Mon, 17 Oct 2022 11:28:07 +0000 (12:28 +0100)]
Consolidate sequence counter incrementing code
The sequence counter was incremented in numerous different ways in
numerous different locations. We introduce a single function to do this
inside the record layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Fri, 14 Oct 2022 14:30:55 +0000 (15:30 +0100)]
Ensure the record layer is responsible for calculating record overheads
Don't calculate the potential record layer expansion outside of the
record layer. We move some code that was doing that into the record
layer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 13 Oct 2022 15:44:22 +0000 (16:44 +0100)]
Convert dtls_write_records to use standard record layer functions
We have standard functions for most of the work that dtls_write_records
does - so we convert it to use those functions instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 13 Oct 2022 10:25:56 +0000 (11:25 +0100)]
Start using WPACKET in the dtls write records code
Previously this was writing to the buffers directly. We use the safer
WPACKET instead
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Fri, 7 Oct 2022 15:23:14 +0000 (16:23 +0100)]
Use common tls_write_records() even for DTLS
In practice this just means have a DTLS specific write_records that the
common tls_write_records() just calls. We also replace the use of
ssl3_write_pending() with tls_retry_write_records().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 6 Oct 2022 14:58:08 +0000 (15:58 +0100)]
Convert dtls_write_records() to return the correct return values
We now use standard record layer return values for this function. We
also convert the code to use RLAYERfatal instead of SSLfatal.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 6 Oct 2022 14:10:42 +0000 (15:10 +0100)]
Use record layer buffers for DTLS rather than the buffers in s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 6 Oct 2022 13:49:16 +0000 (14:49 +0100)]
Move dlts_write_records() function in the record layer
At the this stage we just move the code and don't restructure it to do it
the record layer way yet.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 6 Oct 2022 13:16:01 +0000 (14:16 +0100)]
Create a dlts_write_records() function
In preparation for moving the DTLS code to use the new write record layer
architecture we first restructure the code to create a dtls_write_records()
function that mirrors the functionality that the record layer will provide.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Matt Caswell [Thu, 6 Oct 2022 12:18:43 +0000 (13:18 +0100)]
Remove create_empty_fragment from do_dtls1_write()
do_dtls1_write() was never called with a value for create_empty_fragment
that was ever non-zero - so this is dead code and can be removed. The
equivalent code in the TLS processing is used for TLS1.0/SSLv3 to protect
against known IV weaknesses because those protocol versions do not have
an explicit IV. However DTLS1.0 is based on TLSv1.1 and *does* have an
explicit IV - so this is not useful there.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Tobias Girstmair [Tue, 18 Oct 2022 11:23:21 +0000 (13:23 +0200)]
c_rehash: Fix file extension matching
For some reason, parenthesis were added 8 years ago in commit
a787c2590e468585a1a19738e0c7f481ec91b762. This essentially removed the
\. and $ constructs from the middle branches. Hence a file called e.g.
cert.key would accidentally match the (cer) rule.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19427)
xkernel [Tue, 18 Oct 2022 16:54:26 +0000 (00:54 +0800)]
add a check for the return of sk_SRP_gN_new_null() so that capture the potential memory error in time
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19435)
Pauli [Mon, 17 Oct 2022 22:07:19 +0000 (09:07 +1100)]
ripemd: document as being present in the default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19375)
Tomas Mraz [Mon, 17 Oct 2022 15:05:09 +0000 (17:05 +0200)]
Avoid putting ripemd_prov.c in libcommon otherwise it is regarded as fips source
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19375)
Pauli [Tue, 11 Oct 2022 00:23:57 +0000 (11:23 +1100)]
default provider: include RIPEMD160
Including RIPEMD160 in both the default and legacy providers shouldn't break
anyone and makes the algorithm available more readily.
Fixes #17722
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19375)
Pauli [Tue, 18 Oct 2022 07:14:26 +0000 (18:14 +1100)]
Add changes entry for RIPEMD160 being added to the default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19375)
Todd Short [Mon, 29 Aug 2022 21:00:07 +0000 (17:00 -0400)]
Add `for_comp` flag when retrieving certs for compression
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Mon, 29 Aug 2022 18:58:57 +0000 (14:58 -0400)]
Update COMP_METHOD
size_t-ify the COMP_METHOD structure and functions.
