Bug#854155: unblock: openssl/1.1.0d-2
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package openssl. It contains a redo of the rules file
among other packaging related changes which did not migrate in time due
to the new release of the d version which fixes 3 CVE bugs. The d-2
version fixes a regression discovered by perl and FTBFS of openssl
itself if arch-any and arch-all were built in one go.
unblock openssl/1.1.0d-2
Sebastian
diff -Nru openssl-1.1.0c/apps/apps.c openssl-1.1.0d/apps/apps.c
--- openssl-1.1.0c/apps/apps.c 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/apps/apps.c 2017-01-26 14:10:21.000000000 +0100
@@ -244,36 +244,27 @@
int res = 0;
#ifndef OPENSSL_NO_UI
UI *ui = NULL;
- const char *prompt_info = NULL;
#endif
- const char *password = NULL;
PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
- if (cb_data) {
- if (cb_data->password)
- password = cb_data->password;
-#ifndef OPENSSL_NO_UI
- if (cb_data->prompt_info)
- prompt_info = cb_data->prompt_info;
-#endif
- }
-
- if (password) {
- res = strlen(password);
+#ifdef OPENSSL_NO_UI
+ if (cb_data != NULL && cb_data->password != NULL) {
+ res = strlen(cb_data->password);
if (res > bufsiz)
res = bufsiz;
- memcpy(buf, password, res);
- return res;
+ memcpy(buf, cb_data->password, res);
}
-
-#ifndef OPENSSL_NO_UI
+#else
ui = UI_new_method(ui_method);
if (ui) {
int ok = 0;
char *buff = NULL;
int ui_flags = 0;
+ const char *prompt_info = NULL;
char *prompt;
+ if (cb_data != NULL && cb_data->prompt_info != NULL)
+ prompt_info = cb_data->prompt_info;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
if (!prompt) {
BIO_printf(bio_err, "Out of memory\n");
@@ -284,6 +275,9 @@
ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
+ /* We know that there is no previous user data to return to us */
+ (void)UI_add_user_data(ui, cb_data);
+
if (ok >= 0)
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
PW_MIN_LENGTH, bufsiz - 1);
diff -Nru openssl-1.1.0c/apps/ca.c openssl-1.1.0d/apps/ca.c
--- openssl-1.1.0c/apps/ca.c 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/apps/ca.c 2017-01-26 14:10:21.000000000 +0100
@@ -983,12 +983,11 @@
BIO_printf(bio_err, "writing new certificates\n");
for (i = 0; i < sk_X509_num(cert_sk); i++) {
BIO *Cout = NULL;
- ASN1_INTEGER *serialNumber = X509_get_serialNumber(x);
+ X509 *xi = sk_X509_value(cert_sk, i);
+ ASN1_INTEGER *serialNumber = X509_get_serialNumber(xi);
int k;
char *n;
- x = sk_X509_value(cert_sk, i);
-
j = ASN1_STRING_length(serialNumber);
p = (const char *)ASN1_STRING_get0_data(serialNumber);
@@ -1030,8 +1029,8 @@
perror(buf[2]);
goto end;
}
- write_new_certificate(Cout, x, 0, notext);
- write_new_certificate(Sout, x, output_der, notext);
+ write_new_certificate(Cout, xi, 0, notext);
+ write_new_certificate(Sout, xi, output_der, notext);
BIO_free_all(Cout);
}
diff -Nru openssl-1.1.0c/apps/dsa.c openssl-1.1.0d/apps/dsa.c
--- openssl-1.1.0c/apps/dsa.c 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/apps/dsa.c 2017-01-26 14:10:21.000000000 +0100
@@ -37,7 +37,7 @@
OPTIONS dsa_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"inform", OPT_INFORM, 'f', "Input format, DER PEM PVK"},
- {"outform", OPT_OUTFORM, 'F', "Output format, DER PEM PVK"},
+ {"outform", OPT_OUTFORM, 'f', "Output format, DER PEM PVK"},
{"in", OPT_IN, 's', "Input key"},
{"out", OPT_OUT, '>', "Output file"},
{"noout", OPT_NOOUT, '-', "Don't print key out"},
@@ -96,8 +96,7 @@
infile = opt_arg();
break;
case OPT_OUTFORM:
- if (!opt_format
- (opt_arg(), OPT_FMT_PEMDER | OPT_FMT_PVK, &outformat))
+ if (!opt_format(opt_arg(), OPT_FMT_ANY, &outformat))
goto opthelp;
break;
case OPT_OUT:
@@ -214,7 +213,7 @@
i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
NULL, 0, NULL, passout);
}
-# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
+# ifndef OPENSSL_NO_RSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -226,7 +225,13 @@
goto end;
}
assert(private);
+# ifdef OPENSSL_NO_RC4
+ BIO_printf(bio_err, "PVK format not supported\n");
+ EVP_PKEY_free(pk);
+ goto end;
+# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+# endif
}
else if (pubin || pubout)
i = i2b_PublicKey_bio(out, pk);
diff -Nru openssl-1.1.0c/apps/openssl.c openssl-1.1.0d/apps/openssl.c
--- openssl-1.1.0c/apps/openssl.c 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/apps/openssl.c 2017-01-26 14:10:21.000000000 +0100
@@ -548,7 +548,7 @@
#ifdef OPENSSL_NO_BF
BIO_puts(bio_out, "BF\n");
#endif
-#ifndef OPENSSL_NO_BLAKE2
+#ifdef OPENSSL_NO_BLAKE2
BIO_puts(bio_out, "BLAKE2\n");
#endif
#ifdef OPENSSL_NO_CAMELLIA
diff -Nru openssl-1.1.0c/apps/rsa.c openssl-1.1.0d/apps/rsa.c
--- openssl-1.1.0c/apps/rsa.c 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/apps/rsa.c 2017-01-26 14:10:21.000000000 +0100
@@ -263,7 +263,7 @@
i = PEM_write_bio_RSAPrivateKey(out, rsa,
enc, NULL, 0, NULL, passout);
}
-# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+# ifndef OPENSSL_NO_DSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -275,7 +275,13 @@
goto end;
}
assert(private);
+# ifdef OPENSSL_NO_RC4
+ BIO_printf(bio_err, "PVK format not supported\n");
+ EVP_PKEY_free(pk);
+ goto end;
+# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
diff -Nru openssl-1.1.0c/apps/s_client.c openssl-1.1.0d/apps/s_client.c
--- openssl-1.1.0c/apps/s_client.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/apps/s_client.c 2017-01-26 14:10:21.000000000 +0100
@@ -567,7 +567,7 @@
{"proxy", OPT_PROXY, 's',
"Connect to via specified proxy to the real server"},
#ifdef AF_UNIX
- {"unix", OPT_UNIX, 's', "Connect over unix domain sockets"},
+ {"unix", OPT_UNIX, 's', "Connect over the specified Unix-domain socket"},
#endif
{"4", OPT_4, '-', "Use IPv4 only"},
#ifdef AF_INET6
@@ -2001,24 +2001,44 @@
break;
case PROTO_CONNECT:
{
- int foundit = 0;
+ enum {
+ error_proto, /* Wrong protocol, not even HTTP */
+ error_connect, /* CONNECT failed */
+ success
+ } foundit = error_connect;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n\r\n", connectstr);
(void)BIO_flush(fbio);
- /* wait for multi-line response to end CONNECT response */
- do {
- mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
- if (strstr(mbuf, "200") != NULL
- && strstr(mbuf, "established") != NULL)
- foundit++;
- } while (mbuf_len > 3 && foundit == 0);
+ /*
+ * The first line is the HTTP response. According to RFC 7230,
+ * it's formated exactly like this:
+ *
+ * HTTP/d.d ddd Reason text\r\n
+ */
+ mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+ if (mbuf[8] != ' ') {
+ BIO_printf(bio_err,
+ "%s: HTTP CONNECT failed, incorrect response "
+ "from proxy\n", prog);
+ foundit = error_proto;
+ } else if (mbuf[9] != '2') {
+ BIO_printf(bio_err, "%s: HTTP CONNECT failed: %s ", prog,
+ &mbuf[9]);
+ } else {
+ foundit = success;
+ }
+ if (foundit != error_proto) {
+ /* Read past all following headers */
+ do {
+ mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+ } while (mbuf_len > 2);
+ }
(void)BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
- if (!foundit) {
- BIO_printf(bio_err, "%s: HTTP CONNECT failed\n", prog);
+ if (foundit != success) {
goto shut;
}
}
diff -Nru openssl-1.1.0c/apps/speed.c openssl-1.1.0d/apps/speed.c
--- openssl-1.1.0c/apps/speed.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/apps/speed.c 2017-01-26 14:10:21.000000000 +0100
@@ -2273,7 +2273,6 @@
#endif
if (doit[D_EVP]) {
-#ifdef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
if (multiblock && evp_cipher) {
if (!
(EVP_CIPHER_flags(evp_cipher) &
@@ -2290,7 +2289,6 @@
ret = 0;
goto end;
}
-#endif
for (testnum = 0; testnum < SIZE_NUM; testnum++) {
if (evp_cipher) {
diff -Nru openssl-1.1.0c/apps/s_server.c openssl-1.1.0d/apps/s_server.c
--- openssl-1.1.0c/apps/s_server.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/apps/s_server.c 2017-01-26 14:10:21.000000000 +0100
@@ -684,7 +684,7 @@
{"port", OPT_PORT, 'p',
"TCP/IP port to listen on for connections (default is " PORT ")"},
{"accept", OPT_ACCEPT, 's',
- "TCP/IP optional host and port to accept on (default is " PORT ")"},
+ "TCP/IP optional host and port to listen on for connections (default is *:" PORT ")"},
#ifdef AF_UNIX
{"unix", OPT_UNIX, 's', "Unix domain socket to accept on"},
#endif
diff -Nru openssl-1.1.0c/CHANGES openssl-1.1.0d/CHANGES
--- openssl-1.1.0c/CHANGES 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/CHANGES 2017-01-26 14:10:21.000000000 +0100
@@ -2,6 +2,49 @@
OpenSSL CHANGES
_______________
+ Changes between 1.1.0c and 1.1.0d [26 Jan 2017]
+
+ *) Truncated packet could crash via OOB read
+
+ If one side of an SSL/TLS path is running on a 32-bit host and a specific
+ cipher is being used, then a truncated packet can cause that host to
+ perform an out-of-bounds read, usually resulting in a crash.
+
+ This issue was reported to OpenSSL by Robert Święcki of Google.
+ (CVE-2017-3731)
+ [Andy Polyakov]
+
+ *) Bad (EC)DHE parameters cause a client crash
+
+ If a malicious server supplies bad parameters for a DHE or ECDHE key
+ exchange then this can result in the client attempting to dereference a
+ NULL pointer leading to a client crash. This could be exploited in a Denial
+ of Service attack.
+
+ This issue was reported to OpenSSL by Guido Vranken.
+ (CVE-2017-3730)
+ [Matt Caswell]
+
+ *) BN_mod_exp may produce incorrect results on x86_64
+
+ There is a carry propagating bug in the x86_64 Montgomery squaring
+ procedure. No EC algorithms are affected. Analysis suggests that attacks
+ against RSA and DSA as a result of this defect would be very difficult to
+ perform and are not believed likely. Attacks against DH are considered just
+ feasible (although very difficult) because most of the work necessary to
+ deduce information about a private key may be performed offline. The amount
+ of resources required for such an attack would be very significant and
+ likely only accessible to a limited number of attackers. An attacker would
+ additionally need online access to an unpatched system using the target
+ private key in a scenario with persistent DH parameters and a private
+ key that is shared between multiple clients. For example this can occur by
+ default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
+ similar to CVE-2015-3193 but must be treated as a separate problem.
+
+ This issue was reported to OpenSSL by the OSS-Fuzz project.
+ (CVE-2017-3732)
+ [Andy Polyakov]
+
Changes between 1.1.0b and 1.1.0c [10 Nov 2016]
*) ChaCha20/Poly1305 heap-buffer-overflow
diff -Nru openssl-1.1.0c/config openssl-1.1.0d/config
--- openssl-1.1.0c/config 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/config 2017-01-26 14:10:21.000000000 +0100
@@ -636,7 +636,14 @@
else
OUT="linux-x86_64"
fi ;;
- *86-*-linux2) OUT="linux-elf" ;;
+ *86-*-linux2)
+ # On machines where the compiler understands -m32, prefer a
+ # config target that uses it
+ if $CC -m32 -E -x c /dev/null > /dev/null 2>&1; then
+ OUT="linux-x86"
+ else
+ OUT="linux-elf"
+ fi ;;
*86-*-linux1) OUT="linux-aout" ;;
*-*-linux?) OUT="linux-generic32" ;;
sun4[uv]*-*-solaris2)
diff -Nru openssl-1.1.0c/Configurations/10-main.conf openssl-1.1.0d/Configurations/10-main.conf
--- openssl-1.1.0c/Configurations/10-main.conf 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/Configurations/10-main.conf 2017-01-26 14:10:21.000000000 +0100
@@ -187,6 +187,12 @@
},
#### Solaris x86 with GNU C setups
"solaris-x86-gcc" => {
+ # NB. GNU C has to be configured to use GNU assembler, and not
+ # /usr/ccs/bin/as. Failure to comply will result in compile
+ # failures [at least] in 32-bit build.
+ # [Above statement is in direct contradition with one below.
+ # Latter is kept, because it's formally inappropriate to
+ # modify compile flags in letter release.]
# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have
# to do it here because whenever GNU C instantiates an assembler
# template it surrounds it with #APP #NO_APP comment pair which
@@ -702,7 +708,7 @@
cflags => add("-mabi=ilp32"),
bn_ops => "SIXTY_FOUR_BIT RC4_CHAR",
perlasm_scheme => "linux64",
- shared_ldflag => "-mabi=ilp32",
+ shared_ldflag => add("-mabi=ilp32"),
},
"linux-mips32" => {
@@ -732,6 +738,8 @@
},
#### IA-32 targets...
+ #### These two targets are a bit aged and are to be used on older Linux
+ #### machines where gcc doesn't understand -m32 and -m64
"linux-elf" => {
inherit_from => [ "linux-generic32", asm("x86_elf_asm") ],
cflags => add(picker(default => "-DL_ENDIAN",
@@ -749,6 +757,21 @@
perlasm_scheme => "a.out",
},
+ #### X86 / X86_64 targets
+ "linux-x86" => {
+ inherit_from => [ "linux-generic32", asm("x86_asm") ],
+ cflags => add(picker(default => "-m32 -DL_ENDIAN",
+ release => "-fomit-frame-pointer")),
+ bn_ops => "BN_LLONG",
+ perlasm_scheme => "elf",
+ shared_ldflag => add("-m32"),
+ },
+ "linux-x86-clang" => {
+ inherit_from => [ "linux-x86" ],
+ cc => "clang",
+ cxx => "clang++",
+ cflags => add("-Wextra -Qunused-arguments"),
+ },
"linux-x86_64" => {
inherit_from => [ "linux-generic64", asm("x86_64_asm") ],
cflags => add("-m64 -DL_ENDIAN"),
@@ -767,7 +790,7 @@
cflags => add("-mx32 -DL_ENDIAN"),
bn_ops => "SIXTY_FOUR_BIT",
perlasm_scheme => "elf32",
- shared_ldflag => "-mx32",
+ shared_ldflag => add("-mx32"),
multilib => "x32",
},
diff -Nru openssl-1.1.0c/Configure openssl-1.1.0d/Configure
--- openssl-1.1.0c/Configure 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/Configure 2017-01-26 14:10:21.000000000 +0100
@@ -59,11 +59,12 @@
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# sctp include SCTP support
-# 386 generate 80386 code
# enable-weak-ssl-ciphers
# Enable weak ciphers that are disabled by default. This currently
# only includes RC4 based ciphers.
-# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
+# 386 generate 80386 code in assembly modules
+# no-sse2 disables IA-32 SSE2 code in assembly modules, the above
+# mentioned '386' option implies this one
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
# -static while -static is also a pass-through compiler option (and
@@ -1191,6 +1192,9 @@
if ($target{ec_asm_src} =~ /ecp_nistz256/) {
push @{$config{defines}}, "ECP_NISTZ256_ASM";
}
+ if ($target{padlock_asm_src} ne $table{DEFAULTS}->{padlock_asm_src}) {
+ push @{$config{defines}}, "PADLOCK_ASM";
+ }
if ($target{poly1305_asm_src} ne "") {
push @{$config{defines}}, "POLY1305_ASM";
}
diff -Nru openssl-1.1.0c/crypto/aes/asm/vpaes-ppc.pl openssl-1.1.0d/crypto/aes/asm/vpaes-ppc.pl
--- openssl-1.1.0c/crypto/aes/asm/vpaes-ppc.pl 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/aes/asm/vpaes-ppc.pl 2017-01-26 14:10:21.000000000 +0100
@@ -21,7 +21,8 @@
# 128-bit key.
#
# aes-ppc.pl this
-# G4e 35.5/52.1/(23.8) 11.9(*)/15.4
+# PPC74x0/G4e 35.5/52.1/(23.8) 11.9(*)/15.4
+# PPC970/G5 37.9/55.0/(28.5) 22.2/28.5
# POWER6 42.7/54.3/(28.2) 63.0/92.8(**)
# POWER7 32.3/42.9/(18.4) 18.5/23.3
#
diff -Nru openssl-1.1.0c/crypto/asn1/a_int.c openssl-1.1.0d/crypto/asn1/a_int.c
--- openssl-1.1.0c/crypto/asn1/a_int.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/asn1/a_int.c 2017-01-26 14:10:21.000000000 +0100
@@ -289,7 +289,7 @@
ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_SMALL);
return 0;
}
- *pr = -(int64_t)r;
+ *pr = 0 - (uint64_t)r;
} else {
if (r > INT64_MAX) {
ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_LARGE);
diff -Nru openssl-1.1.0c/crypto/asn1/p5_pbev2.c openssl-1.1.0d/crypto/asn1/p5_pbev2.c
--- openssl-1.1.0c/crypto/asn1/p5_pbev2.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/asn1/p5_pbev2.c 2017-01-26 14:10:22.000000000 +0100
@@ -41,12 +41,11 @@
unsigned char *salt, int saltlen,
unsigned char *aiv, int prf_nid)
{
- X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
+ X509_ALGOR *scheme = NULL, *ret = NULL;
int alg_nid, keylen;
EVP_CIPHER_CTX *ctx = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
PBE2PARAM *pbe2 = NULL;
- ASN1_OBJECT *obj;
alg_nid = EVP_CIPHER_type(cipher);
if (alg_nid == NID_undef) {
@@ -54,14 +53,13 @@
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
goto err;
}
- obj = OBJ_nid2obj(alg_nid);
if ((pbe2 = PBE2PARAM_new()) == NULL)
goto merr;
/* Setup the AlgorithmIdentifier for the encryption scheme */
scheme = pbe2->encryption;
- scheme->algorithm = obj;
+ scheme->algorithm = OBJ_nid2obj(alg_nid);
if ((scheme->parameter = ASN1_TYPE_new()) == NULL)
goto merr;
@@ -137,11 +135,9 @@
EVP_CIPHER_CTX_free(ctx);
PBE2PARAM_free(pbe2);
/* Note 'scheme' is freed as part of pbe2 */
- X509_ALGOR_free(kalg);
X509_ALGOR_free(ret);
return NULL;
-
}
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
diff -Nru openssl-1.1.0c/crypto/asn1/p5_scrypt.c openssl-1.1.0d/crypto/asn1/p5_scrypt.c
--- openssl-1.1.0c/crypto/asn1/p5_scrypt.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/asn1/p5_scrypt.c 2017-01-26 14:10:22.000000000 +0100
@@ -50,13 +50,12 @@
unsigned char *aiv, uint64_t N, uint64_t r,
uint64_t p)
{
- X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
+ X509_ALGOR *scheme = NULL, *ret = NULL;
int alg_nid;
size_t keylen = 0;
EVP_CIPHER_CTX *ctx = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
PBE2PARAM *pbe2 = NULL;
- ASN1_OBJECT *obj;
if (!cipher) {
ASN1err(ASN1_F_PKCS5_PBE2_SET_SCRYPT, ERR_R_PASSED_NULL_PARAMETER);
@@ -75,7 +74,7 @@
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
goto err;
}
- obj = OBJ_nid2obj(alg_nid);
+
pbe2 = PBE2PARAM_new();
if (pbe2 == NULL)
goto merr;
@@ -83,7 +82,7 @@
/* Setup the AlgorithmIdentifier for the encryption scheme */
scheme = pbe2->encryption;
- scheme->algorithm = obj;
+ scheme->algorithm = OBJ_nid2obj(alg_nid);
scheme->parameter = ASN1_TYPE_new();
if (scheme->parameter == NULL)
goto merr;
@@ -149,12 +148,10 @@
err:
PBE2PARAM_free(pbe2);
- X509_ALGOR_free(kalg);
X509_ALGOR_free(ret);
EVP_CIPHER_CTX_free(ctx);
return NULL;
-
}
static X509_ALGOR *pkcs5_scrypt_set(const unsigned char *salt, size_t saltlen,
@@ -162,9 +159,8 @@
uint64_t p)
{
X509_ALGOR *keyfunc = NULL;
- SCRYPT_PARAMS *sparam = NULL;
+ SCRYPT_PARAMS *sparam = SCRYPT_PARAMS_new();
- sparam = SCRYPT_PARAMS_new();
if (sparam == NULL)
goto merr;
diff -Nru openssl-1.1.0c/crypto/asn1/x_long.c openssl-1.1.0d/crypto/asn1/x_long.c
--- openssl-1.1.0c/crypto/asn1/x_long.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/asn1/x_long.c 2017-01-26 14:10:22.000000000 +0100
@@ -76,7 +76,7 @@
* set.
*/
if (ltmp < 0)
- utmp = -(unsigned long)ltmp - 1;
+ utmp = 0 - (unsigned long)ltmp - 1;
else
utmp = ltmp;
clen = BN_num_bits_word(utmp);
diff -Nru openssl-1.1.0c/crypto/bio/b_addr.c openssl-1.1.0d/crypto/bio/b_addr.c
--- openssl-1.1.0c/crypto/bio/b_addr.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bio/b_addr.c 2017-01-26 14:10:22.000000000 +0100
@@ -18,6 +18,30 @@
#include <internal/thread_once.h>
#include <ctype.h>
+#ifdef _HPUX_SOURCE
+static const char *ossl_hstrerror(int herr)
+{
+ switch (herr) {
+ case -1:
+ return strerror(errno);
+ case 0:
+ return "No error";
+ case HOST_NOT_FOUND:
+ return "Host not found";
+ case NO_DATA: /* NO_ADDRESS is a synonym */
+ return "No data";
+ case NO_RECOVERY:
+ return "Non recoverable error";
+ case TRY_AGAIN:
+ return "Try again";
+ default:
+ break;
+ }
+ return "unknown error";
+}
+# define hstrerror(e) ossl_hstrerror(e)
+#endif
+
CRYPTO_RWLOCK *bio_lookup_lock;
static CRYPTO_ONCE bio_lookup_init = CRYPTO_ONCE_STATIC_INIT;
diff -Nru openssl-1.1.0c/crypto/bio/b_print.c openssl-1.1.0d/crypto/bio/b_print.c
--- openssl-1.1.0c/crypto/bio/b_print.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bio/b_print.c 2017-01-26 14:10:22.000000000 +0100
@@ -451,7 +451,7 @@
if (!(flags & DP_F_UNSIGNED)) {
if (value < 0) {
signvalue = '-';
- uvalue = -(unsigned LLONG)value;
+ uvalue = 0 - (unsigned LLONG)value;
} else if (flags & DP_F_PLUS)
signvalue = '+';
else if (flags & DP_F_SPACE)
diff -Nru openssl-1.1.0c/crypto/bn/asm/x86_64-mont5.pl openssl-1.1.0d/crypto/bn/asm/x86_64-mont5.pl
--- openssl-1.1.0c/crypto/bn/asm/x86_64-mont5.pl 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/asm/x86_64-mont5.pl 2017-01-26 14:10:22.000000000 +0100
@@ -1934,6 +1934,7 @@
.align 32
.L8x_tail_done:
+ xor %rax,%rax
add (%rdx),%r8 # can this overflow?
adc \$0,%r9
adc \$0,%r10
@@ -1941,10 +1942,8 @@
adc \$0,%r12
adc \$0,%r13
adc \$0,%r14
- adc \$0,%r15 # can't overflow, because we
- # started with "overhung" part
- # of multiplication
- xor %rax,%rax
+ adc \$0,%r15
+ adc \$0,%rax
neg $carry
.L8x_no_tail:
@@ -3384,6 +3383,7 @@
.align 32
.Lsqrx8x_tail_done:
+ xor %rax,%rax
add 24+8(%rsp),%r8 # can this overflow?
adc \$0,%r9
adc \$0,%r10
@@ -3391,10 +3391,8 @@
adc \$0,%r12
adc \$0,%r13
adc \$0,%r14
- adc \$0,%r15 # can't overflow, because we
- # started with "overhung" part
- # of multiplication
- mov $carry,%rax # xor %rax,%rax
+ adc \$0,%r15
+ adc \$0,%rax
sub 16+8(%rsp),$carry # mov 16(%rsp),%cf
.Lsqrx8x_no_tail: # %cf is 0 if jumped here
@@ -3409,7 +3407,7 @@
adc 8*5($tptr),%r13
adc 8*6($tptr),%r14
adc 8*7($tptr),%r15
- adc %rax,%rax # top-most carry
+ adc \$0,%rax # top-most carry
mov 32+8(%rsp),%rbx # n0
mov 8*8($tptr,%rcx),%rdx # modulo-scheduled "%r8"
diff -Nru openssl-1.1.0c/crypto/bn/bn_exp.c openssl-1.1.0d/crypto/bn/bn_exp.c
--- openssl-1.1.0c/crypto/bn/bn_exp.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/bn_exp.c 2017-01-26 14:10:22.000000000 +0100
@@ -78,8 +78,9 @@
goto err;
}
}
- if (r != rr)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
BN_CTX_end(ctx);
diff -Nru openssl-1.1.0c/crypto/bn/bn_intern.c openssl-1.1.0d/crypto/bn/bn_intern.c
--- openssl-1.1.0c/crypto/bn/bn_intern.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/bn_intern.c 2017-01-26 14:10:22.000000000 +0100
@@ -167,7 +167,8 @@
return 0;
memset(out, 0, sizeof(*out) * size);
- memcpy(out, in->d, sizeof(*out) * in->top);
+ if (in->d != NULL)
+ memcpy(out, in->d, sizeof(*out) * in->top);
return 1;
}
diff -Nru openssl-1.1.0c/crypto/bn/bn_mul.c openssl-1.1.0d/crypto/bn/bn_mul.c
--- openssl-1.1.0c/crypto/bn/bn_mul.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/bn_mul.c 2017-01-26 14:10:22.000000000 +0100
@@ -970,8 +970,9 @@
end:
#endif
bn_correct_top(rr);
- if (r != rr)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
bn_check_top(r);
diff -Nru openssl-1.1.0c/crypto/bn/bn_prime.c openssl-1.1.0d/crypto/bn/bn_prime.c
--- openssl-1.1.0c/crypto/bn/bn_prime.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/bn_prime.c 2017-01-26 14:10:22.000000000 +0100
@@ -240,7 +240,8 @@
BIGNUM *t;
if ((t = BN_CTX_get(ctx)) == NULL)
goto err;
- BN_copy(t, a);
+ if (BN_copy(t, a) == NULL)
+ goto err;
t->neg = 0;
A = t;
} else
diff -Nru openssl-1.1.0c/crypto/bn/bn_sqr.c openssl-1.1.0d/crypto/bn/bn_sqr.c
--- openssl-1.1.0c/crypto/bn/bn_sqr.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/bn/bn_sqr.c 2017-01-26 14:10:22.000000000 +0100
@@ -90,8 +90,9 @@
rr->top = max - 1;
else
rr->top = max;
- if (rr != r)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
bn_check_top(rr);
diff -Nru openssl-1.1.0c/crypto/chacha/asm/chacha-ppc.pl openssl-1.1.0d/crypto/chacha/asm/chacha-ppc.pl
--- openssl-1.1.0c/crypto/chacha/asm/chacha-ppc.pl 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/chacha/asm/chacha-ppc.pl 2017-01-26 14:10:22.000000000 +0100
@@ -23,7 +23,8 @@
# IALU/gcc-4.x 3xAltiVec+1xIALU
#
# Freescale e300 13.6/+115% -
-# PPC74x0 6.81/+310% 4.66
+# PPC74x0/G4e 6.81/+310% 4.66
+# PPC970/G5 9.29/+160% 4.60
# POWER7 8.62/+61% 4.27
# POWER8 8.70/+51% 3.96
diff -Nru openssl-1.1.0c/crypto/chacha/asm/chacha-x86.pl openssl-1.1.0d/crypto/chacha/asm/chacha-x86.pl
--- openssl-1.1.0c/crypto/chacha/asm/chacha-x86.pl 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/chacha/asm/chacha-x86.pl 2017-01-26 14:10:22.000000000 +0100
@@ -50,7 +50,7 @@
$ymm=1 if ($xmm &&
`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
- $1>=2.19); # first version supporting AVX
+ ($gasver=$1)>=2.19); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32n" &&
`nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
@@ -465,6 +465,12 @@
&label("pic_point"),"eax"));
&movdqu ("xmm3",&QWP(0,"ebx")); # counter and nonce
+if (defined($gasver) && $gasver>=2.17) { # even though we encode
+ # pshufb manually, we
+ # handle only register
+ # operands, while this
+ # segment uses memory
+ # operand...
&cmp ($len,64*4);
&jb (&label("1x"));
@@ -646,6 +652,7 @@
&paddd ("xmm2",&QWP(16*6,"eax")); # +four
&pand ("xmm3",&QWP(16*7,"eax"));
&por ("xmm3","xmm2"); # counter value
+}
{
my ($a,$b,$c,$d,$t,$t1,$rot16,$rot24)=map("xmm$_",(0..7));
diff -Nru openssl-1.1.0c/crypto/ct/ct_b64.c openssl-1.1.0d/crypto/ct/ct_b64.c
--- openssl-1.1.0c/crypto/ct/ct_b64.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_b64.c 2017-01-26 14:10:22.000000000 +0100
@@ -45,6 +45,11 @@
goto err;
}
+ /* Subtract padding bytes from |outlen| */
+ while (in[--inlen] == '=') {
+ --outlen;
+ }
+
*out = outbuf;
return outlen;
err:
@@ -59,6 +64,7 @@
{
SCT *sct = SCT_new();
unsigned char *dec = NULL;
+ const unsigned char* p = NULL;
int declen;
if (sct == NULL) {
@@ -97,7 +103,9 @@
CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR);
goto err;
}
- if (o2i_SCT_signature(sct, (const unsigned char **)&dec, declen) <= 0)
+
+ p = dec;
+ if (o2i_SCT_signature(sct, &p, declen) <= 0)
goto err;
OPENSSL_free(dec);
dec = NULL;
diff -Nru openssl-1.1.0c/crypto/ct/ct_err.c openssl-1.1.0d/crypto/ct/ct_err.c
--- openssl-1.1.0c/crypto/ct/ct_err.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_err.c 2017-01-26 14:10:22.000000000 +0100
@@ -36,6 +36,7 @@
{ERR_FUNC(CT_F_O2I_SCT_LIST), "o2i_SCT_LIST"},
{ERR_FUNC(CT_F_O2I_SCT_SIGNATURE), "o2i_SCT_signature"},
{ERR_FUNC(CT_F_SCT_CTX_NEW), "SCT_CTX_new"},
+ {ERR_FUNC(CT_F_SCT_CTX_VERIFY), "SCT_CTX_verify"},
{ERR_FUNC(CT_F_SCT_NEW), "SCT_new"},
{ERR_FUNC(CT_F_SCT_NEW_FROM_BASE64), "SCT_new_from_base64"},
{ERR_FUNC(CT_F_SCT_SET0_LOG_ID), "SCT_set0_log_id"},
@@ -45,7 +46,6 @@
{ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
{ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
{ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
- {ERR_FUNC(CT_F_SCT_CTX_VERIFY), "SCT_CTX_verify"},
{0, NULL}
};
@@ -58,6 +58,7 @@
"log conf missing description"},
{ERR_REASON(CT_R_LOG_CONF_MISSING_KEY), "log conf missing key"},
{ERR_REASON(CT_R_LOG_KEY_INVALID), "log key invalid"},
+ {ERR_REASON(CT_R_SCT_FUTURE_TIMESTAMP), "sct future timestamp"},
{ERR_REASON(CT_R_SCT_INVALID), "sct invalid"},
{ERR_REASON(CT_R_SCT_INVALID_SIGNATURE), "sct invalid signature"},
{ERR_REASON(CT_R_SCT_LIST_INVALID), "sct list invalid"},
diff -Nru openssl-1.1.0c/crypto/ct/ct_locl.h openssl-1.1.0d/crypto/ct/ct_locl.h
--- openssl-1.1.0c/crypto/ct/ct_locl.h 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_locl.h 2017-01-26 14:10:22.000000000 +0100
@@ -98,6 +98,8 @@
/* pre-certificate encoding */
unsigned char *preder;
size_t prederlen;
+ /* milliseconds since epoch (to check that the SCT isn't from the future) */
+ uint64_t epoch_time_in_ms;
};
/* Context when evaluating whether a Certificate Transparency policy is met */
@@ -105,6 +107,8 @@
X509 *cert;
X509 *issuer;
CTLOG_STORE *log_store;
+ /* milliseconds since epoch (to check that SCTs aren't from the future) */
+ uint64_t epoch_time_in_ms;
};
/*
@@ -151,6 +155,15 @@
__owur int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey);
/*
+ * Sets the time to evaluate the SCT against, in milliseconds since the Unix
+ * epoch. If the SCT's timestamp is after this time, it will be interpreted as
+ * having been issued in the future. RFC6962 states that "TLS clients MUST
+ * reject SCTs whose timestamp is in the future", so an SCT will not validate
+ * in this case.
+ */
+void SCT_CTX_set_time(SCT_CTX *sctx, uint64_t time_in_ms);
+
+/*
* Verifies an SCT with the given context.
* Returns 1 if the SCT verifies successfully; any other value indicates
* failure. See EVP_DigestVerifyFinal() for the meaning of those values.
diff -Nru openssl-1.1.0c/crypto/ct/ct_oct.c openssl-1.1.0d/crypto/ct/ct_oct.c
--- openssl-1.1.0c/crypto/ct/ct_oct.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_oct.c 2017-01-26 14:10:22.000000000 +0100
@@ -254,11 +254,6 @@
return -1;
}
-void SCT_LIST_free(STACK_OF(SCT) *a)
-{
- sk_SCT_pop_free(a, SCT_free);
-}
-
STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
size_t len)
{
diff -Nru openssl-1.1.0c/crypto/ct/ct_policy.c openssl-1.1.0d/crypto/ct/ct_policy.c
--- openssl-1.1.0c/crypto/ct/ct_policy.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_policy.c 2017-01-26 14:10:22.000000000 +0100
@@ -13,9 +13,18 @@
#include <openssl/ct.h>
#include <openssl/err.h>
+#include <time.h>
#include "ct_locl.h"
+/*
+ * Number of seconds in the future that an SCT timestamp can be, by default,
+ * without being considered invalid. This is added to time() when setting a
+ * default value for CT_POLICY_EVAL_CTX.epoch_time_in_ms.
+ * It can be overridden by calling CT_POLICY_EVAL_CTX_set_time().
