Commit Graph

27865 Commits

Author SHA1 Message Date
Dr. David von Oheimb
1579594383 APPS: Allow OPENSSL_CONF to be empty, not loading a config file
Also document the function CONF_get1_default_config_file()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-13 11:53:15 +01:00
Dr. David von Oheimb
ec2bfb7d23 apps/{req,x509,ca}.c Make sure certs have SKID and AKID X.509 extensions by default
Fixes #13603

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-13 11:53:15 +01:00
Dr. David von Oheimb
f2a0458731 X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert
This is the upstream fix for #13698 reported for v1.1.1

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13755)
2021-01-13 11:19:17 +01:00
Dr. David von Oheimb
3339606a38 d2i_X509(): Make deallocation behavior consistent with d2i_X509_AUX()
Partly fixes #13754

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13755)
2021-01-13 11:19:17 +01:00
Agustin Gianni
48116c2d0f Fix incorrect use of BN_CTX API
In some edge cases BN_CTX_end was being called without first calling
BN_CTX_start. This creates a situation where the state of the big
number allocator is corrupted and may lead to crashes.

Fixes #13812

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13813)
2021-01-13 10:35:27 +01:00
Matt Caswell
1dccccf333 Fix enable-weak-ssl-ciphers
Commit e260bee broke the enable-weak-ssl-ciphers option. The stitched
rc4-hmac-md5 cipher implementation did not recognise the tls_version
parameter, and therefore was being incorrectly handled.

Fixes #13795

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13803)
2021-01-13 09:04:49 +00:00
Dr. David von Oheimb
4dd009180a x509_vfy.c: Fix a regression in find_issuer()
...in case the candidate issuer cert is identical to the target cert.

This is the v3.0.0 variant of #13749 fixing #13739 for v1.1.1.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Dr. David von Oheimb
0cbb3602f5 Make PEM_X509_INFO_read_bio_ex() conservative on the error queue
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Dr. David von Oheimb
0b7368dda0 TEST: move cert, key, and CSR loading aux functions to new testutil/load.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Dr. David von Oheimb
bf973d0697 Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
Deprecate X509_NAME_hash()
Document X509_NAME_hash_ex(), X509_NAME_hash(), X509_{subject,issuer}_name_hash()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Richard Levitte
5a2d0ef36f Clean away extraneous library specific FETCH_FAILED reason codes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13467)
2021-01-12 19:02:11 +01:00
Richard Levitte
d6d42cda5f Use centralized fetching errors
We've spread around FETCH_FAILED errors in quite a few places, and
that gives somewhat crude error records, as there's no way to tell if
the error was unavailable algorithms or some other error at such high
levels.

As an alternative, we take recording of these kinds of errors down to
the fetching functions, which are in a much better place to tell what
kind of error it was, thereby relieving the higher level calls from
having to guess.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13467)
2021-01-12 19:02:11 +01:00
Richard Levitte
0d11846e4b Remove duplicate GENERATE declarations for .pod files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
2021-01-12 11:25:55 +01:00
Richard Levitte
2497e2e7db Configure: warn about duplicate GENERATE declarations in build.info files
This sort of duplication is permitted, as the end result will be a single
item anyway, but we might as well warn to avoid future confusion.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
2021-01-12 11:25:54 +01:00
Richard Levitte
5e16ac142e Configure: clean away perl syntax faults
The faults aren't fatal (i.e. perl just shrugs), but are curious.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
2021-01-12 11:25:54 +01:00
Richard Levitte
507f83800f Configure: Check all SOURCE declarations, to ensure consistency
If the given sources are GENERATEd, we check those generators as well.