Get rid of the non-functional COMP_METHODS and return NULL instead.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Mon, 9 Aug 2021 20:56:54 +0000 (16:56 -0400)]
Add CI to build with brotli and zstd
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Mon, 9 Aug 2021 20:56:50 +0000 (16:56 -0400)]
Add support for compressed certificates (RFC8879)
* Compressed Certificate extension (server/client)
* Server certificates (send/receive)
* Client certificate (send/receive)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Wed, 17 Aug 2022 21:36:27 +0000 (17:36 -0400)]
Convert ZLIB defines to OPENSSL_NO_ZLIB
Use the normal OPENSSL_NO_ prefix to enable/disable ZLIB
Make `BIO_f_zlib()` always available.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Mon, 9 Aug 2021 20:56:37 +0000 (16:56 -0400)]
Add ZSTD compression support (RFC8478bis)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
Todd Short [Mon, 9 Aug 2021 20:56:29 +0000 (16:56 -0400)]
Add brotli compression support (RFC7924)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18186)
slontis [Wed, 12 Oct 2022 06:03:08 +0000 (16:03 +1000)]
Fix sctp compile errors
Fixes #19371
running config with 'enable-sctp' gave compiler errors.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19398)
Joachim Vandersmissen [Thu, 13 Oct 2022 09:55:57 +0000 (09:55 +0000)]
Fix documentation for OFB/OCB in the FIPS provider
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19408)
omahs [Fri, 14 Oct 2022 08:54:27 +0000 (10:54 +0200)]
Fix typos in doc/designs/ddd/README.md
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19416)
Tomas Mraz [Thu, 13 Oct 2022 14:04:43 +0000 (16:04 +0200)]
Add missing include for DH_get0_priv_key()
Fixes #19410
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/19411)
Čestmír Kalina [Mon, 27 Sep 2021 20:42:11 +0000 (22:42 +0200)]
crypto: add preemptive threading support
Some primitives are designed to be used in a multi-threaded environment,
if supported, e.g., Argon2.
This patch adds support for preemptive threading and basic synchronization
primitives for platforms compliant with POSIX threads or Windows CRT.
Native functions are wrapped to provide a common (internal) API.
Threading support can be disabled at compile time. If enabled, threading
is disabled by default and needs to be explicitly enabled by the user.
Thread enablement requires an explicit limit on the number of threads that
OpenSSL may spawn (non-negative integer/infinity). The limit may be changed.
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12255)
Čestmír Kalina [Tue, 27 Sep 2022 21:21:05 +0000 (17:21 -0400)]
ci: add thread-pool and default-thread-pool
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12255)
Čestmír Kalina [Thu, 25 Aug 2022 15:02:42 +0000 (17:02 +0200)]
Configure: add thread-pool and default-thread-pool
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12255)
Pauli [Fri, 14 Oct 2022 01:53:02 +0000 (12:53 +1100)]
Coverity
1515953: negative loop bound
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19413)
Richard Levitte [Fri, 7 Oct 2022 08:37:15 +0000 (10:37 +0200)]
Fix LLVM vs Apple LLVM version numbering confusion, for $avx512ifma
Apple LLVM has a different version numbering scheme than upstream LLVM.
That makes for quite a bit of confusion.
https://en.wikipedia.org/wiki/Xcode#Toolchain_versions to the rescue,
they have collected quite a lot of useful data.
This change is concentrated around the `$avx512ifma` flag
Fixes #16670 for the master branch
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19361)
Juergen Christ [Wed, 5 Oct 2022 11:57:21 +0000 (13:57 +0200)]
Add translation for ECX group parameter
Legacy EVP_PKEY_CTX objects did not support the "group" parameter for X25519
and X448. The translation of this parameter resulted in an error. This
caused errors for legacy keys and engines.
Fix this situation by adding a translation that simply checks that the correct
parameter is to be set, but does not actually set anything. This is correct
since the group name is anyway optional for these two curves.