+ */
+static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
+
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
{
CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX));
@@ -25,6 +34,10 @@
return NULL;
}
+ /* time(NULL) shouldn't ever fail, so don't bother checking for -1. */
+ ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) *
+ 1000;
+
return ctx;
}
@@ -59,6 +72,11 @@
ctx->log_store = log_store;
}
+void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms)
+{
+ ctx->epoch_time_in_ms = time_in_ms;
+}
+
X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx)
{
return ctx->cert;
@@ -74,3 +92,7 @@
return ctx->log_store;
}
+uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx)
+{
+ return ctx->epoch_time_in_ms;
+}
diff -Nru openssl-1.1.0c/crypto/ct/ct_sct.c openssl-1.1.0d/crypto/ct/ct_sct.c
--- openssl-1.1.0c/crypto/ct/ct_sct.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_sct.c 2017-01-26 14:10:22.000000000 +0100
@@ -45,6 +45,11 @@
OPENSSL_free(sct);
}
+void SCT_LIST_free(STACK_OF(SCT) *a)
+{
+ sk_SCT_pop_free(a, SCT_free);
+}
+
int SCT_set_version(SCT *sct, sct_version_t version)
{
if (version != SCT_VERSION_V1) {
@@ -329,6 +334,8 @@
goto err;
}
+ SCT_CTX_set_time(sctx, ctx->epoch_time_in_ms);
+
/*
* XXX: Potential for optimization. This repeats some idempotent heavy
* lifting on the certificate for each candidate SCT, and appears to not
diff -Nru openssl-1.1.0c/crypto/ct/ct_sct_ctx.c openssl-1.1.0d/crypto/ct/ct_sct_ctx.c
--- openssl-1.1.0c/crypto/ct/ct_sct_ctx.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_sct_ctx.c 2017-01-26 14:10:22.000000000 +0100
@@ -256,3 +256,8 @@
sctx->pkey = pkey;
return 1;
}
+
+void SCT_CTX_set_time(SCT_CTX *sctx, uint64_t time_in_ms)
+{
+ sctx->epoch_time_in_ms = time_in_ms;
+}
diff -Nru openssl-1.1.0c/crypto/ct/ct_vfy.c openssl-1.1.0d/crypto/ct/ct_vfy.c
--- openssl-1.1.0c/crypto/ct/ct_vfy.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ct/ct_vfy.c 2017-01-26 14:10:22.000000000 +0100
@@ -113,6 +113,10 @@
CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_LOG_ID_MISMATCH);
return 0;
}
+ if (sct->timestamp > sctx->epoch_time_in_ms) {
+ CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_FUTURE_TIMESTAMP);
+ return 0;
+ }
ctx = EVP_MD_CTX_new();
if (ctx == NULL)
diff -Nru openssl-1.1.0c/crypto/dh/dh_check.c openssl-1.1.0d/crypto/dh/dh_check.c
--- openssl-1.1.0c/crypto/dh/dh_check.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dh/dh_check.c 2017-01-26 14:10:22.000000000 +0100
@@ -13,6 +13,46 @@
#include "dh_locl.h"
/*-
+ * Check that p and g are suitable enough
+ *
+ * p is odd
+ * 1 < g < p - 1
+ */
+
+int DH_check_params(const DH *dh, int *ret)
+{
+ int ok = 0;
+ BIGNUM *tmp = NULL;
+ BN_CTX *ctx = NULL;
+
+ *ret = 0;
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
+ BN_CTX_start(ctx);
+ tmp = BN_CTX_get(ctx);
+ if (tmp == NULL)
+ goto err;
+
+ if (!BN_is_odd(dh->p))
+ *ret |= DH_CHECK_P_NOT_PRIME;
+ if (BN_is_negative(dh->g) || BN_is_zero(dh->g) || BN_is_one(dh->g))
+ *ret |= DH_NOT_SUITABLE_GENERATOR;
+ if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
+ goto err;
+ if (BN_cmp(dh->g, tmp) >= 0)
+ *ret |= DH_NOT_SUITABLE_GENERATOR;
+
+ ok = 1;
+ err:
+ if (ctx != NULL) {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
+ return (ok);
+}
+
+/*-
* Check that p is a safe prime and
* if g is 2, 3 or 5, check that it is a suitable generator
* where
diff -Nru openssl-1.1.0c/crypto/dh/dh_key.c openssl-1.1.0d/crypto/dh/dh_key.c
--- openssl-1.1.0c/crypto/dh/dh_key.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dh/dh_key.c 2017-01-26 14:10:22.000000000 +0100
@@ -159,6 +159,8 @@
goto err;
BN_CTX_start(ctx);
tmp = BN_CTX_get(ctx);
+ if (tmp == NULL)
+ goto err;
if (dh->priv_key == NULL) {
DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
diff -Nru openssl-1.1.0c/crypto/dh/dh_meth.c openssl-1.1.0d/crypto/dh/dh_meth.c
--- openssl-1.1.0c/crypto/dh/dh_meth.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dh/dh_meth.c 2017-01-26 14:10:22.000000000 +0100
@@ -13,19 +13,20 @@
DH_METHOD *DH_meth_new(const char *name, int flags)
{
- DH_METHOD *dhm = OPENSSL_zalloc(sizeof(DH_METHOD));
+ DH_METHOD *dhm = OPENSSL_zalloc(sizeof(*dhm));
if (dhm != NULL) {
- dhm->name = OPENSSL_strdup(name);
- if (dhm->name == NULL) {
- OPENSSL_free(dhm);
- DHerr(DH_F_DH_METH_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
dhm->flags = flags;
+
+ dhm->name = OPENSSL_strdup(name);
+ if (dhm->name != NULL)
+ return dhm;
+
+ OPENSSL_free(dhm);
}
- return dhm;
+ DHerr(DH_F_DH_METH_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
void DH_meth_free(DH_METHOD *dhm)
@@ -38,21 +39,20 @@
DH_METHOD *DH_meth_dup(const DH_METHOD *dhm)
{
- DH_METHOD *ret;
-
- ret = OPENSSL_malloc(sizeof(DH_METHOD));
+ DH_METHOD *ret = OPENSSL_malloc(sizeof(*ret));
if (ret != NULL) {
memcpy(ret, dhm, sizeof(*dhm));
+
ret->name = OPENSSL_strdup(dhm->name);
- if (ret->name == NULL) {
- OPENSSL_free(ret);
- DHerr(DH_F_DH_METH_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
+ if (ret->name != NULL)
+ return ret;
+
+ OPENSSL_free(ret);
}
- return ret;
+ DHerr(DH_F_DH_METH_DUP, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
const char *DH_meth_get0_name(const DH_METHOD *dhm)
@@ -62,9 +62,8 @@
int DH_meth_set1_name(DH_METHOD *dhm, const char *name)
{
- char *tmpname;
+ char *tmpname = OPENSSL_strdup(name);
- tmpname = OPENSSL_strdup(name);
if (tmpname == NULL) {
DHerr(DH_F_DH_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
return 0;
diff -Nru openssl-1.1.0c/crypto/dsa/dsa_err.c openssl-1.1.0d/crypto/dsa/dsa_err.c
--- openssl-1.1.0c/crypto/dsa/dsa_err.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dsa/dsa_err.c 2017-01-26 14:10:22.000000000 +0100
@@ -21,7 +21,7 @@
static ERR_STRING_DATA DSA_str_functs[] = {
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
- {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
+ {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "dsa_builtin_paramgen"},
{ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"},
{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
@@ -56,6 +56,8 @@
{ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
{ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
+ {ERR_REASON(DSA_R_SEED_LEN_SMALL),
+ "seed_len is less than the length of q"},
{0, NULL}
};
diff -Nru openssl-1.1.0c/crypto/dsa/dsa_gen.c openssl-1.1.0d/crypto/dsa/dsa_gen.c
--- openssl-1.1.0c/crypto/dsa/dsa_gen.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dsa/dsa_gen.c 2017-01-26 14:10:22.000000000 +0100
@@ -74,8 +74,10 @@
bits = (bits + 63) / 64 * 64;
if (seed_in != NULL) {
- if (seed_len < (size_t)qsize)
+ if (seed_len < (size_t)qsize) {
+ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_SEED_LEN_SMALL);
return 0;
+ }
if (seed_len > (size_t)qsize) {
/* Only consume as much seed as is expected. */
seed_len = qsize;
diff -Nru openssl-1.1.0c/crypto/dsa/dsa_meth.c openssl-1.1.0d/crypto/dsa/dsa_meth.c
--- openssl-1.1.0c/crypto/dsa/dsa_meth.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dsa/dsa_meth.c 2017-01-26 14:10:22.000000000 +0100
@@ -21,19 +21,20 @@
DSA_METHOD *DSA_meth_new(const char *name, int flags)
{
- DSA_METHOD *dsam = OPENSSL_zalloc(sizeof(DSA_METHOD));
+ DSA_METHOD *dsam = OPENSSL_zalloc(sizeof(*dsam));
if (dsam != NULL) {
- dsam->name = OPENSSL_strdup(name);
- if (dsam->name == NULL) {
- OPENSSL_free(dsam);
- DSAerr(DSA_F_DSA_METH_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
dsam->flags = flags;
+
+ dsam->name = OPENSSL_strdup(name);
+ if (dsam->name != NULL)
+ return dsam;
+
+ OPENSSL_free(dsam);
}
- return dsam;
+ DSAerr(DSA_F_DSA_METH_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
void DSA_meth_free(DSA_METHOD *dsam)
@@ -46,21 +47,20 @@
DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam)
{
- DSA_METHOD *ret;
-
- ret = OPENSSL_malloc(sizeof(DSA_METHOD));
+ DSA_METHOD *ret = OPENSSL_malloc(sizeof(*ret));
if (ret != NULL) {
memcpy(ret, dsam, sizeof(*dsam));
+
ret->name = OPENSSL_strdup(dsam->name);
- if (ret->name == NULL) {
- OPENSSL_free(ret);
- DSAerr(DSA_F_DSA_METH_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
+ if (ret->name != NULL)
+ return ret;
+
+ OPENSSL_free(ret);
}
- return ret;
+ DSAerr(DSA_F_DSA_METH_DUP, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
const char *DSA_meth_get0_name(const DSA_METHOD *dsam)
@@ -70,9 +70,8 @@
int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name)
{
- char *tmpname;
+ char *tmpname = OPENSSL_strdup(name);
- tmpname = OPENSSL_strdup(name);
if (tmpname == NULL) {
DSAerr(DSA_F_DSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
return 0;
diff -Nru openssl-1.1.0c/crypto/dsa/dsa_pmeth.c openssl-1.1.0d/crypto/dsa/dsa_pmeth.c
--- openssl-1.1.0c/crypto/dsa/dsa_pmeth.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dsa/dsa_pmeth.c 2017-01-26 14:10:22.000000000 +0100
@@ -136,7 +136,7 @@
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
- dctx->md = p2;
+ dctx->pmd = p2;
return 1;
case EVP_PKEY_CTRL_MD:
diff -Nru openssl-1.1.0c/crypto/dso/dso_lib.c openssl-1.1.0d/crypto/dso/dso_lib.c
--- openssl-1.1.0c/crypto/dso/dso_lib.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/dso/dso_lib.c 2017-01-26 14:10:22.000000000 +0100
@@ -324,6 +324,9 @@
char *filename = NULL;
int len = DSO_pathbyaddr(addr, NULL, 0);
+ if (len < 0)
+ return NULL;
+
filename = OPENSSL_malloc(len);
if (filename != NULL
&& DSO_pathbyaddr(addr, filename, len) == len)
diff -Nru openssl-1.1.0c/crypto/ec/ec2_mult.c openssl-1.1.0d/crypto/ec/ec2_mult.c
--- openssl-1.1.0c/crypto/ec/ec2_mult.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/ec/ec2_mult.c 2017-01-26 14:10:22.000000000 +0100
@@ -223,7 +223,7 @@
BN_CTX *ctx)
{
BIGNUM *x1, *x2, *z1, *z2;
- int ret = 0, i;
+ int ret = 0, i, group_top;
BN_ULONG mask, word;
if (r == point) {
@@ -253,10 +253,12 @@
x2 = r->X;
z2 = r->Y;
- bn_wexpand(x1, bn_get_top(group->field));
- bn_wexpand(z1, bn_get_top(group->field));
- bn_wexpand(x2, bn_get_top(group->field));
- bn_wexpand(z2, bn_get_top(group->field));
+ group_top = bn_get_top(group->field);
+ if (bn_wexpand(x1, group_top) == NULL
+ || bn_wexpand(z1, group_top) == NULL
+ || bn_wexpand(x2, group_top) == NULL
+ || bn_wexpand(z2, group_top) == NULL)
+ goto err;
if (!BN_GF2m_mod_arr(x1, point->X, group->poly))
goto err; /* x1 = x */
@@ -285,14 +287,14 @@
for (; i >= 0; i--) {
word = bn_get_words(scalar)[i];
while (mask) {
- BN_consttime_swap(word & mask, x1, x2, bn_get_top(group->field));
- BN_consttime_swap(word & mask, z1, z2, bn_get_top(group->field));
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
if (!gf2m_Madd(group, point->X, x2, z2, x1, z1, ctx))
goto err;
if (!gf2m_Mdouble(group, x1, z1, ctx))
goto err;
- BN_consttime_swap(word & mask, x1, x2, bn_get_top(group->field));
- BN_consttime_swap(word & mask, z1, z2, bn_get_top(group->field));
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
mask >>= 1;
}
mask = BN_TBIT;
diff -Nru openssl-1.1.0c/crypto/err/err.c openssl-1.1.0d/crypto/err/err.c
--- openssl-1.1.0c/crypto/err/err.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/err/err.c 2017-01-26 14:10:22.000000000 +0100
@@ -52,6 +52,7 @@
{ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines"},
{ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines"},
{ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines"},
+ {ERR_PACK(ERR_LIB_UI, 0, 0), "UI routines"},
{ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"},
{ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"},
{ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"},
diff -Nru openssl-1.1.0c/crypto/evp/e_aes.c openssl-1.1.0d/crypto/evp/e_aes.c
--- openssl-1.1.0c/crypto/evp/e_aes.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_aes.c 2017-01-26 14:10:22.000000000 +0100
@@ -17,6 +17,7 @@
#include "internal/evp_int.h"
#include "modes_lcl.h"
#include <openssl/rand.h>
+#include "evp_locl.h"
typedef struct {
union {
@@ -1387,10 +1388,15 @@
EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8
| EVP_CIPHER_CTX_buf_noconst(c)[arg - 1];
/* Correct length for explicit IV */
+ if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
+ return 0;
len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
/* If decrypting correct for tag too */
- if (!EVP_CIPHER_CTX_encrypting(c))
+ if (!EVP_CIPHER_CTX_encrypting(c)) {
+ if (len < EVP_GCM_TLS_TAG_LEN)
+ return 0;
len -= EVP_GCM_TLS_TAG_LEN;
+ }
EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8;
EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff;
}
@@ -1945,10 +1951,15 @@
EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] << 8
| EVP_CIPHER_CTX_buf_noconst(c)[arg - 1];
/* Correct length for explicit IV */
+ if (len < EVP_CCM_TLS_EXPLICIT_IV_LEN)
+ return 0;
len -= EVP_CCM_TLS_EXPLICIT_IV_LEN;
/* If decrypting correct for tag too */
- if (!EVP_CIPHER_CTX_encrypting(c))
+ if (!EVP_CIPHER_CTX_encrypting(c)) {
+ if (len < cctx->M)
+ return 0;
len -= cctx->M;
+ }
EVP_CIPHER_CTX_buf_noconst(c)[arg - 2] = len >> 8;
EVP_CIPHER_CTX_buf_noconst(c)[arg - 1] = len & 0xff;
}
@@ -2233,6 +2244,10 @@
/* If not padding input must be multiple of 8 */
if (!pad && inlen & 0x7)
return -1;
+ if (is_partially_overlapping(out, in, inlen)) {
+ EVPerr(EVP_F_AES_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+ return 0;
+ }
if (!out) {
if (EVP_CIPHER_CTX_encrypting(ctx)) {
/* If padding round up to multiple of 8 */
@@ -2536,7 +2551,7 @@
if (!octx->key_set)
return -1;
- if (in) {
+ if (in != NULL) {
/*
* Need to ensure we are only passing full blocks to low level OCB
* routines. We do it here rather than in EVP_EncryptUpdate/
@@ -2551,16 +2566,21 @@
} else {
buf = octx->data_buf;
buf_len = &(octx->data_buf_len);
+
+ if (is_partially_overlapping(out + *buf_len, in, len)) {
+ EVPerr(EVP_F_AES_OCB_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+ return 0;
+ }
}
/*
* If we've got a partially filled buffer from a previous call then
* use that data first
*/
- if (*buf_len) {
+ if (*buf_len > 0) {
unsigned int remaining;
- remaining = 16 - (*buf_len);
+ remaining = AES_BLOCK_SIZE - (*buf_len);
if (remaining > len) {
memcpy(buf + (*buf_len), in, len);
*(buf_len) += len;
@@ -2574,21 +2594,25 @@
len -= remaining;
in += remaining;
if (out == NULL) {
- if (!CRYPTO_ocb128_aad(&octx->ocb, buf, 16))
+ if (!CRYPTO_ocb128_aad(&octx->ocb, buf, AES_BLOCK_SIZE))
return -1;
} else if (EVP_CIPHER_CTX_encrypting(ctx)) {
- if (!CRYPTO_ocb128_encrypt(&octx->ocb, buf, out, 16))
+ if (!CRYPTO_ocb128_encrypt(&octx->ocb, buf, out,
+ AES_BLOCK_SIZE))
return -1;
} else {
- if (!CRYPTO_ocb128_decrypt(&octx->ocb, buf, out, 16))
+ if (!CRYPTO_ocb128_decrypt(&octx->ocb, buf, out,
+ AES_BLOCK_SIZE))
return -1;
}
- written_len = 16;
+ written_len = AES_BLOCK_SIZE;
*buf_len = 0;
+ if (out != NULL)
+ out += AES_BLOCK_SIZE;
}
/* Do we have a partial block to handle at the end? */
- trailing_len = len % 16;
+ trailing_len = len % AES_BLOCK_SIZE;
/*
* If we've got some full blocks to handle, then process these first
@@ -2611,7 +2635,7 @@
}
/* Handle any trailing partial block */
- if (trailing_len) {
+ if (trailing_len > 0) {
memcpy(buf, in, trailing_len);
*buf_len = trailing_len;
}
@@ -2622,7 +2646,7 @@
* First of all empty the buffer of any partial block that we might
* have been provided - both for data and AAD
*/
- if (octx->data_buf_len) {
+ if (octx->data_buf_len > 0) {
if (EVP_CIPHER_CTX_encrypting(ctx)) {
if (!CRYPTO_ocb128_encrypt(&octx->ocb, octx->data_buf, out,
octx->data_buf_len))
@@ -2635,7 +2659,7 @@
written_len = octx->data_buf_len;
octx->data_buf_len = 0;
}
- if (octx->aad_buf_len) {
+ if (octx->aad_buf_len > 0) {
if (!CRYPTO_ocb128_aad
(&octx->ocb, octx->aad_buf, octx->aad_buf_len))
return -1;
diff -Nru openssl-1.1.0c/crypto/evp/e_aes_cbc_hmac_sha1.c openssl-1.1.0d/crypto/evp/e_aes_cbc_hmac_sha1.c
--- openssl-1.1.0c/crypto/evp/e_aes_cbc_hmac_sha1.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_aes_cbc_hmac_sha1.c 2017-01-26 14:10:22.000000000 +0100
@@ -21,22 +21,6 @@
#include "internal/evp_int.h"
#include "internal/constant_time_locl.h"
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD 0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-#endif
-
-#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-#endif
-
-#if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-#define TLS1_1_VERSION 0x0302
-
typedef struct {
AES_KEY ks;
SHA_CTX head, tail, md;
@@ -146,7 +130,7 @@
# endif
# define SHA1_Update sha1_update
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
typedef struct {
unsigned int A[8], B[8], C[8], D[8], E[8];
@@ -842,7 +826,7 @@
return SHA_DIGEST_LENGTH;
}
}
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
return (int)(5 + 16 + ((arg + 20 + 16) & -16));
case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
diff -Nru openssl-1.1.0c/crypto/evp/e_aes_cbc_hmac_sha256.c openssl-1.1.0d/crypto/evp/e_aes_cbc_hmac_sha256.c
--- openssl-1.1.0c/crypto/evp/e_aes_cbc_hmac_sha256.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_aes_cbc_hmac_sha256.c 2017-01-26 14:10:22.000000000 +0100
@@ -22,22 +22,6 @@
#include "internal/constant_time_locl.h"
#include "internal/evp_int.h"
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD 0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-#endif
-
-#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-#endif
-
-#if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-#define TLS1_1_VERSION 0x0302
-
typedef struct {
AES_KEY ks;
SHA256_CTX head, tail, md;
@@ -142,7 +126,7 @@
# endif
# define SHA256_Update sha256_update
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
typedef struct {
unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8];
@@ -819,7 +803,7 @@
return SHA256_DIGEST_LENGTH;
}
}
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
return (int)(5 + 16 + ((arg + 32 + 16) & -16));
case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
diff -Nru openssl-1.1.0c/crypto/evp/e_chacha20_poly1305.c openssl-1.1.0d/crypto/evp/e_chacha20_poly1305.c
--- openssl-1.1.0c/crypto/evp/e_chacha20_poly1305.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_chacha20_poly1305.c 2017-01-26 14:10:22.000000000 +0100
@@ -127,7 +127,7 @@
1, /* block_size */
CHACHA_KEY_SIZE, /* key_len */
CHACHA_CTR_SIZE, /* iv_len, 128-bit counter in the context */
- 0, /* flags */
+ EVP_CIPH_CUSTOM_IV | EVP_CIPH_ALWAYS_CALL_INIT,
chacha_init_key,
chacha_cipher,
NULL,
@@ -398,6 +398,8 @@
len = aad[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 |
aad[EVP_AEAD_TLS1_AAD_LEN - 1];
if (!ctx->encrypt) {
+ if (len < POLY1305_BLOCK_SIZE)
+ return 0;
len -= POLY1305_BLOCK_SIZE; /* discount attached tag */
memcpy(temp, aad, EVP_AEAD_TLS1_AAD_LEN - 2);
aad = temp;
@@ -407,8 +409,7 @@
actx->tls_payload_length = len;
/*
- * merge record sequence number as per
- * draft-ietf-tls-chacha20-poly1305-03
+ * merge record sequence number as per RFC7905
*/
actx->key.counter[1] = actx->nonce[0];
actx->key.counter[2] = actx->nonce[1] ^ CHACHA_U8TOU32(aad);
diff -Nru openssl-1.1.0c/crypto/evp/e_des3.c openssl-1.1.0d/crypto/evp/e_des3.c
--- openssl-1.1.0c/crypto/evp/e_des3.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_des3.c 2017-01-26 14:10:22.000000000 +0100
@@ -15,6 +15,7 @@
# include "internal/evp_int.h"
# include <openssl/des.h>
# include <openssl/rand.h>
+# include "evp_locl.h"
typedef struct {
union {
@@ -392,6 +393,12 @@
*/
if (inl >= EVP_MAXCHUNK || inl % 8)
return -1;
+
+ if (is_partially_overlapping(out, in, inl)) {
+ EVPerr(EVP_F_DES_EDE3_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+ return 0;
+ }
+
if (EVP_CIPHER_CTX_encrypting(ctx))
return des_ede3_wrap(ctx, out, in, inl);
else
diff -Nru openssl-1.1.0c/crypto/evp/e_rc4.c openssl-1.1.0d/crypto/evp/e_rc4.c
--- openssl-1.1.0c/crypto/evp/e_rc4.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_rc4.c 2017-01-26 14:10:22.000000000 +0100
@@ -18,9 +18,6 @@
# include "internal/evp_int.h"
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE 16
-
typedef struct {
RC4_KEY ks; /* working key */
} EVP_RC4_KEY;
diff -Nru openssl-1.1.0c/crypto/evp/e_rc4_hmac_md5.c openssl-1.1.0d/crypto/evp/e_rc4_hmac_md5.c
--- openssl-1.1.0c/crypto/evp/e_rc4_hmac_md5.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/e_rc4_hmac_md5.c 2017-01-26 14:10:22.000000000 +0100
@@ -21,15 +21,6 @@
# include <openssl/md5.h>
# include "internal/evp_int.h"
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD 0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-# endif
-
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE 16
-
typedef struct {
RC4_KEY ks;
MD5_CTX head, tail, md;
@@ -228,6 +219,8 @@
len = p[arg - 2] << 8 | p[arg - 1];
if (!EVP_CIPHER_CTX_encrypting(ctx)) {
+ if (len < MD5_DIGEST_LENGTH)
+ return -1;
len -= MD5_DIGEST_LENGTH;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
diff -Nru openssl-1.1.0c/crypto/evp/evp_enc.c openssl-1.1.0d/crypto/evp/evp_enc.c
--- openssl-1.1.0c/crypto/evp/evp_enc.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/evp_enc.c 2017-01-26 14:10:22.000000000 +0100
@@ -276,8 +276,7 @@
# define PTRDIFF_T size_t
#endif
-static int is_partially_overlapping(const void *ptr1, const void *ptr2,
- int len)
+int is_partially_overlapping(const void *ptr1, const void *ptr2, int len)
{
PTRDIFF_T diff = (PTRDIFF_T)ptr1-(PTRDIFF_T)ptr2;
/*
@@ -287,7 +286,7 @@
*/
int overlapped = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) |
(diff > (0 - (PTRDIFF_T)len)));
- assert(!overlapped);
+
return overlapped;
}
@@ -296,8 +295,11 @@
{
int i, j, bl;
+ bl = ctx->cipher->block_size;
+
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- if (is_partially_overlapping(out, in, inl)) {
+ /* If block size > 1 then the cipher will have to do this check */
+ if (bl == 1 && is_partially_overlapping(out, in, inl)) {
EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
return 0;
}
@@ -314,7 +316,7 @@
*outl = 0;
return inl == 0;
}
- if (is_partially_overlapping(out, in, inl)) {
+ if (is_partially_overlapping(out + ctx->buf_len, in, inl)) {
EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
return 0;
}
@@ -329,7 +331,6 @@
}
}
i = ctx->buf_len;
- bl = ctx->cipher->block_size;
OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
if (bl - i > inl) {
@@ -342,10 +343,6 @@
memcpy(&(ctx->buf[i]), in, j);
inl -= j;
in += j;
- if (is_partially_overlapping(out, in, bl)) {
- EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
- return 0;
- }
if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl))
return 0;
out += bl;
@@ -422,8 +419,10 @@
int fix_len;
unsigned int b;
+ b = ctx->cipher->block_size;
+
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
- if (is_partially_overlapping(out, in, inl)) {
+ if (b == 1 && is_partially_overlapping(out, in, inl)) {
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
return 0;
}
@@ -445,7 +444,6 @@
if (ctx->flags & EVP_CIPH_NO_PADDING)
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
- b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->final);
if (ctx->final_used) {
diff -Nru openssl-1.1.0c/crypto/evp/evp_err.c openssl-1.1.0d/crypto/evp/evp_err.c
--- openssl-1.1.0c/crypto/evp/evp_err.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/evp_err.c 2017-01-26 14:10:22.000000000 +0100
@@ -21,11 +21,14 @@
static ERR_STRING_DATA EVP_str_functs[] = {
{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "aesni_init_key"},
{ERR_FUNC(EVP_F_AES_INIT_KEY), "aes_init_key"},
+ {ERR_FUNC(EVP_F_AES_OCB_CIPHER), "aes_ocb_cipher"},
{ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"},
+ {ERR_FUNC(EVP_F_AES_WRAP_CIPHER), "aes_wrap_cipher"},
{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"},
{ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"},
{ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"},
+ {ERR_FUNC(EVP_F_DES_EDE3_WRAP_CIPHER), "des_ede3_wrap_cipher"},
{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "do_sigver_init"},
{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
@@ -120,6 +123,7 @@
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
{ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
{ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+ {ERR_REASON(EVP_R_INVALID_KEY), "invalid key"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
{ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
@@ -135,7 +139,8 @@
{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
"operation not supported for this keytype"},
{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
- {ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"},
+ {ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING),
+ "partially overlapping buffers"},
{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
@@ -143,14 +148,14 @@
{ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
{ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"},
- {ERR_REASON(EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS),
- "unsupported number of rounds"},
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"},
{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
"unsupported key derivation function"},
{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"},
+ {ERR_REASON(EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS),
+ "unsupported number of rounds"},
{ERR_REASON(EVP_R_UNSUPPORTED_PRF), "unsupported prf"},
{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),
"unsupported private key algorithm"},
diff -Nru openssl-1.1.0c/crypto/evp/evp_lib.c openssl-1.1.0d/crypto/evp/evp_lib.c
--- openssl-1.1.0c/crypto/evp/evp_lib.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/evp_lib.c 2017-01-26 14:10:22.000000000 +0100
@@ -404,7 +404,7 @@
}
unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
{
- return md->block_size;
+ return md->flags;
}
int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
{
diff -Nru openssl-1.1.0c/crypto/evp/evp_locl.h openssl-1.1.0d/crypto/evp/evp_locl.h
--- openssl-1.1.0c/crypto/evp/evp_locl.h 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/evp_locl.h 2017-01-26 14:10:22.000000000 +0100
@@ -64,3 +64,5 @@
typedef struct evp_pbe_st EVP_PBE_CTL;
DEFINE_STACK_OF(EVP_PBE_CTL)
+
+int is_partially_overlapping(const void *ptr1, const void *ptr2, int len);
diff -Nru openssl-1.1.0c/crypto/evp/m_md5_sha1.c openssl-1.1.0d/crypto/evp/m_md5_sha1.c
--- openssl-1.1.0c/crypto/evp/m_md5_sha1.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/m_md5_sha1.c 2017-01-26 14:10:22.000000000 +0100
@@ -52,11 +52,16 @@
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
+ struct md5_sha1_ctx *mctx;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+ return -2;
+
+ if (ctx == NULL)
return 0;
+ mctx = EVP_MD_CTX_md_data(ctx);
+
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
diff -Nru openssl-1.1.0c/crypto/evp/m_sha1.c openssl-1.1.0d/crypto/evp/m_sha1.c
--- openssl-1.1.0c/crypto/evp/m_sha1.c 2016-11-10 15:03:44.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/m_sha1.c 2017-01-26 14:10:22.000000000 +0100
@@ -36,11 +36,16 @@
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
+ SHA_CTX *sha1;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+ return -2;
+
+ if (ctx == NULL)
return 0;
+ sha1 = EVP_MD_CTX_md_data(ctx);
+
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
diff -Nru openssl-1.1.0c/crypto/evp/pmeth_fn.c openssl-1.1.0d/crypto/evp/pmeth_fn.c
--- openssl-1.1.0c/crypto/evp/pmeth_fn.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/evp/pmeth_fn.c 2017-01-26 14:10:22.000000000 +0100
@@ -15,20 +15,22 @@
#include "internal/evp_int.h"
#define M_check_autoarg(ctx, arg, arglen, err) \
- if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
- { \
- size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
- if (!arg) \
- { \
- *arglen = pksize; \
- return 1; \
- } \
- else if (*arglen < pksize) \
- { \
- EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
- return 0; \
- } \
- }
+ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
+ size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+ \
+ if (pksize == 0) { \
+ EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ if (!arg) { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ if (*arglen < pksize) { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ }
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
{
diff -Nru openssl-1.1.0c/crypto/include/internal/evp_int.h openssl-1.1.0d/crypto/include/internal/evp_int.h
--- openssl-1.1.0c/crypto/include/internal/evp_int.h 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/include/internal/evp_int.h 2017-01-26 14:10:22.000000000 +0100
@@ -380,3 +380,10 @@
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void evp_cleanup_int(void);
+
+/* Pulling defines out of C soure files */
+
+#define EVP_RC4_KEY_SIZE 16
+#ifndef TLS1_1_VERSION
+# define TLS1_1_VERSION 0x0302
+#endif
diff -Nru openssl-1.1.0c/crypto/init.c openssl-1.1.0d/crypto/init.c
--- openssl-1.1.0c/crypto/init.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/init.c 2017-01-26 14:10:22.000000000 +0100
@@ -79,9 +79,16 @@
if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
return 0;
OPENSSL_cpuid_setup();
+
+ /*
+ * BIG FAT WARNING!
+ * Everything needed to be initialized in this function before threads
+ * come along MUST happen before base_inited is set to 1, or we will
+ * see race conditions.
+ */
base_inited = 1;
-#ifndef OPENSSL_USE_NODELETE
+#if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE)
# ifdef DSO_WIN32
{
HMODULE handle = NULL;
@@ -503,7 +510,7 @@
return 0;
}
- if (!RUN_ONCE(&base, ossl_init_base))
+ if (!base_inited && !RUN_ONCE(&base, ossl_init_base))
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
@@ -604,7 +611,7 @@
{
OPENSSL_INIT_STOP *newhand;
-#ifndef OPENSSL_USE_NODELETE
+#if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE)
{
union {
void *sym;
diff -Nru openssl-1.1.0c/crypto/modes/ctr128.c openssl-1.1.0d/crypto/modes/ctr128.c
--- openssl-1.1.0c/crypto/modes/ctr128.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/modes/ctr128.c 2017-01-26 14:10:23.000000000 +0100
@@ -52,7 +52,7 @@
--n;
d = data[n] += c;
/* did addition carry? */
- c = ((d - c) ^ d) >> (sizeof(size_t) * 8 - 1);
+ c = ((d - c) & ~d) >> (sizeof(size_t) * 8 - 1);
} while (n);
}
#endif
diff -Nru openssl-1.1.0c/crypto/pem/pvkfmt.c openssl-1.1.0d/crypto/pem/pvkfmt.c
--- openssl-1.1.0c/crypto/pem/pvkfmt.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/pem/pvkfmt.c 2017-01-26 14:10:23.000000000 +0100
@@ -548,7 +548,7 @@
hnbyte = (RSA_bits(rsa) + 15) >> 4;
RSA_get0_key(rsa, &n, &e, &d);
write_lebn(out, e, 4);
- write_lebn(out, n, -1);
+ write_lebn(out, n, nbyte);
if (ispub)
return;
RSA_get0_factors(rsa, &p, &q);
diff -Nru openssl-1.1.0c/crypto/perlasm/x86_64-xlate.pl openssl-1.1.0d/crypto/perlasm/x86_64-xlate.pl
--- openssl-1.1.0c/crypto/perlasm/x86_64-xlate.pl 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/perlasm/x86_64-xlate.pl 2017-01-26 14:10:23.000000000 +0100
@@ -262,11 +262,18 @@
$self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
# Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{label}, new gas requires sign extension...
+ # in $self->{label}...
use integer;
$self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
$self->{label} =~ s/\b([0-9]+\s*[\*\/\%]\s*[0-9]+)\b/eval($1)/eg;
- $self->{label} =~ s/\b([0-9]+)\b/$1<<32>>32/eg;
+
+ # Some assemblers insist on signed presentation of 32-bit
+ # offsets, but sign extension is a tricky business in perl...
