Bernd Edlinger [Thu, 24 Oct 2024 20:29:48 +0000 (22:29 +0200)]
Fix ambiguous output of Signature Algorithms
Signature Algorithms are printed in a SIG+HASH format.
In some cases this is ambiguous like brainpool and RSA-PSS.
And the name of ed25519 and ed448 must be spelled in lower case,
so that the output can be used as a -sigalgs parameter value.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25797)
Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25795)
FIPS provider correctly supports no-des build time option and doesn't
advertise DES related algorithms. However KAT test for DES is still
attempted to be executed and fails.
This prevents configuring FIPS provider without legacy behaviour as
defined in SP 800-131Arev2. Also see #25761 internal docs.
Fix `enable-fips no-des` build option, and add a daily checker for
"legacy-free" (as much as currently feasible) FIPS configuration.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25762)
Do not confuse TAP::Parser by mixing up stderr with stdout.
This avoids false psotivie failures on FreeBSD-CI which
suffers most from this issue.
Fixes #23992
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/25613)
Kurt Roeckx [Wed, 16 Oct 2024 10:02:17 +0000 (12:02 +0200)]
Dependabot: no longer set an "approval: otc review pending" label
The label doesn't exist anymore.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25706)
by fixing OSSL_trace_begin() to return NULL when given category is not enabled
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25652)
Niels Dossche [Tue, 8 Oct 2024 14:03:13 +0000 (16:03 +0200)]
Fix memory leaks in ossl_quic_calculate_retry_integrity_tag()
Fixes #25625
Several error paths return 0 directly instead of going to err to clean
up the objects.
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25636)
s390x: Don't probe crypto cards for ME/CRT offloading during initialization
Probing for crypto cards during initialization by issuing an ioctl to the
zcrypt device driver can cause a lot of traffic and overhead, because it
runs for each and every application that uses OpenSSL, regardless if that
application will later perform ME or CRT operations or not.
Fix this by performing no probing during initialization, but detect the
crypto card availability only at the first ME/CRT operation that is subject
to be offloaded. If the ioctl returns ENODEV, then no suitable crypto
card is available in the system, and we disable further offloading
attempts by setting flag OPENSSL_s390xcex_nodev to 1.
Setting the global flag OPENSSL_s390xcex_nodev in case of ENODEV is
intentionally not made in a thread save manner, because the only thing
that could happen is that another thread, that misses the flag update,
also issues an ioctl and gets ENODEV as well.
The file descriptor is not closed in such error cases, because this could
cause raise conditions where we would close a foreign file if the same
file descriptor got reused by another thread. The file descriptor is finally
closed during termination by the atexit handler.
In case the ioctl returns ENOTTY then this indicates that the file descriptor
was closed (e.g. by a sandbox), but in the meantime the same file descriptor
has been reused for another file. Do not use the file descriptor anymore,
and also do not close it during termination.
Fixes: https://github.com/openssl/openssl/commit/79040cf29e011c21789563d74da626b7465a0540 Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25576)
Michael Baentsch [Tue, 15 Oct 2024 10:37:52 +0000 (12:37 +0200)]
work around oqsprovider out-of-source build bug
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25702)
Michael Baentsch [Tue, 15 Oct 2024 05:32:19 +0000 (07:32 +0200)]
Updated oqsprovider to v0.7.0
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25702)
Tomas Mraz [Fri, 18 Oct 2024 11:51:37 +0000 (13:51 +0200)]
Add CHANGES.md and NEWS.md entries for CVE-2024-9143
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/25734)
Tomas Mraz [Fri, 18 Oct 2024 08:20:45 +0000 (10:20 +0200)]
ecdh_cofactor_derive_test(): Skip the test if the curve is not supported
It will not be supported if the fips provider was built with no-ec2m.
