Richard Levitte [Wed, 3 May 2023 10:29:00 +0000 (12:29 +0200)]
Clean up exporters, specifically those we have for pkg-config
The pkg-config exporters were a special hack, all in
Configurations/unix-Makefile.tmpl, and this was well and good as long
as that was the only main package interface configuration system that we
cared about.
Things have changed, though, so we move the pkg-config production to be
templatable in a more flexible manner. Additional templates for other
interface configuration systems can then be added fairly easily.
Two variants of the .pc files are produced:
- Those in 'exporters/' are installed in the location that 'pkg-config'
itself prefers for installed packages.
- Those in the top directory are to be used when it's desirable to build
directly against an OpenSSL build tree.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20878)
Correct 50-nonstop.conf to support QUIC tests under SPT threading models.
This fix also separates the FLOSS from SPT configurations which should not
have been conflated in the 3.0 series.
Related-to: #22588 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22697)
Neil Horman [Fri, 10 Nov 2023 20:31:23 +0000 (15:31 -0500)]
Force Nonstop to use fcntl(F_GETFL) in BIO_sock_nbio
In tracking down a hang, we found that nonstop platforms were falling
into the if #ifdef FIONBIO clause in the implementation of
BIO_sock_nbio. While the platform defines this macro, sockets set with
this continued to operate in blocking mode. Given that the platform
also support O_NONBLOCK, adjust the ifdef to have the nonstop platform
use that method to ensure that sockets enter blocking mode
Related-To #22588
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22696)
Neil Horman [Sun, 5 Nov 2023 22:51:38 +0000 (17:51 -0500)]
Augment rand argument parsing to allow scaling
Instead of just accepting a number of bytes, allows openssl rand to
accept a k|m|g suffix to scale to kbytes/mbytes/gbytes
Fixes #22622
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22624)
Tomas Mraz [Fri, 10 Nov 2023 15:00:18 +0000 (16:00 +0100)]
Fix CI breakage due to ABIDIFF failure
Also sync libcrypto.num and libssl.num with 3.2 branch and
fix the EVP_DigestSqueeze symbol version.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22688)
Support EVP_DigestSqueeze() for in the digest provider for s390x.
The new EVP_DigestSqueeze() API requires changes to all keccak-based
digest provider implementations. Update the s390x-part of the SHA3
digest provider.
Squeeze for SHA3 is not supported, so add an empty function pointer
(NULL).
Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22221)
The digest life-cycle diagram specifies state transitions to `updated`
(aka XOF_STATE_ABSORB) only from `initialised` and `updated`. Add this
checking to the generic sha3 absorb implementation.
Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22221)
This allows SHAKE to squeeze multiple times with different output sizes.
The existing EVP_DigestFinalXOF() API has been left as a one shot
operation. A similar interface is used by another toolkit.
The low level SHA3_Squeeze() function needed to change slightly so
that it can handle multiple squeezes. This involves changing the
assembler code so that it passes a boolean to indicate whether
the Keccak function should be called on entry.
At the provider level, the squeeze is buffered, so that it only requests
a multiple of the blocksize when SHA3_Squeeze() is called. On the first
call the value is zero, on subsequent calls the value passed is 1.
This PR is derived from the excellent work done by @nmathewson in
https://github.com/openssl/openssl/pull/7921
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21511)
James Muir [Fri, 3 Nov 2023 17:15:04 +0000 (13:15 -0400)]
cms demos: print signingTime attributes
Add a makefile for the cms demos, and add a routine to cms_ver.c to
print any signingTime attributes from the CMS_ContentInfo object.
This provides an example that could be extended if an application
wants to examine the purported signing times.
Part of #8026
Testing:
$ cd demos/cms
$ make test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22618)
Matt Caswell [Wed, 8 Nov 2023 10:15:25 +0000 (10:15 +0000)]
After a stream has implicit length don't add more stream related frames
Once we have decided that a stream has an implicit length then we should
treat the packet as full and not try to add any more stream related frames
to the packet.