+ if ((1<<31)<<1) {
+ $self->{label} =~ s/\b([0-9]+)\b/$1<<32>>32/eg;
+ } else {
+ $self->{label} =~ s/\b([0-9]+)\b/$1>>0/eg;
+ }
if (!$self->{label} && $self->{index} && $self->{scale}==1 &&
$self->{base} =~ /(rbp|r13)/) {
diff -Nru openssl-1.1.0c/crypto/rand/rand_egd.c openssl-1.1.0d/crypto/rand/rand_egd.c
--- openssl-1.1.0c/crypto/rand/rand_egd.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rand/rand_egd.c 2017-01-26 14:10:23.000000000 +0100
@@ -133,6 +133,7 @@
break;
# endif
default:
+ ret = -1;
goto err; /* failure */
}
}
@@ -227,10 +228,10 @@
int RAND_egd_bytes(const char *path, int bytes)
{
- int num, ret = 0;
+ int num, ret = -1;
num = RAND_query_egd_bytes(path, NULL, bytes);
- if (num < 1)
+ if (num < 0)
goto err;
if (RAND_status() == 1)
ret = num;
diff -Nru openssl-1.1.0c/crypto/rand/randfile.c openssl-1.1.0d/crypto/rand/randfile.c
--- openssl-1.1.0c/crypto/rand/randfile.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rand/randfile.c 2017-01-26 14:10:23.000000000 +0100
@@ -208,8 +208,8 @@
*/
return 1;
}
-# endif
}
+# endif
#endif
#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && \
diff -Nru openssl-1.1.0c/crypto/rsa/rsa_err.c openssl-1.1.0d/crypto/rsa/rsa_err.c
--- openssl-1.1.0c/crypto/rsa/rsa_err.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rsa/rsa_err.c 2017-01-26 14:10:23.000000000 +0100
@@ -26,6 +26,7 @@
{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"},
{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"},
{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "pkey_rsa_sign"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "pkey_rsa_verify"},
{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "pkey_rsa_verifyrecover"},
{ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "rsa_algor_to_md"},
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"},
diff -Nru openssl-1.1.0c/crypto/rsa/rsa_gen.c openssl-1.1.0d/crypto/rsa/rsa_gen.c
--- openssl-1.1.0c/crypto/rsa/rsa_gen.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rsa/rsa_gen.c 2017-01-26 14:10:23.000000000 +0100
@@ -75,7 +75,8 @@
if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) == NULL))
goto err;
- BN_copy(rsa->e, e_value);
+ if (BN_copy(rsa->e, e_value) == NULL)
+ goto err;
/* generate p and q */
for (;;) {
diff -Nru openssl-1.1.0c/crypto/rsa/rsa_meth.c openssl-1.1.0d/crypto/rsa/rsa_meth.c
--- openssl-1.1.0c/crypto/rsa/rsa_meth.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rsa/rsa_meth.c 2017-01-26 14:10:23.000000000 +0100
@@ -13,19 +13,20 @@
RSA_METHOD *RSA_meth_new(const char *name, int flags)
{
- RSA_METHOD *meth = OPENSSL_zalloc(sizeof(RSA_METHOD));
+ RSA_METHOD *meth = OPENSSL_zalloc(sizeof(*meth));
if (meth != NULL) {
- meth->name = OPENSSL_strdup(name);
- if (meth->name == NULL) {
- OPENSSL_free(meth);
- RSAerr(RSA_F_RSA_METH_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
meth->flags = flags;
+
+ meth->name = OPENSSL_strdup(name);
+ if (meth->name != NULL)
+ return meth;
+
+ OPENSSL_free(meth);
}
- return meth;
+ RSAerr(RSA_F_RSA_METH_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
void RSA_meth_free(RSA_METHOD *meth)
@@ -38,21 +39,20 @@
RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth)
{
- RSA_METHOD *ret;
-
- ret = OPENSSL_malloc(sizeof(RSA_METHOD));
+ RSA_METHOD *ret = OPENSSL_malloc(sizeof(*ret));
if (ret != NULL) {
memcpy(ret, meth, sizeof(*meth));
+
ret->name = OPENSSL_strdup(meth->name);
- if (ret->name == NULL) {
- OPENSSL_free(ret);
- RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
+ if (ret->name != NULL)
+ return ret;
+
+ OPENSSL_free(ret);
}
- return ret;
+ RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
const char *RSA_meth_get0_name(const RSA_METHOD *meth)
@@ -62,9 +62,8 @@
int RSA_meth_set1_name(RSA_METHOD *meth, const char *name)
{
- char *tmpname;
+ char *tmpname = OPENSSL_strdup(name);
- tmpname = OPENSSL_strdup(name);
if (tmpname == NULL) {
RSAerr(RSA_F_RSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
return 0;
diff -Nru openssl-1.1.0c/crypto/rsa/rsa_oaep.c openssl-1.1.0d/crypto/rsa/rsa_oaep.c
--- openssl-1.1.0c/crypto/rsa/rsa_oaep.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rsa/rsa_oaep.c 2017-01-26 14:10:23.000000000 +0100
@@ -91,17 +91,21 @@
}
if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < emlen - mdlen; i++)
db[i] ^= dbmask[i];
if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < mdlen; i++)
seed[i] ^= seedmask[i];
OPENSSL_free(dbmask);
return 1;
+
+ err:
+ OPENSSL_free(dbmask);
+ return 0;
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
diff -Nru openssl-1.1.0c/crypto/rsa/rsa_pmeth.c openssl-1.1.0d/crypto/rsa/rsa_pmeth.c
--- openssl-1.1.0c/crypto/rsa/rsa_pmeth.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/rsa/rsa_pmeth.c 2017-01-26 14:10:23.000000000 +0100
@@ -229,6 +229,10 @@
if (rctx->pad_mode == RSA_PKCS1_PADDING)
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
sig, siglen, rsa);
+ if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+ RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+ return -1;
+ }
if (rctx->pad_mode == RSA_X931_PADDING) {
if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
return 0;
diff -Nru openssl-1.1.0c/crypto/ui/ui_err.c openssl-1.1.0d/crypto/ui/ui_err.c
--- openssl-1.1.0c/crypto/ui/ui_err.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/ui/ui_err.c 2017-01-26 14:10:23.000000000 +0100
@@ -19,8 +19,12 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
static ERR_STRING_DATA UI_str_functs[] = {
+ {ERR_FUNC(UI_F_CLOSE_CONSOLE), "close_console"},
+ {ERR_FUNC(UI_F_ECHO_CONSOLE), "echo_console"},
{ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "general_allocate_boolean"},
{ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "general_allocate_prompt"},
+ {ERR_FUNC(UI_F_NOECHO_CONSOLE), "noecho_console"},
+ {ERR_FUNC(UI_F_OPEN_CONSOLE), "open_console"},
{ERR_FUNC(UI_F_UI_CREATE_METHOD), "UI_create_method"},
{ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
{ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
@@ -30,6 +34,7 @@
{ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
{ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
{ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
+ {ERR_FUNC(UI_F_UI_PROCESS), "UI_process"},
{ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
{0, NULL}
};
@@ -40,9 +45,15 @@
{ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"},
{ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"},
{ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"},
+ {ERR_REASON(UI_R_PROCESSING_ERROR), "processing error"},
{ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"},
{ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"},
+ {ERR_REASON(UI_R_SYSASSIGN_ERROR), "sys$assign error"},
+ {ERR_REASON(UI_R_SYSDASSGN_ERROR), "sys$dassgn error"},
+ {ERR_REASON(UI_R_SYSQIOW_ERROR), "sys$qiow error"},
{ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"},
+ {ERR_REASON(UI_R_UNKNOWN_TTYGET_ERRNO_VALUE),
+ "unknown ttyget errno value"},
{0, NULL}
};
diff -Nru openssl-1.1.0c/crypto/ui/ui_lib.c openssl-1.1.0d/crypto/ui/ui_lib.c
--- openssl-1.1.0c/crypto/ui/ui_lib.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/ui/ui_lib.c 2017-01-26 14:10:23.000000000 +0100
@@ -120,7 +120,7 @@
UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
type, input_flags, result_buf);
- if (s) {
+ if (s != NULL) {
if (allocate_string_stack(ui) >= 0) {
s->_.string_data.result_minsize = minsize;
s->_.string_data.result_maxsize = maxsize;
@@ -155,8 +155,8 @@
} else if (cancel_chars == NULL) {
UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
} else {
- for (p = ok_chars; *p; p++) {
- if (strchr(cancel_chars, *p)) {
+ for (p = ok_chars; *p != '\0'; p++) {
+ if (strchr(cancel_chars, *p) != NULL) {
UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
}
@@ -165,7 +165,7 @@
s = general_allocate_prompt(ui, prompt, prompt_freeable,
type, input_flags, result_buf);
- if (s) {
+ if (s != NULL) {
if (allocate_string_stack(ui) >= 0) {
s->_.boolean_data.action_desc = action_desc;
s->_.boolean_data.ok_chars = ok_chars;
@@ -203,7 +203,7 @@
{
char *prompt_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = OPENSSL_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
@@ -231,7 +231,7 @@
{
char *prompt_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = OPENSSL_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
@@ -262,7 +262,7 @@
char *ok_chars_copy = NULL;
char *cancel_chars_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = OPENSSL_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -270,7 +270,7 @@
}
}
- if (action_desc) {
+ if (action_desc != NULL) {
action_desc_copy = OPENSSL_strdup(action_desc);
if (action_desc_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -278,7 +278,7 @@
}
}
- if (ok_chars) {
+ if (ok_chars != NULL) {
ok_chars_copy = OPENSSL_strdup(ok_chars);
if (ok_chars_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -286,7 +286,7 @@
}
}
- if (cancel_chars) {
+ if (cancel_chars != NULL) {
cancel_chars_copy = OPENSSL_strdup(cancel_chars);
if (cancel_chars_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -315,7 +315,7 @@
{
char *text_copy = NULL;
- if (text) {
+ if (text != NULL) {
text_copy = OPENSSL_strdup(text);
if (text_copy == NULL) {
UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
@@ -337,7 +337,7 @@
{
char *text_copy = NULL;
- if (text) {
+ if (text != NULL) {
text_copy = OPENSSL_strdup(text);
if (text_copy == NULL) {
UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
@@ -353,7 +353,7 @@
{
char *prompt = NULL;
- if (ui->meth->ui_construct_prompt)
+ if (ui->meth->ui_construct_prompt != NULL)
prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
else {
char prompt1[] = "Enter ";
@@ -364,7 +364,7 @@
if (object_desc == NULL)
return NULL;
len = sizeof(prompt1) - 1 + strlen(object_desc);
- if (object_name)
+ if (object_name != NULL)
len += sizeof(prompt2) - 1 + strlen(object_name);
len += sizeof(prompt3) - 1;
@@ -373,7 +373,7 @@
return NULL;
OPENSSL_strlcpy(prompt, prompt1, len + 1);
OPENSSL_strlcat(prompt, object_desc, len + 1);
- if (object_name) {
+ if (object_name != NULL) {
OPENSSL_strlcat(prompt, prompt2, len + 1);
OPENSSL_strlcat(prompt, object_name, len + 1);
}
@@ -415,7 +415,8 @@
uis.type = UIT_ERROR;
uis.out_string = str;
- if (ui->meth->ui_write_string && !ui->meth->ui_write_string(ui, &uis))
+ if (ui->meth->ui_write_string != NULL
+ && ui->meth->ui_write_string(ui, &uis) <= 0)
return -1;
return 0;
}
@@ -423,30 +424,38 @@
int UI_process(UI *ui)
{
int i, ok = 0;
+ const char *state = "processing";
- if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
- return -1;
+ if (ui->meth->ui_open_session != NULL
+ && ui->meth->ui_open_session(ui) <= 0) {
+ state = "opening session";
+ ok = -1;
+ goto err;
+ }
if (ui->flags & UI_FLAG_PRINT_ERRORS)
ERR_print_errors_cb((int (*)(const char *, size_t, void *))
print_error, (void *)ui);
for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_write_string
- && !ui->meth->ui_write_string(ui,
- sk_UI_STRING_value(ui->strings, i)))
+ if (ui->meth->ui_write_string != NULL
+ && (ui->meth->ui_write_string(ui,
+ sk_UI_STRING_value(ui->strings, i))
+ <= 0))
{
+ state = "writing strings";
ok = -1;
goto err;
}
}
- if (ui->meth->ui_flush)
+ if (ui->meth->ui_flush != NULL)
switch (ui->meth->ui_flush(ui)) {
case -1: /* Interrupt/Cancel/something... */
ok = -2;
goto err;
case 0: /* Errors */
+ state = "flushing";
ok = -1;
goto err;
default: /* Success */
@@ -455,7 +464,7 @@
}
for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_read_string) {
+ if (ui->meth->ui_read_string != NULL) {
switch (ui->meth->ui_read_string(ui,
sk_UI_STRING_value(ui->strings,
i))) {
@@ -463,6 +472,7 @@
ok = -2;
goto err;
case 0: /* Errors */
+ state = "reading strings";
ok = -1;
goto err;
default: /* Success */
@@ -472,8 +482,17 @@
}
}
err:
- if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
- return -1;
+ if (ui->meth->ui_close_session != NULL
+ && ui->meth->ui_close_session(ui) <= 0) {
+ if (state == NULL)
+ state = "closing session";
+ ok = -1;
+ }
+
+ if (ok == -1) {
+ UIerr(UI_F_UI_PROCESS, UI_R_PROCESSING_ERROR);
+ ERR_add_error_data(2, "while ", state);
+ }
return ok;
}
@@ -565,49 +584,49 @@
int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_open_session = opener;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_writer(UI_METHOD *method,
int (*writer) (UI *ui, UI_STRING *uis))
{
- if (method) {
+ if (method != NULL) {
method->ui_write_string = writer;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_flush = flusher;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_reader(UI_METHOD *method,
int (*reader) (UI *ui, UI_STRING *uis))
{
- if (method) {
+ if (method != NULL) {
method->ui_read_string = reader;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_close_session = closer;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_prompt_constructor(UI_METHOD *method,
@@ -617,55 +636,55 @@
const char
*object_name))
{
- if (method) {
+ if (method != NULL) {
method->ui_construct_prompt = prompt_constructor;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_open_session;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *)
+{
+ if (method != NULL)
return method->ui_write_string;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_flush;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *)
+{
+ if (method != NULL)
return method->ui_read_string;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_close_session;
- else
- return NULL;
+ return NULL;
}
char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
const char *,
- const char *) {
- if (method)
+ const char *)
+{
+ if (method != NULL)
return method->ui_construct_prompt;
- else
- return NULL;
+ return NULL;
}
enum UI_string_types UI_get_string_type(UI_STRING *uis)
diff -Nru openssl-1.1.0c/crypto/ui/ui_openssl.c openssl-1.1.0d/crypto/ui/ui_openssl.c
--- openssl-1.1.0c/crypto/ui/ui_openssl.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/ui/ui_openssl.c 2017-01-26 14:10:23.000000000 +0100
@@ -8,6 +8,7 @@
*/
#include <openssl/e_os2.h>
+#include <openssl/err.h>
/*
* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
@@ -343,7 +344,7 @@
} else
# endif
p = fgets(result, maxsize, tty_in);
- if (!p)
+ if (p == NULL)
goto error;
if (feof(tty_in))
goto error;
@@ -423,18 +424,44 @@
is_a_tty = 0;
else
# endif
- return 0;
+# ifdef ENODEV
+ /*
+ * MacOS X returns ENODEV (Operation not supported by device),
+ * which seems appropriate.
+ */
+ if (errno == ENODEV)
+ is_a_tty = 0;
+ else
+# endif
+ {
+ char tmp_num[10];
+ BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%d", errno);
+ UIerr(UI_F_OPEN_CONSOLE, UI_R_UNKNOWN_TTYGET_ERRNO_VALUE);
+ ERR_add_error_data(2, "errno=", tmp_num);
+
+ return 0;
+ }
}
#endif
#ifdef OPENSSL_SYS_VMS
status = sys$assign(&terminal, &channel, 0, 0);
- if (status != SS$_NORMAL)
+
+ /* if there isn't a TT device, something is very wrong */
+ if (status != SS$_NORMAL) {
+ char tmp_num[12];
+
+ BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%%X%08X", status);
+ UIerr(UI_F_OPEN_CONSOLE, UI_R_SYSASSIGN_ERROR);
+ ERR_add_error_data(2, "status=", tmp_num);
return 0;
- status =
- sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
- 0, 0);
+ }
+
+ status = sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12,
+ 0, 0, 0, 0);
+
+ /* If IO$_SENSEMODE doesn't work, this is not a terminal device */
if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ is_a_tty = 0;
#endif
return 1;
}
@@ -451,14 +478,25 @@
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] | TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ if (is_a_tty) {
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
+ 0, 0, 0, 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) {
+ char tmp_num[2][12];
+
+ BIO_snprintf(tmp_num[0], sizeof(tmp_num[0]) - 1, "%%X%08X",
+ status);
+ BIO_snprintf(tmp_num[1], sizeof(tmp_num[1]) - 1, "%%X%08X",
+ iosb.iosb$w_value);
+ UIerr(UI_F_NOECHO_CONSOLE, UI_R_SYSQIOW_ERROR);
+ ERR_add_error_data(5, "status=", tmp_num[0],
+ ",", "iosb.iosb$w_value=", tmp_num[1]);
+ return 0;
+ }
+ }
#endif
#if defined(_WIN32) && !defined(_WIN32_WCE)
if (is_a_tty) {
@@ -482,14 +520,25 @@
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ if (is_a_tty) {
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
+ 0, 0, 0, 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) {
+ char tmp_num[2][12];
+
+ BIO_snprintf(tmp_num[0], sizeof(tmp_num[0]) - 1, "%%X%08X",
+ status);
+ BIO_snprintf(tmp_num[1], sizeof(tmp_num[1]) - 1, "%%X%08X",
+ iosb.iosb$w_value);
+ UIerr(UI_F_ECHO_CONSOLE, UI_R_SYSQIOW_ERROR);
+ ERR_add_error_data(5, "status=", tmp_num[0],
+ ",", "iosb.iosb$w_value=", tmp_num[1]);
+ return 0;
+ }
+ }
#endif
#if defined(_WIN32) && !defined(_WIN32_WCE)
if (is_a_tty) {
@@ -509,6 +558,14 @@
fclose(tty_out);
#ifdef OPENSSL_SYS_VMS
status = sys$dassgn(channel);
+ if (status != SS$_NORMAL) {
+ char tmp_num[12];
+
+ BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%%X%08X", status);
+ UIerr(UI_F_CLOSE_CONSOLE, UI_R_SYSDASSGN_ERROR);
+ ERR_add_error_data(2, "status=", tmp_num);
+ return 0;
+ }
#endif
CRYPTO_THREAD_unlock(ui->lock);
diff -Nru openssl-1.1.0c/crypto/x509/t_crl.c openssl-1.1.0d/crypto/x509/t_crl.c
--- openssl-1.1.0c/crypto/x509/t_crl.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/t_crl.c 2017-01-26 14:10:23.000000000 +0100
@@ -44,7 +44,10 @@
BIO_printf(out, "Certificate Revocation List (CRL):\n");
l = X509_CRL_get_version(x);
- BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
+ if (l >= 0 && l <= 1)
+ BIO_printf(out, "%8sVersion %ld (0x%lx)\n", "", l + 1, (unsigned long)l);
+ else
+ BIO_printf(out, "%8sVersion unknown (%ld)\n", "", l);
X509_CRL_get0_signature(x, &sig, &sig_alg);
X509_signature_print(out, sig_alg, NULL);
p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
diff -Nru openssl-1.1.0c/crypto/x509/t_req.c openssl-1.1.0d/crypto/x509/t_req.c
--- openssl-1.1.0c/crypto/x509/t_req.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/t_req.c 2017-01-26 14:10:23.000000000 +0100
@@ -60,8 +60,13 @@
}
if (!(cflag & X509_FLAG_NO_VERSION)) {
l = X509_REQ_get_version(x);
- if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0)
- goto err;
+ if (l >= 0 && l <= 2) {
+ if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, (unsigned long)l) <= 0)
+ goto err;
+ } else {
+ if (BIO_printf(bp, "%8sVersion: Unknown (%ld)\n", "", l) <= 0)
+ goto err;
+ }
}
if (!(cflag & X509_FLAG_NO_SUBJECT)) {
if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
diff -Nru openssl-1.1.0c/crypto/x509/t_x509.c openssl-1.1.0d/crypto/x509/t_x509.c
--- openssl-1.1.0c/crypto/x509/t_x509.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/t_x509.c 2017-01-26 14:10:23.000000000 +0100
@@ -71,8 +71,13 @@
}
if (!(cflag & X509_FLAG_NO_VERSION)) {
l = X509_get_version(x);
- if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
- goto err;
+ if (l >= 0 && l <= 2) {
+ if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, (unsigned long)l) <= 0)
+ goto err;
+ } else {
+ if (BIO_printf(bp, "%8sVersion: Unknown (%ld)\n", "", l) <= 0)
+ goto err;
+ }
}
if (!(cflag & X509_FLAG_NO_SERIAL)) {
@@ -88,12 +93,15 @@
l = -1;
}
if (l != -1) {
+ unsigned long ul;
if (bs->type == V_ASN1_NEG_INTEGER) {
- l = -l;
+ ul = 0 - (unsigned long)l;
neg = "-";
- } else
+ } else {
+ ul = l;
neg = "";
- if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
+ }
+ if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, ul, neg, ul) <= 0)
goto err;
} else {
neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
diff -Nru openssl-1.1.0c/crypto/x509/x509_lcl.h openssl-1.1.0d/crypto/x509/x509_lcl.h
--- openssl-1.1.0c/crypto/x509/x509_lcl.h 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/x509_lcl.h 2017-01-26 14:10:23.000000000 +0100
@@ -16,7 +16,7 @@
struct X509_VERIFY_PARAM_st {
char *name;
time_t check_time; /* Time to use */
- unsigned long inh_flags; /* Inheritance flags */
+ uint32_t inh_flags; /* Inheritance flags */
unsigned long flags; /* Various verify flags */
int purpose; /* purpose to check untrusted certificates */
int trust; /* trust setting to check */
diff -Nru openssl-1.1.0c/crypto/x509/x509_vfy.c openssl-1.1.0d/crypto/x509/x509_vfy.c
--- openssl-1.1.0c/crypto/x509/x509_vfy.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/x509_vfy.c 2017-01-26 14:10:23.000000000 +0100
@@ -308,16 +308,17 @@
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
{
int i;
+ X509 *issuer, *rv = NULL;
for (i = 0; i < sk_X509_num(sk); i++) {
- X509 *issuer = sk_X509_value(sk, i);
-
- if (!ctx->check_issued(ctx, x, issuer))
- continue;
- if (x509_check_cert_time(ctx, issuer, -1))
- return issuer;
+ issuer = sk_X509_value(sk, i);
+ if (ctx->check_issued(ctx, x, issuer)) {
+ rv = issuer;
+ if (x509_check_cert_time(ctx, rv, -1))
+ break;
+ }
}
- return NULL;
+ return rv;
}
/* Given a possible certificate and issuer check them */
diff -Nru openssl-1.1.0c/crypto/x509/x509_vpm.c openssl-1.1.0d/crypto/x509/x509_vpm.c
--- openssl-1.1.0c/crypto/x509/x509_vpm.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/x509_vpm.c 2017-01-26 14:10:23.000000000 +0100
@@ -306,6 +306,17 @@
return param->flags;
}
+uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param)
+{
+ return param->inh_flags;
+}
+
+int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param, uint32_t flags)
+{
+ param->inh_flags = flags;
+ return 1;
+}
+
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
{
return X509_PURPOSE_set(¶m->purpose, purpose);
@@ -326,6 +337,11 @@
param->auth_level = auth_level;
}
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param)
+{
+ return param->check_time;
+}
+
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
{
param->check_time = t;
diff -Nru openssl-1.1.0c/crypto/x509/x_all.c openssl-1.1.0d/crypto/x509/x_all.c
--- openssl-1.1.0c/crypto/x509/x_all.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/x_all.c 2017-01-26 14:10:23.000000000 +0100
@@ -18,6 +18,7 @@
#include <openssl/ocsp.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
+#include <openssl/x509v3.h>
int X509_verify(X509 *a, EVP_PKEY *r)
{
@@ -362,6 +363,13 @@
int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{
+ if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
+ /* Asking for SHA1 and we already computed it. */
+ if (len != NULL)
+ *len = sizeof(data->sha1_hash);
+ memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
+ return 1;
+ }
return (ASN1_item_digest
(ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
}
@@ -369,6 +377,13 @@
int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
unsigned char *md, unsigned int *len)
{
+ if (type == EVP_sha1()) {
+ /* Asking for SHA1; always computed in CRL d2i. */
+ if (len != NULL)
+ *len = sizeof(data->sha1_hash);
+ memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
+ return 1;
+ }
return (ASN1_item_digest
(ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
}
diff -Nru openssl-1.1.0c/crypto/x509/x_crl.c openssl-1.1.0d/crypto/x509/x_crl.c
--- openssl-1.1.0c/crypto/x509/x_crl.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509/x_crl.c 2017-01-26 14:10:23.000000000 +0100
@@ -213,7 +213,7 @@
if ((nid == NID_issuing_distribution_point)
|| (nid == NID_authority_key_identifier)
|| (nid == NID_delta_crl))
- break;;
+ continue;
crl->flags |= EXFLAG_CRITICAL;
break;
}
diff -Nru openssl-1.1.0c/crypto/x509v3/v3_utl.c openssl-1.1.0d/crypto/x509v3/v3_utl.c
--- openssl-1.1.0c/crypto/x509v3/v3_utl.c 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/crypto/x509v3/v3_utl.c 2017-01-26 14:10:23.000000000 +0100
@@ -469,6 +469,7 @@
return 1;
emtmp = OPENSSL_strdup((char *)email->data);
if (emtmp == NULL || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
+ OPENSSL_free(emtmp); /* free on push failure */
X509_email_free(*sk);
*sk = NULL;
return 0;
diff -Nru openssl-1.1.0c/debian/changelog openssl-1.1.0d/debian/changelog
--- openssl-1.1.0c/debian/changelog 2016-11-21 22:20:00.000000000 +0100
+++ openssl-1.1.0d/debian/changelog 2017-01-30 23:20:07.000000000 +0100
@@ -1,3 +1,54 @@
+openssl (1.1.0d-2) unstable; urgency=medium
+
+ * Fix building of arch and all packages in a minimal environment
+ (Closes: #852900).
+ * Fix precomputing SHA1 by adding the following patches from upstream:
+ - Add-a-couple-of-test-to-check-CRL-fingerprint.patch
+ - Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch
+ - X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch
+ (Closes: #852920).
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Mon, 30 Jan 2017 23:20:07 +0100
+
+openssl (1.1.0d-1) unstable; urgency=medium
+
+ * New Upstream release
+ - Fixes CVE-2017-3731
+ - Fixes CVE-2017-3730
+ - Fixes CVE-2017-3732
+ - drop revert_ssl_read.patch and
+ 0001-Add-missing-zdelete-for-some-linux-arches.patch, applied upstream.
+ * add new symbols.
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Thu, 26 Jan 2017 16:38:34 +0100
+
+openssl (1.1.0c-4) unstable; urgency=medium
+
+ * Make build-indep build again.
+ * Don't depend on perl:any in openssl as it breaks debootstrap
+ ("Closes: #852017).
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Fri, 20 Jan 2017 22:18:15 +0100
+
+openssl (1.1.0c-3) unstable; urgency=medium
+
+ * Add myself as Uploader.
+ * Add support for tilegx, patch by Helmut Grohne (Closes: #848957).
+ * redo the rules file to some newer debhelper:
+ - everyfile should remain, nothing should get lost
+ - the scripts in the doc package gained an exec bit
+ - openssl gained a dep on perl (the package contains perl scripts)
+ - libssl1.0.2-dbg is gone, we have dbgsym now
+ - dh compat 10
+ - pkg.install instead of pkg.files is used for install
+ * Mark libssl-doc as MA foreign
+ * Update Standards-Version from 3.9.5 to 3.9.8. No changes required.
+ * Document the change for openssl's enc command between 1.1.0 and pre 1.1.0
+ in the NEWS file (Closes: #843064).
+ * Add an override for lintian for the non-standard private directory
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Thu, 19 Jan 2017 23:00:01 +0100
+
openssl (1.1.0c-2) unstable; urgency=medium
* Revert behaviour of SSL_read() and SSL_write(), and update documentation.
diff -Nru openssl-1.1.0c/debian/compat openssl-1.1.0d/debian/compat
--- openssl-1.1.0c/debian/compat 2016-05-28 19:24:13.000000000 +0200
+++ openssl-1.1.0d/debian/compat 2017-01-04 20:44:54.000000000 +0100
@@ -1 +1 @@
-9
+10
diff -Nru openssl-1.1.0c/debian/control openssl-1.1.0d/debian/control
--- openssl-1.1.0c/debian/control 2016-11-21 22:20:00.000000000 +0100
+++ openssl-1.1.0d/debian/control 2017-01-20 21:05:43.000000000 +0100
@@ -1,10 +1,10 @@
Source: openssl
-Build-Depends: debhelper (>= 9), m4, bc, dpkg-dev (>= 1.15.7)
+Build-Depends: debhelper (>= 10), m4, bc, dpkg-dev (>= 1.15.7)
Section: utils
Priority: optional
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
-Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be>
-Standards-Version: 3.9.5
+Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be>, Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Standards-Version: 3.9.8
Vcs-Browser: https://anonscm.debian.org/viewvc/pkg-openssl/openssl
Vcs-Svn: svn://anonscm.debian.org/pkg-openssl/openssl/
Homepage: https://www.openssl.org/
@@ -83,6 +83,7 @@
Package: libssl-doc
Section: doc
Architecture: all
+Multi-Arch: foreign
Replaces: libssl-dev (<< 1.0.0)
Breaks: libssl-dev (<< 1.0.0)
Depends: ${shlibs:Depends}, ${perl:Depends}, ${misc:Depends}
@@ -92,16 +93,3 @@
Internet.
.
It contains manpages and demo files for libssl and libcrypto.
-
-Package: libssl1.1-dbg
-Section: debug
-Priority: extra
-Architecture: any
-Multi-Arch: same
-Depends: libssl1.1 (= ${binary:Version}), ${misc:Depends}
-Description: Secure Sockets Layer toolkit - debug information
- This package is part of the OpenSSL project's implementation of the SSL
- and TLS cryptographic protocols for secure communication over the
- Internet.
- .
- It contains debugging symbols for libssl and libcrypto.
diff -Nru openssl-1.1.0c/debian/libssl1.1.files openssl-1.1.0d/debian/libssl1.1.files
--- openssl-1.1.0c/debian/libssl1.1.files 2016-08-04 18:09:28.000000000 +0200
+++ openssl-1.1.0d/debian/libssl1.1.files 1970-01-01 01:00:00.000000000 +0100
@@ -1,3 +0,0 @@
-usr/lib/*/*.so.*.*
-usr/lib/*/*/*.so.*.*
-usr/lib/*/engines-*
diff -Nru openssl-1.1.0c/debian/libssl1.1.install openssl-1.1.0d/debian/libssl1.1.install
--- openssl-1.1.0c/debian/libssl1.1.install 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/libssl1.1.install 2017-01-04 20:44:54.000000000 +0100
@@ -0,0 +1,2 @@
+usr/lib/*/*.so.*.*
+usr/lib/*/engines-*/*.so
diff -Nru openssl-1.1.0c/debian/libssl1.1.symbols openssl-1.1.0d/debian/libssl1.1.symbols
--- openssl-1.1.0c/debian/libssl1.1.symbols 2016-11-10 19:05:31.000000000 +0100
+++ openssl-1.1.0d/debian/libssl1.1.symbols 2017-01-26 16:21:03.000000000 +0100
@@ -2,5 +2,7 @@
*@OPENSSL_1_1_0 1.1.0
*@OPENSSL_1_1_0a 1.1.0a
*@OPENSSL_1_1_0c 1.1.0c
+ *@OPENSSL_1_1_0d 1.1.0d
libssl.so.1.1 libssl1.1 #MINVER#
*@OPENSSL_1_1_0 1.1.0
+ *@OPENSSL_1_1_0d 1.1.0d
diff -Nru openssl-1.1.0c/debian/libssl-dev.files openssl-1.1.0d/debian/libssl-dev.files
--- openssl-1.1.0c/debian/libssl-dev.files 2016-05-28 19:24:13.000000000 +0200
+++ openssl-1.1.0d/debian/libssl-dev.files 1970-01-01 01:00:00.000000000 +0100
@@ -1,6 +0,0 @@
-usr/lib/*/libssl.so
-usr/lib/*/libcrypto.so
-usr/lib/*/libssl.a
-usr/lib/*/libcrypto.a
-usr/lib/*/pkgconfig
-usr/include
diff -Nru openssl-1.1.0c/debian/libssl-dev.install openssl-1.1.0d/debian/libssl-dev.install
--- openssl-1.1.0c/debian/libssl-dev.install 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/libssl-dev.install 2017-01-04 20:44:54.000000000 +0100
@@ -0,0 +1,7 @@
+usr/lib/*/libssl.so
+usr/lib/*/libcrypto.so
+usr/lib/*/libssl.a
+usr/lib/*/libcrypto.a
+usr/lib/*/pkgconfig
+usr/include/openssl/*
+usr/include/*/openssl
diff -Nru openssl-1.1.0c/debian/libssl-doc.files openssl-1.1.0d/debian/libssl-doc.files
--- openssl-1.1.0c/debian/libssl-doc.files 2016-05-28 19:24:13.000000000 +0200
+++ openssl-1.1.0d/debian/libssl-doc.files 1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-usr/share/man/man3
diff -Nru openssl-1.1.0c/debian/libssl-doc.install openssl-1.1.0d/debian/libssl-doc.install
--- openssl-1.1.0c/debian/libssl-doc.install 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/libssl-doc.install 2017-01-04 20:44:54.000000000 +0100
@@ -0,0 +1 @@
+usr/share/man/man3/*
diff -Nru openssl-1.1.0c/debian/openssl.docs openssl-1.1.0d/debian/openssl.docs
--- openssl-1.1.0c/debian/openssl.docs 2016-05-28 20:36:45.000000000 +0200
+++ openssl-1.1.0d/debian/openssl.docs 2017-01-04 20:44:54.000000000 +0100
@@ -5,3 +5,4 @@
README.ENGINE
NEWS
FAQ
+debian/README.optimization
diff -Nru openssl-1.1.0c/debian/openssl.files openssl-1.1.0d/debian/openssl.files
--- openssl-1.1.0c/debian/openssl.files 2016-05-28 19:24:13.000000000 +0200
+++ openssl-1.1.0d/debian/openssl.files 1970-01-01 01:00:00.000000000 +0100
@@ -1,9 +0,0 @@
-usr/share/man/man1
-usr/share/man/man5
-usr/share/man/man7
-usr/bin
-usr/lib/ssl/misc
-usr/lib/ssl/certs
-usr/lib/ssl/openssl.cnf
-usr/lib/ssl/private
-etc/ssl
diff -Nru openssl-1.1.0c/debian/openssl.install openssl-1.1.0d/debian/openssl.install
--- openssl-1.1.0c/debian/openssl.install 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/openssl.install 2017-01-04 20:44:54.000000000 +0100
@@ -0,0 +1,9 @@
+etc/ssl
+usr/bin/*
+usr/lib/ssl/certs
+usr/lib/ssl/private
+usr/lib/ssl/misc/*
+usr/lib/ssl/openssl.cnf
+usr/share/man/man1/*
+usr/share/man/man5/*
+usr/share/man/man7/*
diff -Nru openssl-1.1.0c/debian/openssl.lintian-overrides openssl-1.1.0d/debian/openssl.lintian-overrides
--- openssl-1.1.0c/debian/openssl.lintian-overrides 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/openssl.lintian-overrides 2017-01-19 22:45:37.000000000 +0100
@@ -0,0 +1,3 @@
+# Policy §10.9 wants 755 but since private keys could be stored there
+# we want this only accessed by root
+non-standard-dir-perm etc/ssl/private/ 0700 != 0755
diff -Nru openssl-1.1.0c/debian/openssl.NEWS openssl-1.1.0d/debian/openssl.NEWS
--- openssl-1.1.0c/debian/openssl.NEWS 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/openssl.NEWS 2017-01-04 20:44:54.000000000 +0100
@@ -0,0 +1,7 @@
+openssl (1.1.0c-3) unstable; urgency=medium
+
+ The openssl enc command changed the default digest (used to create the key
+ from passphrase) from MD5 to SHA256 since the version 1.1.0. The digest can
+ be specified with the -md option.
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Tue, 27 Dec 2016 23:37:36 +0100
diff -Nru openssl-1.1.0c/debian/patches/0001-Add-missing-zdelete-for-some-linux-arches.patch openssl-1.1.0d/debian/patches/0001-Add-missing-zdelete-for-some-linux-arches.patch
--- openssl-1.1.0c/debian/patches/0001-Add-missing-zdelete-for-some-linux-arches.patch 2016-11-21 22:19:16.000000000 +0100
+++ openssl-1.1.0d/debian/patches/0001-Add-missing-zdelete-for-some-linux-arches.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,35 +0,0 @@
-From 1e904478f0abcd4a6aed4b2b100568f5cafaf861 Mon Sep 17 00:00:00 2001
-From: Kurt Roeckx <kurt@roeckx.be>
-Date: Mon, 21 Nov 2016 22:15:11 +0100
-Subject: [PATCH] Add missing -zdelete for some linux arches
-
-b6d5ba1a9f004d637acac18ae3519fe063b6b5e1 forgot to update some linux arches.
----
- Configurations/10-main.conf | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
-index 6b0f368..59234a8 100644
---- a/Configurations/10-main.conf
-+++ b/Configurations/10-main.conf
-@@ -701,7 +701,7 @@ sub vms_info {
- cflags => add("-mabi=ilp32"),
- bn_ops => "SIXTY_FOUR_BIT RC4_CHAR",
- perlasm_scheme => "linux64",
-- shared_ldflag => "-mabi=ilp32",
-+ shared_ldflag => add("-mabi=ilp32"),
- },
-
- "linux-mips32" => {
-@@ -784,7 +784,7 @@ sub vms_info {
- cflags => add("-mx32 -DL_ENDIAN"),
- bn_ops => "SIXTY_FOUR_BIT",
- perlasm_scheme => "elf32",
-- shared_ldflag => "-mx32",
-+ shared_ldflag => add("-mx32"),
- multilib => "x32",
- },
-
---
-2.10.2
-
diff -Nru openssl-1.1.0c/debian/patches/Add-a-couple-of-test-to-check-CRL-fingerprint.patch openssl-1.1.0d/debian/patches/Add-a-couple-of-test-to-check-CRL-fingerprint.patch
--- openssl-1.1.0c/debian/patches/Add-a-couple-of-test-to-check-CRL-fingerprint.patch 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/patches/Add-a-couple-of-test-to-check-CRL-fingerprint.patch 2017-01-29 20:53:16.000000000 +0100
@@ -0,0 +1,45 @@
+From: Richard Levitte <levitte@openssl.org>
+Date: Sat, 28 Jan 2017 18:24:40 +0100
+Subject: [PATCH 3/3] Add a couple of test to check CRL fingerprint
+
+BTS: #852920
+
+Reviewed-by: Kurt Roeckx <kurt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/2314)
+(cherry picked from commit 929860d0e6112f5c7766d9ea036c3f8bd8d3d719)
+---
+ test/recipes/25-test_crl.t | 19 ++++++++++++++++++-
+ 1 file changed, 18 insertions(+), 1 deletion(-)
+
+--- a/test/recipes/25-test_crl.t
++++ b/test/recipes/25-test_crl.t
+@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_fil
+
+ setup("test_crl");
+
+-plan tests => 3;
++plan tests => 5;
+
+ require_ok(srctop_file('test','recipes','tconversion.pl'));
+
+@@ -24,3 +24,20 @@ subtest 'crl conversions' => sub {
+ };
+
+ ok(run(test(['crltest'])));
++
++ok(compare1stline([qw{openssl crl -noout -fingerprint -in},
++ srctop_file('test', 'testcrl.pem')],
++ 'SHA1 Fingerprint=BA:F4:1B:AD:7A:9B:2F:09:16:BC:60:A7:0E:CE:79:2E:36:00:E7:B2'));
++ok(compare1stline([qw{openssl crl -noout -fingerprint -sha256 -in},
++ srctop_file('test', 'testcrl.pem')],
++ 'SHA256 Fingerprint=B3:A9:FD:A7:2E:8C:3D:DF:D0:F1:C3:1A:96:60:B5:FD:B0:99:7C:7F:0E:E4:34:F5:DB:87:62:36:BC:F1:BC:1B'));
++
++sub compare1stline {
++ my ($cmdarray, $str) = @_;
++ my @lines = run(app($cmdarray), capture => 1);
++
++ return 1 if $lines[0] =~ m|^\Q${str}\E\R$|;
++ note "Got ", $lines[0];
++ note "Expected ", $str;
++ return 0;
++}
diff -Nru openssl-1.1.0c/debian/patches/c_rehash-compat.patch openssl-1.1.0d/debian/patches/c_rehash-compat.patch
--- openssl-1.1.0c/debian/patches/c_rehash-compat.patch 2016-09-22 20:07:30.000000000 +0200
+++ openssl-1.1.0d/debian/patches/c_rehash-compat.patch 2017-01-20 13:04:13.000000000 +0100
@@ -7,10 +7,8 @@
tools/c_rehash.in | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
-Index: openssl-1.1.0a/tools/c_rehash.in
-===================================================================
---- openssl-1.1.0a.orig/tools/c_rehash.in
-+++ openssl-1.1.0a/tools/c_rehash.in
+--- a/tools/c_rehash.in
++++ b/tools/c_rehash.in
@@ -17,8 +17,6 @@ my $prefix = {- quotify1($config{prefix}
my $errorcount = 0;
my $openssl = $ENV{OPENSSL} || "openssl";
diff -Nru openssl-1.1.0c/debian/patches/debian-targets.patch openssl-1.1.0d/debian/patches/debian-targets.patch
--- openssl-1.1.0c/debian/patches/debian-targets.patch 2016-08-07 13:05:30.000000000 +0200
+++ openssl-1.1.0d/debian/patches/debian-targets.patch 2016-12-22 23:15:49.000000000 +0100
@@ -1,10 +1,10 @@
---
- Configurations/20-debian.conf | 133 ++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 133 insertions(+)
+ Configurations/20-debian.conf | 137 ++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 137 insertions(+)
--- /dev/null
+++ b/Configurations/20-debian.conf
-@@ -0,0 +1,134 @@
+@@ -0,0 +1,137 @@
+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . "-Wa,--noexecstack -Wall";
+$debian_cflags =~ s/\n/ /g;
+my $debian_ldflags = `dpkg-buildflags --get LDFLAGS`;
@@ -134,6 +134,9 @@
+ cflags => add("-m64 -mcpu=ultrasparc -DB_ENDIAN"),
+ bn_ops => "BN_LLONG RC4_CHAR",
+ },
++ "debian-tilegx" => {
++ inherit_from => [ "linux-generic64", "debian" ],
++ },
+ "debian-x32" => {
+ inherit_from => [ "linux-x32", "debian" ],
+ },
diff -Nru openssl-1.1.0c/debian/patches/Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch openssl-1.1.0d/debian/patches/Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch
--- openssl-1.1.0c/debian/patches/Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/patches/Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch 2017-01-29 20:53:14.000000000 +0100
@@ -0,0 +1,23 @@
+From: Richard Levitte <levitte@openssl.org>
+Date: Sat, 28 Jan 2017 18:02:12 +0100
+Subject: [PATCH 2/3] Document what EXFLAG_SET is for in x509v3.h
+
+BTS: #852920
+
+Reviewed-by: Kurt Roeckx <kurt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/2314)
+(cherry picked from commit 2d60c923141e7853c268364f26195343a5e995bf)
+---
+ include/openssl/x509v3.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/include/openssl/x509v3.h
++++ b/include/openssl/x509v3.h
+@@ -355,6 +355,7 @@ struct ISSUING_DIST_POINT_st {
+ # define EXFLAG_SI 0x20
+ # define EXFLAG_V1 0x40
+ # define EXFLAG_INVALID 0x80
++/* EXFLAG_SET is set to indicate that some values have been precomputed */
+ # define EXFLAG_SET 0x100
+ # define EXFLAG_CRITICAL 0x200
+ # define EXFLAG_PROXY 0x400
diff -Nru openssl-1.1.0c/debian/patches/man-section.patch openssl-1.1.0d/debian/patches/man-section.patch
--- openssl-1.1.0c/debian/patches/man-section.patch 2016-08-04 18:09:41.000000000 +0200
+++ openssl-1.1.0d/debian/patches/man-section.patch 2017-01-20 13:04:06.000000000 +0100
@@ -4,7 +4,7 @@
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
-@@ -160,7 +160,8 @@ HTMLDIR=$(DOCDIR)/html
+@@ -164,7 +164,8 @@ HTMLDIR=$(DOCDIR)/html
# MANSUFFIX is for the benefit of anyone who may want to have a suffix
# appended after the manpage file section number. "ssl" is popular,
# resulting in files such as config.5ssl rather than config.5.
@@ -14,7 +14,7 @@
HTMLSUFFIX=html
-@@ -635,7 +636,7 @@ UNINSTALL_DOCS=\
+@@ -630,7 +631,7 @@ UNINSTALL_DOCS=\
@\
OUTSUFFIX='.$${SEC}$(MANSUFFIX)'; \
OUTTOP="$(DESTDIR)$(MANDIR)"; \
diff -Nru openssl-1.1.0c/debian/patches/revert_ssl_read.patch openssl-1.1.0d/debian/patches/revert_ssl_read.patch
--- openssl-1.1.0c/debian/patches/revert_ssl_read.patch 2016-11-21 22:05:24.000000000 +0100
+++ openssl-1.1.0d/debian/patches/revert_ssl_read.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,263 +0,0 @@
-diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
-index ddd72f7..47d2358 100644
---- a/doc/ssl/SSL_get_error.pod
-+++ b/doc/ssl/SSL_get_error.pod
-@@ -38,12 +38,13 @@ if and only if B<ret E<gt> 0>.