This ensures that the declarations in the diverse build.info files are
consistent with existing files.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
2021-01-12 11:25:54 +01:00
Dr. Matthias St. Pierre
b209835364 v3_ocsp.c: fix indentation of include directives
Fixes #13820

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13822)
2021-01-12 11:19:04 +01:00
John Baldwin
3ddf44ea5a Close /dev/crypto file descriptor after CRIOGET ioctl().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13807)
2021-01-11 14:10:36 -08:00
Dr. David von Oheimb
678cae0295 APPS: Print help also on -h and --h; print high-level help when no cmd given
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13799)
2021-01-11 19:39:49 +01:00
Dr. David von Oheimb
3372039252 APPS: Fix confusion between program and app/command name used in diagnostic/help output
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13799)
2021-01-11 19:39:49 +01:00
Dr. David von Oheimb
046a7aaa5e apps/pkey.c: Forther improve user guidance, also on non-sensical option combinations
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
2021-01-11 19:35:34 +01:00
Dr. David von Oheimb
1f7643e86e apps/pkey.c: Re-order help output and option documentation
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
2021-01-11 19:35:34 +01:00
Dr. David von Oheimb
475d10028e apps/pkey.c: Make clear that -passout is not supported for DER output
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
2021-01-11 19:35:34 +01:00
Dr. David von Oheimb
400e2acfe0 apps.c: Fix crash in case uri arg of IS_HTTP or IS_HTTPS is NULL
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
2021-01-11 19:35:34 +01:00
Sahana Prasad
e211d949cd doc/man7/provider.pod: updates providers to use EVP_MD_free() and EVP_CIPHER_free()
instead of EVP_MD_meth_free() and EVP_CIPHER_meth_free() respectively which are used mostly by the engine (legacy) code.

Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13814)
2021-01-09 18:22:49 +01:00
anupamam13
42141197a1 Fix for negative return value from SSL_CTX_sess_accept()
Fixes #13183

From the original issue report, before this commit, on master and on
1.1.1, the issue can be detected with the following steps:

- Start with a default SSL_CTX, initiate a TLS 1.3 connection with SNI,
  "Accept" count of default context gets incremented
- After servername lookup, "Accept" count of default context gets
  decremented and that of SNI context is incremented
- Server sends a "Hello Retry Request"
- Client sends the second "Client Hello", now again "Accept" count of
  default context is decremented. Hence giving a negative value.

This commit fixes it by adding a check on `s->hello_retry_request` in
addition to `SSL_IS_FIRST_HANDSHAKE(s)`, to ensure the counter is moved
only on the first ClientHello.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13297)
2021-01-09 00:55:02 +02:00
Romain Geissler
732e24bb14 Fix simpledynamic test compilation when condigured without DSO support.
This fixes this compilation error:
In file included from test/simpledynamic.c:13:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
   39 | int sd_load(const char *filename, SD *sd, int type);
      |                                   ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |            ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |                                        ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
   41 | int sd_close(SD lib);
      |              ^~
make[1]: *** [Makefile:24670: test/moduleloadtest-bin-simpledynamic.o] Error 1
make[1]: *** Waiting for unfinished jobs....
In file included from test/moduleloadtest.c:19:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
   39 | int sd_load(const char *filename, SD *sd, int type);
      |                                   ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |            ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |                                        ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
   41 | int sd_close(SD lib);
      |              ^~

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13802)
2021-01-09 00:38:48 +02:00
Thomas De Schampheleire
6d4313f03e replace 'unsigned const char' with 'const unsigned char'
The openssl code base has only a few occurrences of 'unsigned const char'
(15 occurrences), compared to the more common 'const unsigned char' (4420
occurrences).

While the former is not illegal C, mixing the 'const' keyword (a 'type
qualifier') in between 'unsigned' and 'char' (both 'type specifiers') is a
bit odd.

The background for writing this patch is not to be pedantic, but because
the 'opmock' program (used to mock headers for unit tests) does not accept
the 'unsigned const char' construct. While this definitely is a bug in
opmock or one of its dependencies, openssl is the only piece of software we
are using in combination with opmock that has this construct.

CLA: trivial

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13722)
2021-01-09 00:20:16 +02:00
Nicola Tuveri
1330093b9c [test][pkey_check] Add more invalid SM2 key tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
9e49aff2aa Add SM2 private key range validation
According to the relevant standards, the valid range for SM2 private
keys is [1, n-1), where n is the order of the curve generator.

For this reason we cannot reuse the EC validation function as it is, and
we introduce a new internal function `sm2_key_private_check()`.