Fixes #22658
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22662)
Tomas Mraz [Tue, 7 Nov 2023 14:22:00 +0000 (15:22 +0100)]
Add CHANGES.md and NEWS.md entry for CVE-2023-5678
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22647)
Tomas Mraz [Tue, 7 Nov 2023 14:14:34 +0000 (15:14 +0100)]
Sync CHANGES.md and NEWS.md with 3.1 branch
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22647)
Neil Horman [Fri, 3 Nov 2023 16:56:40 +0000 (12:56 -0400)]
add locking around fake_now
fake_now in the quictestlib is read/written by potentially many threads,
and as such should have a surrounding lock to prevent WAR/RAW errors as
caught by tsan:
2023-11-03T16:27:23.7184999Z ==================
2023-11-03T16:27:23.7185290Z WARNING: ThreadSanitizer: data race (pid=18754)
2023-11-03T16:27:23.7185720Z Read of size 8 at 0x558f6f9fe970 by main thread:
2023-11-03T16:27:23.7186726Z #0 qtest_create_quic_connection_ex <null> (quicapitest+0x14aead) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7187665Z #1 qtest_create_quic_connection <null> (quicapitest+0x14b220) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7188567Z #2 test_quic_write_read quicapitest.c (quicapitest+0x150ee2) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7189561Z #3 run_tests <null> (quicapitest+0x2237ab) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7190294Z #4 main <null> (quicapitest+0x223d2b) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7190720Z
2023-11-03T16:27:23.7190902Z Previous write of size 8 at 0x558f6f9fe970 by thread T1:
2023-11-03T16:27:23.7191607Z #0 qtest_create_quic_connection_ex <null> (quicapitest+0x14aecf) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7192505Z #1 run_server_thread quictestlib.c (quicapitest+0x14b1d6) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7193361Z #2 thread_run quictestlib.c (quicapitest+0x14cadf) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7193848Z
2023-11-03T16:27:23.7194220Z Location is global 'fake_now.0' of size 8 at 0x558f6f9fe970 (quicapitest+0x1af4970)
2023-11-03T16:27:23.7194636Z
2023-11-03T16:27:23.7194816Z Thread T1 (tid=18760, running) created by main thread at:
2023-11-03T16:27:23.7195465Z #0 pthread_create <null> (quicapitest+0xca12d) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7196317Z #1 qtest_create_quic_connection_ex <null> (quicapitest+0x14adcb) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7197214Z #2 qtest_create_quic_connection <null> (quicapitest+0x14b220) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7198111Z #3 test_quic_write_read quicapitest.c (quicapitest+0x150ee2) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7198940Z #4 run_tests <null> (quicapitest+0x2237ab) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7199661Z #5 main <null> (quicapitest+0x223d2b) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5)
2023-11-03T16:27:23.7200083Z
2023-11-03T16:27:23.7200862Z SUMMARY: ThreadSanitizer: data race (/home/runner/work/openssl/openssl/test/quicapitest+0x14aead) (BuildId: d06f7b04830b55de9c8482b398a1781472d1c7d5) in qtest_create_quic_connection_ex
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22616)
Neil Horman [Fri, 3 Nov 2023 16:12:38 +0000 (12:12 -0400)]
Correct order of ossl_condvar_signal in quic_multistream_test
quic_multistream test was issuing a signal on a condvar after dropping
the corresponding mutex, not before, leading to potential race
conditions in the reading of the associated data
Fixes #22588
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22616)
Pauli [Mon, 6 Nov 2023 20:44:49 +0000 (07:44 +1100)]
Add unit test for #22644
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22646)
Pauli [Mon, 6 Nov 2023 20:32:18 +0000 (07:32 +1100)]
Fix bug in priority queue remove function
The short circuit in the remove function when the element is the last in the
heap, failed to add the removed slot back to the freelist.
Fixes #22644
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22646)
apps/rehash.c: avoid printf format warning [-Wformat]
The `aarch64-linux-android33-clang` cross-compiler (v14.0.6)
complains twice about an unsupported '%n' format specifier,
preventing a successful `--strict-warnings` build:
error: '%n' specifier not supported on this platform [-Werror,-Wformat]
BIO_snprintf(buf, buflen, "%s%s%n%08x.%s%d",
This is a false positive, because BIO_snprintf() implements its
own format parsing (which is implemented in the _dopr() function).