-
- =item SSL_ERROR_ZERO_RETURN
-
--The TLS/SSL connection has been closed. If the protocol version is SSL 3.0
--or TLS 1.0, this result code is returned only if a closure
--alert has occurred in the protocol, i.e. if the connection has been
--closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
--does not necessarily indicate that the underlying transport
--has been closed.
-+The TLS/SSL connection has been closed.
-+If the protocol version is SSL 3.0 or higher, this result code is returned only
-+if a closure alert has occurred in the protocol, i.e. if the connection has been
-+closed cleanly.
-+Note that in this case B<SSL_ERROR_ZERO_RETURN> does not necessarily
-+indicate that the underlying transport has been closed.
-+
-
- =item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
-
-@@ -111,12 +112,9 @@ thread has completed.
-
- =item SSL_ERROR_SYSCALL
-
--Some I/O error occurred. The OpenSSL error queue may contain more
--information on the error. If the error queue is empty
--(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
--about the error: If B<ret == 0>, an EOF was observed that violates
--the protocol. If B<ret == -1>, the underlying B<BIO> reported an
--I/O error (for socket I/O on Unix systems, consult B<errno> for details).
-+Some non-recoverable I/O error occurred.
-+The OpenSSL error queue may contain more information on the error.
-+For socket I/O on Unix systems, consult B<errno> for details.
-
- =item SSL_ERROR_SSL
-
-diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
-index 8dff244..20ccf40 100644
---- a/doc/ssl/SSL_read.pod
-+++ b/doc/ssl/SSL_read.pod
-@@ -81,28 +81,21 @@ The following return values can occur:
-
- =over 4
-
--=item E<gt>0
-+=item E<gt> 0
-
--The read operation was successful; the return value is the number of
--bytes actually read from the TLS/SSL connection.
-+The read operation was successful.
-+The return value is the number of bytes actually read from the TLS/SSL
-+connection.
-
--=item Z<>0
-+=item Z<><= 0
-
--The read operation was not successful. The reason may either be a clean
--shutdown due to a "close notify" alert sent by the peer (in which case
--the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
--(see L<SSL_shutdown(3)>,
--L<SSL_set_shutdown(3)>). It is also possible, that
--the peer simply shut down the underlying transport and the shutdown is
--incomplete. Call SSL_get_error() with the return value B<ret> to find out,
--whether an error occurred or the connection was shut down cleanly
--(SSL_ERROR_ZERO_RETURN).
-+The read operation was not successful, because either the connection was closed,
-+an error occurred or action must be taken by the calling process.
-+Call L<SSL_get_error(3)> with the return value B<ret> to find out the reason.
-
--=item E<lt>0
--
--The read operation was not successful, because either an error occurred
--or action must be taken by the calling process. Call SSL_get_error() with the
--return value B<ret> to find out the reason.
-+Old documentation indicated a difference between 0 and -1, and that -1 was
-+retryable.
-+You should instead call SSL_get_error() to find out if it's retryable.
-
- =back
-
-diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
-index 5ab0790..ef3b92a 100644
---- a/doc/ssl/SSL_write.pod
-+++ b/doc/ssl/SSL_write.pod
-@@ -74,23 +74,20 @@ The following return values can occur:
-
- =over 4
-
--=item E<gt>0
-+=item E<gt> 0
-
- The write operation was successful, the return value is the number of
- bytes actually written to the TLS/SSL connection.
-
--=item Z<>0
-+=item Z<><= 0
-
--The write operation was not successful. Probably the underlying connection
--was closed. Call SSL_get_error() with the return value B<ret> to find out,
--whether an error occurred or the connection was shut down cleanly
--(SSL_ERROR_ZERO_RETURN).
-+The write operation was not successful, because either the connection was
-+closed, an error occurred or action must be taken by the calling process.
-+Call SSL_get_error() with the return value B<ret> to find out the reason.
-
--=item E<lt>0
--
--The write operation was not successful, because either an error occurred
--or action must be taken by the calling process. Call SSL_get_error() with the
--return value B<ret> to find out the reason.
-+Old documentation indicated a difference between 0 and -1, and that -1 was
-+retryable.
-+You should instead call SSL_get_error() to find out if it's retryable.
-
- =back
-
-diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
-index 28de7c3..1270a5f 100644
---- a/ssl/record/rec_layer_s3.c
-+++ b/ssl/record/rec_layer_s3.c
-@@ -178,10 +178,7 @@ const char *SSL_rstate_string(const SSL *s)
- }
-
- /*
-- * Return values are as per SSL_read(), i.e.
-- * >0 The number of read bytes
-- * 0 Failure (not retryable)
-- * <0 Failure (may be retryable)
-+ * Return values are as per SSL_read()
- */
- int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
- {
-@@ -312,7 +309,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
- if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
- if (len + left == 0)
- ssl3_release_read_buffer(s);
-- return -1;
-+ return i;
- }
- left += i;
- /*
-@@ -882,10 +879,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-
- /* if s->s3->wbuf.left != 0, we need to call this
- *
-- * Return values are as per SSL_read(), i.e.
-- * >0 The number of read bytes
-- * 0 Failure (not retryable)
-- * <0 Failure (may be retryable)
-+ * Return values are as per SSL_write()
- */
- int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- unsigned int len)
-@@ -936,7 +930,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- */
- SSL3_BUFFER_set_left(&wb[currbuf], 0);
- }
-- return -1;
-+ return i;
- }
- SSL3_BUFFER_add_offset(&wb[currbuf], i);
- SSL3_BUFFER_add_left(&wb[currbuf], -i);
-diff --git a/test/asynciotest.c b/test/asynciotest.c
-index 23d0907..133e3d5 100644
---- a/test/asynciotest.c
-+++ b/test/asynciotest.c
-@@ -85,7 +85,7 @@ static int async_free(BIO *bio)
- static int async_read(BIO *bio, char *out, int outl)
- {
- struct async_ctrs *ctrs;
-- int ret = 0;
-+ int ret = -1;
- BIO *next = BIO_next(bio);
-
- if (outl <= 0)
-@@ -120,7 +120,7 @@ static int async_read(BIO *bio, char *out, int outl)
- static int async_write(BIO *bio, const char *in, int inl)
- {
- struct async_ctrs *ctrs;
-- int ret = 0;
-+ int ret = -1;
- size_t written = 0;
- BIO *next = BIO_next(bio);
-
-@@ -297,32 +297,59 @@ int main(int argc, char *argv[])
- * we hit at least one async event in both reading and writing
- */
- for (j = 0; j < 2; j++) {
-+ int len;
-+
- /*
- * Write some test data. It should never take more than 2 attempts
-- * (the first one might be a retryable fail). A zero return from
-- * SSL_write() is a non-retryable failure, so fail immediately if
-- * we get that.
-+ * (the first one might be a retryable fail).
- */
-- for (ret = -1, i = 0; ret < 0 && i < 2 * sizeof(testdata); i++)
-- ret = SSL_write(clientssl, testdata, sizeof(testdata));
-- if (ret <= 0) {
-- printf("Test %d failed: Failed to write app data\n", test);
-+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
-+ i++) {
-+ ret = SSL_write(clientssl, testdata + len,
-+ sizeof(testdata) - len);
-+ if (ret > 0) {
-+ len += ret;
-+ } else {
-+ int ssl_error = SSL_get_error(clientssl, ret);
-+
-+ if (ssl_error == SSL_ERROR_SYSCALL ||
-+ ssl_error == SSL_ERROR_SSL) {
-+ printf("Test %d failed: Failed to write app data\n", test);
-+ err = -1;
-+ goto end;
-+ }
-+ }
-+ }
-+ if (len != sizeof(testdata)) {
-+ err = -1;
-+ printf("Test %d failed: Failed to write all app data\n", test);
- goto end;
- }
- /*
- * Now read the test data. It may take more attemps here because
- * it could fail once for each byte read, including all overhead
-- * bytes from the record header/padding etc. Fail immediately if we
-- * get a zero return from SSL_read().
-+ * bytes from the record header/padding etc.
- */
-- for (ret = -1, i = 0; ret < 0 && i < MAX_ATTEMPTS; i++)
-- ret = SSL_read(serverssl, buf, sizeof(buf));
-- if (ret <= 0) {
-- printf("Test %d failed: Failed to read app data\n", test);
-- goto end;
-+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
-+ i < MAX_ATTEMPTS; i++)
-+ {
-+ ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);
-+ if (ret > 0) {
-+ len += ret;
-+ } else {
-+ int ssl_error = SSL_get_error(serverssl, ret);
-+
-+ if (ssl_error == SSL_ERROR_SYSCALL ||
-+ ssl_error == SSL_ERROR_SSL) {
-+ printf("Test %d failed: Failed to read app data\n", test);
-+ err = -1;
-+ goto end;
-+ }
-+ }
- }
-- if (ret != sizeof(testdata)
-+ if (len != sizeof(testdata)
- || memcmp(buf, testdata, sizeof(testdata)) != 0) {
-+ err = -1;
- printf("Test %d failed: Unexpected app data received\n", test);
- goto end;
- }
diff -Nru openssl-1.1.0c/debian/patches/series openssl-1.1.0d/debian/patches/series
--- openssl-1.1.0c/debian/patches/series 2016-11-21 22:19:42.000000000 +0100
+++ openssl-1.1.0d/debian/patches/series 2017-01-29 20:51:07.000000000 +0100
@@ -4,5 +4,6 @@
pic.patch
c_rehash-compat.patch
#padlock_conf.patch
-revert_ssl_read.patch
-0001-Add-missing-zdelete-for-some-linux-arches.patch
+X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch
+Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch
+Add-a-couple-of-test-to-check-CRL-fingerprint.patch
diff -Nru openssl-1.1.0c/debian/patches/X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch openssl-1.1.0d/debian/patches/X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch
--- openssl-1.1.0c/debian/patches/X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/debian/patches/X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch 2017-01-29 20:53:11.000000000 +0100
@@ -0,0 +1,40 @@
+From: Richard Levitte <levitte@openssl.org>
+Date: Sat, 28 Jan 2017 17:43:17 +0100
+Subject: [PATCH 1/3] X509_CRL_digest() - ensure precomputed sha1 hash before
+ returning it
+
+X509_CRL_digest() didn't check if the precomputed sha1 hash was actually
+present. This also makes sure there's an appropriate flag to check.
+
+BTS: #852920
+
+Reviewed-by: Kurt Roeckx <kurt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/2314)
+(cherry picked from commit 6195848b2eea627c47f74b63eb2ba3dc3d5b6436)
+---
+ crypto/x509/x_all.c | 2 +-
+ crypto/x509/x_crl.c | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+--- a/crypto/x509/x_all.c
++++ b/crypto/x509/x_all.c
+@@ -377,7 +377,7 @@ int X509_digest(const X509 *data, const
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len)
+ {
+- if (type == EVP_sha1()) {
++ if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
+ /* Asking for SHA1; always computed in CRL d2i. */
+ if (len != NULL)
+ *len = sizeof(data->sha1_hash);
+--- a/crypto/x509/x_crl.c
++++ b/crypto/x509/x_crl.c
+@@ -226,6 +226,8 @@ static int crl_cb(int operation, ASN1_VA
+ if (crl->meth->crl_init(crl) == 0)
+ return 0;
+ }
++
++ crl->flags |= EXFLAG_SET;
+ break;
+
+ case ASN1_OP_FREE_POST:
diff -Nru openssl-1.1.0c/debian/rules openssl-1.1.0d/debian/rules
--- openssl-1.1.0c/debian/rules 2016-11-10 18:53:01.000000000 +0100
+++ openssl-1.1.0d/debian/rules 2017-01-29 20:32:03.000000000 +0100
@@ -41,145 +41,107 @@
CONFARGS += enable-ec_nistp_64_gcc_128
endif
-MAKE_TEST = $(MAKE) test HARNESS_VERBOSE=yes
-ifneq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS)))
- MAKE_TEST = :
-endif
+%:
+ dh $@ --without autoreconf
-build: build-arch build-indep
-build-arch: build-stamp
-build-indep: build-stamp
-build-stamp:
- dh_testdir
-# perl util/ssldir.pl /usr/lib/ssl
-# chmod +x debian/libtool
- ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
- $(MAKE) depend
- $(MAKE) -f Makefile all
- $(MAKE_TEST)
- mv libcrypto.a libcrypto.static
- mv libssl.a libssl.static
- $(MAKE) -f Makefile clean
+override_dh_auto_configure:
test -z "$(OPTS)" || for opt in $(OPTS); \
do \
set -xe; \
- ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
- $(MAKE) -f Makefile all; \
- $(MAKE_TEST); \
- mkdir -p $$opt; \
- mv libcrypto.so* libssl.so* $$opt/; \
- $(MAKE) -f Makefile clean; \
+ mkdir build_$$opt; \
+ cd build_$$opt ; \
+ ../Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
+ cd .. ;\
done
+ mkdir build_static; cd build_static; ../Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
# Debian Perl policy 5.1 (Script Magic)
- HASHBANGPERL=/usr/bin/perl ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
- #$(MAKE) -f Makefile depend
+ mkdir build_shared; cd build_shared; HASHBANGPERL=/usr/bin/perl ../Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
+
+override_dh_auto_build-indep:
+ $(MAKE) -C build_shared all
+
+override_dh_auto_build-arch:
+ $(MAKE) -C build_static all
+ test -z "$(OPTS)" || for opt in $(OPTS); \
+ do \
+ set -xe; \
+ $(MAKE) -C build_$$opt all; \
+ done
ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
-# $(MAKE) -f Makefile linux-shared
- $(MAKE) -f Makefile all
- $(MAKE_TEST)
-# strip apps/openssl
-# $(MAKE) -f Makefile clean
-# ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH)
-# $(MAKE) -f Makefile all
- touch build-stamp
-
-clean:
- dh_testdir
- dh_testroot
- -rm -f build-stamp
- -./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
- [ ! -f Makefile ] || $(MAKE) -f Makefile clean
- #-$(MAKE) -f Makefile dclean
-# perl util/ssldir.pl /usr/local/ssl
- -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
- -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save`
- -rm -f crypto/pem/ctx_size
- -rm -f `find . -name "*~"`
- -rm -f `find . -name "*.orig" -o -name "*.rej"`
- -rm -f certs/*.0 certs/*.1
-# -rm -rf debian/tmp debian/files* core `find debian/* -type d`
- -rm -rf core $(OPTS)
- -rm doc/*.pod
- -rm -f libcrypto.* libssl.*
- -cd test && rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bntest ectest ecdsatest ecdhtest ideatest md2test md4test md5test hmactest rc2test rc4test rc5test destest shatest sha1test sha256t sha512t mdc2test rmdtest randtest dhtest enginetest bftest casttest ssltest exptest dsatest rsa_test evp_test *.ss *.srl log dummytest newkey.pem igetest
- -rm Makefile apps/CA.pl tools/c_rehash crypto/opensslconf.h crypto/x86_64cpuid.S
- rm -f test/asn1test test/wp_test test/srptest test/jpaketest
- rm -f certs/demo/*.0
- rm -rf crypto/aes/aes-armv4.S crypto/bn/armv4-gf2m.S crypto/modes/ghash-armv4.S crypto/sha/*.S
- rm -f configdata.pm crypto/include/internal/bn_conf.h crypto/include/internal/dso_conf.h include/openssl/opensslconf.h
- rm -f crypto.map ssl.map engines/afalg/afalg.so test/req-check.err test/req-fff.p test/sid-fff.p
- find . -type l -exec rm '{}' \;
- dh_clean
-
-install: build
- dh_testdir
- dh_testroot
- dh_clean
- dh_installdirs
- $(MAKE) -f Makefile install DESTDIR=`pwd`/debian/tmp
-
-binary-indep: build install
- dh_testdir
- dh_testroot
- dh_installdirs -i
- dh_installman -plibssl-doc
- dh_installdocs -i
- dh_movefiles -i
- dh_installchangelogs -i CHANGES
- dh_compress -i
- dh_fixperms -i
- dh_gencontrol -i
- dh_installdeb -i
- dh_md5sums -i
- dh_builddeb -i
-
-binary-arch: build install
- dh_testdir
- dh_testroot
- dh_installdirs -a
+ $(MAKE) -C build_shared all
+
+override_dh_auto_test-indep:
+
+override_dh_auto_test-arch:
+ifneq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS)))
+ @echo Skipping tests
+else
+ test -z "$(OPTS)" || for opt in $(OPTS); \
+ do \
+ set -xe; \
+ $(MAKE) -C build_$$opt test HARNESS_VERBOSE=yes; \
+ done
+ $(MAKE) -C build_static test HARNESS_VERBOSE=yes
+ $(MAKE) -C build_shared test HARNESS_VERBOSE=yes
+endif
+
+override_dh_auto_clean:
+ rm -rf build_static build_shared
+ test -z "$(OPTS)" || for opt in $(OPTS); \
+ do \
+ set -xe; \
+ rm -rf build_$$opt; \
+ done
+ rm -f doc/openssl.pod doc/crypto.pod doc/ssl.pod
+ dh_auto_clean
+
+override_dh_auto_install-indep:
+ # Install is only required for the -indep only build, that is if
+ # -arch isn't run as well. Otherwise install will fail because
+ # usr/lib/ssl/cert is a symlink to a non existing target.
+ if [ ! -L debian/tmp/usr/lib/ssl/certs ]; then \
+ $(MAKE) -C build_shared install DESTDIR=`pwd`/debian/tmp ;\
+ mkdir -p debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl ;\
+ mv debian/tmp/usr/include/openssl/opensslconf.h debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl/ ;\
+ fi
+
+override_dh_auto_install-arch:
+ $(MAKE) -C build_shared install DESTDIR=`pwd`/debian/tmp
# pic static libraries, nobody should need them
-# mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
-# mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
- cp -pf libcrypto.static debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.a
- cp -pf libssl.static debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.a
+ cp -pf build_static/libcrypto.a debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.a
+ cp -pf build_static/libssl.a debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.a
mkdir -p debian/tmp/etc/ssl
mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so.* debian/libcrypto1.1-udeb/usr/lib/
cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so.* debian/libssl1.1-udeb/usr/lib/
- cp -auv lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/
- for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt/; done
+ cp -auv build_shared/lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/
+ for opt in $(OPTS); \
+ do set -xe; \
+ mkdir -p debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt; \
+ cp -auv build_$$opt/lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt/; \
+ done
mkdir -p debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl
mv debian/tmp/usr/include/openssl/opensslconf.h debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl/
- install debian/copyright debian/libssl1.1/usr/share/doc/libssl1.1/
- install debian/changelog debian/libssl1.1/usr/share/doc/libssl1.1/changelog.Debian
- install debian/copyright debian/libssl-dev/usr/share/doc/libssl-dev/
- install debian/changelog debian/libssl-dev/usr/share/doc/libssl-dev/changelog.Debian
-
- dh_installdocs -a debian/README.optimization
- dh_installexamples -a
- dh_installchangelogs -a CHANGES
- dh_installman -popenssl
- dh_installdebconf -a
- dh_movefiles -a
- dh_compress -a
- chmod 700 debian/openssl/etc/ssl/private
- dh_fixperms -a -X etc/ssl/private
- dh_strip -plibssl1.1 --dbg-package=libssl1.1-dbg
- dh_strip -a -Nlibssl1.1
- dh_perl -a -d
- dpkg-gensymbols -Pdebian/libssl1.1/ -plibssl1.1 -c4
- dh_makeshlibs -a -V "libssl1.1" --add-udeb="libcrypto1.1-udeb" -Xengines
- sed -i '/^udeb: libssl/s/libcrypto1.1-udeb/libssl1.1-udeb/' debian/libssl1.1/DEBIAN/shlibs
- dh_shlibdeps -a -L libssl1.1 -l debian/libssl1.1/usr/lib/$(DEB_HOST_MULTIARCH)
- dh_gencontrol -a
- dh_installdeb -a
- dh_md5sums -a
- dh_builddeb -a
- echo -en "\a"
-# Below here is fairly generic really
+override_dh_installchangelogs:
+ dh_installchangelogs CHANGES
-binary: binary-indep binary-arch
+override_dh_fixperms:
+ if [ -d debian/openssl/etc/ssl/private ] ; then \
+ chmod 700 debian/openssl/etc/ssl/private ; \
+ fi
+ dh_fixperms -a -X etc/ssl/private
+
+override_dh_makeshlibs:
+ #dpkg-gensymbols -Pdebian/libssl1.1/ -plibssl1.1 -c4
+ dh_makeshlibs -a --add-udeb="libcrypto1.1-udeb" -Xengines
+ # XXX: This needs gets set perl:any by dh_perl which is correct, but
+ # that breaks debootstrap in jessie (the current stable). This hack
+ # could be removed once stretch is stable and contains a fixed
+ # debootstrap, see #836525
+ sed -i 's@perl:Depends=perl:any@perl:Depends=perl@' debian/openssl.substvars
-.PHONY: binary binary-arch binary-indep clean install
+override_dh_shlibdeps:
+ sed -i '/^udeb: libssl/s/libcrypto1.1-udeb/libssl1.1-udeb/' debian/libssl1.1/DEBIAN/shlibs
+ dh_shlibdeps -a -L libssl1.1
diff -Nru openssl-1.1.0c/doc/apps/CA.pl.pod openssl-1.1.0d/doc/apps/CA.pl.pod
--- openssl-1.1.0c/doc/apps/CA.pl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/CA.pl.pod 2017-01-26 14:10:23.000000000 +0100
@@ -7,19 +7,27 @@
=head1 SYNOPSIS
B<CA.pl>
-[B<-?>]
-[B<-h>]
-[B<-help>]
-[B<-newcert>]
-[B<-newreq>]
-[B<-newreq-nodes>]
-[B<-newca>]
-[B<-xsign>]
-[B<-sign>]
-[B<-signreq>]
-[B<-signcert>]
-[B<-verify>]
-[B<files>]
+B<-?> |
+B<-h> |
+B<-help>
+
+B<CA.pl>
+B<-newcert> |
+B<-newreq> |
+B<-newreq-nodes> |
+B<-xsign> |
+B<-sign> |
+B<-signCA> |
+B<-signcert> |
+B<-crl> |
+B<-newca>
+[B<-extra-cmd> extra-params]
+
+B<CA.pl> B<-pkcs12> [B<-extra-pkcs12> extra-params] [B<certname>]
+
+B<CA.pl> B<-verify> [B<-extra-verify> extra-params] B<certfile>...
+
+B<CA.pl> B<-revoke> [B<-extra-ca> extra-params] B<certfile> [B<reason>]
=head1 DESCRIPTION
@@ -28,7 +36,7 @@
It is intended to simplify the process of certificate creation and management
by the use of some simple options.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
@@ -40,15 +48,18 @@
creates a new self signed certificate. The private key is written to the file
"newkey.pem" and the request written to the file "newreq.pem".
+This argument invokes B<openssl req> command.
=item B<-newreq>
creates a new certificate request. The private key is written to the file
"newkey.pem" and the request written to the file "newreq.pem".
+Executes B<openssl req> command below the hood.
=item B<-newreq-nodes>
is like B<-newreq> except that the private key will not be encrypted.
+Uses B<openssl req> command.
=item B<-newca>
@@ -57,6 +68,7 @@
certificates (which should also contain the private key) or by hitting ENTER
details of the CA will be prompted for. The relevant files and directories
are created in a directory called "demoCA" in the current directory.
+B<openssl req> and B<openssl ca> commands are get invoked.
=item B<-pkcs12>
@@ -68,29 +80,31 @@
If there is an additional argument on the command line it will be used as the
"friendly name" for the certificate (which is typically displayed in the browser
list box), otherwise the name "My Certificate" is used.
+Delegates work to B<openssl pkcs12> command.
-=item B<-sign>, B<-signreq>, B<-xsign>
+=item B<-sign>, B<-signcert>, B<-xsign>
calls the B<ca> program to sign a certificate request. It expects the request
to be in the file "newreq.pem". The new certificate is written to the file
"newcert.pem" except in the case of the B<-xsign> option when it is written
-to standard output.
-
+to standard output. Leverages B<openssl ca> command.
=item B<-signCA>
this option is the same as the B<-signreq> option except it uses the configuration
file section B<v3_ca> and so makes the signed request a valid CA certificate. This
is useful when creating intermediate CA from a root CA.
+Extra params are passed on to B<openssl ca> command.
=item B<-signcert>
this option is the same as B<-sign> except it expects a self signed certificate
to be present in the file "newreq.pem".
+Extra params are passed on to B<openssl x509> and B<openssl ca> commands.
=item B<-crl>
-generate a CRL
+generate a CRL. Executes B<openssl ca> command.
=item B<-revoke certfile [reason]>
@@ -98,15 +112,23 @@
reason may be specified, and must be one of: B<unspecified>,
B<keyCompromise>, B<CACompromise>, B<affiliationChanged>, B<superseded>,
B<cessationOfOperation>, B<certificateHold>, or B<removeFromCRL>.
+Leverages B<openssl ca> command.
=item B<-verify>
verifies certificates against the CA certificate for "demoCA". If no certificates
are specified on the command line it tries to verify the file "newcert.pem".
+Invokes B<openssl verify> command.
-=item B<files>
+=item B<-extra-req> | B<-extra-ca> | B<-extra-pkcs12> | B<-extra-x509> | B<-extra-verify> <extra-params>
-one or more optional certificate file names for use with the B<-verify> command.
+The purpose of these parameters is to allow optional parameters to be supplied
+to B<openssl> that this command executes. The B<-extra-cmd> are specific to the
+option being used and the B<openssl> command getting invoked. For example
+when this command invokes B<openssl req> extra parameters can be passed on
+with the B<-extra-req> parameter. The
+B<openssl> commands being invoked per option are documented below.
+Users should consult B<openssl> command documentation for more information.
=back
diff -Nru openssl-1.1.0c/doc/apps/ca.pod openssl-1.1.0d/doc/apps/ca.pod
--- openssl-1.1.0c/doc/apps/ca.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/ca.pod 2017-01-26 14:10:23.000000000 +0100
@@ -62,7 +62,7 @@
The options descriptions will be divided into each purpose.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/ciphers.pod openssl-1.1.0d/doc/apps/ciphers.pod
--- openssl-1.1.0c/doc/apps/ciphers.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/ciphers.pod 2017-01-26 14:10:23.000000000 +0100
@@ -15,6 +15,7 @@
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
+[B<-tls1_3>]
[B<-s>]
[B<-psk>]
[B<-srp>]
@@ -27,7 +28,7 @@
SSL cipher preference lists. It can be used as a test tool to determine
the appropriate cipherlist.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
@@ -69,6 +70,11 @@
Like B<-v>, but include the official cipher suite values in hex.
+=item B<-tls1_3>
+
+In combination with the B<-s> option, list the ciphers which would be used if
+TLSv1.3 were negotiated.
+
=item B<-tls1_2>
In combination with the B<-s> option, list the ciphers which would be used if
@@ -711,7 +717,7 @@
=head1 SEE ALSO
-L<s_client(1)>, L<s_server(1)>, L<ssl(3)>
+L<s_client(1)>, L<s_server(1)>, L<ssl(7)>
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/apps/cms.pod openssl-1.1.0d/doc/apps/cms.pod
--- openssl-1.1.0c/doc/apps/cms.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/cms.pod 2017-01-26 14:10:23.000000000 +0100
@@ -104,7 +104,7 @@
The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
verify, compress and uncompress S/MIME messages.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
There are fourteen operation options that set the type of operation to be
performed. The meaning of the other options varies according to the operation
diff -Nru openssl-1.1.0c/doc/apps/crl2pkcs7.pod openssl-1.1.0d/doc/apps/crl2pkcs7.pod
--- openssl-1.1.0c/doc/apps/crl2pkcs7.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/crl2pkcs7.pod 2017-01-26 14:10:23.000000000 +0100
@@ -21,7 +21,7 @@
certificates and converts them into a PKCS#7 degenerate "certificates
only" structure.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/crl.pod openssl-1.1.0d/doc/apps/crl.pod
--- openssl-1.1.0c/doc/apps/crl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/crl.pod 2017-01-26 14:10:23.000000000 +0100
@@ -26,7 +26,7 @@
The B<crl> command processes CRL files in DER or PEM format.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/dsa.pod openssl-1.1.0d/doc/apps/dsa.pod
--- openssl-1.1.0c/doc/apps/dsa.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/dsa.pod 2017-01-26 14:10:23.000000000 +0100
@@ -37,7 +37,7 @@
traditional SSLeay compatible format for private key encryption: newer
applications should use the more secure PKCS#8 format using the B<pkcs8>
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/ec.pod openssl-1.1.0d/doc/apps/ec.pod
--- openssl-1.1.0c/doc/apps/ec.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/ec.pod 2017-01-26 14:10:23.000000000 +0100
@@ -36,7 +36,7 @@
(http://www.secg.org/). To convert an OpenSSL EC private key into the
PKCS#8 private key format use the B<pkcs8> command.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/errstr.pod openssl-1.1.0d/doc/apps/errstr.pod
--- openssl-1.1.0c/doc/apps/errstr.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/errstr.pod 2017-01-26 14:10:23.000000000 +0100
@@ -15,7 +15,7 @@
display the meaning of the hex code. The hex code is the hex digits after the
second colon.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
None.
@@ -33,10 +33,6 @@
error:2006D080:BIO routines:BIO_new_file:no such file
-=head1 SEE ALSO
-
-L<err(3)>
-
=head1 COPYRIGHT
Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
diff -Nru openssl-1.1.0c/doc/apps/nseq.pod openssl-1.1.0d/doc/apps/nseq.pod
--- openssl-1.1.0c/doc/apps/nseq.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/nseq.pod 2017-01-26 14:10:23.000000000 +0100
@@ -19,7 +19,7 @@
file of certificates and converts it into a Netscape certificate
sequence.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/ocsp.pod openssl-1.1.0d/doc/apps/ocsp.pod
--- openssl-1.1.0c/doc/apps/ocsp.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/ocsp.pod 2017-01-26 14:10:23.000000000 +0100
@@ -95,7 +95,7 @@
to print out requests and responses, create requests and send queries
to an OCSP responder and behave like a mini OCSP server itself.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
This command operates as either a client or a server.
The options are described below, divided into those two modes.
diff -Nru openssl-1.1.0c/doc/apps/openssl.pod openssl-1.1.0d/doc/apps/openssl.pod
--- openssl-1.1.0c/doc/apps/openssl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/openssl.pod 2017-01-26 14:10:23.000000000 +0100
@@ -350,7 +350,7 @@
=back
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
Details of which options are available depend on the specific command.
This section describes some common options with common behavior.
@@ -422,7 +422,7 @@
L<s_server(1)>, L<s_time(1)>,
L<smime(1)>, L<spkac(1)>,
L<verify(1)>, L<version(1)>, L<x509(1)>,
-L<crypto(3)>, L<ssl(3)>, L<x509v3_config(5)>
+L<crypto(7)>, L<ssl(7)>, L<x509v3_config(5)>
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/apps/pkcs12.pod openssl-1.1.0d/doc/apps/pkcs12.pod
--- openssl-1.1.0c/doc/apps/pkcs12.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkcs12.pod 2017-01-26 14:10:23.000000000 +0100
@@ -49,7 +49,7 @@
PFX files) to be created and parsed. PKCS#12 files are used by several
programs including Netscape, MSIE and MS Outlook.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
There are a lot of options the meaning of some depends of whether a PKCS#12 file
is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
diff -Nru openssl-1.1.0c/doc/apps/pkcs7.pod openssl-1.1.0d/doc/apps/pkcs7.pod
--- openssl-1.1.0c/doc/apps/pkcs7.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkcs7.pod 2017-01-26 14:10:23.000000000 +0100
@@ -21,7 +21,7 @@
The B<pkcs7> command processes PKCS#7 files in DER or PEM format.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/pkcs8.pod openssl-1.1.0d/doc/apps/pkcs8.pod
--- openssl-1.1.0c/doc/apps/pkcs8.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkcs8.pod 2017-01-26 14:10:23.000000000 +0100
@@ -34,7 +34,7 @@
both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo
format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/pkeyparam.pod openssl-1.1.0d/doc/apps/pkeyparam.pod
--- openssl-1.1.0c/doc/apps/pkeyparam.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkeyparam.pod 2017-01-26 14:10:23.000000000 +0100
@@ -19,7 +19,7 @@
The B<pkey> command processes public or private keys. They can be converted
between various forms and their components printed out.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/pkey.pod openssl-1.1.0d/doc/apps/pkey.pod
--- openssl-1.1.0c/doc/apps/pkey.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkey.pod 2017-01-26 14:10:23.000000000 +0100
@@ -28,7 +28,7 @@
The B<pkey> command processes public or private keys. They can be converted
between various forms and their components printed out.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/pkeyutl.pod openssl-1.1.0d/doc/apps/pkeyutl.pod
--- openssl-1.1.0c/doc/apps/pkeyutl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/pkeyutl.pod 2017-01-26 14:10:23.000000000 +0100
@@ -38,7 +38,7 @@
The B<pkeyutl> command can be used to perform public key operations using
any supported algorithm.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
@@ -126,7 +126,8 @@
Use key derivation function B<algorithm>. The supported algorithms are
at present B<TLS1-PRF> and B<HKDF>.
Note: additional parameters and the KDF output length will normally have to be
-set for this to work. See L<EVP_PKEY_HKDF(3)> and L<EVP_PKEY_TLS1_PRF(3)>
+set for this to work.
+See L<EVP_PKEY_CTX_set_hkdf_md(3)> and L<EVP_PKEY_CTX_set_tls1_prf_md(3)>
for the supported string parameters of each algorithm.
=item B<-kdflen length>
@@ -277,7 +278,7 @@
L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)>
L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>,
-L<EVP_PKEY_HKDF(3)>, L<EVP_PKEY_TLS1_PRF(3)>
+L<EVP_PKEY_CTX_set_hkdf_md(3)>, L<EVP_PKEY_CTX_set_tls1_prf_md(3)>
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/apps/req.pod openssl-1.1.0d/doc/apps/req.pod
--- openssl-1.1.0c/doc/apps/req.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/req.pod 2017-01-26 14:10:23.000000000 +0100
@@ -52,7 +52,7 @@
in PKCS#10 format. It can additionally create self signed certificates
for use as root CAs for example.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/rsa.pod openssl-1.1.0d/doc/apps/rsa.pod
--- openssl-1.1.0c/doc/apps/rsa.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/rsa.pod 2017-01-26 14:10:23.000000000 +0100
@@ -41,7 +41,7 @@
applications should use the more secure PKCS#8 format using the B<pkcs8>
utility.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/rsautl.pod openssl-1.1.0d/doc/apps/rsautl.pod
--- openssl-1.1.0c/doc/apps/rsautl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/rsautl.pod 2017-01-26 14:10:23.000000000 +0100
@@ -29,7 +29,7 @@
The B<rsautl> command can be used to sign, verify, encrypt and decrypt
data using the RSA algorithm.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/s_client.pod openssl-1.1.0d/doc/apps/s_client.pod
--- openssl-1.1.0c/doc/apps/s_client.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/s_client.pod 2017-01-26 14:10:23.000000000 +0100
@@ -10,6 +10,9 @@
[B<-help>]
[B<-connect host:port>]
[B<-proxy host:port>]
+[B<-unix path>]
+[B<-4>]
+[B<-6>]
[B<-servername name>]
[B<-verify depth>]
[B<-verify_return_error>]
@@ -68,10 +71,12 @@
[B<-tls1>]
[B<-tls1_1>]
[B<-tls1_2>]
+[B<-tls1_3>]
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
+[B<-no_tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@@ -130,6 +135,18 @@
specified with this flag and issues an HTTP CONNECT command to connect
to the desired server.
+=item B<-unix path>
+
+Connect over the specified Unix-domain socket.
+
+=item B<-4>
+
+Use IPv4 only.
+
+=item B<-6>
+
+Use IPv6 only.
+
=item B<-servername name>
Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
@@ -336,7 +353,7 @@
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
-=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_client> will negotiate the highest mutually supported protocol
diff -Nru openssl-1.1.0c/doc/apps/sess_id.pod openssl-1.1.0d/doc/apps/sess_id.pod
--- openssl-1.1.0c/doc/apps/sess_id.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/sess_id.pod 2017-01-26 14:10:23.000000000 +0100
@@ -24,7 +24,7 @@
needs some knowledge of the SSL protocol to use properly, most users will
not need to use it.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/smime.pod openssl-1.1.0d/doc/apps/smime.pod
--- openssl-1.1.0c/doc/apps/smime.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/smime.pod 2017-01-26 14:10:23.000000000 +0100
@@ -74,7 +74,7 @@
The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
verify S/MIME messages.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
There are six operation options that set the type of operation to be performed.
The meaning of the other options varies according to the operation type.
diff -Nru openssl-1.1.0c/doc/apps/spkac.pod openssl-1.1.0d/doc/apps/spkac.pod
--- openssl-1.1.0c/doc/apps/spkac.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/spkac.pod 2017-01-26 14:10:23.000000000 +0100
@@ -26,7 +26,7 @@
(SPKAC) files. It can print out their contents, verify the signature and
produce its own SPKACs from a supplied private key.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/apps/s_server.pod openssl-1.1.0d/doc/apps/s_server.pod
--- openssl-1.1.0c/doc/apps/s_server.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/s_server.pod 2017-01-26 14:10:23.000000000 +0100
@@ -8,8 +8,13 @@
B<openssl> B<s_server>
[B<-help>]
-[B<-accept port>]
+[B<-port port>]
+[B<-accept val>]
[B<-naccept count>]
+[B<-unix val>]
+[B<-unlink>]
+[B<-4>]
+[B<-6>]
[B<-context id>]
[B<-verify depth>]
[B<-Verify depth>]
@@ -69,6 +74,9 @@
[B<-quiet>]
[B<-ssl3>]
[B<-tls1>]
+[B<-tls1_1>]
+[B<-tls1_2>]
+[B<-tls1_3>]
[B<-dtls>]
[B<-dtls1>]
[B<-dtls1_2>]
@@ -81,6 +89,7 @@
[B<-no_tls1>]
[B<-no_tls1_1>]
[B<-no_tls1_2>]
+[B<-no_tls1_3>]
[B<-no_dhe>]
[B<-bugs>]
[B<-comp>]
@@ -121,14 +130,34 @@
Print out a usage message.