Fixes #25729
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25731)
Tomas Mraz [Fri, 18 Oct 2024 07:22:44 +0000 (09:22 +0200)]
run-checker-merge.yml: Combine no-ec2m with enable-fips
This can reveal more errors than just no-ec2m.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25731)
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25640)
Ondrej Moris [Thu, 10 Oct 2024 04:37:12 +0000 (06:37 +0200)]
ci: re-organize external tests
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25587)
Ondrej Moris [Thu, 10 Oct 2024 04:36:25 +0000 (06:36 +0200)]
test: clean-up README-external documentation
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25587)
Alicja Kario [Thu, 29 Aug 2024 17:39:10 +0000 (19:39 +0200)]
update tlsfuzzer to new version
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net>
(Merged from https://github.com/openssl/openssl/pull/25329)
Neil Horman [Wed, 9 Oct 2024 20:28:02 +0000 (16:28 -0400)]
updating comments in test recipie
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Wed, 9 Oct 2024 14:16:49 +0000 (10:16 -0400)]
updating docs to reflect security risks for SSLKEYLOGFILE
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Tue, 8 Oct 2024 14:35:57 +0000 (10:35 -0400)]
Convert keylogging in response to comments
1) Convert failures in keylog setup to trace messages for a warning-like
mechanism
2) Convert sslkeylogfile_cb to be a flag used to determine making a
direct call to the internal logging function
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Thu, 3 Oct 2024 15:41:46 +0000 (11:41 -0400)]
Fix build break when OPENSSL_NO_SSLKEYLOGFILE is not defined
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Thu, 3 Oct 2024 15:35:04 +0000 (11:35 -0400)]
Update sslkeylog in response to comments
* instead of keeping an external reference count, just use the
BIO_up_ref call, and the BIO's callback mechanism to detect the
final free, for which we set keylog_bio to NULL
* Return an error from SSL_CTX_new_ex if the setup of the keylog file
fails
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Thu, 3 Oct 2024 13:52:45 +0000 (09:52 -0400)]
Adding documentation to INSTALL
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Tue, 27 Aug 2024 12:15:32 +0000 (08:15 -0400)]
Enable sslkeylog for some CI builds for checking
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Tue, 27 Aug 2024 08:42:57 +0000 (04:42 -0400)]
Add test to confirm sslkeylogfile format
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Mon, 26 Aug 2024 22:33:14 +0000 (18:33 -0400)]
Add documentation for SSLKEYLOGFILE
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
Neil Horman [Mon, 26 Aug 2024 21:59:46 +0000 (17:59 -0400)]
Add sslkeylog config option and implementation
Add a config option for sslkeylog (disabled by default)
When enabled, SSL_CTX_new[_ex] becomes sensitive to the SSLKEYLOGFILE
environment variable. It records keylog callback messages to the file
specified in the environment variable according to the format specified
in https://www.ietf.org/archive/id/draft-thomson-tls-keylogfile-00.html
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25297)
olszomal [Mon, 14 Oct 2024 12:19:55 +0000 (14:19 +0200)]
CHANGES.md: Support for PKCS#7 inner contents verification
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22575)
olszomal [Fri, 11 Oct 2024 07:36:26 +0000 (09:36 +0200)]
Add support for p7->d.sign->contents with the V_ASN1_SEQUENCE type
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22575)
Richard Levitte [Tue, 15 Oct 2024 10:47:37 +0000 (12:47 +0200)]
[DOC] Document the OPENSSL_WINCTX type for OpenSSL_version()
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25693)
Richard Levitte [Tue, 15 Oct 2024 12:25:34 +0000 (14:25 +0200)]
fix: let util/mkbuildinf.pl use SOURCE_DATE_EPOCH, even if it's zero
Doing this allows reproducible builds, for those who want this.
Fixes #25475
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25699)
Tomas Mraz [Wed, 16 Oct 2024 18:00:19 +0000 (20:00 +0200)]
openssl-info.pod.in: Add windowscontext option to synopsis in doc
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25712)
mem: Don't use posix_memalign() and friends with custom wrapper
If the application provides custom memory allocations functions via
CRYPTO_set_mem_functions() then those should be used instead something
else like posix_memalign(). The applications might verify alloc and free
calls and pointers from posix_memalign() were never returned by the
implementations.
At least stunnel4 complains here.
Use posix_memalign() or if aligned_alloc() only if the application did
not provide a custom malloc() implementation. In case of a custom
implementation use CRYPTO_malloc() and align the memory accordingly.
Fixes #25678
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25682)
Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25701)
Viktor Dukhovni [Wed, 18 Sep 2024 15:02:40 +0000 (01:02 +1000)]
Harden BN_GF2m_poly2arr against misuse.
The BN_GF2m_poly2arr() function converts characteristic-2 field
(GF_{2^m}) Galois polynomials from a representation as a BIGNUM bitmask,
to a compact array with just the exponents of the non-zero terms.
These polynomials are then used in BN_GF2m_mod_arr() to perform modular
reduction. A precondition of calling BN_GF2m_mod_arr() is that the
polynomial must have a non-zero constant term (i.e. the array has `0` as
its final element).
Internally, callers of BN_GF2m_poly2arr() did not verify that
precondition, and binary EC curve parameters with an invalid polynomial
could lead to out of bounds memory reads and writes in BN_GF2m_mod_arr().
The precondition is always true for polynomials that arise from the
standard form of EC parameters for characteristic-two fields (X9.62).
See the "Finite Field Identification" section of:
The OpenSSL GF(2^m) code supports only the trinomial and pentanomial
basis X9.62 forms.
