Richard Levitte [Wed, 10 Jul 2024 05:15:50 +0000 (07:15 +0200)]
fix: drop DSA <=> dsaWithSHA1 aliasing
For some reason, DSA has been aliased with dsaWithSHA1 for an eternity.
They are not the same, though, and should never have been aliased in the
first place.
This isn't good at all, as it confuses the key algorithms signature
function with a signature scheme that involves SHA1, and it makes it
look like OpenSSL's providers offer a DSA-SHA1 implementation (which
they currently do not do).
Breaking this aliasing apart (i.e. aliasing DSA, DSA-old, dsaEncryption
and dsaEncryption-old separately from the names that involve SHA) appears
harmless as far as OpenSSL's test suite goes.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24828)
Neil Horman [Wed, 10 Jul 2024 18:04:46 +0000 (14:04 -0400)]
ignore various files in commit checker
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24845)
sashan [Thu, 27 Jun 2024 14:31:41 +0000 (16:31 +0200)]
EVP_DigestUpdate(): Check if ctx->update is set
The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)
Neil Horman [Wed, 10 Jul 2024 14:57:26 +0000 (10:57 -0400)]
Modify check-format to match line length coding style
In an effort to clarify our coding style, generally line lengths SHOULD
be no longer than 80 columns but MUST be no longer than 100 columns
Modify the check-format.pl script to account for this.
Replace the -l|--sloppy-len option (which modifies the max line length
to 84 rather than 80 cols), with -l|--strict-len which reduces allowed
line length to 80 cols from the new default 100 cols).
Also fix up a typo in the docs indicating --sloppy-bodylen has a short
-l option (its actually -b)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/24841)
Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24843)
evp_test code needed to be modified to defer setting algorithm contexts
until the run phase. The parse functions also defer setting into the context
until the run phase, which allows the context to initialize in a controlled order.
This allows params to be passed into the algorithm init function.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
Change all existing FIPS configurable checks to use FIPS indicators.
This changes the logic to always do the security checks and then decide
what to do based on if this passes or not. Failure of a check causes
either a failure OR the FIPS indicator callback to be triggered.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
Add a FIPS indicator callback that can be set via
OSSL_INDICATOR_set_callback(). This callback is intended to be run
whenever a non approved algorithm check has occurred and strict checking
has been disabled.The callback may be used to
log non approved algorithms. The callback is passed a type and
description string as well as the cbarg specified in OSSL_INDICATOR_set_callback.
The return value can be either 0 or 1.
A value of 0 can be used for testing purposes to force an error to occur from the algorithm
that called the callback.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
apps/rehash.c: Add the check for the EVP_MD_get_size()
Add the check for the return value of EVP_MD_get_size() to avoid invalid negative
numbers and then explicitly cast from int to size_t.
Add the check to prevent that EVP_MD_get_size() returns a value greater
than EVP_MAX_MD_SIZE.
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24802)
Neil Horman [Mon, 8 Jul 2024 12:32:29 +0000 (08:32 -0400)]
Add a style-check workflow
Add a CI job that evaluates style issues, restricted only to lines
changed for the affected files in a given commit
Also provide a mechanism to waive those style issues. by applying the
style:exempted label to a PR, the checks are still run (its nice to see
what they are regardless), but the test will pass CI regardless of
weather any issues are found.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24806)
Neil Horman [Mon, 8 Jul 2024 12:30:49 +0000 (08:30 -0400)]
Add a check-format-commit.sh script
Add a wrapper script to check-format.pl, which is capable of analyzing
commits rather than just a file. for a provided commit this script:
1) runs check-format.pl on the files changed in the provided commit
2) filters the output of check-format.pl, only producing lines that
match ranges of changed lines in those files
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24806)
Added a note that the error check for `BN_mask_bits()` depends
on the internal representation that depends on the platform's word size.
Included a reference to the `BN_num_bits()` function for precise bit checking.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24812)
Stephen Farrell [Thu, 4 Jul 2024 16:34:47 +0000 (17:34 +0100)]
Extend TLSv1.3 record layer padding API calls
Added SSL_set_block_padding_ex() and SSL_CTX_set_block_padding_ex()
to allow separate padding block size values for handshake messages
and application data messages.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24796)
Add documentation for deprecated CMAC_CTX functions
Fixes #5539: Create a new manual page `CMAC_CTX.pod` documenting the deprecated `CMAC_CTX` functions and add the necessary build dependencies. This page includes function descriptions, usage details, and replacement suggestions with the `EVP_MAC` interface.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24814)
erbsland-dev [Fri, 21 Jun 2024 13:21:04 +0000 (15:21 +0200)]
Add and Update Documentation for TS_VERIFY_CTX Functions
Mark the existing `TS_VERIFY_CTX_set_certs` function as deprecated in the
documentation.