-=item B<-accept port>
+=item B<-port port>
The TCP port to listen on for connections. If not specified 4433 is used.
+=item B<-accept val>
+
+The optional TCP host and port to listen on for connections. If not specified, *:4433 is used.
+
=item B<-naccept count>
The server will exit after receiving B<number> connections, default unlimited.
+=item B<-unix val>
+
+Unix domain socket to accept on.
+
+=item B<-unlink>
+
+For -unix, unlink existing socket first.
+
+=item B<-4>
+
+Use IPv4 only.
+
+=item B<-6>
+
+Use IPv6 only.
+
=item B<-context id>
Sets the SSL context id. It can be given any string value. If this option
@@ -295,7 +324,7 @@
given as a hexadecimal number without leading 0x, for example -psk
1a2b3c4d.
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
These options require or disable the use of the specified SSL or TLS protocols.
By default B<s_server> will negotiate the highest mutually supported protocol
diff -Nru openssl-1.1.0c/doc/apps/verify.pod openssl-1.1.0d/doc/apps/verify.pod
--- openssl-1.1.0c/doc/apps/verify.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/apps/verify.pod 2017-01-26 14:10:23.000000000 +0100
@@ -55,7 +55,7 @@
The B<verify> command verifies certificate chains.
-=head1 COMMAND OPTIONS
+=head1 OPTIONS
=over 4
diff -Nru openssl-1.1.0c/doc/crypto/BIO_ctrl.pod openssl-1.1.0d/doc/crypto/BIO_ctrl.pod
--- openssl-1.1.0c/doc/crypto/BIO_ctrl.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/BIO_ctrl.pod 2017-01-26 14:10:24.000000000 +0100
@@ -5,7 +5,8 @@
BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close,
BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending,
-BIO_get_info_callback, BIO_set_info_callback - BIO control operations
+BIO_get_info_callback, BIO_set_info_callback, bio_info_cb
+- BIO control operations
=head1 SYNOPSIS
@@ -94,7 +95,7 @@
=head1 NOTES
BIO_flush(), because it can write data may return 0 or -1 indicating
-that the call should be retried later in a similar manner to BIO_write().
+that the call should be retried later in a similar manner to BIO_write_ex().
The BIO_should_retry() call should be used and appropriate action taken
is the call fails.
diff -Nru openssl-1.1.0c/doc/crypto/BIO_set_callback.pod openssl-1.1.0d/doc/crypto/BIO_set_callback.pod
--- openssl-1.1.0c/doc/crypto/BIO_set_callback.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/BIO_set_callback.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,17 +2,24 @@
=head1 NAME
-BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg,
-BIO_debug_callback - BIO callback functions
+BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback,
+BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback,
+BIO_callback_fn_ex, BIO_callback_fn
+- BIO callback functions
=head1 SYNOPSIS
#include <openssl/bio.h>
-
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+ size_t len, int argi,
+ long argl, int ret, size_t *processed);
typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
long argl, long ret);
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
void BIO_set_callback(BIO *b, BIO_callack_fn cb);
BIO_callack_fn BIO_get_callback(BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
@@ -23,10 +30,15 @@
=head1 DESCRIPTION
-BIO_set_callback() and BIO_get_callback() set and retrieve the BIO callback,
-they are both macros. The callback is called during most high level BIO
-operations. It can be used for debugging purposes to trace operations on
-a BIO or to modify its operation.
+BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO
+callback. The callback is called during most high level BIO operations. It can
+be used for debugging purposes to trace operations on a BIO or to modify its
+operation.
+
+BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO
+callback. New code should not use these functions, but they are retained for
+backwards compatbility. Any callback set via BIO_set_callback_ex() will get
+called in preference to any set by BIO_set_callback().
BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be
used to set and retrieve an argument for use in the callback.
@@ -36,8 +48,9 @@
argument is set it is interpreted as a BIO to send the information
to, otherwise stderr is used.
-BIO_callback_fn() is the type of the callback function. The meaning of each
-argument is described below:
+BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn()
+is the type of the old format callback function. The meaning of each argument
+is described below:
=over
@@ -51,11 +64,22 @@
the callback is called twice, once before and once after the actual
operation, the latter case has B<oper> or'ed with BIO_CB_RETURN.
+=item B<len>
+
+The length of the data requested to be read or written. This is only useful if
+B<oper> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.
+
=item B<argp> B<argi> B<argl>
The meaning of the arguments B<argp>, B<argi> and B<argl> depends on
the value of B<oper>, that is the operation being performed.
+=item B<processed>
+
+B<processed> is a pointer to a location which will be updated with the amount of
+data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE,
+BIO_CB_GETS and BIO_CB_PUTS.
+
=item B<ret>
B<ret> is the return value that would be returned to the
@@ -80,37 +104,103 @@
=item B<BIO_free(b)>
-callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L) is called before the
-free operation.
+ callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)
+
+or
+
+ callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)
+
+is called before the free operation.
+
+=item B<BIO_read_ex(b, data, dlen, readbytes)>
+
+ callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, readbytes)
+
+or
-=item B<BIO_read(b, out, outl)>
+ callback(b, BIO_CB_READ, data, dlen, 0L, 1L)
+
+is called before the read and
+
+ callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue, readbytes)
+
+or
+
+ callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)
-callback(b, BIO_CB_READ, out, outl, 0L, 1L) is called before
-the read and callback(b, BIO_CB_READ|BIO_CB_RETURN, out, outl, 0L, retvalue)
after.
-=item B<BIO_write(b, in, inl)>
+=item B<BIO_write(b, data, dlen, written)>
+
+ callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, written)
+
+or
+
+ callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)
+
+is called before the write and
+
+ callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue, written)
+
+or
+
+ callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)
-callback(b, BIO_CB_WRITE, in, inl, 0L, 1L) is called before
-the write and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl, 0L, retvalue)
after.
-=item B<BIO_gets(b, out, outl)>
+=item B<BIO_gets(b, buf, size)>
+
+ callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)
+
+or
+
+ callback(b, BIO_CB_GETS, buf, size, 0L, 1L)
+
+is called before the operation and
+
+ callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue, readbytes)
+
+or
+
+ callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)
-callback(b, BIO_CB_GETS, out, outl, 0L, 1L) is called before
-the operation and callback(b, BIO_CB_GETS|BIO_CB_RETURN, out, outl, 0L, retvalue)
after.
-=item B<BIO_puts(b, in)>
+=item B<BIO_puts(b, buf)>
+
+ callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);
+
+or
+
+ callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)
+
+is called before the operation and
+
+ callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, written)
+
+or
+
+ callback(b, BIO_CB_WRITE|BIO_CB_RETURN, buf, 0, 0L, retvalue)
-callback(b, BIO_CB_WRITE, in, 0, 0L, 1L) is called before
-the operation and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, 0, 0L, retvalue)
after.
=item B<BIO_ctrl(BIO *b, int cmd, long larg, void *parg)>
-callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L) is called before the call and
-callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret) after.
+ callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)
+
+or
+
+ callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)
+
+is called before the call and
+
+ callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)
+
+or
+
+ callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)
+
+after.
=back
diff -Nru openssl-1.1.0c/doc/crypto/BUF_MEM_new.pod openssl-1.1.0d/doc/crypto/BUF_MEM_new.pod
--- openssl-1.1.0c/doc/crypto/BUF_MEM_new.pod 2016-11-10 15:03:45.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/BUF_MEM_new.pod 2017-01-26 14:10:24.000000000 +0100
@@ -44,7 +44,7 @@
BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free'd
or additionally-allocated memory to zero.
-BUF_reverse() reverses B<size> bytes at B<in> into B<out>. If B<out>
+BUF_reverse() reverses B<size> bytes at B<in> into B<out>. If B<in>
is NULL, the array is reversed in-place.
=head1 RETURN VALUES
@@ -58,7 +58,7 @@
=head1 SEE ALSO
-L<bio(3)>,
+L<bio(7)>,
L<CRYPTO_secure_malloc(3)>.
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/crypto/DH_generate_parameters.pod openssl-1.1.0d/doc/crypto/DH_generate_parameters.pod
--- openssl-1.1.0c/doc/crypto/DH_generate_parameters.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/DH_generate_parameters.pod 2017-01-26 14:10:24.000000000 +0100
@@ -3,7 +3,8 @@
=head1 NAME
DH_generate_parameters_ex, DH_generate_parameters,
-DH_check - generate and check Diffie-Hellman parameters
+DH_check, DH_check_params - generate and check Diffie-Hellman
+parameters
=head1 SYNOPSIS
@@ -12,6 +13,7 @@
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
Deprecated:
@@ -37,6 +39,30 @@
is called. See L<BN_generate_prime(3)> for information on
the BN_GENCB_call() function.
+DH_check_params() confirms that the B<p> and B<g> are likely enough to
+be valid.
+This is a lightweight check, if a more thorough check is needed, use
+DH_check().
+The value of B<*codes> is updated with any problems found.
+If B<*codes> is zero then no problems were found, otherwise the
+following bits may be set:
+
+=over 4
+
+=item DH_CHECK_P_NOT_PRIME
+
+The parameter B<p> has been determined to not being an odd prime.
+Note that the lack of this bit doesn't guarantee that B<p> is a
+prime.
+
+=item DH_NOT_SUITABLE_GENERATOR
+
+The generator B<g> is not suitable.
+Note that the lack of this bit doesn't guarantee that B<g> is
+suitable, unless B<p> is known to be a strong prime.
+
+=back
+
DH_check() confirms that the Diffie-Hellman parameters B<dh> are valid. The
value of B<*codes> is updated with any problems found. If B<*codes> is zero then
no problems were found, otherwise the following bits may be set:
@@ -75,8 +101,8 @@
=head1 RETURN VALUES
-DH_generate_parameters_ex() and DH_check() return 1 if the check could be
-performed, 0 otherwise.
+DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1
+if the check could be performed, 0 otherwise.
DH_generate_parameters() (deprecated) returns a pointer to the DH structure, or
NULL if the parameter generation fails.
@@ -93,7 +119,7 @@
=head1 SEE ALSO
-L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
L<DH_free(3)>
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/crypto/ECDSA_SIG_new.pod openssl-1.1.0d/doc/crypto/ECDSA_SIG_new.pod
--- openssl-1.1.0c/doc/crypto/ECDSA_SIG_new.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/ECDSA_SIG_new.pod 2017-01-26 14:10:24.000000000 +0100
@@ -76,7 +76,7 @@
ECDSA_sign() computes a digital signature of the B<dgstlen> bytes hash value
B<dgst> using the private EC key B<eckey>. The DER encoded signatures is
-stored in B<sig> and it's length is returned in B<sig_len>. Note: B<sig> must
+stored in B<sig> and its length is returned in B<sig_len>. Note: B<sig> must
point to ECDSA_size(eckey) bytes of memory. The parameter B<type> is currently
ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with B<kinv>
and B<rp> set to NULL.
@@ -105,7 +105,7 @@
ECDSA_sign_ex() computes a digital signature of the B<dgstlen> bytes hash value
B<dgst> using the private EC key B<eckey> and the optional pre-computed values
-B<kinv> and B<rp>. The DER encoded signatures is stored in B<sig> and it's
+B<kinv> and B<rp>. The DER encoded signature is stored in B<sig> and its
length is returned in B<sig_len>. Note: B<sig> must point to ECDSA_size(eckey)
bytes of memory. The parameter B<type> is ignored.
@@ -191,7 +191,7 @@
=head1 SEE ALSO
-L<dsa(3)>,
+L<DSA_new(3)>,
L<EVP_DigestSignInit(3)>,
L<EVP_DigestVerifyInit(3)>
diff -Nru openssl-1.1.0c/doc/crypto/ERR_GET_LIB.pod openssl-1.1.0d/doc/crypto/ERR_GET_LIB.pod
--- openssl-1.1.0c/doc/crypto/ERR_GET_LIB.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/ERR_GET_LIB.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,8 +2,8 @@
=head1 NAME
-ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
-reason code
+ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON, ERR_FATAL_ERROR
+- get information from error codes
=head1 SYNOPSIS
@@ -15,12 +15,16 @@
int ERR_GET_REASON(unsigned long e);
+ int ERR_FATAL_ERROR(unsigned long e);
+
=head1 DESCRIPTION
The error code returned by ERR_get_error() consists of a library
number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
and ERR_GET_REASON() can be used to extract these.
+ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.
+
The library number and function code describe where the error
occurred, the reason code is the information about what went wrong.
@@ -33,15 +37,17 @@
unique. However, when checking for sub-library specific reason codes,
be sure to also compare the library number.
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
+ERR_GET_LIB(), ERR_GET_FUNC(), ERR_GET_REASON(), and ERR_FATAL_ERROR()
+ are macros.
=head1 RETURN VALUES
-The library number, function code and reason code respectively.
+The library number, function code, reason code, and whether the error
+is fatal, respectively.
=head1 SEE ALSO
-L<err(3)>, L<ERR_get_error(3)>
+L<err(7)>, L<ERR_get_error(3)>
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/crypto/EVP_DigestInit.pod openssl-1.1.0d/doc/crypto/EVP_DigestInit.pod
--- openssl-1.1.0c/doc/crypto/EVP_DigestInit.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/EVP_DigestInit.pod 2017-01-26 14:10:24.000000000 +0100
@@ -8,7 +8,7 @@
EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1,
EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_mdc2,
-EVP_ripemd160, EVP_blake2b_512, EVP_blake2s_256, EVP_get_digestbyname,
+EVP_ripemd160, EVP_blake2b512, EVP_blake2s256, EVP_get_digestbyname,
EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines
=head1 SYNOPSIS
@@ -48,8 +48,8 @@
const EVP_MD *EVP_sha1(void);
const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void);
- const EVP_MD *EVP_blake2b_512(void);
- const EVP_MD *EVP_blake2s_256(void);
+ const EVP_MD *EVP_blake2b512(void);
+ const EVP_MD *EVP_blake2s256(void);
const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void);
@@ -127,8 +127,8 @@
reasons.
EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
-EVP_sha384(), EVP_sha512(), EVP_mdc2(), EVP_ripemd160(), EVP_blake2b_512(), and
-EVP_blake2s_256() return B<EVP_MD> structures for the MD2, MD5, SHA1, SHA224,
+EVP_sha384(), EVP_sha512(), EVP_mdc2(), EVP_ripemd160(), EVP_blake2b512(), and
+EVP_blake2s256() return B<EVP_MD> structures for the MD2, MD5, SHA1, SHA224,
SHA256, SHA384, SHA512, MDC2, RIPEMD160, BLAKE2b-512, and BLAKE2s-256 digest
algorithms respectively.
@@ -153,7 +153,7 @@
EVP_MD_CTX_block_size() return the digest or block size in bytes.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
-EVP_mdc2(), EVP_ripemd160(), EVP_blake2b_512(), and EVP_blake2s_256() return
+EVP_mdc2(), EVP_ripemd160(), EVP_blake2b512(), and EVP_blake2s256() return
pointers to the corresponding EVP_MD structures.
EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
@@ -233,7 +233,7 @@
=head1 SEE ALSO
L<dgst(1)>,
-L<evp(3)>
+L<evp(7)>
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/crypto/EVP_EncryptInit.pod openssl-1.1.0d/doc/crypto/EVP_EncryptInit.pod
--- openssl-1.1.0c/doc/crypto/EVP_EncryptInit.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/EVP_EncryptInit.pod 2017-01-26 14:10:24.000000000 +0100
@@ -29,12 +29,13 @@
EVP_aes_192_cbc, EVP_aes_192_ecb, EVP_aes_192_cfb, EVP_aes_192_ofb,
EVP_aes_256_cbc, EVP_aes_256_ecb, EVP_aes_256_cfb, EVP_aes_256_ofb,
EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm,
-EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
-
-=for comment generic
+EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm,
+EVP_chacha20, EVP_chacha20_poly1305 - EVP cipher routines
=head1 SYNOPSIS
+=for comment generic
+
#include <openssl/evp.h>
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
@@ -400,6 +401,17 @@
These ciphers require additional control operations to function correctly: see
CCM mode section below for details.
+=item EVP_chacha20()
+
+The ChaCha20 stream cipher. The key length is 256 bits, the IV is 96 bits long.
+
+=item EVP_chacha20_poly1305()
+
+Authenticated encryption with ChaCha20-Poly1305. Like EVP_chacha20() the key is
+256 bits and the IV is 96 bits. This supports additional authenticated
+data (AAD) and produces a 128 bit authentication tag. See the
+L</GCM and OCB Modes> section for more information.
+
=back
=head1 GCM and OCB Modes
@@ -627,7 +639,7 @@
=head1 SEE ALSO
-L<evp(3)>
+L<evp(7)>
=head1 HISTORY
diff -Nru openssl-1.1.0c/doc/crypto/EVP_PKEY_keygen.pod openssl-1.1.0d/doc/crypto/EVP_PKEY_keygen.pod
--- openssl-1.1.0c/doc/crypto/EVP_PKEY_keygen.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/EVP_PKEY_keygen.pod 2017-01-26 14:10:24.000000000 +0100
@@ -5,7 +5,9 @@
EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init,
EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb,
EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data,
-EVP_PKEY_CTX_get_app_data - key and parameter generation functions
+EVP_PKEY_CTX_get_app_data,
+EVP_PKEY_gen_cb
+- key and parameter generation functions
=head1 SYNOPSIS
@@ -16,7 +18,7 @@
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
- typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+ typedef int (*EVP_PKEY_gen_cb)(EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
diff -Nru openssl-1.1.0c/doc/crypto/OPENSSL_secure_malloc.pod openssl-1.1.0d/doc/crypto/OPENSSL_secure_malloc.pod
--- openssl-1.1.0c/doc/crypto/OPENSSL_secure_malloc.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/OPENSSL_secure_malloc.pod 2017-01-26 14:10:24.000000000 +0100
@@ -6,7 +6,7 @@
CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc,
OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free,
CRYPTO_secure_free, OPENSSL_secure_actual_size, OPENSSL_secure_allocated,
-CYRPTO_secure_used - secure heap storage
+CRYPTO_secure_used - secure heap storage
=head1 SYNOPSIS
@@ -30,7 +30,7 @@
size_t OPENSSL_secure_actual_size(const void *ptr);
int OPENSSL_secure_allocated(const void *ptr);
- size_t CYRPTO_secure_used();
+ size_t CRYPTO_secure_used();
=head1 DESCRIPTION
@@ -109,8 +109,7 @@
=head1 SEE ALSO
L<OPENSSL_malloc(3)>,
-L<BN_new(3)>,
-L<bn_internal(3)>.
+L<BN_new(3)>
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/crypto/RSA_generate_key.pod openssl-1.1.0d/doc/crypto/RSA_generate_key.pod
--- openssl-1.1.0c/doc/crypto/RSA_generate_key.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/RSA_generate_key.pod 2017-01-26 14:10:24.000000000 +0100
@@ -54,7 +54,7 @@
The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
RSA_generate_key is deprecated (new applications should use
-RSA_generate_key_ex instead). RSA_generate_key works in the same was as
+RSA_generate_key_ex instead). RSA_generate_key works in the same way as
RSA_generate_key_ex except it uses "old style" call backs. See
L<BN_generate_prime(3)> for further details.
diff -Nru openssl-1.1.0c/doc/crypto/SSL_set_bio.pod openssl-1.1.0d/doc/crypto/SSL_set_bio.pod
--- openssl-1.1.0c/doc/crypto/SSL_set_bio.pod 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/SSL_set_bio.pod 2017-01-26 14:10:24.000000000 +0100
@@ -0,0 +1,108 @@
+=pod
+
+=head1 NAME
+
+SSL_set_bio, SSL_set0_rbio, SSL_set0_wbio - connect the SSL object with a BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+ void SSL_set0_rbio(SSL *s, BIO *rbio);
+ void SSL_set0_wbio(SSL *s, BIO *wbio);
+
+=head1 DESCRIPTION
+
+SSL_set0_rbio() connects the BIO B<rbio> for the read operations of the B<ssl>
+object. The SSL engine inherits the behaviour of B<rbio>. If the BIO is
+non-blocking then the B<ssl> object will also have non-blocking behaviour. This
+function transfers ownership of B<rbio> to B<ssl>. It will be automatically
+freed using L<BIO_free_all(3)> when the B<ssl> is freed. On calling this
+function, any existing B<rbio> that was previously set will also be freed via a
+call to L<BIO_free_all(3)> (this includes the case where the B<rbio> is set to
+the same value as previously).
+
+SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects
+the BIO B<wbio> for the write operations of the B<ssl> object. Note that if the
+rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take
+ownership of one reference. Therefore it may be necessary to increment the
+number of references available using L<BIO_up_ref(3)> before calling the set0
+functions.
+
+SSL_set_bio() does a similar job as SSL_set0_rbio() and SSL_set0_wbio() except
+that it connects both the B<rbio> and the B<wbio> at the same time. This
+function transfers the ownership of B<rbio> and B<wbio> to B<ssl> except that
+the rules for this are much more complex. For this reason this function is
+considered a legacy function and SSL_set0_rbio() and SSL_set0_wbio() should be
+used in preference. The ownership rules are as follows:
+
+=over 4
+
+=item *
+
+If neither the rbio or wbio have changed from their previous values then nothing
+is done.
+
+=item *
+
+If the rbio and wbio parameters are different and both are different to their
+previously set values then one reference is consumed for the rbio and one
+reference is consumed for the wbio.
+
+=item *
+
+If the rbio and wbio parameters are the same and the rbio is not the same as the
+previously set value then one reference is consumed.
+
+=item *
+
+If the rbio and wbio parameters are the same and the rbio is the same as the
+previously set value, then no additional references are consumed.
+
+=item *
+
+If the rbio and wbio parameters are different and the rbio is the same as the
+previously set value then one reference is consumbed for the wbio and no
+references are consumed for the rbio.
+
+=item *
+
+If the rbio and wbio parameters are different and the wbio is the same as the
+previously set value and the old rbio and wbio values were the same as each
+other then one reference is consumed for the rbio and no references are consumed
+for the wbio.
+
+=item *
+
+If the rbio and wbio parameters are different and the wbio is the same as the
+previously set value and the old rbio and wbio values were different to each
+other then one reference is consumed for the rbio and one reference is consumed
+for the wbio.
+
+=back
+
+=head1 RETURN VALUES
+
+SSL_set_bio(), SSL_set_rbio() and SSL_set_wbio() cannot fail.
+
+=head1 SEE ALSO
+
+L<SSL_get_rbio(7)>,
+L<SSL_connect(3)>, L<SSL_accept(3)>,
+L<SSL_shutdown(3)>, L<ssl(7)>, L<bio(7)>
+
+=head1 HISTORY
+
+SSL_set0_rbio() and SSL_set0_wbio() were added in OpenSSL 1.1.0.
+
+=head1 COPYRIGHT
+
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff -Nru openssl-1.1.0c/doc/crypto/X509_digest.pod openssl-1.1.0d/doc/crypto/X509_digest.pod
--- openssl-1.1.0c/doc/crypto/X509_digest.pod 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_digest.pod 2017-01-26 14:10:24.000000000 +0100
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+X509_digest, X509_CRL_digest,
+X509_pubkey_digest,
+X509_NAME_digest,
+X509_REQ_digest
+PKCS7_ISSUER_AND_SERIAL_digest,
+- get digest of various objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+ unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+ unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+ const EVP_MD *type, unsigned char *md,
+ unsigned int *len);
+
+=head1 DESCRIPTION
+
+X509_pubkey_digest() returns a digest of the DER representation of the public
+key in the specified X509 B<data> object.
+All other functions described here return a digest of the DER representation
+of their entire B<data> objects.
+
+The B<type> parameter specifies the digest to
+be used, such as EVP_sha1(). The B<md> is a pointer to the buffer where the
+digest will be copied and is assumed to be large enough; the constant
+B<EVP_MAX_MD_SIZE> is suggested. The B<len> parameter, if not NULL, points
+to a place where the digest size will be stored.
+
+=head1 RETURN VALUES
+
+All functions described here return 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<EVP_SHA1(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff -Nru openssl-1.1.0c/doc/crypto/X509_NAME_get_index_by_NID.pod openssl-1.1.0d/doc/crypto/X509_NAME_get_index_by_NID.pod
--- openssl-1.1.0c/doc/crypto/X509_NAME_get_index_by_NID.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_NAME_get_index_by_NID.pod 2017-01-26 14:10:24.000000000 +0100
@@ -83,10 +83,9 @@
Process all commonName entries:
- int loc;
+ int lastpos = -1;
X509_NAME_ENTRY *e;
- loc = -1;
for (;;)
{
lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
diff -Nru openssl-1.1.0c/doc/crypto/X509_NAME_print_ex.pod openssl-1.1.0d/doc/crypto/X509_NAME_print_ex.pod
--- openssl-1.1.0c/doc/crypto/X509_NAME_print_ex.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_NAME_print_ex.pod 2017-01-26 14:10:24.000000000 +0100
@@ -23,9 +23,11 @@
X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is
written to FILE pointer B<fp>.
-X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
-bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
-and returned, otherwise B<buf> is returned.
+X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>.
+If B<buf> is B<NULL> then a buffer is dynamically allocated and returned, and
+B<size> is ignored.
+Otherwise, at most B<size> bytes will be written, including the ending '\0',
+and B<buf> is returned.
X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
characters. Multiple lines are used if the output (including indent) exceeds
diff -Nru openssl-1.1.0c/doc/crypto/X509_STORE_CTX_new.pod openssl-1.1.0d/doc/crypto/X509_STORE_CTX_new.pod
--- openssl-1.1.0c/doc/crypto/X509_STORE_CTX_new.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_STORE_CTX_new.pod 2017-01-26 14:10:24.000000000 +0100
@@ -11,8 +11,8 @@
X509_STORE_CTX_get_num_untrusted,
X509_STORE_CTX_set_default,
X509_STORE_CTX_set_verify,
-X509_STORE_set_verify,
-X509_STORE_CTX_get_verify - X509_STORE_CTX initialisation
+X509_STORE_CTX_verify_fn
+- X509_STORE_CTX initialisation
=head1 SYNOPSIS
@@ -42,11 +42,8 @@
int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
- X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);
- void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify verify);
-
=head1 DESCRIPTION
These functions initialise an B<X509_STORE_CTX> structure for subsequent use
@@ -113,12 +110,7 @@
X509_STORE_CTX_set_verify() provides the capability for overriding the default
verify function. This function is responsible for verifying chain signatures and
-expiration times. X509_STORE_CTX_get_verify() obtains the current verify
-function being used.
-
-X509_STORE_set_verify() works in the same way as for X509_STORE_CTX_set_verify()
-but sets the default verify function to be used by all X509_STORE_CTX objects
-created for this X509_STORE.
+expiration times.
A verify function is defined as an X509_STORE_CTX_verify type which has the
following signature:
@@ -160,9 +152,6 @@
X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
used.
-X509_STORE_CTX_get_verify() returns the current verify function in use for this
-X509_STORE_CTX.
-
=head1 SEE ALSO
L<X509_verify_cert(3)>
@@ -172,9 +161,6 @@
X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
X509_STORE_CTX_get_num_untrusted() was first added to OpenSSL 1.1.0
-X509_STORE_set_verify() was first added to OpenSSL 1.1.0. It was previously
-available as a macro X509_STORE_set_verify_func(). This macro still exists but
-simply calls this function.
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/crypto/X509_STORE_CTX_set_verify_cb.pod openssl-1.1.0d/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
--- openssl-1.1.0c/doc/crypto/X509_STORE_CTX_set_verify_cb.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_STORE_CTX_set_verify_cb.pod 2017-01-26 14:10:24.000000000 +0100
@@ -12,9 +12,10 @@
X509_STORE_CTX_get_check_revocation,
X509_STORE_CTX_get_check_issued,
X509_STORE_CTX_get_get_issuer,
-X509_STORE_CTX_get_verify,
X509_STORE_CTX_get_verify_cb,
-X509_STORE_CTX_set_verify_cb - get and set verification callback
+X509_STORE_CTX_set_verify_cb,
+X509_STORE_CTX_verify_cb
+- get and set verification callback
=head1 SYNOPSIS
@@ -27,7 +28,6 @@
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
X509_STORE_CTX_verify_cb verify_cb);
- X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
@@ -66,7 +66,7 @@
X509_STORE_CTX_get_verify_cb() returns the value of the current callback
for the specific B<ctx>.
-X509_STORE_CTX_get_verify(), X509_STORE_CTX_get_get_issuer(),
+X509_STORE_CTX_get_get_issuer(),
X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(),
X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(),
X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(),
@@ -196,7 +196,7 @@
=head1 HISTORY
-X509_STORE_CTX_get_verify(), X509_STORE_CTX_get_get_issuer(),
+X509_STORE_CTX_get_get_issuer(),
X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(),
X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(),
X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(),
diff -Nru openssl-1.1.0c/doc/crypto/X509_STORE_set_verify_cb_func.pod openssl-1.1.0d/doc/crypto/X509_STORE_set_verify_cb_func.pod
--- openssl-1.1.0c/doc/crypto/X509_STORE_set_verify_cb_func.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_STORE_set_verify_cb_func.pod 2017-01-26 14:10:24.000000000 +0100
@@ -27,7 +27,13 @@
X509_STORE_CTX_get_verify,
X509_STORE_set_verify,
X509_STORE_get_verify_cb,
-X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb
+X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb,
+X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn,
+X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn,
+X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn
+X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn,
+X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn,
+X509_STORE_CTX_verify_cb, X509_STORE_CTX_verify_fn,
- set verification callback
=head1 SYNOPSIS
diff -Nru openssl-1.1.0c/doc/crypto/X509_VERIFY_PARAM_set_flags.pod openssl-1.1.0d/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
--- openssl-1.1.0c/doc/crypto/X509_VERIFY_PARAM_set_flags.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/crypto/X509_VERIFY_PARAM_set_flags.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,22 +2,40 @@
=head1 NAME
-X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags,
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags,
+X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose,
+X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags,
+X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth,
+X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level,
+X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time,
+X509_VERIFY_PARAM_get_time,
+X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies,
+X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host,
+X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get0_peername,
+X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip,
+X509_VERIFY_PARAM_set1_ip_asc
+- X509 verification parameters
=head1 SYNOPSIS
#include <openssl/x509_vfy.h>
int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
+ unsigned long flags);
int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
- unsigned long flags);
+ unsigned long flags);
unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+ uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
@@ -55,6 +73,11 @@
X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
+X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in B<param>
+which specifies how verification flags are copied from one structure to
+another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags.
+See the B<INHERITANCE FLAGS> section for a description of these bits.
+
X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
@@ -154,6 +177,7 @@
=head1 RETURN VALUES
X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
+X509_VERIFY_PARAM_set_inh_flags(),
X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(),
X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(),
@@ -163,6 +187,8 @@
X509_VERIFY_PARAM_get_flags() returns the current verification flags.
+X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.
+
X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
values.
@@ -242,6 +268,28 @@
of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time()
is used to specify a verification time, the check is not suppressed.
+=head1 INHERITANCE FLAGS
+
+These flags spevify how parameters are "inherited" from one structure to
+another.
+
+If B<X509_VP_FLAG_ONCE> is set then the current setting is zeroed
+after the next call.
+
+If B<X509_VP_FLAG_LOCKED> is set then no values are copied. This overrides
+all of the following flags.
+
+If B<X509_VP_FLAG_DEFAULT> is set then anything set in the source is copied
+to the destination. Effectively the values in "to" become default values
+which will be used only if nothing new is set in "from". This is the
+default.
+
+If B<X509_VP_FLAG_OVERWRITE> is set then all value are copied across whether
+they are set or not. Flags is still Ored though.
+
+If B<X509_VP_FLAG_RESET_FLAGS> is set then the flags value is copied instead
+of ORed.
+
=head1 NOTES
The above functions should be used to manipulate verification parameters
diff -Nru openssl-1.1.0c/doc/CT_POLICY_EVAL_CTX_new.pod openssl-1.1.0d/doc/CT_POLICY_EVAL_CTX_new.pod
--- openssl-1.1.0c/doc/CT_POLICY_EVAL_CTX_new.pod 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/doc/CT_POLICY_EVAL_CTX_new.pod 2017-01-26 14:10:23.000000000 +0100
@@ -0,0 +1,111 @@
+=pod
+
+=head1 NAME
+
+CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free,
+CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert,
+CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer,
+CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE,
+CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time -
+Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy
+
+=head1 SYNOPSIS
+
+ #include <openssl/ct.h>
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx, CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);
+
+=head1 DESCRIPTION
+
+A B<CT_POLICY_EVAL_CTX> is used by functions that evaluate whether Signed
+Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy.
+This policy may be, for example, that at least one valid SCT is available. To
+determine this, an SCT's timestamp and signature must be verified.
+This requires:
+
+=over
+
+=item * the public key of the log that issued the SCT
+
+=item * the certificate that the SCT was issued for
+
+=item * the issuer certificate (if the SCT was issued for a pre-certificate)
+
+=item * the current time
+
+=back
+
+The above requirements are met using the setters described below.
+
+CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This
+should then be populated using:
+
+=over
+
+=item * CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for
+
+Increments the reference count of the certificate.
+
+=item * CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate
+
+Increments the reference count of the certificate.
+
+=item * CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs
+
+Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the
+CT_POLICY_EVAL_CTX.
+
+=item * CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid
+
+The SCT timestamp will be compared to this time to check whether the SCT was
+issued in the future. RFC6962 states that "TLS clients MUST reject SCTs whose
+timestamp is in the future". By default, this will be set to 5 minutes in the
+future (e.g. (time() + 300) * 1000), to allow for clock drift.
+
+The time should be in milliseconds since the Unix epoch.
+
+=back
+
+Each setter has a matching getter for accessing the current value.
+
+When no longer required, the B<CT_POLICY_EVAL_CTX> should be passed to
+CT_POLICY_EVAL_CTX_free() to delete it.
+
+=head1 NOTES
+
+The issuer certificate only needs to be provided if at least one of the SCTs
+was issued for a pre-certificate. This will be the case for SCTs embedded in a
+certificate (i.e. those in an X.509 extension), but may not be the case for SCTs
+found in the TLS SCT extension or OCSP response.
+
+=head1 RETURN VALUES
+
+CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.
+
+=head1 SEE ALSO
+
+L<ct(7)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 1.1.0.
+
+=head1 COPYRIGHT
+
+Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff -Nru openssl-1.1.0c/doc/SCT_validate.pod openssl-1.1.0d/doc/SCT_validate.pod
--- openssl-1.1.0c/doc/SCT_validate.pod 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/doc/SCT_validate.pod 2017-01-26 14:10:23.000000000 +0100
@@ -0,0 +1,98 @@
+=pod
+
+=head1 NAME
+
+SCT_validate, SCT_LIST_validate, SCT_get_validation_status -
+checks Signed Certificate Timestamps (SCTs) are valid
+
+=head1 SYNOPSIS
+
+ #include <openssl/ct.h>
+
+ typedef enum {
+ SCT_VALIDATION_STATUS_NOT_SET,
+ SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+ SCT_VALIDATION_STATUS_VALID,
+ SCT_VALIDATION_STATUS_INVALID,
+ SCT_VALIDATION_STATUS_UNVERIFIED,
+ SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+ } sct_validation_status_t;
+
+ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+ int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
+ sct_validation_status_t SCT_get_validation_status(const SCT *sct);
+
+=head1 DESCRIPTION
+
+SCT_validate() will check that an SCT is valid and verify its signature.
+SCT_LIST_validate() performs the same checks on an entire stack of SCTs.
+The result of the validation checks can be obtained by passing the SCT to
+SCT_get_validation_status().
+
+A CT_POLICY_EVAL_CTX must be provided that specifies:
+
+=over
+
+=item * The certificate the SCT was issued for.
+
+Failure to provide the certificate will result in the validation status being
+SCT_VALIDATION_STATUS_UNVERIFIED.
+
+=item * The issuer of that certificate.
+
+This is only required if the SCT was issued for a pre-certificate
+(see RFC 6962). If it is required but not provided, the validation status will
+be SCT_VALIDATION_STATUS_UNVERIFIED.
+
+=item * A CTLOG_STORE that contains the CT log that issued this SCT.
+
+If the SCT was issued by a log that is not in this CTLOG_STORE, the validation
+status will be SCT_VALIDATION_STATUS_UNKNOWN_LOG.
+
+=back
+
+If the SCT is of an unsupported version (only v1 is currently supported), the
+validation status will be SCT_VALIDATION_STATUS_UNKNOWN_VERSION.
+
+If the SCT's signature is incorrect, its timestamp is in the future (relative to
+the time in CT_POLICY_EVAL_CTX), or if it is otherwise invalid, the validation
+status will be SCT_VALIDATION_STATUS_INVALID.
+
+If all checks pass, the validation status will be SCT_VALIDATION_STATUS_VALID.
+
+=head1 NOTES
+
+A return value of 0 from SCT_LIST_validate() should not be interpreted as a
+failure. At a minimum, only one valid SCT may provide sufficient confidence
+that a certificate has been publicly logged.
+
+=head1 RETURN VALUES
+
+SCT_validate() returns a negative integer if an internal error occurs, 0 if the
+SCT fails validation, or 1 if the SCT passes validation.
+
+SCT_LIST_validate() returns a negative integer if an internal error occurs, 0
+if any of SCTs fails validation, or 1 if they all pass validation.
+
+SCT_get_validation_status() returns the validation status of the SCT.
+If SCT_validate() or SCT_LIST_validate() have not been passed that SCT, the
+returned value will be SCT_VALIDATION_STATUS_NOT_SET.
+
+=head1 SEE ALSO
+
+L<ct(7)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 1.1.0.
+
+=head1 COPYRIGHT
+
+Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff -Nru openssl-1.1.0c/doc/ssl/SSL_COMP_add_compression_method.pod openssl-1.1.0d/doc/ssl/SSL_COMP_add_compression_method.pod
--- openssl-1.1.0c/doc/ssl/SSL_COMP_add_compression_method.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_COMP_add_compression_method.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,13 +2,18 @@
=head1 NAME
-SSL_COMP_add_compression_method, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods
+SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods,
+SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods
+- handle SSL/TLS integrated compression methods
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);
Deprecated:
@@ -23,6 +28,13 @@
list is globally maintained for all SSL operations within this application.