This commit updates BN_GF2m_poly2arr() to return `0` (failure) when
the constant term is zero (i.e. the input bitmask BIGNUM is not odd).
Additionally, the return value is made unambiguous when there is not
enough space to also pad the array with a final `-1` sentinel value.
The return value is now always the number of elements (including the
final `-1`) that would be filled when the output array is sufficiently
large. Previously the same count was returned both when the array has
just enough room for the final `-1` and when it had only enough space
for non-sentinel values.
Finally, BN_GF2m_poly2arr() is updated to reject polynomials whose
degree exceeds `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against
CPU exhausition attacks via excessively large inputs.
The above issues do not arise in processing X.509 certificates. These
generally have EC keys from "named curves", and RFC5840 (Section 2.1.1)
disallows explicit EC parameters. The TLS code in OpenSSL enforces this
constraint only after the certificate is decoded, but, even if explicit
parameters are specified, they are in X9.62 form, which cannot represent
problem values as noted above.
Initially reported as oss-fuzz issue 71623.
A closely related issue was earlier reported in
<https://github.com/openssl/openssl/issues/19826>.
Severity: Low, CVE-2024-9143
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25639)
Update documentation for SSL_SESSION_set_time_ex()
Fixes #24322
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25665)
Niels Dossche [Wed, 9 Oct 2024 13:42:37 +0000 (15:42 +0200)]
Fix memory leak in tls_parse_ctos_psk()
`sess` is not NULL at this point, and is freed on the success path, but
not on the error path. Fix this by going to the `err` label such that
`SSL_SESSION_free(sess)` is called.
CLA: trivial
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25643)
slontis [Tue, 27 Feb 2024 04:57:14 +0000 (15:57 +1100)]
fipsinstall: Save the 'status indicator' if the FIPS provider is 3.0.X.
Fixes #23400
The 3.1 FIPS provider no longer writes out the 'status indicator' by
default due to changes related to FIPS 140-3 requirements. For Backwards
compatability if the fipsinstall detects it is loading a 3.0.X FIPS
provider then it will save the 'status indicator' by default.
Disclaimer: Using a fipsinstall command line utility that is not supplied
with the FIPS provider tarball source is not recommended.
This PR deliberately does not attempt to exclude any additional options
that were added after 3.0.X. These additional options will be ignored by older
providers.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Hugo Landau <hlandau@devever.net>
(Merged from https://github.com/openssl/openssl/pull/23689)
Niels Dossche [Wed, 9 Oct 2024 21:00:13 +0000 (23:00 +0200)]
Fix potential double free through SRP_user_pwd_set1_ids()
If SRP_user_pwd_set1_ids() fails during one of the duplications, or id
is NULL, then the old pointer values are still stored but they are now dangling.
Later when SRP_user_pwd_free() is called these are freed again,
leading to a double free.
Although there are no such uses in OpenSSL as far as I found,
it's still a public API.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25655)
Andreas Mair [Wed, 31 Jul 2024 11:59:45 +0000 (13:59 +0200)]
Use poll() in BIO_socket_wait() if available
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25055)
In all cases the argument is an int, the value of which shall
be representable as an unsigned char or shall equal the value
of the macro EOF. If the argument has any other value, the
behavior is undefined.
This is because they're designed to work with the int values returned
by getc or fgetc; they need extra work to handle a char value.
If EOF is -1 (as it almost always is), with 8-bit bytes, the allowed
inputs to the ctype.h functions are:
{-1, 0, 1, 2, 3, ..., 255}.
However, on platforms where char is signed, such as x86 with the
usual ABI, code like
char *p = ...;
... isspace(*p) ...
may pass in values in the range:
{-128, -127, -126, ..., -2, -1, 0, 1, ..., 127}.
This has two problems:
1. Inputs in the set {-128, -127, -126, ..., -2} are forbidden.
2. The non-EOF byte 0xff is conflated with the value EOF = -1, so
even though the input is not forbidden, it may give the wrong
answer.
Casting char inputs to unsigned char first works around this, by
mapping the (non-EOF character) range {-128, -127, ..., -1} to {128,
129, ..., 255}, leaving no collisions with EOF. So the above
fragment needs to be:
char *p = ...;
... isspace((unsigned char)*p) ...