Add missing documentation for the deprecated functions `TS_VERIFY_CTX_set_data`,
`TS_VERIFY_CTX_set_imprint`, and `TS_VERIFY_CTX_set_store`.
Write missing documentation for the following functions:
- `TS_VERIFY_CTX_new`
- `TS_VERIFY_CTX_init`
- `TS_VERIFY_CTX_free`
- `TS_VERIFY_CTX_cleanup`
- `TS_VERIFY_CTX_set_flags`
- `TS_VERIFY_CTX_add_flags`
- `TS_VERIFY_CTX_set0_data`
- `TS_VERIFY_CTX_set0_imprint`
- `TS_VERIFY_CTX_set0_store`
- `TS_VERIFY_CTX_set0_certs`
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24701)
erbsland-dev [Fri, 21 Jun 2024 13:16:10 +0000 (15:16 +0200)]
Replace and Deprecate TS_VERIFY_CTX Functions
Fixes #18854
Replace and deprecate the functions `TS_VERIFY_CTX_set_data`,
`TS_VERIFY_CTX_set_store`, `TS_VERIFY_CTX_set_certs`, `TS_VERIFY_CTX_set_imprint`
with new versions: `TS_VERIFY_CTX_set0_data`,
`TS_VERIFY_CTX_set0_store`, `TS_VERIFY_CTX_set0_certs` and `TS_VERIFY_CTX_set0_imprint`.
The previous functions had poorly documented memory handling, potentially
leading to memory leaks. The new functions improve memory management and provide
clearer usage.
Also, update existing code to use the new function calls instead of the deprecated
ones.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24701)
Clarify supported curves in the s_client/s_server documentation
Mention that supported curves (aka groups) include named EC parameters
as well as X25519 and X448 or FFDHE groups.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24774)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24787)
Neil Horman [Tue, 2 Jul 2024 18:27:42 +0000 (14:27 -0400)]
read lock store on ossl_method_store_do_all
Theres a data race between ossl_method_store_insert and
ossl_method_store_do_all, as the latter doesn't take the property lock
before iterating.
However, we can't lock in do_all, as the call stack in several cases
later attempts to take the write lock.
The choices to fix it are I think:
1) add an argument to indicate to ossl_method_store_do_all weather to
take the read or write lock when doing iterations, and add an
is_locked api to the ossl_property_[read|write] lock family so that
subsequent callers can determine if they need to take a lock or not
2) Clone the algs sparse array in ossl_method_store_do_all and use the
clone to iterate with no lock held, ensuring that updates to the
parent copy of the sparse array are left untoucheTheres a data race
between ossl_method_store_insert and ossl_method_store_do_all, as the
latter doesn't take the property lock before iterating.
I think method (2), while being a bit more expensive, is probably the
far less invasive way to go here
Fixes #24672
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24782)
Neil Horman [Mon, 1 Jul 2024 14:36:57 +0000 (10:36 -0400)]
Allow openssl version to function in the absence of a config file
the openssl application attempts to load a config file on startup
always, calling x509_get_default_cert_area() to locate the file. On
Windows builds with -DOSSL_WINCTX set, this fails if the corresponding
registry keys are unset. allow openssl to continue to function properly
for applets that don't actually require a configuration file.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Fri, 28 Jun 2024 19:35:36 +0000 (15:35 -0400)]
Fix sed/awk usage in windows ci jobs
The addition of sed and awk, while available in the windows vm's for CI
in powershell, don't behave as I would expect (though the same commands
work with a local installation on windows using GnuWin32). In trying to
figure out what was going on I found it was far more stable and
predictable to use the powershell -split and -replace commands instead
of sed and awk
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Fri, 28 Jun 2024 17:28:55 +0000 (13:28 -0400)]
Avoid chicken and egg problem with reg setting
Because openssl with -DOSSL_WINCTX no longer falls back to build time
defines, we have a chicken and egg problem. CI needs to query openssl
for its version string so registry keys can be set properly, but openssl
version refuses to run because no configuration file can be found
So we work around it by, for the purposes of setting the registry keys,
we set OPENSSL_CONF to a know config file, so that openssl version runs
properly.