It cannot be set for specific SSL_CTX or SSL objects.
+SSL_COMP_get_compression_methods() returns a stack of all of the available
+compression methods or NULL on error.
+
+SSL_COMP_get0_name() returns the name of the compression method B<comp>.
+
+SSL_COMP_get_id() returns the id of the compression method B<comp>.
+
In versions of OpenSSL prior to 1.1.0 SSL_COMP_free_compression_methods() freed
the internal table of compression methods that were built internally, and
possibly augmented by adding SSL_COMP_add_compression_method(). However this is
@@ -76,6 +88,13 @@
=back
+SSL_COMP_get_compression_methods() returns the stack of compressions methods or
+NULL on error.
+
+SSL_COMP_get0_name() returns the name of the compression method or NULL on error.
+
+SSL_COMP_get_id() returns the name of the compression method or -1 on error.
+
=head1 SEE ALSO
L<ssl(3)>
@@ -83,6 +102,7 @@
=head1 HISTORY
SSL_COMP_free_compression_methods() was deprecated in OpenSSL 1.1.0.
+SSL_COMP_get0_name() and SSL_comp_get_id() were added in OpenSSL 1.1.0d.
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/ssl/SSL_CTX_new.pod openssl-1.1.0d/doc/ssl/SSL_CTX_new.pod
--- openssl-1.1.0c/doc/ssl/SSL_CTX_new.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_CTX_new.pod 2017-01-26 14:10:24.000000000 +0100
@@ -150,7 +150,7 @@
If you want to limit the supported protocols for the version flexible
methods you can use L<SSL_CTX_set_min_proto_version(3)>,
L<SSL_set_min_proto_version(3)>, L<SSL_CTX_set_max_proto_version(3)> and
-LSSL_set_max_proto_version(3)> functions.
+L<SSL_set_max_proto_version(3)> functions.
Using these functions it is possible to choose e.g. TLS_server_method()
and be able to negotiate with all possible clients, but to only
allow newer protocols like TLS 1.0, TLS 1.1 or TLS 1.2.
diff -Nru openssl-1.1.0c/doc/ssl/SSL_CTX_set_generate_session_id.pod openssl-1.1.0d/doc/ssl/SSL_CTX_set_generate_session_id.pod
--- openssl-1.1.0c/doc/ssl/SSL_CTX_set_generate_session_id.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_CTX_set_generate_session_id.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,7 +2,9 @@
=head1 NAME
-SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id - manipulate generation of SSL session IDs (server only)
+SSL_CTX_set_generate_session_id, SSL_set_generate_session_id,
+SSL_has_matching_session_id, GEN_SESSION_CB
+- manipulate generation of SSL session IDs (server only)
=head1 SYNOPSIS
@@ -123,7 +125,7 @@
=head1 SEE ALSO
-L<ssl(3)>, L<SSL_get_version(3)>
+L<ssl(7)>, L<SSL_get_version(3)>
=head1 COPYRIGHT
diff -Nru openssl-1.1.0c/doc/ssl/SSL_CTX_set_session_cache_mode.pod openssl-1.1.0d/doc/ssl/SSL_CTX_set_session_cache_mode.pod
--- openssl-1.1.0c/doc/ssl/SSL_CTX_set_session_cache_mode.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_CTX_set_session_cache_mode.pod 2017-01-26 14:10:24.000000000 +0100
@@ -30,7 +30,7 @@
agrees to reuse the session or it starts a full handshake (to create a new
session).
-A server will lookup up the session in its internal session storage. If the
+A server will look up the session in its internal session storage. If the
session is not found in internal storage or lookups for the internal storage
have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try
the external storage if available.
diff -Nru openssl-1.1.0c/doc/ssl/SSL_CTX_set_verify.pod openssl-1.1.0d/doc/ssl/SSL_CTX_set_verify.pod
--- openssl-1.1.0c/doc/ssl/SSL_CTX_set_verify.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_CTX_set_verify.pod 2017-01-26 14:10:24.000000000 +0100
@@ -2,20 +2,21 @@
=head1 NAME
-SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth - set peer certificate verification parameters
+SSL_CTX_set_verify, SSL_set_verify,
+SSL_CTX_set_verify_depth, SSL_set_verify_depth,
+SSL_verify_cb
+- set peer certificate verification parameters
=head1 SYNOPSIS
#include <openssl/ssl.h>
- void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*verify_callback)(int, X509_STORE_CTX *));
- void SSL_set_verify(SSL *s, int mode,
- int (*verify_callback)(int, X509_STORE_CTX *));
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *s, int mode, SSL_verify_cb verify_callback);
void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
void SSL_set_verify_depth(SSL *s, int depth);
- int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
=head1 DESCRIPTION
@@ -276,7 +277,7 @@
=head1 SEE ALSO
-L<ssl(3)>, L<SSL_new(3)>,
+L<ssl(7)>, L<SSL_new(3)>,
L<SSL_CTX_get_verify_mode(3)>,
L<SSL_get_verify_result(3)>,
L<SSL_CTX_load_verify_locations(3)>,
diff -Nru openssl-1.1.0c/doc/ssl/SSL_extension_supported.pod openssl-1.1.0d/doc/ssl/SSL_extension_supported.pod
--- openssl-1.1.0c/doc/ssl/SSL_extension_supported.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_extension_supported.pod 2017-01-26 14:10:24.000000000 +0100
@@ -3,7 +3,8 @@
=head1 NAME
SSL_extension_supported,
-SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext
+SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext,
+custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb
- custom TLS extension handling
=head1 SYNOPSIS
diff -Nru openssl-1.1.0c/doc/ssl/SSL_get_error.pod openssl-1.1.0d/doc/ssl/SSL_get_error.pod
--- openssl-1.1.0c/doc/ssl/SSL_get_error.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_get_error.pod 2017-01-26 14:10:24.000000000 +0100
@@ -38,12 +38,13 @@
=item SSL_ERROR_ZERO_RETURN
-The TLS/SSL connection has been closed. If the protocol version is SSL 3.0
-or TLS 1.0, this result code is returned only if a closure
-alert has occurred in the protocol, i.e. if the connection has been
-closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
-does not necessarily indicate that the underlying transport
-has been closed.
+The TLS/SSL connection has been closed.
+If the protocol version is SSL 3.0 or higher, this result code is returned only
+if a closure alert has occurred in the protocol, i.e. if the connection has been
+closed cleanly.
+Note that in this case B<SSL_ERROR_ZERO_RETURN> does not necessarily
+indicate that the underlying transport has been closed.
+
=item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
@@ -111,12 +112,9 @@
=item SSL_ERROR_SYSCALL
-Some I/O error occurred. The OpenSSL error queue may contain more
-information on the error. If the error queue is empty
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
-about the error: If B<ret == 0>, an EOF was observed that violates
-the protocol. If B<ret == -1>, the underlying B<BIO> reported an
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
+Some non-recoverable I/O error occurred.
+The OpenSSL error queue may contain more information on the error.
+For socket I/O on Unix systems, consult B<errno> for details.
=item SSL_ERROR_SSL
diff -Nru openssl-1.1.0c/doc/ssl/SSL_get_peer_cert_chain.pod openssl-1.1.0d/doc/ssl/SSL_get_peer_cert_chain.pod
--- openssl-1.1.0c/doc/ssl/SSL_get_peer_cert_chain.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_get_peer_cert_chain.pod 2017-01-26 14:10:24.000000000 +0100
@@ -21,7 +21,7 @@
L<SSL_get_peer_certificate(3)>.
If the peer did not present a certificate, NULL is returned.
-NB: SSL_get_peer_chain() returns the peer chain as sent by the peer: it
+NB: SSL_get_peer_cert_chain() returns the peer chain as sent by the peer: it
only consists of certificates the peer has sent (in the order the peer
has sent them) it is B<not> a verified chain.
diff -Nru openssl-1.1.0c/doc/ssl/ssl.pod openssl-1.1.0d/doc/ssl/ssl.pod
--- openssl-1.1.0c/doc/ssl/ssl.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/ssl.pod 2017-01-26 14:10:24.000000000 +0100
@@ -767,6 +767,7 @@
L<SSL_CTX_set_options(3)>,
L<SSL_CTX_set_quiet_shutdown(3)>,
L<SSL_CTX_set_read_ahead(3)>,
+L<SSL_CTX_set_security_level(3)>,
L<SSL_CTX_set_session_cache_mode(3)>,
L<SSL_CTX_set_session_id_context(3)>,
L<SSL_CTX_set_ssl_version(3)>,
diff -Nru openssl-1.1.0c/doc/ssl/SSL_read.pod openssl-1.1.0d/doc/ssl/SSL_read.pod
--- openssl-1.1.0c/doc/ssl/SSL_read.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_read.pod 2017-01-26 14:10:24.000000000 +0100
@@ -81,28 +81,21 @@
=over 4
-=item E<gt>0
+=item E<gt> 0
-The read operation was successful; the return value is the number of
-bytes actually read from the TLS/SSL connection.
+The read operation was successful.
+The return value is the number of bytes actually read from the TLS/SSL
+connection.
-=item Z<>0
+=item Z<><= 0
-The read operation was not successful. The reason may either be a clean
-shutdown due to a "close notify" alert sent by the peer (in which case
-the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
-(see L<SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)>). It is also possible, that
-the peer simply shut down the underlying transport and the shutdown is
-incomplete. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
-
-=item E<lt>0
-
-The read operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
+The read operation was not successful, because either the connection was closed,
+an error occurred or action must be taken by the calling process.
+Call L<SSL_get_error(3)> with the return value B<ret> to find out the reason.
+
+Old documentation indicated a difference between 0 and -1, and that -1 was
+retryable.
+You should instead call SSL_get_error() to find out if it's retryable.
=back
diff -Nru openssl-1.1.0c/doc/ssl/SSL_write.pod openssl-1.1.0d/doc/ssl/SSL_write.pod
--- openssl-1.1.0c/doc/ssl/SSL_write.pod 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/doc/ssl/SSL_write.pod 2017-01-26 14:10:24.000000000 +0100
@@ -74,23 +74,20 @@
=over 4
-=item E<gt>0
+=item E<gt> 0
The write operation was successful, the return value is the number of
bytes actually written to the TLS/SSL connection.
-=item Z<>0
+=item Z<><= 0
-The write operation was not successful. Probably the underlying connection
-was closed. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
-
-=item E<lt>0
-
-The write operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
+The write operation was not successful, because either the connection was
+closed, an error occurred or action must be taken by the calling process.
+Call SSL_get_error() with the return value B<ret> to find out the reason.
+
+Old documentation indicated a difference between 0 and -1, and that -1 was
+retryable.
+You should instead call SSL_get_error() to find out if it's retryable.
=back
diff -Nru openssl-1.1.0c/doc/SSL_CTX_set_ct_validation_callback.pod openssl-1.1.0d/doc/SSL_CTX_set_ct_validation_callback.pod
--- openssl-1.1.0c/doc/SSL_CTX_set_ct_validation_callback.pod 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/doc/SSL_CTX_set_ct_validation_callback.pod 2017-01-26 14:10:23.000000000 +0100
@@ -0,0 +1,142 @@
+=pod
+
+=head1 NAME
+
+SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct,
+SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback,
+SSL_ct_is_enabled, SSL_CTX_ct_is_enabled -
+control Certificate Transparency policy
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+ void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+ ssl_ct_validation_cb callback,
+ void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed
+certificate timestamps (SCTs) either for a given SSL connection or for all
+connections that share the given SSL context, respectively.
+This is accomplished by setting a built-in CT validation callback.
+The behaviour of the callback is determined by the B<validation_mode> argument,
+which can be either of B<SSL_CT_VALIDATION_PERMISSIVE> or
+B<SSL_CT_VALIDATION_STRICT> as described below.
+
+If B<validation_mode> is equal to B<SSL_CT_VALIDATION_STRICT>, then in a full
+TLS handshake with the verification mode set to B<SSL_VERIFY_PEER>, if the peer
+presents no valid SCTs the handshake will be aborted.
+If the verification mode is B<SSL_VERIFY_NONE>, the handshake will continue
+despite lack of valid SCTs.
+However, in that case if the verification status before the built-in callback
+was B<X509_V_OK> it will be set to B<X509_V_ERR_NO_VALID_SCTS> after the
+callback.
+Applications can call L<SSL_get_verify_result(3)> to check the status at
+handshake completion, even after session resumption since the verification
+status is part of the saved session state.
+See L<SSL_set_verify(3)>, <SSL_get_verify_result(3)>, L<SSL_session_reused(3)>.
+
+If B<validation_mode> is equal to B<SSL_CT_VALIDATION_PERMISSIVE>, then the
+handshake continues, and the verification status is not modified, regardless of
+the validation status of any SCTs.
+The application can still inspect the validation status of the SCTs at
+handshake completion.
+Note that with session resumption there will not be any SCTs presented during
+the handshake.
+Therefore, in applications that delay SCT policy enforcement until after
+handshake completion, such delayed SCT checks should only be performed when the
+session is not resumed.
+
+SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback()
+register a custom callback that may implement a different policy than either of
+the above.
+This callback can examine the peer's SCTs and determine whether they are
+sufficient to allow the connection to continue.
+The TLS handshake is aborted if the verification mode is not B<SSL_VERIFY_NONE>
+and the callback returns a non-positive result.
+
+An arbitrary callback context argument, B<arg>, can be passed in when setting
+the callback.
+This will be passed to the callback whenever it is invoked.
+Ownership of this context remains with the caller.
+
+If no callback is set, SCTs will not be requested and Certificate Transparency
+validation will not occur.
+
+No callback will be invoked when the peer presents no certificate, e.g. by
+employing an anonymous (aNULL) ciphersuite.
+In that case the handshake continues as it would had no callback been
+requested.
+Callbacks are also not invoked when the peer certificate chain is invalid or
+validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509
+PKI, or no X.509 PKI at all, respectively.
+Clients that require SCTs are expected to not have enabled any aNULL ciphers
+nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA
+records.
+
+SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether
+enabled via the built-in or the custom callbacks, by setting a NULL callback.
+These may be implemented as macros.
+
+SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is
+enabled via either SSL_enable_ct() or a non-null custom callback, and 0
+otherwise.
+
+=head1 NOTES
+
+When SCT processing is enabled, OCSP stapling will be enabled. This is because
+one possible source of SCTs is the OCSP response from a server.
+
+The time returned by SSL_SESSION_get_time() will be used to evaluate whether any
+presented SCTs have timestamps that are in the future (and therefore invalid).
+
+=head1 RESTRICTIONS
+
+Certificate Transparency validation cannot be enabled and so a callback cannot
+be set if a custom client extension handler has been registered to handle SCT
+extensions (B<TLSEXT_TYPE_signed_certificate_timestamp>).
+
+=head1 RETURN VALUES
+
+SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and
+SSL_set_ct_validation_callback() return 1 if the B<callback> is successfully
+set.
+They return 0 if an error occurs, e.g. a custom client extension handler has
+been setup to handle SCTs.
+
+SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.
+
+SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT
+validation callback is set, or 0 if no callback (or equivalently a NULL
+callback) is set.
+
+=head1 SEE ALSO
+
+L<ssl(7)>,
+<SSL_get_verify_result(3)>,
+L<SSL_session_reused(3)>,
+L<SSL_set_verify(3)>,
+L<SSL_CTX_set_verify(3)>,
+L<ssl_ct_validation_cb(3)>,
+L<SSL_SESSION_get_time(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff -Nru openssl-1.1.0c/engines/afalg/e_afalg.c openssl-1.1.0d/engines/afalg/e_afalg.c
--- openssl-1.1.0c/engines/afalg/e_afalg.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/engines/afalg/e_afalg.c 2017-01-26 14:10:24.000000000 +0100
@@ -26,8 +26,11 @@
#define K_MIN2 0
#if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \
!defined(AF_ALG)
-# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
-# warning "Skipping Compilation of AFALG engine"
+# ifndef PEDANTIC
+# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
+# warning "Skipping Compilation of AFALG engine"
+# endif
+void engine_load_afalg_int(void);
void engine_load_afalg_int(void)
{
}
diff -Nru openssl-1.1.0c/engines/e_padlock.c openssl-1.1.0d/engines/e_padlock.c
--- openssl-1.1.0c/engines/e_padlock.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/engines/e_padlock.c 2017-01-26 14:10:24.000000000 +0100
@@ -41,14 +41,10 @@
*/
# undef COMPILE_HW_PADLOCK
-# if !defined(I386_ONLY) && !defined(OPENSSL_NO_ASM)
-# if defined(__i386__) || defined(__i386) || \
- defined(__x86_64__) || defined(__x86_64) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
-# define COMPILE_HW_PADLOCK
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+# if !defined(I386_ONLY) && defined(PADLOCK_ASM)
+# define COMPILE_HW_PADLOCK
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
static ENGINE *ENGINE_padlock(void);
-# endif
# endif
# endif
diff -Nru openssl-1.1.0c/include/internal/thread_once.h openssl-1.1.0d/include/internal/thread_once.h
--- openssl-1.1.0c/include/internal/thread_once.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/internal/thread_once.h 2017-01-26 14:10:24.000000000 +0100
@@ -34,9 +34,12 @@
* RUN_ONCE - use CRYPTO_THREAD_run_once, and check if the init succeeded
* @once: pointer to static object of type CRYPTO_ONCE
* @init: function name that was previously given to DEFINE_RUN_ONCE,
- * DEFINE_RUN_ONCE_STATIC or DECLARE_RUN_ONCE.
+ * DEFINE_RUN_ONCE_STATIC or DECLARE_RUN_ONCE. This function
+ * must return 1 for success or 0 for failure.
*
- * The return value is 1 on success or 0 in case of error.
+ * The return value is 1 on success (*) or 0 in case of error.
+ *
+ * (*) by convention, since the init function must return 1 on success.
*/
#define RUN_ONCE(once, init) \
(CRYPTO_THREAD_run_once(once, init##_ossl_) ? init##_ossl_ret_ : 0)
diff -Nru openssl-1.1.0c/include/openssl/ct.h openssl-1.1.0d/include/openssl/ct.h
--- openssl-1.1.0c/include/openssl/ct.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/ct.h 2017-01-26 14:10:24.000000000 +0100
@@ -98,6 +98,21 @@
void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
CTLOG_STORE *log_store);
+/*
+ * Gets the time, in milliseconds since the Unix epoch, that will be used as the
+ * current time when checking whether an SCT was issued in the future.
+ * Such SCTs will fail validation, as required by RFC6962.
+ */
+uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+
+/*
+ * Sets the time to evaluate SCTs against, in milliseconds since the Unix epoch.
+ * If an SCT's timestamp is after this time, it will be interpreted as having
+ * been issued in the future. RFC6962 states that "TLS clients MUST reject SCTs
+ * whose timestamp is in the future", so an SCT will not validate in this case.
+ */
+void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);
+
/*****************
* SCT functions *
*****************/
@@ -467,7 +482,6 @@
# define CT_F_CTLOG_NEW 117
# define CT_F_CTLOG_NEW_FROM_BASE64 118
# define CT_F_CTLOG_NEW_FROM_CONF 119
-# define CT_F_CTLOG_NEW_NULL 120
# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 122
# define CT_F_CTLOG_STORE_LOAD_FILE 123
# define CT_F_CTLOG_STORE_LOAD_LOG 130
@@ -482,6 +496,7 @@
# define CT_F_O2I_SCT_LIST 111
# define CT_F_O2I_SCT_SIGNATURE 112
# define CT_F_SCT_CTX_NEW 126
+# define CT_F_SCT_CTX_VERIFY 128
# define CT_F_SCT_NEW 100
# define CT_F_SCT_NEW_FROM_BASE64 127
# define CT_F_SCT_SET0_LOG_ID 101
@@ -491,7 +506,6 @@
# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
# define CT_F_SCT_SET_SIGNATURE_NID 103
# define CT_F_SCT_SET_VERSION 104
-# define CT_F_SCT_CTX_VERIFY 128
/* Reason codes. */
# define CT_R_BASE64_DECODE_ERROR 108
@@ -501,6 +515,7 @@
# define CT_R_LOG_CONF_MISSING_DESCRIPTION 111
# define CT_R_LOG_CONF_MISSING_KEY 112
# define CT_R_LOG_KEY_INVALID 113
+# define CT_R_SCT_FUTURE_TIMESTAMP 116
# define CT_R_SCT_INVALID 104
# define CT_R_SCT_INVALID_SIGNATURE 107
# define CT_R_SCT_LIST_INVALID 105
diff -Nru openssl-1.1.0c/include/openssl/dh.h openssl-1.1.0d/include/openssl/dh.h
--- openssl-1.1.0c/include/openssl/dh.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/dh.h 2017-01-26 14:10:24.000000000 +0100
@@ -124,6 +124,7 @@
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
BN_GENCB *cb);
+int DH_check_params(const DH *dh, int *ret);
int DH_check(const DH *dh, int *codes);
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
int DH_generate_key(DH *dh);
diff -Nru openssl-1.1.0c/include/openssl/dsa.h openssl-1.1.0d/include/openssl/dsa.h
--- openssl-1.1.0c/include/openssl/dsa.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/dsa.h 2017-01-26 14:10:24.000000000 +0100
@@ -274,6 +274,7 @@
# define DSA_R_NO_PARAMETERS_SET 107
# define DSA_R_PARAMETER_ENCODING_ERROR 105
# define DSA_R_Q_NOT_PRIME 113
+# define DSA_R_SEED_LEN_SMALL 110
# ifdef __cplusplus
}
diff -Nru openssl-1.1.0c/include/openssl/engine.h openssl-1.1.0d/include/openssl/engine.h
--- openssl-1.1.0c/include/openssl/engine.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/engine.h 2017-01-26 14:10:24.000000000 +0100
@@ -334,8 +334,6 @@
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
# define ENGINE_load_capi() \
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL)
-# define ENGINE_load_dasync() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DASYNC, NULL)
# define ENGINE_load_afalg() \
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL)
# endif
diff -Nru openssl-1.1.0c/include/openssl/err.h openssl-1.1.0d/include/openssl/err.h
--- openssl-1.1.0c/include/openssl/err.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/err.h 2017-01-26 14:10:24.000000000 +0100
@@ -89,7 +89,7 @@
# define ERR_LIB_CMS 46
# define ERR_LIB_TS 47
# define ERR_LIB_HMAC 48
-# define ERR_LIB_JPAKE 49
+/* # define ERR_LIB_JPAKE 49 */
# define ERR_LIB_CT 50
# define ERR_LIB_ASYNC 51
# define ERR_LIB_KDF 52
@@ -128,7 +128,6 @@
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
-# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define CTerr(f,r) ERR_PUT_error(ERR_LIB_CT,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define ASYNCerr(f,r) ERR_PUT_error(ERR_LIB_ASYNC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define KDFerr(f,r) ERR_PUT_error(ERR_LIB_KDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
@@ -140,6 +139,7 @@
# define ERR_GET_LIB(l) (int)(((l) >> 24L) & 0x0FFL)
# define ERR_GET_FUNC(l) (int)(((l) >> 12L) & 0xFFFL)
# define ERR_GET_REASON(l) (int)( (l) & 0xFFFL)
+# define ERR_FATAL_ERROR(l) (int)( (l) & ERR_R_FATAL)
/* OS functions */
# define SYS_F_FOPEN 1
diff -Nru openssl-1.1.0c/include/openssl/evp.h openssl-1.1.0d/include/openssl/evp.h
--- openssl-1.1.0c/include/openssl/evp.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/evp.h 2017-01-26 14:10:24.000000000 +0100
@@ -1455,11 +1455,14 @@
/* Function codes. */
# define EVP_F_AESNI_INIT_KEY 165
# define EVP_F_AES_INIT_KEY 133
+# define EVP_F_AES_OCB_CIPHER 169
# define EVP_F_AES_T4_INIT_KEY 178
+# define EVP_F_AES_WRAP_CIPHER 170
# define EVP_F_ALG_MODULE_INIT 177
# define EVP_F_CAMELLIA_INIT_KEY 159
# define EVP_F_CHACHA20_POLY1305_CTRL 182
# define EVP_F_CMLL_T4_INIT_KEY 179
+# define EVP_F_DES_EDE3_WRAP_CIPHER 171
# define EVP_F_DO_SIGVER_INIT 161
# define EVP_F_EVP_CIPHERINIT_EX 123
# define EVP_F_EVP_CIPHER_CTX_COPY 163
@@ -1546,6 +1549,7 @@
# define EVP_R_INPUT_NOT_INITIALIZED 111
# define EVP_R_INVALID_DIGEST 152
# define EVP_R_INVALID_FIPS_MODE 168
+# define EVP_R_INVALID_KEY 163
# define EVP_R_INVALID_KEY_LENGTH 130
# define EVP_R_INVALID_OPERATION 148
# define EVP_R_KEYGEN_FAILURE 120
@@ -1568,12 +1572,12 @@
# define EVP_R_UNKNOWN_DIGEST 161
# define EVP_R_UNKNOWN_OPTION 169
# define EVP_R_UNKNOWN_PBE_ALGORITHM 121
-# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS 135
# define EVP_R_UNSUPPORTED_ALGORITHM 156
# define EVP_R_UNSUPPORTED_CIPHER 107
# define EVP_R_UNSUPPORTED_KEYLENGTH 123
# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
# define EVP_R_UNSUPPORTED_KEY_SIZE 108
+# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS 135
# define EVP_R_UNSUPPORTED_PRF 125
# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
# define EVP_R_UNSUPPORTED_SALT_TYPE 126
diff -Nru openssl-1.1.0c/include/openssl/opensslv.h openssl-1.1.0d/include/openssl/opensslv.h
--- openssl-1.1.0c/include/openssl/opensslv.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/opensslv.h 2017-01-26 14:10:25.000000000 +0100
@@ -39,11 +39,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x1010003fL
+# define OPENSSL_VERSION_NUMBER 0x1010004fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c-fips 10 Nov 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0d-fips 26 Jan 2017"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c 10 Nov 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0d 26 Jan 2017"
# endif
/*-
diff -Nru openssl-1.1.0c/include/openssl/rsa.h openssl-1.1.0d/include/openssl/rsa.h
--- openssl-1.1.0c/include/openssl/rsa.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/rsa.h 2017-01-26 14:10:25.000000000 +0100
@@ -468,6 +468,7 @@
# define RSA_F_PKEY_RSA_CTRL 143
# define RSA_F_PKEY_RSA_CTRL_STR 144
# define RSA_F_PKEY_RSA_SIGN 142
+# define RSA_F_PKEY_RSA_VERIFY 149
# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
# define RSA_F_RSA_ALGOR_TO_MD 156
# define RSA_F_RSA_BUILTIN_KEYGEN 129
diff -Nru openssl-1.1.0c/include/openssl/ssl.h openssl-1.1.0d/include/openssl/ssl.h
--- openssl-1.1.0c/include/openssl/ssl.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/ssl.h 2017-01-26 14:10:25.000000000 +0100
@@ -262,6 +262,9 @@
const unsigned char *in,
size_t inlen, int *al, void *parse_arg);
+/* Typedef for verification callback */
+typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
/* Allow initial connection to servers that don't support RI */
# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004U
/* Removed from OpenSSL 0.9.8q and 1.0.0c */
@@ -1241,7 +1244,7 @@
# define SSL_CTX_set1_sigalgs_list(ctx, s) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
# define SSL_set1_sigalgs(ctx, slist, slistlen) \
- SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist)
+ SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
# define SSL_set1_sigalgs_list(ctx, s) \
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
@@ -1342,9 +1345,8 @@
void SSL_set_read_ahead(SSL *s, int yes);
__owur int SSL_get_verify_mode(const SSL *s);
__owur int SSL_get_verify_depth(const SSL *s);
-__owur int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
-void SSL_set_verify(SSL *s, int mode,
- int (*callback) (int ok, X509_STORE_CTX *ctx));
+__owur SSL_verify_cb SSL_get_verify_callback(const SSL *s);
+void SSL_set_verify(SSL *s, int mode, SSL_verify_cb callback);
void SSL_set_verify_depth(SSL *s, int depth);
void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
# ifndef OPENSSL_NO_RSA
@@ -1443,10 +1445,8 @@
__owur int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
__owur int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-__owur int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
- X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*callback) (int, X509_STORE_CTX *));
+__owur SSL_verify_cb SSL_CTX_get_verify_callback(const SSL_CTX *ctx);
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb callback);
void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
int (*cb) (X509_STORE_CTX *, void *),
@@ -1777,6 +1777,8 @@
__owur const COMP_METHOD *SSL_get_current_compression(SSL *s);
__owur const COMP_METHOD *SSL_get_current_expansion(SSL *s);
__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+__owur const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+__owur int SSL_COMP_get_id(const SSL_COMP *comp);
STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
*meths);
diff -Nru openssl-1.1.0c/include/openssl/ui.h openssl-1.1.0d/include/openssl/ui.h
--- openssl-1.1.0c/include/openssl/ui.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/ui.h 2017-01-26 14:10:25.000000000 +0100
@@ -339,8 +339,12 @@
/* Error codes for the UI functions. */
/* Function codes. */
+# define UI_F_CLOSE_CONSOLE 115
+# define UI_F_ECHO_CONSOLE 116
# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
# define UI_F_GENERAL_ALLOCATE_PROMPT 109
+# define UI_F_NOECHO_CONSOLE 117
+# define UI_F_OPEN_CONSOLE 114
# define UI_F_UI_CREATE_METHOD 112
# define UI_F_UI_CTRL 111
# define UI_F_UI_DUP_ERROR_STRING 101
@@ -350,6 +354,7 @@
# define UI_F_UI_DUP_VERIFY_STRING 106
# define UI_F_UI_GET0_RESULT 107
# define UI_F_UI_NEW_METHOD 104
+# define UI_F_UI_PROCESS 113
# define UI_F_UI_SET_RESULT 105
/* Reason codes. */
@@ -357,9 +362,14 @@
# define UI_R_INDEX_TOO_LARGE 102
# define UI_R_INDEX_TOO_SMALL 103
# define UI_R_NO_RESULT_BUFFER 105
+# define UI_R_PROCESSING_ERROR 107
# define UI_R_RESULT_TOO_LARGE 100
# define UI_R_RESULT_TOO_SMALL 101
+# define UI_R_SYSASSIGN_ERROR 109
+# define UI_R_SYSDASSGN_ERROR 110
+# define UI_R_SYSQIOW_ERROR 111
# define UI_R_UNKNOWN_CONTROL_COMMAND 106
+# define UI_R_UNKNOWN_TTYGET_ERRNO_VALUE 108
# ifdef __cplusplus
}
diff -Nru openssl-1.1.0c/include/openssl/x509_vfy.h openssl-1.1.0d/include/openssl/x509_vfy.h
--- openssl-1.1.0c/include/openssl/x509_vfy.h 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/include/openssl/x509_vfy.h 2017-01-26 14:10:25.000000000 +0100
@@ -272,6 +272,7 @@
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
#define X509_STORE_set_verify_func(ctx, func) \
@@ -458,12 +459,17 @@
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
STACK_OF(ASN1_OBJECT) *policies);
+int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+ uint32_t flags);
+uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
const char *name, size_t namelen);
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
diff -Nru openssl-1.1.0c/INSTALL openssl-1.1.0d/INSTALL
--- openssl-1.1.0c/INSTALL 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/INSTALL 2017-01-26 14:10:21.000000000 +0100
@@ -379,19 +379,19 @@
Don't build SRTP support
no-sse2
- Exclude SSE2 code paths. Normally SSE2 extension is
- detected at run-time, but the decision whether or not the
- machine code will be executed is taken solely on CPU
- capability vector. This means that if you happen to run OS
- kernel which does not support SSE2 extension on Intel P4
- processor, then your application might be exposed to
- "illegal instruction" exception. There might be a way
- to enable support in kernel, e.g. FreeBSD kernel can be
- compiled with CPU_ENABLE_SSE, and there is a way to
- disengage SSE2 code paths upon application start-up,
- but if you aim for wider "audience" running such kernel,
- consider no-sse2. Both the 386 and no-asm options imply
- no-sse2.
+ Exclude SSE2 code paths from 32-bit x86 assembly modules.
+ Normally SSE2 extension is detected at run-time, but the
+ decision whether or not the machine code will be executed
+ is taken solely on CPU capability vector. This means that
+ if you happen to run OS kernel which does not support SSE2
+ extension on Intel P4 processor, then your application
+ might be exposed to "illegal instruction" exception.
+ There might be a way to enable support in kernel, e.g.
+ FreeBSD kernel can be compiled with CPU_ENABLE_SSE, and
+ there is a way to disengage SSE2 code paths upon application
+ start-up, but if you aim for wider "audience" running
+ such kernel, consider no-sse2. Both the 386 and
+ no-asm options imply no-sse2.
enable-ssl-trace
Build with the SSL Trace capabilities (adds the "-trace"
@@ -451,11 +451,12 @@
where loading of shared libraries is supported.
386
- On Intel hardware, use the 80386 instruction set only
- (the default x86 code is more efficient, but requires at
- least a 486). Note: Use compiler flags for any other CPU
- specific configuration, e.g. "-m32" to build x86 code on
- an x64 system.
+ In 32-bit x86 builds, when generating assembly modules,
+ use the 80386 instruction set only (the default x86 code
+ is more efficient, but requires at least a 486). Note:
+ This doesn't affect code generated by compiler, you're
+ likely to complement configuration command line with
+ suitable compiler-specific option.
no-<prot>
Don't build support for negotiating the specified SSL/TLS
@@ -487,7 +488,12 @@
These system specific options will be passed through to the
compiler to allow you to define preprocessor symbols, specify
additional libraries, library directories or other compiler
- options.
+ options. It might be worth noting that some compilers
+ generate code specifically for processor the compiler
+ currently executes on. This is not necessarily what you might
+ have in mind, since it might be unsuitable for execution on
+ other, typically older, processor. Consult your compiler
+ documentation.
Installation in Detail
diff -Nru openssl-1.1.0c/NEWS openssl-1.1.0d/NEWS
--- openssl-1.1.0c/NEWS 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/NEWS 2017-01-26 14:10:21.000000000 +0100
@@ -5,6 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017]
+
+ o Truncated packet could crash via OOB read (CVE-2017-3731)
+ o Bad (EC)DHE parameters cause a client crash (CVE-2017-3730)
+ o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+
Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016]
o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
diff -Nru openssl-1.1.0c/README openssl-1.1.0d/README
--- openssl-1.1.0c/README 2016-11-10 15:03:43.000000000 +0100
+++ openssl-1.1.0d/README 2017-01-26 14:10:21.000000000 +0100
@@ -1,5 +1,5 @@
- OpenSSL 1.1.0c 10 Nov 2016
+ OpenSSL 1.1.0d 26 Jan 2017
Copyright (c) 1998-2016 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -Nru openssl-1.1.0c/ssl/d1_lib.c openssl-1.1.0d/ssl/d1_lib.c
--- openssl-1.1.0c/ssl/d1_lib.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/d1_lib.c 2017-01-26 14:10:25.000000000 +0100
@@ -441,6 +441,11 @@
BIO_ADDR *tmpclient = NULL;
PACKET pkt, msgpkt, msgpayload, session, cookiepkt;
+ if (s->handshake_func == NULL) {
+ /* Not properly initialized yet */
+ SSL_set_accept_state(s);
+ }
+
/* Ensure there is no state left over from a previous invocation */
if (!SSL_clear(s))
return -1;
diff -Nru openssl-1.1.0c/ssl/record/rec_layer_s3.c openssl-1.1.0d/ssl/record/rec_layer_s3.c
--- openssl-1.1.0c/ssl/record/rec_layer_s3.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/record/rec_layer_s3.c 2017-01-26 14:10:25.000000000 +0100
@@ -17,10 +17,6 @@
#include <openssl/rand.h>
#include "record_locl.h"
-#ifndef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
#if defined(OPENSSL_SMALL_FOOTPRINT) || \
!( defined(AES_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
@@ -39,8 +35,6 @@
void RECORD_LAYER_clear(RECORD_LAYER *rl)
{
- unsigned int pipes;
-
rl->rstate = SSL_ST_READ_HEADER;
/*
@@ -62,9 +56,7 @@
rl->wpend_buf = NULL;
SSL3_BUFFER_clear(&rl->rbuf);
- for (pipes = 0; pipes < rl->numwpipes; pipes++)
- SSL3_BUFFER_clear(&rl->wbuf[pipes]);
- rl->numwpipes = 0;
+ ssl3_release_write_buffer(rl->s);
rl->numrpipes = 0;
SSL3_RECORD_clear(rl->rrec, SSL_MAX_PIPELINES);
@@ -178,10 +170,7 @@
}
/*
- * Return values are as per SSL_read(), i.e.
- * >0 The number of read bytes
- * 0 Failure (not retryable)
- * <0 Failure (may be retryable)
+ * Return values are as per SSL_read()
*/
int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
{
@@ -312,7 +301,7 @@
if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
if (len + left == 0)
ssl3_release_read_buffer(s);
- return -1;
+ return i;
}
left += i;
/*
@@ -882,10 +871,7 @@
/* if s->s3->wbuf.left != 0, we need to call this
*
- * Return values are as per SSL_read(), i.e.
- * >0 The number of read bytes
- * 0 Failure (not retryable)
- * <0 Failure (may be retryable)
+ * Return values are as per SSL_write()
*/
int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
unsigned int len)
@@ -936,7 +922,7 @@
*/
SSL3_BUFFER_set_left(&wb[currbuf], 0);
}
- return -1;
+ return i;
}
SSL3_BUFFER_add_offset(&wb[currbuf], i);
SSL3_BUFFER_add_left(&wb[currbuf], -i);
@@ -1307,7 +1293,12 @@
return (-1);
}
}
+ } else {
+ SSL3_RECORD_set_read(rr);
}
+ } else {
+ /* Does this ever happen? */
+ SSL3_RECORD_set_read(rr);
}
/*
* we either finished a handshake or ignored the request, now try
diff -Nru openssl-1.1.0c/ssl/record/ssl3_buffer.c openssl-1.1.0d/ssl/record/ssl3_buffer.c
--- openssl-1.1.0c/ssl/record/ssl3_buffer.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/record/ssl3_buffer.c 2017-01-26 14:10:25.000000000 +0100
@@ -105,13 +105,17 @@
wb = RECORD_LAYER_get_wbuf(&s->rlayer);
for (currpipe = 0; currpipe < numwpipes; currpipe++) {
- if (wb[currpipe].buf == NULL) {
- if ((p = OPENSSL_malloc(len)) == NULL) {
+ SSL3_BUFFER *thiswb = &wb[currpipe];
+
+ if (thiswb->buf == NULL) {
+ p = OPENSSL_malloc(len);
+ if (p == NULL) {
s->rlayer.numwpipes = currpipe;
goto err;
}
- wb[currpipe].buf = p;
- wb[currpipe].len = len;
+ memset(thiswb, 0, sizeof(SSL3_BUFFER));
+ thiswb->buf = p;
+ thiswb->len = len;
}
}
diff -Nru openssl-1.1.0c/ssl/record/ssl3_record.c openssl-1.1.0d/ssl/record/ssl3_record.c
--- openssl-1.1.0c/ssl/record/ssl3_record.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/record/ssl3_record.c 2017-01-26 14:10:25.000000000 +0100
@@ -1211,13 +1211,13 @@
*/
unsigned mac_end = rec->length;
unsigned mac_start = mac_end - md_size;
+ unsigned in_mac;
/*
* scan_start contains the number of bytes that we can ignore because the
* MAC's position can only vary by 255 bytes.