This commit fixes the problem by rewriting the code to dispense with
the dubious '%n' format specifier. As a side-effect, the code becomes
a little bit more comprehensible and self-explaining.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22511)
Bernd Edlinger [Mon, 6 Nov 2023 10:03:05 +0000 (11:03 +0100)]
Fix a possible memory leak in custom_ext_add
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22638)
James Muir [Sun, 29 Oct 2023 19:24:08 +0000 (15:24 -0400)]
quic http3 demo: minor updates
-update run command to include LD_LIBRARY_PATH
-suggest installing libnghttp3-dev on Ubuntu
-drop "-f" from clean recipe (it is already included in $(RM))
Part of https://github.com/openssl/project/issues/253
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22623)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22636)
Richard Levitte [Fri, 20 Oct 2023 07:24:01 +0000 (09:24 +0200)]
Fix conflicts between DH check flags and FFC check flags
There are comments in include/openssl/dh.h and include/internal/ffc.h
that they must be aligned with each other, and yet, clashes have been
introduced.
The simplest fix is to move the offending FFC flags out of the way, as they
are indeed internal and shouldn't affect any public interface, apart from
those that are aligned with the DH flags, which are public.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)
Richard Levitte [Fri, 20 Oct 2023 07:18:19 +0000 (09:18 +0200)]
Make DH_check_pub_key() and DH_generate_key() safer yet
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.
This change adds all the missing excessive size checks of P and Q.
It's to be noted that behaviours surrounding excessively sized P and Q
differ. DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q. This behaviour is mimicked in
DH_check_pub_key().
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)
Neil Horman [Wed, 1 Nov 2023 12:53:18 +0000 (08:53 -0400)]
Introduce libabigail checking in ci
It would be nice if we could monitor the consistency of our ABI from PR to PR,
to ensure there are no inadvertent changes to the library ABI.
Introduce a new CI job that runs the libabigail tools to build an ABI
representation of the PR-built library and compares it to a stored/expected
representation, reporting any discrepancies it finds.
Fixes #22571
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22589)
Matt Caswell [Thu, 2 Nov 2023 16:25:27 +0000 (16:25 +0000)]
Correctly track the original length when generating a stream frame
txp_generate_stream_frames() plans chunks of data to send via the
function txp_plan_stream_chunk(). That function may clamp the amount in
the chunk due to flow control, even though there is more available to send.
We should take this into account when deciding whether or not to try
serializing the next chunk.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22601)
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22606)
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22606)
Michael Hinz [Fri, 3 Nov 2023 13:17:39 +0000 (14:17 +0100)]
Fix documentation regarding KMAC sizes
As per recommendation by jfinkhaeuser, this documents the defaults for
KMAC-128 as 32 and for KMAC-256 as 64. The code already accomodates for
these values, so no changes are needed there.
Fixes #22381
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22614)
Tomas Mraz [Thu, 2 Nov 2023 16:19:38 +0000 (17:19 +0100)]
ossl_qrl_enc_level_set_provide_secret(): Avoid leaking keyslot in error condition
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22600)
Pauli [Thu, 2 Nov 2023 01:26:50 +0000 (12:26 +1100)]
rand uniform: fix likely usage
@mspncp noted that the condition should have been likely not unlikely.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22593)
Tomas Mraz [Tue, 31 Oct 2023 14:11:30 +0000 (15:11 +0100)]
ossl_quic_new(): Fix a leak found by error injection
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22572)
Neil Horman [Mon, 30 Oct 2023 17:47:05 +0000 (13:47 -0400)]
Fix quicserver binding when duplicate entries exist
In testing the quic demos, I found that the quicserver refused to start for me,
indicating an inability to bind a socket to listen on
The problem turned out to be that getaddrinfo on my system was returning
multiple entries, due to the fact that /etc/host maps the localhost host name to
both ipv4 (127.0.0.1) and ipv6 (::1), but returns the latter as an ipv4 mapped
address (specifying family == AF_INET)
It seems like the proper fix would be to modify the /etc/hosts file to not make
that mapping, and indeed that works. However, since several distribution ship
with this setup, it seems like it is worthwhile to manage it in the server code.