Once the version is extracted, we can set the registry keys, and openssl
will function properly without OPENSSL_CONF set
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Wed, 26 Jun 2024 15:50:46 +0000 (11:50 -0400)]
Update NOTES-WINDOWS.md
The behavior of windows with registry keys is somewhat confusing, and
based on both build time defines, and reg key availablility. Add a
table defining behavior in all cases
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Tue, 25 Jun 2024 14:57:52 +0000 (10:57 -0400)]
Allow OPENSSLDIR/ENGINESDIR/MODULESDIR to be NULL
To prevent inadvertent use of insecure directories, we need to be able
to detect and react when our new registry keys aren't set, which implies
allowing the values for the dynamic representations of
OPENSSLDIR/ENGINESDIR/MODULESDIR to return NULL. This in turn requires
that we detect and handle NULL string in several call sites that
previously assumed they would never be NULL. This commit fixes those up
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Fri, 21 Jun 2024 14:34:37 +0000 (10:34 -0400)]
Don't fall back to pre-defined constants on windows
We don't want to allow windows systems on new installs to use
OPENSSLDIR/MODULESDIR/ENGINESDIR at all, as it makes no sense to define
paths at build time that have no meaning at install time.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Thu, 6 Jun 2024 18:39:36 +0000 (14:39 -0400)]
Add a unit test to validate the functionality of our reg key lookups
Add a test to check to make sure our registry key lookups work. note
this test only runs on windows (clearly), but also only if the registry
keys are set via an installer or some other manual process (to be done
in the CI workflow)
Also add workflow steps to set registry keys for testing
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Thu, 6 Jun 2024 18:38:43 +0000 (14:38 -0400)]
convert users of build time defaults to use new defaults api
Now that we can query for install time registry keys on windows, convert
users of these macros to use the api instead
Add a unit test to validate the functionality of our reg key lookups
Add a test to check to make sure our registry key lookups work. note
this test only runs on windows (clearly), but also only if the registry
keys are set via an installer or some other manual process (to be done
in the CI workflow)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Neil Horman [Thu, 6 Jun 2024 18:37:37 +0000 (14:37 -0400)]
Add defaults api to openssl build
Build time defaults aren't great for windows, in which various macros
(like OPENSSLDIR) are selected at build time, but may be selected
differently at install time. Add an internal defaults api to return the
build time constants on unix systems, but instead query registry keys
for the form:
HLKM\SOFTWARE\OpenSSL-{version}-{wininstallcontext}
Such that each built version of openssl may maintain its own set of
registry keys to identify these locations, and be set administratiely as
appropriate at install or run time
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24450)
Radek Krejci [Thu, 21 Mar 2024 12:19:23 +0000 (13:19 +0100)]
Avoid NULL pointer dereference
Function readbuffer_gets() misses some of the initial checks of its
arguments. Not checking them can lead to a later NULL pointer
dereferences.
The checks are now unified with the checks in readbuffer_read()
function.
CLA: trivial
Fixes #23915
Signed-off-by: Radek Krejci <radek.krejci@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23918)
check_format.pl: fix detection of 'if' with single stmt in braces without 'else'
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24805)
Bernd Edlinger [Tue, 14 Nov 2023 01:55:36 +0000 (02:55 +0100)]
Fix possible double-free in pkcs7 add_attribute function
The problem is the ownership of the input parameter value
is transfered to the X509_ATTRIBUTE object attr, as soon
as X509_ATTRIBUTE_create succeeds, but when an error happens
after that point there is no way to get the ownership back
to the caller, which is necessary to fullfill the API contract.
Fixed that by moving the call to X509_ATTRIBUTE_create to the
end of the function, and make sure that no errors are possible
after that point.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22721)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24790)
Addressing issue (#24517):
Updated the example in CRYPTO_THREAD_run_once.pod to reflect that an unlock call should not be made if a write_lock failed.