*/
unsigned scan_start = 0;
unsigned i, j;
- unsigned div_spoiler;
unsigned rotate_offset;
OPENSSL_assert(rec->orig_len >= md_size);
@@ -1230,24 +1230,19 @@
/* This information is public so it's safe to branch based on it. */
if (rec->orig_len > md_size + 255 + 1)
scan_start = rec->orig_len - (md_size + 255 + 1);
- /*
- * div_spoiler contains a multiple of md_size that is used to cause the
- * modulo operation to be constant time. Without this, the time varies
- * based on the amount of padding when running on Intel chips at least.
- * The aim of right-shifting md_size is so that the compiler doesn't
- * figure out that it can remove div_spoiler as that would require it to
- * prove that md_size is always even, which I hope is beyond it.
- */
- div_spoiler = md_size >> 1;
- div_spoiler <<= (sizeof(div_spoiler) - 1) * 8;
- rotate_offset = (div_spoiler + mac_start - scan_start) % md_size;
+ in_mac = 0;
+ rotate_offset = 0;
memset(rotated_mac, 0, md_size);
for (i = scan_start, j = 0; i < rec->orig_len; i++) {
- unsigned char mac_started = constant_time_ge_8(i, mac_start);
- unsigned char mac_ended = constant_time_ge_8(i, mac_end);
+ unsigned mac_started = constant_time_eq(i, mac_start);
+ unsigned mac_ended = constant_time_lt(i, mac_end);
unsigned char b = rec->data[i];
- rotated_mac[j++] |= b & mac_started & ~mac_ended;
+
+ in_mac |= mac_started;
+ in_mac &= mac_ended;
+ rotate_offset |= j & mac_started;
+ rotated_mac[j++] |= b & in_mac;
j &= constant_time_lt(j, md_size);
}
diff -Nru openssl-1.1.0c/ssl/s3_enc.c openssl-1.1.0d/ssl/s3_enc.c
--- openssl-1.1.0c/ssl/s3_enc.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/s3_enc.c 2017-01-26 14:10:25.000000000 +0100
@@ -61,10 +61,10 @@
EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
k++;
- if (k > sizeof buf) {
+ if (k > sizeof(buf)) {
/* bug: 'buf' is too small for this ciphersuite */
SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
- return 0;
+ goto err;
}
for (j = 0; j < k; j++)
@@ -225,7 +225,8 @@
memcpy(mac_secret, ms, i);
- EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
+ goto err2;
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback) {
diff -Nru openssl-1.1.0c/ssl/ssl_ciph.c openssl-1.1.0d/ssl/ssl_ciph.c
--- openssl-1.1.0c/ssl/ssl_ciph.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/ssl_ciph.c 2017-01-26 14:10:25.000000000 +0100
@@ -1868,6 +1868,24 @@
#endif
}
+const char *SSL_COMP_get0_name(const SSL_COMP *comp)
+{
+#ifndef OPENSSL_NO_COMP
+ return comp->name;
+#else
+ return NULL;
+#endif
+}
+
+int SSL_COMP_get_id(const SSL_COMP *comp)
+{
+#ifndef OPENSSL_NO_COMP
+ return comp->id;
+#else
+ return -1;
+#endif
+}
+
/* For a cipher return the index corresponding to the certificate type */
int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
{
diff -Nru openssl-1.1.0c/ssl/ssl_lib.c openssl-1.1.0d/ssl/ssl_lib.c
--- openssl-1.1.0c/ssl/ssl_lib.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/ssl_lib.c 2017-01-26 14:10:25.000000000 +0100
@@ -4175,6 +4175,7 @@
CT_POLICY_EVAL_CTX_set1_cert(ctx, cert);
CT_POLICY_EVAL_CTX_set1_issuer(ctx, issuer);
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(ctx, s->ctx->ctlog_store);
+ CT_POLICY_EVAL_CTX_set_time(ctx, SSL_SESSION_get_time(SSL_get0_session(s)));
scts = SSL_get0_peer_scts(s);
diff -Nru openssl-1.1.0c/ssl/ssl_sess.c openssl-1.1.0d/ssl/ssl_sess.c
--- openssl-1.1.0c/ssl/ssl_sess.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/ssl_sess.c 2017-01-26 14:10:25.000000000 +0100
@@ -660,6 +660,15 @@
* obtain the same session from an external cache)
*/
s = NULL;
+ } else if (s == NULL &&
+ lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+ /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+ /*
+ * ... so take back the extra reference and also don't add
+ * the session to the SSL_SESSION_list at this time
+ */
+ s = c;
}
/* Put at the head of the queue unless it is already in the cache */
diff -Nru openssl-1.1.0c/ssl/statem/statem.c openssl-1.1.0d/ssl/statem/statem.c
--- openssl-1.1.0c/ssl/statem/statem.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/statem/statem.c 2017-01-26 14:10:25.000000000 +0100
@@ -361,6 +361,8 @@
*/
s->ctx->stats.sess_accept_renegotiate++;
}
+
+ s->s3->tmp.cert_request = 0;
} else {
s->ctx->stats.sess_connect++;
@@ -368,7 +370,7 @@
memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
s->hit = 0;
- s->s3->tmp.cert_request = 0;
+ s->s3->tmp.cert_req = 0;
if (SSL_IS_DTLS(s)) {
st->use_timer = 1;
diff -Nru openssl-1.1.0c/ssl/statem/statem_clnt.c openssl-1.1.0d/ssl/statem/statem_clnt.c
--- openssl-1.1.0c/ssl/statem/statem_clnt.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/statem/statem_clnt.c 2017-01-26 14:10:25.000000000 +0100
@@ -1022,8 +1022,9 @@
s->session->ssl_version = s->version;
s->session->session_id_length = session_id_len;
/* session_id_len could be 0 */
- memcpy(s->session->session_id, PACKET_data(&session_id),
- session_id_len);
+ if (session_id_len > 0)
+ memcpy(s->session->session_id, PACKET_data(&session_id),
+ session_id_len);
}
/* Session version and negotiated protocol version should match */
@@ -1413,6 +1414,8 @@
DH *dh = NULL;
BIGNUM *p = NULL, *g = NULL, *bnpub_key = NULL;
+ int check_bits = 0;
+
if (!PACKET_get_length_prefixed_2(pkt, &prime)
|| !PACKET_get_length_prefixed_2(pkt, &generator)
|| !PACKET_get_length_prefixed_2(pkt, &pub_key)) {
@@ -1440,7 +1443,8 @@
goto err;
}
- if (BN_is_zero(p) || BN_is_zero(g) || BN_is_zero(bnpub_key)) {
+ /* test non-zero pupkey */
+ if (BN_is_zero(bnpub_key)) {
*al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_SKE_DHE, SSL_R_BAD_DH_VALUE);
goto err;
@@ -1453,6 +1457,12 @@
}
p = g = NULL;
+ if (DH_check_params(dh, &check_bits) == 0 || check_bits != 0) {
+ *al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_SKE_DHE, SSL_R_BAD_DH_VALUE);
+ goto err;
+ }
+
if (!DH_set0_key(dh, bnpub_key, NULL)) {
*al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_SKE_DHE, ERR_R_BN_LIB);
@@ -2258,6 +2268,11 @@
return 0;
}
ckey = ssl_generate_pkey(skey);
+ if (ckey == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CKE_DHE, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
dh_clnt = EVP_PKEY_get0_DH(ckey);
if (dh_clnt == NULL || ssl_derive(s, ckey, skey) == 0) {
@@ -2296,6 +2311,10 @@
}
ckey = ssl_generate_pkey(skey);
+ if (ckey == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CKE_ECDHE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
if (ssl_derive(s, ckey, skey) == 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CKE_ECDHE, ERR_R_EVP_LIB);
diff -Nru openssl-1.1.0c/ssl/statem/statem_srvr.c openssl-1.1.0d/ssl/statem/statem_srvr.c
--- openssl-1.1.0c/ssl/statem/statem_srvr.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/statem/statem_srvr.c 2017-01-26 14:10:25.000000000 +0100
@@ -276,7 +276,7 @@
* if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
* during re-negotiation:
*/
- && ((s->session->peer == NULL) ||
+ && (s->s3->tmp.finish_md_len == 0 ||
!(s->verify_mode & SSL_VERIFY_CLIENT_ONCE))
/*
* never request cert in anonymous ciphersuites (see
@@ -3256,20 +3256,52 @@
return NULL;
}
- if ((skp == NULL) || (*skp == NULL)) {
- sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
- if (sk == NULL) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- *al = SSL_AD_INTERNAL_ERROR;
- return NULL;
- }
- } else {
- sk = *skp;
- sk_SSL_CIPHER_zero(sk);
+ sk = sk_SSL_CIPHER_new_null();
+ if (sk == NULL) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ *al = SSL_AD_INTERNAL_ERROR;
+ return NULL;
}
- if (!PACKET_memdup(cipher_suites, &s->s3->tmp.ciphers_raw,
- &s->s3->tmp.ciphers_rawlen)) {
+ if (sslv2format) {
+ size_t numciphers = PACKET_remaining(cipher_suites) / n;
+ PACKET sslv2ciphers = *cipher_suites;
+ unsigned int leadbyte;
+ unsigned char *raw;
+
+ /*
+ * We store the raw ciphers list in SSLv3+ format so we need to do some
+ * preprocessing to convert the list first. If there are any SSLv2 only
+ * ciphersuites with a non-zero leading byte then we are going to
+ * slightly over allocate because we won't store those. But that isn't a
+ * problem.
+ */
+ raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN);
+ s->s3->tmp.ciphers_raw = raw;
+ if (raw == NULL) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ for (s->s3->tmp.ciphers_rawlen = 0;
+ PACKET_remaining(&sslv2ciphers) > 0;
+ raw += TLS_CIPHER_LEN) {
+ if (!PACKET_get_1(&sslv2ciphers, &leadbyte)
+ || (leadbyte == 0
+ && !PACKET_copy_bytes(&sslv2ciphers, raw,
+ TLS_CIPHER_LEN))
+ || (leadbyte != 0
+ && !PACKET_forward(&sslv2ciphers, TLS_CIPHER_LEN))) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ OPENSSL_free(raw);
+ s->s3->tmp.ciphers_raw = NULL;
+ s->s3->tmp.ciphers_rawlen = 0;
+ goto err;
+ }
+ if (leadbyte == 0)
+ s->s3->tmp.ciphers_rawlen += TLS_CIPHER_LEN;
+ }
+ } else if (!PACKET_memdup(cipher_suites, &s->s3->tmp.ciphers_raw,
+ &s->s3->tmp.ciphers_rawlen)) {
*al = SSL_AD_INTERNAL_ERROR;
goto err;
}
@@ -3330,11 +3362,9 @@
goto err;
}
- if (skp != NULL)
- *skp = sk;
- return (sk);
+ *skp = sk;
+ return sk;
err:
- if ((skp == NULL) || (*skp == NULL))
- sk_SSL_CIPHER_free(sk);
+ sk_SSL_CIPHER_free(sk);
return NULL;
}
diff -Nru openssl-1.1.0c/ssl/t1_lib.c openssl-1.1.0d/ssl/t1_lib.c
--- openssl-1.1.0c/ssl/t1_lib.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/ssl/t1_lib.c 2017-01-26 14:10:25.000000000 +0100
@@ -176,43 +176,6 @@
0, 24, /* secp384r1 (24) */
};
-static const unsigned char eccurves_all[] = {
- 0, 29, /* X25519 (29) */
- 0, 23, /* secp256r1 (23) */
- 0, 25, /* secp521r1 (25) */
- 0, 24, /* secp384r1 (24) */
- 0, 26, /* brainpoolP256r1 (26) */
- 0, 27, /* brainpoolP384r1 (27) */
- 0, 28, /* brainpool512r1 (28) */
-
- /*
- * Remaining curves disabled by default but still permitted if set
- * via an explicit callback or parameters.
- */
- 0, 22, /* secp256k1 (22) */
- 0, 14, /* sect571r1 (14) */
- 0, 13, /* sect571k1 (13) */
- 0, 11, /* sect409k1 (11) */
- 0, 12, /* sect409r1 (12) */
- 0, 9, /* sect283k1 (9) */
- 0, 10, /* sect283r1 (10) */
- 0, 20, /* secp224k1 (20) */
- 0, 21, /* secp224r1 (21) */
- 0, 18, /* secp192k1 (18) */
- 0, 19, /* secp192r1 (19) */
- 0, 15, /* secp160k1 (15) */
- 0, 16, /* secp160r1 (16) */
- 0, 17, /* secp160r2 (17) */
- 0, 8, /* sect239k1 (8) */
- 0, 6, /* sect233k1 (6) */
- 0, 7, /* sect233r1 (7) */
- 0, 4, /* sect193r1 (4) */
- 0, 5, /* sect193r2 (5) */
- 0, 1, /* sect163k1 (1) */
- 0, 2, /* sect163r1 (2) */
- 0, 3, /* sect163r2 (3) */
-};
-
static const unsigned char suiteb_curves[] = {
0, TLSEXT_curve_P_256,
0, TLSEXT_curve_P_384
@@ -256,6 +219,7 @@
const unsigned char **pcurves, size_t *num_curves)
{
size_t pcurveslen = 0;
+
if (sess) {
*pcurves = s->session->tlsext_ellipticcurvelist;
pcurveslen = s->session->tlsext_ellipticcurvelist_length;
@@ -291,10 +255,9 @@
SSLerr(SSL_F_TLS1_GET_CURVELIST, ERR_R_INTERNAL_ERROR);
*num_curves = 0;
return 0;
- } else {
- *num_curves = pcurveslen / 2;
- return 1;
}
+ *num_curves = pcurveslen / 2;
+ return 1;
}
/* See if curve is allowed by security callback */
@@ -356,6 +319,7 @@
const unsigned char *pref, *supp;
size_t num_pref, num_supp, i, j;
int k;
+
/* Can't do anything on client side */
if (s->server == 0)
return -1;
@@ -366,6 +330,7 @@
* these are acceptable due to previous checks.
*/
unsigned long cid = s->s3->tmp.new_cipher->id;
+
if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
return NID_X9_62_prime256v1; /* P-256 */
if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
@@ -380,37 +345,26 @@
* Avoid truncation. tls1_get_curvelist takes an int
* but s->options is a long...
*/
- if (!tls1_get_curvelist
- (s, (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0, &supp,
- &num_supp))
+ if (!tls1_get_curvelist(s,
+ (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0,
+ &supp, &num_supp))
/* In practice, NID_undef == 0 but let's be precise. */
return nmatch == -1 ? 0 : NID_undef;
- if (!tls1_get_curvelist
- (s, !(s->options & SSL_OP_CIPHER_SERVER_PREFERENCE), &pref, &num_pref))
+ if (!tls1_get_curvelist(s,
+ (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) == 0,
+ &pref, &num_pref))
return nmatch == -1 ? 0 : NID_undef;
- /*
- * If the client didn't send the elliptic_curves extension all of them
- * are allowed.
- */
- if (num_supp == 0 && (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0) {
- supp = eccurves_all;
- num_supp = sizeof(eccurves_all) / 2;
- } else if (num_pref == 0 &&
- (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) == 0) {
- pref = eccurves_all;
- num_pref = sizeof(eccurves_all) / 2;
- }
-
- k = 0;
- for (i = 0; i < num_pref; i++, pref += 2) {
+ for (k = 0, i = 0; i < num_pref; i++, pref += 2) {
const unsigned char *tsupp = supp;
+
for (j = 0; j < num_supp; j++, tsupp += 2) {
if (pref[0] == tsupp[0] && pref[1] == tsupp[1]) {
if (!tls_curve_allowed(s, pref, SSL_SECOP_CURVE_SHARED))
continue;
if (nmatch == k) {
int id = (pref[0] << 8) | pref[1];
+
return tls1_ec_curve_id2nid(id, NULL);
}
k++;
diff -Nru openssl-1.1.0c/test/asynciotest.c openssl-1.1.0d/test/asynciotest.c
--- openssl-1.1.0c/test/asynciotest.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/test/asynciotest.c 2017-01-26 14:10:25.000000000 +0100
@@ -85,7 +85,7 @@
static int async_read(BIO *bio, char *out, int outl)
{
struct async_ctrs *ctrs;
- int ret = 0;
+ int ret = -1;
BIO *next = BIO_next(bio);
if (outl <= 0)
@@ -120,7 +120,7 @@
static int async_write(BIO *bio, const char *in, int inl)
{
struct async_ctrs *ctrs;
- int ret = 0;
+ int ret = -1;
size_t written = 0;
BIO *next = BIO_next(bio);
@@ -297,32 +297,59 @@
* we hit at least one async event in both reading and writing
*/
for (j = 0; j < 2; j++) {
+ int len;
+
/*
* Write some test data. It should never take more than 2 attempts
- * (the first one might be a retryable fail). A zero return from
- * SSL_write() is a non-retryable failure, so fail immediately if
- * we get that.
+ * (the first one might be a retryable fail).
*/
- for (ret = -1, i = 0; ret < 0 && i < 2 * sizeof(testdata); i++)
- ret = SSL_write(clientssl, testdata, sizeof(testdata));
- if (ret <= 0) {
- printf("Test %d failed: Failed to write app data\n", test);
+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
+ i++) {
+ ret = SSL_write(clientssl, testdata + len,
+ sizeof(testdata) - len);
+ if (ret > 0) {
+ len += ret;
+ } else {
+ int ssl_error = SSL_get_error(clientssl, ret);
+
+ if (ssl_error == SSL_ERROR_SYSCALL ||
+ ssl_error == SSL_ERROR_SSL) {
+ printf("Test %d failed: Failed to write app data\n", test);
+ err = -1;
+ goto end;
+ }
+ }
+ }
+ if (len != sizeof(testdata)) {
+ err = -1;
+ printf("Test %d failed: Failed to write all app data\n", test);
goto end;
}
/*
* Now read the test data. It may take more attemps here because
* it could fail once for each byte read, including all overhead
- * bytes from the record header/padding etc. Fail immediately if we
- * get a zero return from SSL_read().
+ * bytes from the record header/padding etc.
*/
- for (ret = -1, i = 0; ret < 0 && i < MAX_ATTEMPTS; i++)
- ret = SSL_read(serverssl, buf, sizeof(buf));
- if (ret <= 0) {
- printf("Test %d failed: Failed to read app data\n", test);
- goto end;
+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
+ i < MAX_ATTEMPTS; i++)
+ {
+ ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);
+ if (ret > 0) {
+ len += ret;
+ } else {
+ int ssl_error = SSL_get_error(serverssl, ret);
+
+ if (ssl_error == SSL_ERROR_SYSCALL ||
+ ssl_error == SSL_ERROR_SSL) {
+ printf("Test %d failed: Failed to read app data\n", test);
+ err = -1;
+ goto end;
+ }
+ }
}
- if (ret != sizeof(testdata)
+ if (len != sizeof(testdata)
|| memcmp(buf, testdata, sizeof(testdata)) != 0) {
+ err = -1;
printf("Test %d failed: Unexpected app data received\n", test);
goto end;
}
diff -Nru openssl-1.1.0c/test/bad_dtls_test.c openssl-1.1.0d/test/bad_dtls_test.c
--- openssl-1.1.0c/test/bad_dtls_test.c 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/test/bad_dtls_test.c 2017-01-26 14:10:25.000000000 +0100
@@ -451,6 +451,7 @@
BIO *rbio;
BIO *wbio;
BIO *err;
+ time_t now = 0;
int testresult = 0;
int ret;
int i;
@@ -464,7 +465,9 @@
RAND_bytes(master_secret, sizeof(master_secret));
RAND_bytes(cookie, sizeof(cookie));
RAND_bytes(server_random + 4, sizeof(server_random) - 4);
- time((void *)server_random);
+
+ now = time(NULL);
+ memcpy(server_random, &now, sizeof(now));
sess = client_session();
if (sess == NULL) {
diff -Nru openssl-1.1.0c/test/build.info openssl-1.1.0d/test/build.info
--- openssl-1.1.0c/test/build.info 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/test/build.info 2017-01-26 14:10:25.000000000 +0100
@@ -11,7 +11,7 @@
randtest dhtest enginetest casttest \
bftest ssltest_old dsatest exptest rsa_test \
evp_test evp_extra_test igetest v3nametest v3ext \
- danetest heartbeat_test p5_crpt2_test bad_dtls_test \
+ crltest danetest heartbeat_test p5_crpt2_test bad_dtls_test \
constant_time_test verify_extra_test clienthellotest \
packettest asynctest secmemtest srptest memleaktest \
dtlsv1listentest ct_test threadstest afalgtest d2i_test \
@@ -162,6 +162,10 @@
INCLUDE[v3nametest]=../include
DEPEND[v3nametest]=../libcrypto
+ SOURCE[crltest]=crltest.c testutil.c
+ INCLUDE[crltest]=../include
+ DEPEND[crltest]=../libcrypto
+
SOURCE[v3ext]=v3ext.c
INCLUDE[v3ext]=../include
DEPEND[v3ext]=../libcrypto
@@ -264,7 +268,7 @@
DEPEND[bioprinttest]=../libcrypto
SOURCE[sslapitest]=sslapitest.c ssltestlib.c testutil.c
- INCLUDE[sslapitest]=../include
+ INCLUDE[sslapitest]=../include ..
DEPEND[sslapitest]=../libcrypto ../libssl
SOURCE[dtlstest]=dtlstest.c ssltestlib.c testutil.c
diff -Nru openssl-1.1.0c/test/crltest.c openssl-1.1.0d/test/crltest.c
--- openssl-1.1.0c/test/crltest.c 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/test/crltest.c 2017-01-26 14:10:25.000000000 +0100
@@ -0,0 +1,378 @@
+/*
+ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include "../e_os.h"
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+
+#include "testutil.h"
+
+#define PARAM_TIME 1474934400 /* Sep 27th, 2016 */
+
+static const char *kCRLTestRoot[] = {
+ "-----BEGIN CERTIFICATE-----\n",
+ "MIIDbzCCAlegAwIBAgIJAODri7v0dDUFMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV\n",
+ "BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBW\n",
+ "aWV3MRIwEAYDVQQKDAlCb3JpbmdTU0wwHhcNMTYwOTI2MTUwNjI2WhcNMjYwOTI0\n",
+ "MTUwNjI2WjBOMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQG\n",
+ "A1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJQm9yaW5nU1NMMIIBIjANBgkq\n",
+ "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo16WiLWZuaymsD8n5SKPmxV1y6jjgr3B\n",
+ "S/dUBpbrzd1aeFzNlI8l2jfAnzUyp+I21RQ+nh/MhqjGElkTtK9xMn1Y+S9GMRh+\n",
+ "5R/Du0iCb1tCZIPY07Tgrb0KMNWe0v2QKVVruuYSgxIWodBfxlKO64Z8AJ5IbnWp\n",
+ "uRqO6rctN9qUoMlTIAB6dL4G0tDJ/PGFWOJYwOMEIX54bly2wgyYJVBKiRRt4f7n\n",
+ "8H922qmvPNA9idmX9G1VAtgV6x97XXi7ULORIQvn9lVQF6nTYDBJhyuPB+mLThbL\n",
+ "P2o9orxGx7aCtnnBZUIxUvHNOI0FaSaZH7Fi0xsZ/GkG2HZe7ImPJwIDAQABo1Aw\n",
+ "TjAdBgNVHQ4EFgQUWPt3N5cZ/CRvubbrkqfBnAqhq94wHwYDVR0jBBgwFoAUWPt3\n",
+ "N5cZ/CRvubbrkqfBnAqhq94wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC\n",
+ "AQEAORu6M0MOwXy+3VEBwNilfTxyqDfruQsc1jA4PT8Oe8zora1WxE1JB4q2FJOz\n",
+ "EAuM3H/NXvEnBuN+ITvKZAJUfm4NKX97qmjMJwLKWe1gVv+VQTr63aR7mgWJReQN\n",
+ "XdMztlVeZs2dppV6uEg3ia1X0G7LARxGpA9ETbMyCpb39XxlYuTClcbA5ftDN99B\n",
+ "3Xg9KNdd++Ew22O3HWRDvdDpTO/JkzQfzi3sYwUtzMEonENhczJhGf7bQMmvL/w5\n",
+ "24Wxj4Z7KzzWIHsNqE/RIs6RV3fcW61j/mRgW2XyoWnMVeBzvcJr9NXp4VQYmFPw\n",
+ "amd8GKMZQvP0ufGnUn7D7uartA==\n",
+ "-----END CERTIFICATE-----\n",
+ NULL
+};
+
+static const char *kCRLTestLeaf[] = {
+ "-----BEGIN CERTIFICATE-----\n",
+ "MIIDkDCCAnigAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UEBhMCVVMx\n",
+ "EzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxEjAQ\n",
+ "BgNVBAoMCUJvcmluZ1NTTDAeFw0xNjA5MjYxNTA4MzFaFw0xNzA5MjYxNTA4MzFa\n",
+ "MEsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQKDAlC\n",
+ "b3JpbmdTU0wxEzARBgNVBAMMCmJvcmluZy5zc2wwggEiMA0GCSqGSIb3DQEBAQUA\n",
+ "A4IBDwAwggEKAoIBAQDc5v1S1M0W+QWM+raWfO0LH8uvqEwuJQgODqMaGnSlWUx9\n",
+ "8iQcnWfjyPja3lWg9K62hSOFDuSyEkysKHDxijz5R93CfLcfnVXjWQDJe7EJTTDP\n",
+ "ozEvxN6RjAeYv7CF000euYr3QT5iyBjg76+bon1p0jHZBJeNPP1KqGYgyxp+hzpx\n",
+ "e0gZmTlGAXd8JQK4v8kpdYwD6PPifFL/jpmQpqOtQmH/6zcLjY4ojmqpEdBqIKIX\n",
+ "+saA29hMq0+NK3K+wgg31RU+cVWxu3tLOIiesETkeDgArjWRS1Vkzbi4v9SJxtNu\n",
+ "OZuAxWiynRJw3JwH/OFHYZIvQqz68ZBoj96cepjPAgMBAAGjezB5MAkGA1UdEwQC\n",
+ "MAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRl\n",
+ "MB0GA1UdDgQWBBTGn0OVVh/aoYt0bvEKG+PIERqnDzAfBgNVHSMEGDAWgBRY+3c3\n",
+ "lxn8JG+5tuuSp8GcCqGr3jANBgkqhkiG9w0BAQsFAAOCAQEAd2nM8gCQN2Dc8QJw\n",
+ "XSZXyuI3DBGGCHcay/3iXu0JvTC3EiQo8J6Djv7WLI0N5KH8mkm40u89fJAB2lLZ\n",
+ "ShuHVtcC182bOKnePgwp9CNwQ21p0rDEu/P3X46ZvFgdxx82E9xLa0tBB8PiPDWh\n",
+ "lV16jbaKTgX5AZqjnsyjR5o9/mbZVupZJXx5Syq+XA8qiJfstSYJs4KyKK9UOjql\n",
+ "ICkJVKpi2ahDBqX4MOH4SLfzVk8pqSpviS6yaA1RXqjpkxiN45WWaXDldVHMSkhC\n",
+ "5CNXsXi4b1nAntu89crwSLA3rEwzCWeYj+BX7e1T9rr3oJdwOU/2KQtW1js1yQUG\n",
+ "tjJMFw==\n",
+ "-----END CERTIFICATE-----\n",
+ NULL
+};
+
+static const char *kBasicCRL[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBpzCBkAIBATANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJ\n",
+ "Qm9yaW5nU1NMFw0xNjA5MjYxNTEwNTVaFw0xNjEwMjYxNTEwNTVaoA4wDDAKBgNV\n",
+ "HRQEAwIBATANBgkqhkiG9w0BAQsFAAOCAQEAnrBKKgvd9x9zwK9rtUvVeFeJ7+LN\n",
+ "ZEAc+a5oxpPNEsJx6hXoApYEbzXMxuWBQoCs5iEBycSGudct21L+MVf27M38KrWo\n",
+ "eOkq0a2siqViQZO2Fb/SUFR0k9zb8xl86Zf65lgPplALun0bV/HT7MJcl04Tc4os\n",
+ "dsAReBs5nqTGNEd5AlC1iKHvQZkM//MD51DspKnDpsDiUVi54h9C1SpfZmX8H2Vv\n",
+ "diyu0fZ/bPAM3VAGawatf/SyWfBMyKpoPXEG39oAzmjjOj8en82psn7m474IGaho\n",
+ "/vBbhl1ms5qQiLYPjm4YELtnXQoFyC72tBjbdFd/ZE9k4CNKDbxFUXFbkw==\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+static const char *kRevokedCRL[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBvjCBpwIBATANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJ\n",
+ "Qm9yaW5nU1NMFw0xNjA5MjYxNTEyNDRaFw0xNjEwMjYxNTEyNDRaMBUwEwICEAAX\n",
+ "DTE2MDkyNjE1MTIyNlqgDjAMMAoGA1UdFAQDAgECMA0GCSqGSIb3DQEBCwUAA4IB\n",
+ "AQCUGaM4DcWzlQKrcZvI8TMeR8BpsvQeo5BoI/XZu2a8h//PyRyMwYeaOM+3zl0d\n",
+ "sjgCT8b3C1FPgT+P2Lkowv7rJ+FHJRNQkogr+RuqCSPTq65ha4WKlRGWkMFybzVH\n",
+ "NloxC+aU3lgp/NlX9yUtfqYmJek1CDrOOGPrAEAwj1l/BUeYKNGqfBWYJQtPJu+5\n",
+ "OaSvIYGpETCZJscUWODmLEb/O3DM438vLvxonwGqXqS0KX37+CHpUlyhnSovxXxp\n",
+ "Pz4aF+L7OtczxL0GYtD2fR9B7TDMqsNmHXgQrixvvOY7MUdLGbd4RfJL3yA53hyO\n",
+ "xzfKY2TzxLiOmctG0hXFkH5J\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+static const char *kBadIssuerCRL[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBwjCBqwIBATANBgkqhkiG9w0BAQsFADBSMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEWMBQGA1UECgwN\n",
+ "Tm90IEJvcmluZ1NTTBcNMTYwOTI2MTUxMjQ0WhcNMTYxMDI2MTUxMjQ0WjAVMBMC\n",
+ "AhAAFw0xNjA5MjYxNTEyMjZaoA4wDDAKBgNVHRQEAwIBAjANBgkqhkiG9w0BAQsF\n",
+ "AAOCAQEAlBmjOA3Fs5UCq3GbyPEzHkfAabL0HqOQaCP12btmvIf/z8kcjMGHmjjP\n",
+ "t85dHbI4Ak/G9wtRT4E/j9i5KML+6yfhRyUTUJKIK/kbqgkj06uuYWuFipURlpDB\n",
+ "cm81RzZaMQvmlN5YKfzZV/clLX6mJiXpNQg6zjhj6wBAMI9ZfwVHmCjRqnwVmCUL\n",
+ "TybvuTmkryGBqREwmSbHFFjg5ixG/ztwzON/Ly78aJ8Bql6ktCl9+/gh6VJcoZ0q\n",
+ "L8V8aT8+Ghfi+zrXM8S9BmLQ9n0fQe0wzKrDZh14EK4sb7zmOzFHSxm3eEXyS98g\n",
+ "Od4cjsc3ymNk88S4jpnLRtIVxZB+SQ==\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+/*
+ * This is kBasicCRL but with a critical issuing distribution point
+ * extension.
+ */
+static const char *kKnownCriticalCRL[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBujCBowIBATANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJ\n",
+ "Qm9yaW5nU1NMFw0xNjA5MjYxNTEwNTVaFw0xNjEwMjYxNTEwNTVaoCEwHzAKBgNV\n",
+ "HRQEAwIBATARBgNVHRwBAf8EBzAFoQMBAf8wDQYJKoZIhvcNAQELBQADggEBAA+3\n",
+ "i+5e5Ub8sccfgOBs6WVJFI9c8gvJjrJ8/dYfFIAuCyeocs7DFXn1n13CRZ+URR/Q\n",
+ "mVWgU28+xeusuSPYFpd9cyYTcVyNUGNTI3lwgcE/yVjPaOmzSZKdPakApRxtpKKQ\n",
+ "NN/56aQz3bnT/ZSHQNciRB8U6jiD9V30t0w+FDTpGaG+7bzzUH3UVF9xf9Ctp60A\n",
+ "3mfLe0scas7owSt4AEFuj2SPvcE7yvdOXbu+IEv21cEJUVExJAbhvIweHXh6yRW+\n",
+ "7VVeiNzdIjkZjyTmAzoXGha4+wbxXyBRbfH+XWcO/H+8nwyG8Gktdu2QB9S9nnIp\n",
+ "o/1TpfOMSGhMyMoyPrk=\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+/*
+ * kUnknownCriticalCRL is kBasicCRL but with an unknown critical extension.
+ */
+static const char *kUnknownCriticalCRL[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBvDCBpQIBATANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJ\n",
+ "Qm9yaW5nU1NMFw0xNjA5MjYxNTEwNTVaFw0xNjEwMjYxNTEwNTVaoCMwITAKBgNV\n",
+ "HRQEAwIBATATBgwqhkiG9xIEAYS3CQABAf8EADANBgkqhkiG9w0BAQsFAAOCAQEA\n",
+ "GvBP0xqL509InMj/3493YVRV+ldTpBv5uTD6jewzf5XdaxEQ/VjTNe5zKnxbpAib\n",
+ "Kf7cwX0PMSkZjx7k7kKdDlEucwVvDoqC+O9aJcqVmM6GDyNb9xENxd0XCXja6MZC\n",
+ "yVgP4AwLauB2vSiEprYJyI1APph3iAEeDm60lTXX/wBM/tupQDDujKh2GPyvBRfJ\n",
+ "+wEDwGg3ICwvu4gO4zeC5qnFR+bpL9t5tOMAQnVZ0NWv+k7mkd2LbHdD44dxrfXC\n",
+ "nhtfERx99SDmC/jtUAJrGhtCO8acr7exCeYcduN7KKCm91OeCJKK6OzWst0Og1DB\n",
+ "kwzzU2rL3G65CrZ7H0SZsQ==\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+/*
+ * kUnknownCriticalCRL2 is kBasicCRL but with a critical issuing distribution
+ * point extension followed by an unknown critical extension
+ */
+static const char *kUnknownCriticalCRL2[] = {
+ "-----BEGIN X509 CRL-----\n",
+ "MIIBzzCBuAIBATANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzETMBEGA1UE\n",
+ "CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzESMBAGA1UECgwJ\n",
+ "Qm9yaW5nU1NMFw0xNjA5MjYxNTEwNTVaFw0xNjEwMjYxNTEwNTVaoDYwNDAKBgNV\n",
+ "HRQEAwIBATARBgNVHRwBAf8EBzAFoQMBAf8wEwYMKoZIhvcSBAGEtwkAAQH/BAAw\n",
+ "DQYJKoZIhvcNAQELBQADggEBACTcpQC8jXL12JN5YzOcQ64ubQIe0XxRAd30p7qB\n",
+ "BTXGpgqBjrjxRfLms7EBYodEXB2oXMsDq3km0vT1MfYdsDD05S+SQ9CDsq/pUfaC\n",
+ "E2WNI5p8WircRnroYvbN2vkjlRbMd1+yNITohXYXCJwjEOAWOx3XIM10bwPYBv4R\n",
+ "rDobuLHoMgL3yHgMHmAkP7YpkBucNqeBV8cCdeAZLuhXFWi6yfr3r/X18yWbC/r2\n",
+ "2xXdkrSqXLFo7ToyP8YKTgiXpya4x6m53biEYwa2ULlas0igL6DK7wjYZX95Uy7H\n",
+ "GKljn9weIYiMPV/BzGymwfv2EW0preLwtyJNJPaxbdin6Jc=\n",
+ "-----END X509 CRL-----\n",
+ NULL
+};
+
+
+/*
+ * Glue an array of strings together. Return a BIO and put the string
+ * into |*out| so we can free it.
+ */
+static BIO *glue(const char **pem, char **out)
+{
+ char *dest;
+ int i;
+ size_t s = 0;
+
+ /* Glue the strings together. */
+ for (i = 0; pem[i] != NULL; ++i)
+ s += strlen(pem[i]);
+ dest = *out = OPENSSL_malloc(s + 1);
+ if (dest == NULL)
+ return NULL;
+ for (i = 0; pem[i] != NULL; ++i)
+ dest += strlen(strcpy(dest, pem[i]));
+ return BIO_new_mem_buf(*out, s);
+}
+
+/*
+ * Create a CRL from an array of strings.
+ */
+static X509_CRL *CRL_from_strings(const char **pem)
+{
+ char *p;
+ BIO *b = glue(pem, &p);
+ X509_CRL *crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
+
+ OPENSSL_free(p);
+ BIO_free(b);
+ return crl;
+}
+
+/*
+ * Create an X509 from an array of strings.
+ */
+static X509 *X509_from_strings(const char **pem)
+{
+ char *p;
+ BIO *b = glue(pem, &p);
+ X509 *x = PEM_read_bio_X509(b, NULL, NULL, NULL);
+
+ OPENSSL_free(p);
+ BIO_free(b);
+ return x;
+}
+
+/*
+ * Verify |leaf| certificate (chained up to |root|). |crls| if
+ * not NULL, is a list of CRLs to include in the verification. It is
+ * also free'd before returning, which is kinda yucky but convenient.
+ * Returns a value from X509_V_ERR_xxx or X509_V_OK.