This patch inserts unsigned char casts where necessary. Most of the
cases I changed, I compile-tested using -Wchar-subscripts -Werror on
NetBSD, which defines the ctype.h functions as macros so that they
trigger the warning when the argument has type char. The exceptions
are under #ifdef __VMS or #ifdef _WIN32. I left alone calls where
the input is int where the cast would obviously be wrong; and I left
alone calls where the input is already unsigned char so the cast is
unnecessary.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25113)
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25658)
improve and move text on OPENSSL_TRACE from doc/man1/openssl.pod to doc/man7/openssl-env.pod
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25540)
Changed all provider implementations that have a set_ctx_params()
to call this function instead of just testing (params == NULL).This
detects the case wherean OSSL_PARAM array contains just a terminator
entry.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25499)
APPS/storeutl: fix case where uri and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25559)
test/recipes/tconversion.pl: add sub test_file_contains
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25559)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25608)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25608)
Pauli [Mon, 7 Oct 2024 23:38:26 +0000 (10:38 +1100)]
evp_libctx_test: fix provider compat CI regression
The regression was introduced by #25522.
Fixes #25632
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25633)
Niels Dossche [Thu, 3 Oct 2024 14:58:30 +0000 (16:58 +0200)]
Fix potential memory leak in save_statusInfo()
If sk_ASN1_UTF8STRING_push() fails then the duplicated string will leak
memory. Add a ASN1_UTF8STRING_free() to fix this.
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25604)
Niels Dossche [Wed, 2 Oct 2024 19:53:52 +0000 (21:53 +0200)]
Fix potential memory leak in PKCS7_signatureVerify()
Fixes #25594
The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.
CLA: trivial
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)
`wc` does not output a file name if the input is stdin.
`awk` reads its file argument; there's no need for `cat`.
`sort -u` outputs unique lines. It should be supported on all platforms,
as it's specified by POSIX.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25562)
Neil Horman [Fri, 27 Sep 2024 13:33:35 +0000 (09:33 -0400)]
Add some documentation to describe the encap/decap requirements
Document the fact that we now require unwrappedlen/wrappedlen to be set
to the size of the unwrapped/wrapped buffers
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)
Neil Horman [Tue, 24 Sep 2024 17:54:14 +0000 (13:54 -0400)]
Adjust tests to fetch the output len for EVP_PKEY_[en|de]cap
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)
Neil Horman [Mon, 23 Sep 2024 18:14:18 +0000 (14:14 -0400)]
Update rsasve_recover to properly store outlen on success
Outlen was never validated in this function prior to use, nor is it set
to the decrypted value on sucess. Add both of those operations
Fixes #25509
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25503)
Signed-off-by: lan1120 <lanming@huawei.com> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23094)
Neil Horman [Sun, 29 Sep 2024 18:03:03 +0000 (14:03 -0400)]
Update test/quic-openssl-docker/run_endpoint.sh
Co-authored-by: Viktor Dukhovni <viktor1ghub@dukhovni.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)
Neil Horman [Tue, 24 Sep 2024 10:24:55 +0000 (06:24 -0400)]
quic-interop: exlude multiplexing
The multiplexing test works on local runs, but
appears to be failing in CI, possibly due to some environmental
limitation (the test generates a large list of requests in an
environment variable), leading to not sending all the requests needed.
Disable the test for now, and look to re-enable it after release when we
can appropriately diagnose the problem
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)
Neil Horman [Tue, 24 Sep 2024 08:31:47 +0000 (04:31 -0400)]
Update quic interop docker container for chacha20
Need to update the docker interop container to use the quic-hq-interop
client so that the right alpn is negotiated for chacha20 testing
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)
Neil Horman [Tue, 24 Sep 2024 08:24:26 +0000 (04:24 -0400)]
Add SSL_CIPHER_SUITES env variable to quic-hq-interop
To run the chacha20 test in interop we need to:
1) negotiate an hq-interop alpn
2) only use chacha 20
Item 1 requires the use of quic-hq-interop, the latter requires this
change
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)
Maks Mishin [Wed, 2 Oct 2024 04:29:04 +0000 (07:29 +0300)]
v3_ncons: Fix difference args names in nc_match_single function
The arguments of the `nc_match_single` function have different names
in the declaration and definition or are mixed up in places.
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25592)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/pkey: fix case where infile and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/pkcs8: fix case where infile and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/ocsp: fix case where reqin and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/{ecparam,pkeyparam}: fix case where infile and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/dsaparam: fix case where infile and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
APPS/dhparam: fix case where infile and outfile are the same
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
Tomas Mraz [Thu, 3 Oct 2024 07:24:05 +0000 (09:24 +0200)]
os-zoo.yml: Disable stringop-overflow warning on alpine edge
fortify-headers are broken due to this warning.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25599)
Richard Levitte [Tue, 1 Oct 2024 07:52:59 +0000 (09:52 +0200)]
Update fips-label.yml to make 'Cleanup artifact' conditional
If it's not conditional in the same manner as the other steps, it fails
because the artifacts aren't present => job failure.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25584)
projects / thirdparty / openssl.git / log