its also that some other application may be bound to a given address/port
leading to failure, which I think could be considered erroneous, as any failure
for the full addrinfo list in quicserver would lead to a complete failure
Fix this by modifying the create_dgram_bio function to count the number of
sockets is successfully binds/listens on, skipping any failures, and only exit
the application if the number of bound sockets is zero.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22559)
Pauli [Wed, 25 Oct 2023 23:58:11 +0000 (10:58 +1100)]
tag ossl_assert not failing as being 'likely' to improve optimisation
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22516)
наб [Tue, 31 Oct 2023 19:36:59 +0000 (20:36 +0100)]
CHANGES.md: document BLAKE2b's "size"-setting support
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22583)
Hugo Landau [Tue, 31 Oct 2023 16:47:55 +0000 (16:47 +0000)]
QUIC SSTREAM: Fix bug in ossl_quic_sstream_is_totally_acked
ossl_quic_sstream_is_totally_acked would return 0
if no data had been appended to the stream yet.
Fixed and added tests.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22580)
Bernd Edlinger [Wed, 1 Nov 2023 07:05:30 +0000 (08:05 +0100)]
Fix a possible memory leak in load_builtin_compressions
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22585)
Matt Caswell [Mon, 30 Oct 2023 12:39:37 +0000 (12:39 +0000)]
Update the OpenSSL Guide tutorials with changes to the demos
The demo code has changed to accept the hostname/port on the command line.
We update the tutorials to keep in sync with the demo code.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
Matt Caswell [Mon, 30 Oct 2023 12:17:30 +0000 (12:17 +0000)]
Update the README with information about how to run the QUIC demos
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
Matt Caswell [Mon, 30 Oct 2023 12:04:40 +0000 (12:04 +0000)]
Update the QUIC demos to accept hostname/port on the command line
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
Matt Caswell [Mon, 30 Oct 2023 11:22:24 +0000 (11:22 +0000)]
Extend the README to describe how to run the TLS demos
We also supply some test certificates for use with the demos.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
Matt Caswell [Mon, 30 Oct 2023 11:22:00 +0000 (11:22 +0000)]
Amend the TLS demos to accept hostname/port as an argument
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
Hugo Landau [Tue, 31 Oct 2023 16:11:43 +0000 (16:11 +0000)]
QUIC MULTISTREAM TEST: Ensure frames are only injected into correct packet types
Although the previous commit is enough to fix the immediate cause of the
stochastic failure on Windows, this is a more resilient fix; make sure
we only inject a given frame into the correct packet type for our
various injection functions.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22578)
Hugo Landau [Tue, 31 Oct 2023 15:58:21 +0000 (15:58 +0000)]
QUIC MULTISTREAM TEST: Fix script 38 stochastic failure on Windows
The QUIC fault injector frame injection functionality injects injected
frames on whatever EL we happen to be using to generate a packet in.
This means we sometimes inject the frame into a packet type it is not
allowed to be in, causing a different error code to be generated.
Fix this by making sure the connection is fully established before
trying to generate the frame in question.
Fixes #22348.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22578)
Matt Caswell [Tue, 31 Oct 2023 16:24:44 +0000 (16:24 +0000)]
Don't create an ack frame if one isn't wanted for this pn_space
The txp->want_ack value has different bit values for different pn_space
values. Make sure we take that into account when we read it.
Fixes #22568
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22579)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22573)
James Muir [Thu, 26 Oct 2023 21:50:45 +0000 (17:50 -0400)]
quic ddd demos: update makefile and demo sources
Update makefile and fix some signedness issues in the demo sources.
Drop stray "\n" in the host-port format string that prevented ddd-01
from working (this was also noticed by Neil H). Also, determine the
length of the message we are sending and send that many bytes (rather
than send sizeof the buffer storing the message).