Updated BIO_lookup_ex in bio_addr.c and ossl_engine_table_select in eng_table.c to not call unlock if the lock failed.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24779)
Fixes (#24517):
(3/3) Addresses the potential deadlock if an error occurs from up_ref
in functions ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, and
ENGINE_get_prev in file crypto/engine/eng_list.c
CLA: trivial
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24780)
Richard Levitte [Mon, 1 Jul 2024 13:28:39 +0000 (15:28 +0200)]
fix: remove some odd empty lines
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24776)
Richard Levitte [Mon, 1 Jul 2024 13:28:14 +0000 (15:28 +0200)]
fix: openssl speed: RSA encryption is on the pubkey, not the privkey
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24776)
Neil Horman [Wed, 19 Jun 2024 21:53:58 +0000 (17:53 -0400)]
Convert hashtable to using ossl_rcu_deref on lookup
The new hashtable has an issue on non-64 bit builds. We use
CRYPTO_atomic_load to load a pointer value when doing lookups, but that
API relies on the expectation that pointers are 64 bits wide. On 32 bit
systems, we try to load 64 bits using CRYPTO_atomic_load into a 32 bit
pointer, which overruns our stack
Fix this by no longer using CRYPTO_atomic_load for value fetches from
the hashtable. Instead use ossl_rcu_deref, whcih operates on void
pointers and is safe on all arches
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24682)
In case of zero-length input the code wrote one byte
before the start of the output buffer. The length
of the output was also reported incorrectly in this case.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24770)
JohnnySavages [Thu, 27 Jun 2024 01:59:52 +0000 (21:59 -0400)]
Check EC_GROUP_get0_order result before dereference
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24755)
Georgi Valkov [Fri, 28 Jun 2024 05:16:10 +0000 (08:16 +0300)]
threads_win: fix build error with VS2010 x86
InterlockedAnd64 and InterlockedAdd64 are not available on VS2010 x86.
We already have implemented replacements for other functions, such as
InterlockedOr64. Apply the same approach to fix the errors.
A CRYPTO_RWLOCK rw_lock is added to rcu_lock_st.
Replace InterlockedOr64 and InterlockedOr with CRYPTO_atomic_load and
CRYPTO_atomic_load_int, using the existing design pattern.
Add documentation and tests for the new atomic functions
CRYPTO_atomic_add64, CRYPTO_atomic_and
Fixes:
libcrypto.lib(libcrypto-lib-threads_win.obj) : error LNK2019: unresolved external symbol _InterlockedAdd64 referenced in function _get_hold_current_qp
libcrypto.lib(libcrypto-lib-threads_win.obj) : error LNK2019: unresolved external symbol _InterlockedOr referenced in function _get_hold_current_qp
libcrypto.lib(libcrypto-lib-threads_win.obj) : error LNK2019: unresolved external symbol _InterlockedAnd64 referenced in function _update_qp
libcrypto.lib(libcrypto-lib-threads_win.obj) : error LNK2019: unresolved external symbol _InterlockedOr64 referenced in function _ossl_synchronize_rcu
Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24405)
Neil Horman [Fri, 28 Jun 2024 17:17:41 +0000 (13:17 -0400)]
Add badges for daily checks and provider compat
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24762)
Neil Horman [Fri, 28 Jun 2024 11:04:43 +0000 (07:04 -0400)]
Remove appveyor badge and replace it with os zoo badge
We don't use appveyor anymore. Replace it with the os zoo badge, so we
can more persistently see when its breaking
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24762)
Richard Levitte [Thu, 27 Jun 2024 06:30:28 +0000 (08:30 +0200)]
OpenSSL::Test: Avoid running IPv6 related tests if IPv6 was explicitly disabled
It's possible to disable IPv6 explicitly when configuring OpenSSL. In that
case, IPv6 related tests should be skipped.
This is solved by having OpenSSL::Test::Utils::have_IPv6() check configuration
first, before trying to determine if the machine supports IPv6.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24748)
Pauli [Thu, 27 Jun 2024 00:08:05 +0000 (10:08 +1000)]
Clarify DRBG seeding.
There is a legacy code path that OpenSSL won't use anymore but applications
could. Add a comment indicating this to avoid confusion for people not
intimately conversant with the nuances in the RNG code.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24745)
sanumesh [Tue, 11 Jun 2024 14:47:07 +0000 (09:47 -0500)]
Add aix-clang and aix64-clang configuration
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24609)
Neil Horman [Wed, 26 Jun 2024 20:24:48 +0000 (16:24 -0400)]
Remove macos-11 from CI
Recent build failure on os-zoo reports:
A brownout will take place on June, 8:00 AM – 2:00 PM EST to raise awareness of the upcoming macOS-11 environment removal.