Fixes #19313
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19348)
Bernd Edlinger [Tue, 11 Oct 2022 18:25:33 +0000 (20:25 +0200)]
Fix an occasional CI failure due to unaligned access
This happens rarely, but only because very few CI runs
use the exotic CPU type that is necessary to execute
anything within rsaz_exp_x2.c and enable UBSAN at the same time.
crypto/bn/rsaz_exp_x2.c:562:20: runtime error: load of misaligned address 0x612000022cc6 for type 'uint64_t' (aka 'unsigned long'), which requires 8 byte alignment
0x612000022cc6: note: pointer points here
84 a3 78 e0 8e 8d 4a a5 51 9c 57 d0 d6 41 f3 26 d1 4e e1 98 42 b5 3a 9f 04 f1 73 d2 1d bf 73 44
^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior crypto/bn/rsaz_exp_x2.c:562:20 in
../../util/wrap.pl ../../fuzz/server-test ../../fuzz/corpora/server => 1
not ok 2 - Fuzzing server
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19394)
slontis [Tue, 4 Oct 2022 23:57:51 +0000 (09:57 +1000)]
Improve performance of the encoder collection
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19344)
Daniel Fiala [Fri, 7 Oct 2022 11:24:20 +0000 (13:24 +0200)]
PKCS12_SAFEBAG_set0_attrs: Remove const from function signature
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19359)
Daniel Fiala [Fri, 7 Oct 2022 06:56:54 +0000 (08:56 +0200)]
Fix typo in PKCS12_SAFEBAG_set0_attrs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19359)
zhangzhilei [Sat, 24 Sep 2022 02:32:36 +0000 (10:32 +0800)]
optimize ossl_sm4_set_key speed
this optimization comes from libgcrypt, increse about 48% speed
Benchmark on my AMD Ryzen Threadripper 3990X
before:
Did
5752000 SM4 setup operations in 1000151us (
5751131.6 ops/sec)
after:
Did
8506000 SM4 setup operations in 1000023us (
8505804.4 ops/sec)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19270)
Matt Caswell [Mon, 10 Oct 2022 10:20:08 +0000 (11:20 +0100)]
Update CHANGES.md and NEWS.md for new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19379)
Matt Caswell [Fri, 30 Sep 2022 15:59:05 +0000 (16:59 +0100)]
Add a test for TLSv1.3 only client sending a correct key_share
Make sure that a TLSv1.3 only client does not send a TLSv1.3 key_share.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19317)
Matt Caswell [Fri, 30 Sep 2022 15:51:58 +0000 (16:51 +0100)]
Add a test for where a client sends a non-TLSv1.3 key share
This should not happen but we should tolerate and send an HRR
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19317)
Matt Caswell [Fri, 30 Sep 2022 13:21:50 +0000 (14:21 +0100)]
Ensure that the key share group is allowed for our protocol version
We should never send or accept a key share group that is not in the
supported groups list or a group that isn't suitable for use in TLSv1.3
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19317)
Matt Caswell [Wed, 5 Oct 2022 14:01:18 +0000 (15:01 +0100)]
Fix a return value in tls_default_read_n
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 4 Oct 2022 15:32:02 +0000 (16:32 +0100)]
Introduce a step to prepare the BIO before writing
This removes some KTLS specific code from tls_retry_write_records().
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 4 Oct 2022 15:16:56 +0000 (16:16 +0100)]
Remove ktls specific code from tls_setup_write_buffers
The KTLS code no longer calls this function so this is not necessary.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 4 Oct 2022 14:59:06 +0000 (15:59 +0100)]
Add a post encryption processing step
For example in this we add the MAC if we are doing encrypt-then-mac.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 27 Sep 2022 15:43:23 +0000 (16:43 +0100)]
Add a prepare for encryption step
This applies any mac that might be necessary, ensures that we have
enough space in the WPACKET to perform the encryption and sets up the
SSL3_RECORD ready for that encryption.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 27 Sep 2022 14:32:22 +0000 (15:32 +0100)]
Move record padding out of tls_common.c
Only tls13_meth.c needs to handle adding record padding. All other
*_meth.c files can ignore it.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Matt Caswell [Tue, 27 Sep 2022 14:06:20 +0000 (15:06 +0100)]
Don't check whether we are using KTLS before calling the cipher function
The KTLS cipher function is a no-op so it doesn't matter if we call it.
We shouldn't special case KTLS in tls_common.c
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)