These changes are part of https://github.com/openssl/project/issues/253
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22542)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22569)
Hugo Landau [Mon, 30 Oct 2023 19:36:49 +0000 (19:36 +0000)]
QUIC TXP: Fix drainage calculation
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22569)
Neil Horman [Mon, 23 Oct 2023 16:47:13 +0000 (12:47 -0400)]
Create a rudimentary symbol scanning script
We would like to be able to log and audit the symbols we use in openssl
so that we might catch when a new platform symbols is referecned
Add such a script (just on unix platforms for now) that gathers the used
symbols not belonging to libcrypto or libssl, and compare it to a prior
known set of used symbols. Error out if a new symbol is found
Add this script to the ci workflow in CI to capture newly
introduced platform symbols
Fixes #22330
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22478)
Sam James [Tue, 31 Oct 2023 11:30:32 +0000 (11:30 +0000)]
CI: add Clang 17
Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22570)
Pauli [Tue, 31 Oct 2023 21:52:00 +0000 (08:52 +1100)]
rand uniform: add comments outlining the algorithm
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
Pauli [Sat, 28 Oct 2023 09:49:08 +0000 (20:49 +1100)]
Add test case for uniform random generators
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
Pauli [Wed, 25 Oct 2023 06:48:43 +0000 (17:48 +1100)]
rand: implement an unbiased random integer from a range
Refer: https://github.com/apple/swift/pull/39143 for a description
of the algorithm.
It is optimal in the sense of having:
* no divisions
* minimal number of blocks of random bits from the generator
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
Matt Caswell [Mon, 30 Oct 2023 16:53:30 +0000 (16:53 +0000)]
Don't error if s_client receives exactly BUFSIZZ data
We should accept that many bytes without failing
Fixes #22551
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22558)
Dmitry Misharov [Mon, 30 Oct 2023 15:55:01 +0000 (16:55 +0100)]
remove setup-perl actiond from windows jobs
Windows runner have Perl preinstalled.
https://github.com/actions/runner-images/blob/main/images/win/Windows2022-Readme.md
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22555)
Matt Caswell [Fri, 27 Oct 2023 11:22:11 +0000 (12:22 +0100)]
Check for NULL when freeing the QUIC_TLS object
Free functions are expected to be tolerant of a NULL pointer being passed.
Fixes the problem in
https://github.com/openssl/openssl/pull/21668#issuecomment-1782718328
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22536)
Tomas Mraz [Thu, 26 Oct 2023 07:59:22 +0000 (09:59 +0200)]
evp_test.c: There are now 3 parameters possible for digests
In digest_test_run() there are now 3 parameters possible plus
the sentinel value. In reality we will never use all three
at once but Coverity rightfully complains that it is possible
to overflow the params array.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22521)
Matt Caswell [Fri, 27 Oct 2023 15:11:57 +0000 (16:11 +0100)]
If the loss detection timer has fired we may not have lost packets
We calculate the delay from the point that a packet arrives until it will
be counted as lost based on rtt info. Looking at all the packets we can
then calculate the earliest time that a packet will be counted as lost.
When that timer fires the latest rtt info may have changed and therefore
the packet may no longer be counted as lost yet.
We should not assume that just because the ackm timeout has fired that
there will definitely be lost packets.
Fixes #22538
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22541)
Kurt Roeckx [Fri, 27 Oct 2023 08:31:00 +0000 (10:31 +0200)]
Create a fuzz introspector exclude config file
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22532)
James Muir [Wed, 25 Oct 2023 00:08:54 +0000 (20:08 -0400)]
free oaep label-octet-string on error
When successful, ossl_X509_ALGOR_from_nid() returns a pointer to an
X509_ALGOR object. Inside ossl_X509_ALGOR_from_nid(),
X509_ALGOR_set0() is called, and this passes ownership of the ASN1
object "los" (label octet string) to the X509_ALGOR object. When
ossl_X509_ALGOR_from_nid() fails, ownership has not been passed on and
we need to free "los".
Change the scope of "los" and ensure it is freed on failure (on
success, set it to NULL so it is not freed inside the function).
Fixes #22336
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22495)
Kurt Roeckx [Fri, 27 Oct 2023 08:17:02 +0000 (10:17 +0200)]
Update to latest fuzz corpora
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22531)