It appears that github is retiring macos-11, so we may as well remove it
to prepare
Fixes #24739
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24744)
Neil Horman [Wed, 26 Jun 2024 20:23:04 +0000 (16:23 -0400)]
Disable default case checks on clang 18
Recent updates in CI have upgraded clang to clang-18, which gripes when
it finds a switch statement without a default case. We should add those
cases in, but since we have a lot of those, and CI is currently failing,
disable the check until we get them fixed up
Fixes #24739
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24744)
Neil Horman [Wed, 26 Jun 2024 20:20:02 +0000 (16:20 -0400)]
Enable ipv6 use if available
Recently, it appears alpine containers added ipv6, which breaks our ipv6
ssl old tests because the perl test recipie runs the ipv6 test based on
runtime availability, even if the build time selection is to disable
ipv6.
Fix it by modifying the os zoo ci run to enable ipv6 in the build if its
available on the container
Fixes #24739
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24744)
ossl_print_attribute_value(): Multiple minor fixes for style and other errors
- use correct return values
- do not modify pointer in the atrtribute after decoding with d2i_X509_NAME()
- make oid parameter const in print_oid
- use OPENSSL_buf2hexstr_ex
- simplify return code translation from BIO_printf()
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24725)
sgzmd [Tue, 25 Jun 2024 14:53:32 +0000 (15:53 +0100)]
Free appname if it was set after initializing crypto.
Fixes #24729
CLA: trivial
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24730)
Vita Batrla [Tue, 25 Jun 2024 09:58:49 +0000 (11:58 +0200)]
docs: document that *_free(NULL) does nothing
Explicitly documents that *_free(NULL) does nothing.
Fixes two cases where that wasn't true.
Fixes #24675.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24735)
Matt Caswell [Fri, 21 Jun 2024 13:29:26 +0000 (14:29 +0100)]
Add a test for an empty NextProto message
It is valid according to the spec for a NextProto message to have no
protocols listed in it. The OpenSSL implementation however does not allow
us to create such a message. In order to check that we work as expected
when communicating with a client that does generate such messages we have
to use a TLSProxy test.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 21 Jun 2024 09:41:55 +0000 (10:41 +0100)]
Correct return values for tls_construct_stoc_next_proto_neg
Return EXT_RETURN_NOT_SENT in the event that we don't send the extension,
rather than EXT_RETURN_SENT. This actually makes no difference at all to
the current control flow since this return value is ignored in this case
anyway. But lets make it correct anyway.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:22:13 +0000 (11:22 +0100)]
Use correctly formatted ALPN data in tserver
The QUIC test server was using incorrectly formatted ALPN data. With the
previous implementation of SSL_select_next_proto this went unnoticed. With
the new stricter implemenation it was failing.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:18:27 +0000 (11:18 +0100)]
More correctly handle a selected_len of 0 when processing NPN
In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but
the selected_len is 0 we should fail. Previously this would fail with an
internal_error alert because calling OPENSSL_malloc(selected_len) will
return NULL when selected_len is 0. We make this error detection more
explicit and return a handshake failure alert.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:14:33 +0000 (11:14 +0100)]
Fix SSL_select_next_proto
Ensure that the provided client list is non-NULL and starts with a valid
entry. When called from the ALPN callback the client list should already
have been validated by OpenSSL so this should not cause a problem. When
called from the NPN callback the client list is locally configured and
will not have already been validated. Therefore SSL_select_next_proto
should not assume that it is correctly formatted.
We implement stricter checking of the client protocol list. We also do the
same for the server list while we are about it.
CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Kelvin Lee [Mon, 24 Jun 2024 11:09:03 +0000 (21:09 +1000)]
MASM: Need to strip arguments after .pdata or .xdata
For MASM,
.section .pdata,"r"
got translated to:
.pdata,"r" SEGMENT READONLY ALIGN(4)
that breaks ml64.
Previous version of x86_64-xlate.pl did strip that ',"r"'.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24714)
Richard Levitte [Thu, 20 Jun 2024 12:30:16 +0000 (14:30 +0200)]
Give util/mkinstallvars.pl more fine grained control over var dependencies
Essentially, we try to do what GNU does. 'prefix' is used to define the
defaults for 'exec_prefix' and 'libdir', and these are then used to define
further directory values. util/mkinstallvars.pl is changed to reflect that
to the best of our ability.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24687)
erbsland-dev [Sat, 22 Jun 2024 07:14:25 +0000 (09:14 +0200)]
bio_ssl.c: Do not call SSL_shutdown if not inited
Fixes #4545
If free is called for an SSL BIO that is in initialization phase,
the `SSL_shutdown` call is omitted.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24705)
projects / thirdparty / openssl.git / log