Partially fixes https://github.com/openssl/openssl/issues/8435

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
4554988e58 [test][pkey_check] Add invalid SM2 key test
SM2 private keys have different validation requirements than EC keys:
this test checks one corner case highlighted in
https://github.com/openssl/openssl/issues/8435

As @bbbrumley mentioned in
https://github.com/openssl/openssl/issues/8435#issuecomment-720504282
this only fixes the absence of a regression test for validation of this
kind of boundary issues for decoded SM2 keys.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
ed37336b63 [apps/pkey] Return error on failed -[pub]check
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
c5bc5ec849 [test] Add pkey -check validation tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:50:42 +02:00
Michael Baentsch
becbacd705 Adding TLS group name retrieval
Function SSL_group_to_name() added, together with documentation and tests.
This now permits displaying names of internal and external
provider-implemented groups.

Partial fix of #13767

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13785)
2021-01-08 17:04:46 +00:00
Billy Brumley
22aa4a3afb [crypto/dh] side channel hardening for computing DH shared keys
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13783)
2021-01-08 12:12:03 +01:00
Matt Caswell
d0afb30ef3 Ensure DTLS free functions can handle NULL
Our free functions should be able to deal with the case where the object
being freed is NULL. This turns out to not be quite the case for DTLS
related objects.

Fixes #13649

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13655)
2021-01-08 10:26:26 +00:00
Otto Hollmann
3d0b6494d5 Remove extra space.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
2021-01-07 17:38:56 +01:00
Otto Hollmann
981b4b9572 Fixed error and return code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
2021-01-07 17:38:56 +01:00
Otto Hollmann
1c47539a23 Add a CHANGES entry for ignore unknown ciphers in set_ciphersuites.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
2021-01-07 17:38:56 +01:00
Otto Hollmann
c1e8a0c66e Fix set_ciphersuites ignore unknown ciphers.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
2021-01-07 17:38:56 +01:00
Matt Caswell
a86add03ab Prepare for 3.0 alpha 11
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2021-01-07 13:48:32 +00:00
Matt Caswell
cae118f938 Prepare for release of 3.0 alpha 10
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2021-01-07 13:48:10 +00:00
Matt Caswell
bd0c71298a Update copyright year
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13800)
2021-01-07 13:38:50 +00:00
Matt Caswell
e260bee0a9 Only perform special TLS handling if TLS has been configured
Skip over special TLS steps for stream ciphers if we haven't been
configured for TLS.

Fixes #12528

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13774)
2021-01-06 11:08:35 +00:00
David CARLIER
7c0e98a5c4 Mac M1 setting change proposal.
Running tests takes very long with the current setting while it takes a
lot shorter time with this change.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13771)
2021-01-06 11:06:32 +01:00
John Baldwin
7fd1ca723a Support session information on FreeBSD.
FreeBSD's /dev/crypto does not provide a CIOCGSESSINFO ioctl, but it
does provide other ioctls that can be used to provide similar
functionality.

First, FreeBSD's /dev/crypto defines a CIOCGESSION2 ioctl which accepts
a 'struct session2_op'.  This structure extends 'struct session_op'
with a 'crid' member which can be used to either request an individual
driver by id, or a class of drivers via flags.

To determine if the available drivers for a given algorithm are
accelerated or not, use CIOCGESSION2 to first attempt to create an
accelerated (hardware) session.  If that fails, fall back to
attempting a software session.  In addition, when requesting a new
cipher session, use the current setting of the 'use_softdrivers' flag
to determine the value assigned to 'crid' when invoking CIOCGSESSION2.

Finally, use the returned 'crid' value from CIOCGSESSION2 to look up
the name of the associated driver via the CIOCFINDDEV ioctl.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13468)
2021-01-05 15:16:16 -08:00
John Baldwin
b39c215dec Use CRIOGET to fetch a crypto descriptor when present.
FreeBSD's current /dev/crypto implementation requires that consumers
clone a separate file descriptor via the CRIOGET ioctl that can then
be used with other ioctls such as CIOCGSESSION.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13468)
2021-01-05 15:16:16 -08:00
bazmoz
3497cc8776 Updated SSL_CTX_new doc
Fixes #13703

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13741)
2021-01-05 18:09:11 +00:00
Etienne Millon
b043c41c00 28-seclevel.cnf.in: fix typo in algo name
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13768)
2021-01-05 16:44:09 +01:00
Etienne Millon
b2d1465153 EVP_SIGNATURE-ED25519.pod: fix typo in algo name
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13768)
2021-01-05 16:44:09 +01:00