+ */
+static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
+ unsigned long flags)
+{
+ X509_STORE_CTX *ctx = X509_STORE_CTX_new();
+ X509_STORE *store = X509_STORE_new();
+ X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new();
+ STACK_OF(X509) *roots = sk_X509_new_null();
+ int status = X509_V_ERR_UNSPECIFIED;
+
+ if (ctx == NULL || store == NULL || param == NULL || roots == NULL)
+ goto err;
+
+ /* Create a stack; upref the cert because we free it below. */
+ X509_up_ref(root);
+ if (!sk_X509_push(roots, root))
+ goto err;
+
+ if (!X509_STORE_CTX_init(ctx, store, leaf, NULL))
+ goto err;
+ X509_STORE_CTX_set0_trusted_stack(ctx, roots);
+ X509_STORE_CTX_set0_crls(ctx, crls);
+ X509_VERIFY_PARAM_set_time(param, PARAM_TIME);
+ if (X509_VERIFY_PARAM_get_time(param) != PARAM_TIME) {
+ fprintf(stderr, "set_time/get_time mismatch.\n");
+ goto err;
+ }
+ X509_VERIFY_PARAM_set_depth(param, 16);
+ if (flags)
+ X509_VERIFY_PARAM_set_flags(param, flags);
+ X509_STORE_CTX_set0_param(ctx, param);
+
+ ERR_clear_error();
+ status = X509_verify_cert(ctx) == 1 ? X509_V_OK
+ : X509_STORE_CTX_get_error(ctx);
+err:
+ sk_X509_pop_free(roots, X509_free);
+ sk_X509_CRL_pop_free(crls, X509_CRL_free);
+ X509_STORE_CTX_free(ctx);
+ X509_STORE_free(store);
+ return status;
+}
+
+/*
+ * Create a stack of CRL's. Upref each one because we call pop_free on
+ * the stack and need to keep the CRL's around until the test exits.
+ * Yes this crashes on malloc failure; it forces us to debug.
+ */
+static STACK_OF(X509_CRL) *make_CRL_stack(X509_CRL *x1, X509_CRL *x2)
+{
+ STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null();
+
+ sk_X509_CRL_push(sk, x1);
+ X509_CRL_up_ref(x1);
+ if (x2 != NULL) {
+ sk_X509_CRL_push(sk, x2);
+ X509_CRL_up_ref(x2);
+ }
+ return sk;
+}
+
+static int test_crl()
+{
+ X509 *root = X509_from_strings(kCRLTestRoot);
+ X509 *leaf = X509_from_strings(kCRLTestLeaf);
+ X509_CRL *basic_crl = CRL_from_strings(kBasicCRL);
+ X509_CRL *revoked_crl = CRL_from_strings(kRevokedCRL);
+ X509_CRL *bad_issuer_crl = CRL_from_strings(kBadIssuerCRL);
+ X509_CRL *known_critical_crl = CRL_from_strings(kKnownCriticalCRL);
+ X509_CRL *unknown_critical_crl = CRL_from_strings(kUnknownCriticalCRL);
+ X509_CRL *unknown_critical_crl2 = CRL_from_strings(kUnknownCriticalCRL2);
+ int status = 0;
+
+ if (root == NULL || leaf == NULL || basic_crl == NULL
+ || revoked_crl == NULL || bad_issuer_crl == NULL
+ || known_critical_crl == NULL || unknown_critical_crl == NULL
+ || unknown_critical_crl2 == NULL) {
+ fprintf(stderr, "Failed to parse certificates and CRLs.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(basic_crl, NULL),
+ X509_V_FLAG_CRL_CHECK) != X509_V_OK) {
+ fprintf(stderr, "Cert with CRL didn't verify.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(basic_crl, revoked_crl),
+ X509_V_FLAG_CRL_CHECK) != X509_V_ERR_CERT_REVOKED) {
+ fprintf(stderr, "Revoked CRL wasn't checked.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, NULL,
+ X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) {
+ fprintf(stderr, "CRLs were not required.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(bad_issuer_crl, NULL),
+ X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) {
+ fprintf(stderr, "Bad CRL issuer was unnoticed.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(known_critical_crl, NULL),
+ X509_V_FLAG_CRL_CHECK) != X509_V_OK) {
+ fprintf(stderr, "CRL with known critical extension was rejected.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(unknown_critical_crl, NULL),
+ X509_V_FLAG_CRL_CHECK) !=
+ X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) {
+ fprintf(stderr, "CRL with unknown critical extension was accepted.\n");
+ goto err;
+ }
+
+ if (verify(leaf, root, make_CRL_stack(unknown_critical_crl2, NULL),
+ X509_V_FLAG_CRL_CHECK) !=
+ X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) {
+ fprintf(stderr, "CRL with unknown critical extension (2) was accepted.\n");
+ goto err;
+ }
+
+ status = 1;
+
+err:
+ X509_free(root);
+ X509_free(leaf);
+ X509_CRL_free(basic_crl);
+ X509_CRL_free(revoked_crl);
+ X509_CRL_free(bad_issuer_crl);
+ X509_CRL_free(known_critical_crl);
+ X509_CRL_free(unknown_critical_crl);
+ X509_CRL_free(unknown_critical_crl2);
+ return status;
+}
+
+int main()
+{
+ ADD_TEST(test_crl);
+ return run_tests("crltest");
+}
diff -Nru openssl-1.1.0c/test/ct_test.c openssl-1.1.0d/test/ct_test.c
--- openssl-1.1.0c/test/ct_test.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ct_test.c 2017-01-26 14:10:25.000000000 +0100
@@ -8,6 +8,7 @@
*/
#include <ctype.h>
+#include <math.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -29,13 +30,18 @@
typedef struct ct_test_fixture {
const char *test_case_name;
+ /* The current time in milliseconds */
+ uint64_t epoch_time_in_ms;
/* The CT log store to use during tests */
CTLOG_STORE* ctlog_store;
/* Set the following to test handling of SCTs in X509 certificates */
const char *certs_dir;
char *certificate_file;
char *issuer_file;
+ /* Expected number of SCTs */
int expected_sct_count;
+ /* Expected number of valid SCTS */
+ int expected_valid_sct_count;
/* Set the following to test handling of SCTs in TLS format */
const unsigned char *tls_sct_list;
size_t tls_sct_list_len;
@@ -49,36 +55,34 @@
const char *sct_text_file;
/* Whether to test the validity of the SCT(s) */
int test_validity;
-
} CT_TEST_FIXTURE;
static CT_TEST_FIXTURE set_up(const char *const test_case_name)
{
CT_TEST_FIXTURE fixture;
int setup_ok = 1;
- CTLOG_STORE *ctlog_store;
memset(&fixture, 0, sizeof(fixture));
- ctlog_store = CTLOG_STORE_new();
+ fixture.test_case_name = test_case_name;
+ fixture.epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */
+ fixture.ctlog_store = CTLOG_STORE_new();
- if (ctlog_store == NULL) {
+ if (fixture.ctlog_store == NULL) {
setup_ok = 0;
fprintf(stderr, "Failed to create a new CT log store\n");
goto end;
}
- if (CTLOG_STORE_load_default_file(ctlog_store) != 1) {
+ if (CTLOG_STORE_load_default_file(fixture.ctlog_store) != 1) {
setup_ok = 0;
fprintf(stderr, "Failed to load CT log list\n");
goto end;
}
- fixture.test_case_name = test_case_name;
- fixture.ctlog_store = ctlog_store;
-
end:
if (!setup_ok) {
+ CTLOG_STORE_free(fixture.ctlog_store);
exit(EXIT_FAILURE);
}
return fixture;
@@ -250,7 +254,7 @@
}
}
- if (valid_sct_count != fixture.expected_sct_count) {
+ if (valid_sct_count != fixture.expected_valid_sct_count) {
int unverified_sct_count = sk_SCT_num(scts) -
invalid_sct_count - valid_sct_count;
@@ -260,7 +264,7 @@
"%d SCTs were unverified\n",
invalid_sct_count,
valid_sct_count,
- fixture.expected_sct_count,
+ fixture.expected_valid_sct_count,
unverified_sct_count);
return 0;
}
@@ -297,6 +301,8 @@
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(
ct_policy_ctx, fixture.ctlog_store);
+ CT_POLICY_EVAL_CTX_set_time(ct_policy_ctx, fixture.epoch_time_in_ms);
+
if (fixture.certificate_file != NULL) {
int sct_extension_index;
X509_EXTENSION *sct_extension = NULL;
@@ -443,7 +449,7 @@
fixture.certs_dir = certs_dir;
fixture.certificate_file = "embeddedSCTs1.pem";
fixture.issuer_file = "embeddedSCTs1_issuer.pem";
- fixture.expected_sct_count = 1;
+ fixture.expected_sct_count = fixture.expected_valid_sct_count = 1;
fixture.test_validity = 1;
EXECUTE_CT_TEST();
}
@@ -454,7 +460,20 @@
fixture.certs_dir = certs_dir;
fixture.certificate_file = "embeddedSCTs3.pem";
fixture.issuer_file = "embeddedSCTs3_issuer.pem";
- fixture.expected_sct_count = 3;
+ fixture.expected_sct_count = fixture.expected_valid_sct_count = 3;
+ fixture.test_validity = 1;
+ EXECUTE_CT_TEST();
+}
+
+static int test_verify_fails_for_future_sct()
+{
+ SETUP_CT_TEST_FIXTURE();
+ fixture.epoch_time_in_ms = 1365094800000; /* Apr 4 17:00:00 2013 GMT */
+ fixture.certs_dir = certs_dir;
+ fixture.certificate_file = "embeddedSCTs1.pem";
+ fixture.issuer_file = "embeddedSCTs1_issuer.pem";
+ fixture.expected_sct_count = 1;
+ fixture.expected_valid_sct_count = 0;
fixture.test_validity = 1;
EXECUTE_CT_TEST();
}
@@ -489,45 +508,56 @@
static int test_encode_tls_sct()
{
- const unsigned char log_id[] = "\xDF\x1C\x2E\xC1\x15\x00\x94\x52\x47\xA9"
- "\x61\x68\x32\x5D\xDC\x5C\x79\x59\xE8\xF7\xC6\xD3\x88\xFC\x00\x2E"
- "\x0B\xBD\x3F\x74\xD7\x64";
-
- const unsigned char signature[] = "\x45\x02\x20\x48\x2F\x67\x51\xAF\x35"
- "\xDB\xA6\x54\x36\xBE\x1F\xD6\x64\x0F\x3D\xBF\x9A\x41\x42\x94\x95"
- "\x92\x45\x30\x28\x8F\xA3\xE5\xE2\x3E\x06\x02\x21\x00\xE4\xED\xC0"
- "\xDB\x3A\xC5\x72\xB1\xE2\xF5\xE8\xAB\x6A\x68\x06\x53\x98\x7D\xCF"
- "\x41\x02\x7D\xFE\xFF\xA1\x05\x51\x9D\x89\xED\xBF\x08";
+ const char log_id[] = "3xwuwRUAlFJHqWFoMl3cXHlZ6PfG04j8AC4LvT9012Q=";
+ const uint64_t timestamp = 1;
+ const char extensions[] = "";
+ const char signature[] = "BAMARzBAMiBIL2dRrzXbplQ2vh/WZA89v5pBQpSVkkUwKI+j5"
+ "eI+BgIhAOTtwNs6xXKx4vXoq2poBlOYfc9BAn3+/6EFUZ2J7b8I";
+ SCT *sct = NULL;
SETUP_CT_TEST_FIXTURE();
- STACK_OF(SCT) *sct_list = sk_SCT_new_null();
- SCT *sct = SCT_new();
- if (!SCT_set_version(sct, SCT_VERSION_V1)) {
- fprintf(stderr, "Failed to set SCT version\n");
- return 1;
- }
- if (!SCT_set1_log_id(sct, log_id, 32)) {
- fprintf(stderr, "Failed to set SCT log ID\n");
- return 1;
- }
- SCT_set_timestamp(sct, 1);
- if (!SCT_set_signature_nid(sct, NID_ecdsa_with_SHA256)) {
- fprintf(stderr, "Failed to set SCT signature NID\n");
- return 1;
- }
- if (!SCT_set1_signature(sct, signature, 71)) {
- fprintf(stderr, "Failed to set SCT signature\n");
- return 1;
+ fixture.sct_list = sk_SCT_new_null();
+ sct = SCT_new_from_base64(SCT_VERSION_V1, log_id,
+ CT_LOG_ENTRY_TYPE_X509, timestamp,
+ extensions, signature);
+
+ if (sct == NULL) {
+ tear_down(fixture);
+ fprintf(stderr, "Failed to create SCT from base64-encoded test data\n");
+ return 0;
}
- sk_SCT_push(sct_list, sct);
- fixture.sct_list = sct_list;
+ sk_SCT_push(fixture.sct_list, sct);
fixture.sct_dir = ct_dir;
fixture.sct_text_file = "tls1.sct";
EXECUTE_CT_TEST();
}
+/*
+ * Tests that the CT_POLICY_EVAL_CTX default time is approximately now.
+ * Allow +-10 minutes, as it may compensate for clock skew.
+ */
+static int test_default_ct_policy_eval_ctx_time_is_now()
+{
+ int success = 0;
+ CT_POLICY_EVAL_CTX *ct_policy_ctx = CT_POLICY_EVAL_CTX_new();
+ const time_t default_time = CT_POLICY_EVAL_CTX_get_time(ct_policy_ctx) /
+ 1000;
+ const time_t time_tolerance = 600; /* 10 minutes */
+
+ if (fabs(difftime(time(NULL), default_time)) > time_tolerance) {
+ fprintf(stderr,
+ "Default CT_POLICY_EVAL_CTX time is not approximately now.\n");
+ goto end;
+ }
+
+ success = 1;
+end:
+ CT_POLICY_EVAL_CTX_free(ct_policy_ctx);
+ return success;
+}
+
int main(int argc, char *argv[])
{
int result = 0;
@@ -548,8 +578,10 @@
ADD_TEST(test_multiple_scts_in_certificate);
ADD_TEST(test_verify_one_sct);
ADD_TEST(test_verify_multiple_scts);
+ ADD_TEST(test_verify_fails_for_future_sct);
ADD_TEST(test_decode_tls_sct);
ADD_TEST(test_encode_tls_sct);
+ ADD_TEST(test_default_ct_policy_eval_ctx_time_is_now);
result = run_tests(argv[0]);
ERR_print_errors_fp(stderr);
diff -Nru openssl-1.1.0c/test/evp_test.c openssl-1.1.0d/test/evp_test.c
--- openssl-1.1.0c/test/evp_test.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/evp_test.c 2017-01-26 14:10:25.000000000 +0100
@@ -197,6 +197,8 @@
struct evp_test {
/* file being read */
BIO *in;
+ /* temp memory BIO for reading in keys */
+ BIO *key;
/* List of public and private keys */
struct key_list *private;
struct key_list *public;
@@ -210,6 +212,10 @@
const char *err, *aux_err;
/* Expected error value of test */
char *expected_err;
+ /* Expected error function string */
+ char *func;
+ /* Expected error reason string */
+ char *reason;
/* Number of tests */
int ntests;
/* Error count */
@@ -296,6 +302,10 @@
{
OPENSSL_free(t->expected_err);
t->expected_err = NULL;
+ OPENSSL_free(t->func);
+ t->func = NULL;
+ OPENSSL_free(t->reason);
+ t->reason = NULL;
OPENSSL_free(t->out_expected);
OPENSSL_free(t->out_received);
t->out_expected = NULL;
@@ -317,6 +327,9 @@
static int check_test_error(struct evp_test *t)
{
+ unsigned long err;
+ const char *func;
+ const char *reason;
if (!t->err && !t->expected_err)
return 1;
if (t->err && !t->expected_err) {
@@ -335,11 +348,44 @@
t->start_line, t->expected_err);
return 0;
}
- if (strcmp(t->err, t->expected_err) == 0)
+
+ if (strcmp(t->err, t->expected_err) != 0) {
+ fprintf(stderr, "Test line %d: expecting %s got %s\n",
+ t->start_line, t->expected_err, t->err);
+ return 0;
+ }
+
+ if (t->func == NULL && t->reason == NULL)
+ return 1;
+
+ if (t->func == NULL || t->reason == NULL) {
+ fprintf(stderr, "Test line %d: missing function or reason code\n",
+ t->start_line);
+ return 0;
+ }
+
+ err = ERR_peek_error();
+ if (err == 0) {
+ fprintf(stderr, "Test line %d, expected error \"%s:%s\" not set\n",
+ t->start_line, t->func, t->reason);
+ return 0;
+ }
+
+ func = ERR_func_error_string(err);
+ reason = ERR_reason_error_string(err);
+
+ if (func == NULL && reason == NULL) {
+ fprintf(stderr, "Test line %d: expected error \"%s:%s\", no strings available. Skipping...\n",
+ t->start_line, t->func, t->reason);
return 1;
+ }
+
+ if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0)
+ return 1;
+
+ fprintf(stderr, "Test line %d: expected error \"%s:%s\", got \"%s:%s\"\n",
+ t->start_line, t->func, t->reason, func, reason);
- fprintf(stderr, "Test line %d: expecting %s got %s\n",
- t->start_line, t->expected_err, t->err);
return 0;
}
@@ -351,25 +397,27 @@
if (t->meth) {
t->ntests++;
if (t->skip) {
- t->meth = tmeth;
t->nskip++;
- return 1;
- }
- t->err = NULL;
- if (t->meth->run_test(t) != 1) {
- fprintf(stderr, "%s test error line %d\n",
- t->meth->name, t->start_line);
- return 0;
- }
- if (!check_test_error(t)) {
- if (t->err)
- ERR_print_errors_fp(stderr);
- t->errors++;
+ } else {
+ /* run the test */
+ if (t->err == NULL && t->meth->run_test(t) != 1) {
+ fprintf(stderr, "%s test error line %d\n",
+ t->meth->name, t->start_line);
+ return 0;
+ }
+ if (!check_test_error(t)) {
+ if (t->err)
+ ERR_print_errors_fp(stderr);
+ t->errors++;
+ }
}
+ /* clean it up */
ERR_clear_error();
- t->meth->cleanup(t);
- OPENSSL_free(t->data);
- t->data = NULL;
+ if (t->data != NULL) {
+ t->meth->cleanup(t);
+ OPENSSL_free(t->data);
+ t->data = NULL;
+ }
OPENSSL_free(t->expected_err);
t->expected_err = NULL;
free_expected(t);
@@ -413,11 +461,36 @@
return 0;
}
+
+static int read_key(struct evp_test *t)
+{
+ char tmpbuf[80];
+ if (t->key == NULL)
+ t->key = BIO_new(BIO_s_mem());
+ else if (BIO_reset(t->key) <= 0)
+ return 0;
+ if (t->key == NULL) {
+ fprintf(stderr, "Error allocating key memory BIO\n");
+ return 0;
+ }
+ /* Read to PEM end line and place content in memory BIO */
+ while (BIO_gets(t->in, tmpbuf, sizeof(tmpbuf))) {
+ t->line++;
+ if (BIO_puts(t->key, tmpbuf) <= 0) {
+ fprintf(stderr, "Error writing to key memory BIO\n");
+ return 0;
+ }
+ if (strncmp(tmpbuf, "-----END", 8) == 0)
+ return 1;
+ }
+ fprintf(stderr, "Can't find key end\n");
+ return 0;
+}
+
static int process_test(struct evp_test *t, char *buf, int verbose)
{
char *keyword = NULL, *value = NULL;
int rv = 0, add_key = 0;
- long save_pos = 0;
struct key_list **lst = NULL, *key = NULL;
EVP_PKEY *pk = NULL;
const struct evp_test_method *tmeth = NULL;
@@ -426,8 +499,9 @@
if (!parse_line(&keyword, &value, buf))
return 1;
if (strcmp(keyword, "PrivateKey") == 0) {
- save_pos = BIO_tell(t->in);
- pk = PEM_read_bio_PrivateKey(t->in, NULL, 0, NULL);
+ if (!read_key(t))
+ return 0;
+ pk = PEM_read_bio_PrivateKey(t->key, NULL, 0, NULL);
if (pk == NULL && !check_unsupported()) {
fprintf(stderr, "Error reading private key %s\n", value);
ERR_print_errors_fp(stderr);
@@ -437,8 +511,9 @@
add_key = 1;
}
if (strcmp(keyword, "PublicKey") == 0) {
- save_pos = BIO_tell(t->in);
- pk = PEM_read_bio_PUBKEY(t->in, NULL, 0, NULL);
+ if (!read_key(t))
+ return 0;
+ pk = PEM_read_bio_PUBKEY(t->key, NULL, 0, NULL);
if (pk == NULL && !check_unsupported()) {
fprintf(stderr, "Error reading public key %s\n", value);
ERR_print_errors_fp(stderr);
@@ -449,7 +524,6 @@
}
/* If we have a key add to list */
if (add_key) {
- char tmpbuf[80];
if (find_key(NULL, value, *lst)) {
fprintf(stderr, "Duplicate key %s\n", value);
return 0;
@@ -461,15 +535,7 @@
key->key = pk;
key->next = *lst;
*lst = key;
- /* Rewind input, read to end and update line numbers */
- (void)BIO_seek(t->in, save_pos);
- while (BIO_gets(t->in,tmpbuf, sizeof(tmpbuf))) {
- t->line++;
- if (strncmp(tmpbuf, "-----END", 8) == 0)
- return 1;
- }
- fprintf(stderr, "Can't find key end\n");
- return 0;
+ return 1;
}
/* See if keyword corresponds to a test start */
@@ -492,7 +558,23 @@
return 0;
}
t->expected_err = OPENSSL_strdup(value);
- if (!t->expected_err)
+ if (t->expected_err == NULL)
+ return 0;
+ } else if (strcmp(keyword, "Function") == 0) {
+ if (t->func != NULL) {
+ fprintf(stderr, "Line %d: multiple function lines\n", t->line);
+ return 0;
+ }
+ t->func = OPENSSL_strdup(value);
+ if (t->func == NULL)
+ return 0;
+ } else if (strcmp(keyword, "Reason") == 0) {
+ if (t->reason != NULL) {
+ fprintf(stderr, "Line %d: multiple reason lines\n", t->line);
+ return 0;
+ }
+ t->reason = OPENSSL_strdup(value);
+ if (t->reason == NULL)
return 0;
} else {
/* Must be test specific line: try to parse it */
@@ -564,6 +646,7 @@
return 1;
}
t.in = in;
+ t.err = NULL;
while (BIO_gets(in, buf, sizeof(buf))) {
t.line++;
if (!process_test(&t, buf, 0))
@@ -576,6 +659,7 @@
t.ntests, t.errors, t.nskip);
free_key_list(t.public);
free_key_list(t.private);
+ BIO_free(t.key);
BIO_free(in);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
@@ -796,12 +880,12 @@
}
static int cipher_test_enc(struct evp_test *t, int enc,
- size_t out_misalign, size_t inp_misalign)
+ size_t out_misalign, size_t inp_misalign, int frag)
{
struct cipher_data *cdat = t->data;
unsigned char *in, *out, *tmp = NULL;
- size_t in_len, out_len;
- int tmplen, tmpflen;
+ size_t in_len, out_len, donelen = 0;
+ int tmplen, chunklen, tmpflen;
EVP_CIPHER_CTX *ctx = NULL;
const char *err;
err = "INTERNAL_ERROR";
@@ -899,15 +983,63 @@
}
}
if (cdat->aad) {
- if (!EVP_CipherUpdate(ctx, NULL, &tmplen, cdat->aad, cdat->aad_len)) {
- err = "AAD_SET_ERROR";
- goto err;
+ err = "AAD_SET_ERROR";
+ if (!frag) {
+ if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad,
+ cdat->aad_len))
+ goto err;
+ } else {
+ /*
+ * Supply the AAD in chunks less than the block size where possible
+ */
+ if (cdat->aad_len > 0) {
+ if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1))
+ goto err;
+ donelen++;
+ }
+ if (cdat->aad_len > 2) {
+ if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad + donelen,
+ cdat->aad_len - 2))
+ goto err;
+ donelen += cdat->aad_len - 2;
+ }
+ if (cdat->aad_len > 1
+ && !EVP_CipherUpdate(ctx, NULL, &chunklen,
+ cdat->aad + donelen, 1))
+ goto err;
}
}
EVP_CIPHER_CTX_set_padding(ctx, 0);
err = "CIPHERUPDATE_ERROR";
- if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
- goto err;
+ tmplen = 0;
+ if (!frag) {
+ /* We supply the data all in one go */
+ if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
+ goto err;
+ } else {
+ /* Supply the data in chunks less than the block size where possible */
+ if (in_len > 0) {
+ if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1))
+ goto err;
+ tmplen += chunklen;
+ in++;
+ in_len--;
+ }
+ if (in_len > 1) {
+ if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
+ in, in_len - 1))
+ goto err;
+ tmplen += chunklen;
+ in += in_len - 1;
+ in_len = 1;
+ }
+ if (in_len > 0 ) {
+ if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
+ in, 1))
+ goto err;
+ tmplen += chunklen;
+ }
+ }
if (cdat->aead == EVP_CIPH_CCM_MODE)
tmpflen = 0;
else {
@@ -948,7 +1080,7 @@
static int cipher_test_run(struct evp_test *t)
{
struct cipher_data *cdat = t->data;
- int rv;
+ int rv, frag = 0;
size_t out_misalign, inp_misalign;
if (!cdat->key) {
@@ -966,21 +1098,25 @@
t->err = "NO_TAG";
return 0;
}
- for (out_misalign = 0; out_misalign <= 1; out_misalign++) {
+ for (out_misalign = 0; out_misalign <= 1;) {
static char aux_err[64];
t->aux_err = aux_err;
for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
if (inp_misalign == (size_t)-1) {
/* kludge: inp_misalign == -1 means "exercise in-place" */
- BIO_snprintf(aux_err, sizeof(aux_err), "%s in-place",
- out_misalign ? "misaligned" : "aligned");
+ BIO_snprintf(aux_err, sizeof(aux_err),
+ "%s in-place, %sfragmented",
+ out_misalign ? "misaligned" : "aligned",
+ frag ? "" : "not ");
} else {
- BIO_snprintf(aux_err, sizeof(aux_err), "%s output and %s input",
+ BIO_snprintf(aux_err, sizeof(aux_err),
+ "%s output and %s input, %sfragmented",
out_misalign ? "misaligned" : "aligned",
- inp_misalign ? "misaligned" : "aligned");
+ inp_misalign ? "misaligned" : "aligned",
+ frag ? "" : "not ");
}
if (cdat->enc) {
- rv = cipher_test_enc(t, 1, out_misalign, inp_misalign);
+ rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag);
/* Not fatal errors: return */
if (rv != 1) {
if (rv < 0)
@@ -989,7 +1125,7 @@
}
}
if (cdat->enc != 1) {
- rv = cipher_test_enc(t, 0, out_misalign, inp_misalign);
+ rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag);
/* Not fatal errors: return */
if (rv != 1) {
if (rv < 0)
@@ -998,6 +1134,21 @@
}
}
}
+
+ if (out_misalign == 1 && frag == 0) {
+ /*
+ * XTS, CCM and Wrap modes have special requirements about input
+ * lengths so we don't fragment for those
+ */
+ if (cdat->aead == EVP_CIPH_CCM_MODE
+ || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
+ || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE)
+ break;
+ out_misalign = 0;
+ frag++;
+ } else {
+ out_misalign++;
+ }
}
t->aux_err = NULL;
@@ -1212,9 +1363,7 @@
rv = find_key(&pkey, name, t->public);
if (!rv)
rv = find_key(&pkey, name, t->private);
- if (!rv)
- return 0;
- if (!pkey) {
+ if (!rv || pkey == NULL) {
t->skip = 1;
return 1;
}
@@ -1233,7 +1382,7 @@
if (!kdata->ctx)
return 0;
if (keyopinit(kdata->ctx) <= 0)
- return 0;
+ t->err = "KEYOP_INIT_ERROR";
return 1;
}
@@ -1259,11 +1408,21 @@
if (p != NULL)
*p++ = 0;
rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
- if (p != NULL && rv <= 0 && rv != -2) {
- /* If p has an OID assume disabled algorithm */
- if (OBJ_sn2nid(p) != NID_undef || OBJ_ln2nid(p) != NID_undef) {
+ if (rv == -2) {
+ t->err = "PKEY_CTRL_INVALID";
+ rv = 1;
+ } else if (p != NULL && rv <= 0) {
+ /* If p has an OID and lookup fails assume disabled algorithm */
+ int nid = OBJ_sn2nid(p);
+ if (nid == NID_undef)
+ nid = OBJ_ln2nid(p);
+ if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL &&
+ EVP_get_cipherbynid(nid) == NULL) {
t->skip = 1;
rv = 1;
+ } else {
+ t->err = "PKEY_CTRL_ERROR";
+ rv = 1;
}
}
OPENSSL_free(tmpval);
diff -Nru openssl-1.1.0c/test/evptests.txt openssl-1.1.0d/test/evptests.txt
--- openssl-1.1.0c/test/evptests.txt 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/evptests.txt 2017-01-26 14:10:25.000000000 +0100
@@ -1,4 +1,3 @@
-#!/bin/sh
#
# Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
#
@@ -842,6 +841,14 @@
Ciphertext = EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8
+# Self-generated vector to trigger false carry on big-endian platforms
+Cipher = aes-128-ctr
+Key = 7E24067817FAE0D743D6CE1F32539163
+IV = 00000000000000007FFFFFFFFFFFFFFF
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = A2D459477E6432BD74184B1B5370D2243CDC202BC43583B2A55D288CDBBD1E03
+
# DES ECB tests (from destest)
Cipher = DES-ECB
@@ -2762,6 +2769,44 @@
Input = "0123456789ABCDEF1234"
Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+# RSA decrypt
+
+Decrypt = RSA-2048
+Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A78
+Output = "Hello World"
+
+# Corrupted ciphertext
+Decrypt = RSA-2048
+Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
+Output = "Hello World"
+Result = KEYOP_ERROR
+
+# OAEP padding
+Decrypt = RSA-2048
+Ctrl = rsa_padding_mode:oaep
+Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AF
+Output = "Hello World"
+
+# OAEP padding, corrupted ciphertext
+Decrypt = RSA-2048
+Ctrl = rsa_padding_mode:oaep
+Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AC
+Output = "Hello World"
+Result = KEYOP_ERROR
+
+# Illegal RSA key derivation
+Derive = RSA-2048
+Result = KEYOP_INIT_ERROR
+Function = EVP_PKEY_derive_init
+Reason = operation not supported for this keytype
+
+# Invalid ctrl
+Sign = RSA-2048
+Ctrl = rsa_mgf1_md:sha1
+Result = PKEY_CTRL_INVALID
+Function = pkey_rsa_ctrl
+Reason = invalid mgf1 md
+
# EC tests
Verify = P-256
@@ -2868,6 +2913,61 @@
Output = 3080021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d870000
Result = VERIFY_ERROR
+# RSA PSS padding tests.
+
+# Zero salt length makes output deterministic
+Sign = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+
+# Verify of above signature
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+
+# Digest too short
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDE"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Digest too long
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF0"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Wrong salt length
+Verify = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:2
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Wrong MGF1 digest
+Verify = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Ctrl = rsa_mgf1_md:sha1
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
# scrypt tests from draft-josefsson-scrypt-kdf-03
PBE = scrypt
Password = ""
@@ -3525,3 +3625,15 @@
Derive=Bob-25519
PeerKey=Alice-25519-PUBLIC
SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+# Illegal sign/verify operations with X25519 key
+
+Sign=Alice-25519
+Result = KEYOP_INIT_ERROR
+Function = EVP_PKEY_sign_init
+Reason = operation not supported for this keytype
+
+Verify=Alice-25519
+Result = KEYOP_INIT_ERROR
+Function = EVP_PKEY_verify_init
+Reason = operation not supported for this keytype
diff -Nru openssl-1.1.0c/test/handshake_helper.c openssl-1.1.0d/test/handshake_helper.c
--- openssl-1.1.0c/test/handshake_helper.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/handshake_helper.c 2017-01-26 14:10:25.000000000 +0100
@@ -867,7 +867,7 @@
HANDSHAKE_EX_DATA server_ex_data, client_ex_data;
CTX_DATA client_ctx_data, server_ctx_data, server2_ctx_data;
HANDSHAKE_RESULT *ret = HANDSHAKE_RESULT_new();
- int client_turn = 1;
+ int client_turn = 1, client_turn_count = 0;
connect_phase_t phase = HANDSHAKE;
handshake_status_t status = HANDSHAKE_RETRY;
const unsigned char* tick = NULL;
@@ -876,6 +876,7 @@
const unsigned char *proto = NULL;
/* API dictates unsigned int rather than size_t. */
unsigned int proto_len = 0;
+ EVP_PKEY *tmp_key;
memset(&server_ctx_data, 0, sizeof(server_ctx_data));
memset(&server2_ctx_data, 0, sizeof(server2_ctx_data));
@@ -956,6 +957,7 @@
switch (status) {
case HANDSHAKE_SUCCESS:
+ client_turn_count = 0;
phase = next_phase(test_ctx, phase);
if (phase == CONNECTION_DONE) {
ret->result = SSL_TEST_SUCCESS;
@@ -981,6 +983,16 @@
ret->result = SSL_TEST_INTERNAL_ERROR;
goto err;
case HANDSHAKE_RETRY:
+ if (client_turn_count++ >= 2000) {
+ /*
+ * At this point, there's been so many PEER_RETRY in a row
+ * that it's likely both sides are stuck waiting for a read.
+ * It's time to give up.
+ */
+ ret->result = SSL_TEST_INTERNAL_ERROR;
+ goto err;
+ }
+
/* Continue. */
client_turn ^= 1;
break;
@@ -1024,6 +1036,19 @@
if (session_out != NULL)
*session_out = SSL_get1_session(client.ssl);
+ if (SSL_get_server_tmp_key(client.ssl, &tmp_key)) {
+ int nid = EVP_PKEY_id(tmp_key);
+
+#ifndef OPENSSL_NO_EC
+ if (nid == EVP_PKEY_EC) {
+ EC_KEY *ec = EVP_PKEY_get0_EC_KEY(tmp_key);
+ nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+ }
+#endif
+ EVP_PKEY_free(tmp_key);
+ ret->tmp_key_type = nid;
+ }
+
ctx_data_free_data(&server_ctx_data);
ctx_data_free_data(&server2_ctx_data);
ctx_data_free_data(&client_ctx_data);
diff -Nru openssl-1.1.0c/test/handshake_helper.h openssl-1.1.0d/test/handshake_helper.h
--- openssl-1.1.0c/test/handshake_helper.h 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/handshake_helper.h 2017-01-26 14:10:25.000000000 +0100
@@ -43,6 +43,8 @@
/* Was the handshake resumed? */
int client_resumed;
int server_resumed;
+ /* Temporary key type */
+ int tmp_key_type;
} HANDSHAKE_RESULT;
HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void);
diff -Nru openssl-1.1.0c/test/README.ssltest.md openssl-1.1.0d/test/README.ssltest.md
--- openssl-1.1.0c/test/README.ssltest.md 2016-11-10 15:03:46.000000000 +0100
+++ openssl-1.1.0d/test/README.ssltest.md 2017-01-26 14:10:25.000000000 +0100
@@ -87,6 +87,8 @@
* ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations.
+* ExpectedTmpKeyType - the expected algorithm or curve of server temp key
+
## Configuring the client and server
The client and server configurations can be any valid `SSL_CTX`
diff -Nru openssl-1.1.0c/test/recipes/03-test_ui.t openssl-1.1.0d/test/recipes/03-test_ui.t
--- openssl-1.1.0c/test/recipes/03-test_ui.t 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/test/recipes/03-test_ui.t 2017-01-26 14:10:25.000000000 +0100
@@ -0,0 +1,30 @@
+#! /usr/bin/env perl
+# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+use OpenSSL::Test;
+
+setup("test_ui");
+
+plan tests => 1;
+
+note <<"EOF";
+The best way to test the UI interface is currently by using an openssl
+command that uses password_callback. The only one that does this is
+'genrsa'.
+Since password_callback uses a UI method derived from UI_OpenSSL(), it
+ensures that one gets tested well enough as well.
+EOF
+
+my $outfile = "rsa_$$.pem";
+ok(run(app(["openssl", "genrsa", "-passout", "pass:password", "-aes128",
+ "-out", $outfile])),
+ "Checking that genrsa with a password works properly");
+
+unlink $outfile;
diff -Nru openssl-1.1.0c/test/recipes/15-test_dsa.t openssl-1.1.0d/test/recipes/15-test_dsa.t
--- openssl-1.1.0c/test/recipes/15-test_dsa.t 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/15-test_dsa.t 2017-01-26 14:10:25.000000000 +0100
@@ -34,7 +34,7 @@
tconversion("dsa", srctop_file("test","testdsa.pem"), "pkey");
};
subtest 'dsa conversions -- public key' => sub {
- tconversion("dsa", srctop_file("test","testdsapub.pem"), "dsa",
- "-pubin", "-pubout");
+ tconversion("msb", srctop_file("test","testdsapub.pem"), "dsa",
+ "-pubin", "-pubout");
};
}
diff -Nru openssl-1.1.0c/test/recipes/15-test_rsa.t openssl-1.1.0d/test/recipes/15-test_rsa.t
--- openssl-1.1.0c/test/recipes/15-test_rsa.t 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/15-test_rsa.t 2017-01-26 14:10:25.000000000 +0100
@@ -35,7 +35,7 @@
tconversion("rsa", srctop_file("test","testrsa.pem"), "pkey");
};
subtest 'rsa conversions -- public key' => sub {
- tconversion("rsa", srctop_file("test","testrsapub.pem"), "rsa",
+ tconversion("msb", srctop_file("test","testrsapub.pem"), "rsa",
"-pubin", "-pubout");
};
}
diff -Nru openssl-1.1.0c/test/recipes/25-test_crl.t openssl-1.1.0d/test/recipes/25-test_crl.t
--- openssl-1.1.0c/test/recipes/25-test_crl.t 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/25-test_crl.t 2017-01-26 14:10:25.000000000 +0100
@@ -15,10 +15,12 @@
setup("test_crl");
-plan tests => 2;
+plan tests => 3;
require_ok(srctop_file('test','recipes','tconversion.pl'));
subtest 'crl conversions' => sub {
tconversion("crl", srctop_file("test","testcrl.pem"));
};
+
+ok(run(test(['crltest'])));
diff -Nru openssl-1.1.0c/test/recipes/70-test_sslmessages.t openssl-1.1.0d/test/recipes/70-test_sslmessages.t
--- openssl-1.1.0c/test/recipes/70-test_sslmessages.t 1970-01-01 01:00:00.000000000 +0100
+++ openssl-1.1.0d/test/recipes/70-test_sslmessages.t 2017-01-26 14:10:25.000000000 +0100
@@ -0,0 +1,147 @@
+#! /usr/bin/env perl
+# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+use OpenSSL::Test::Utils;
+use File::Temp qw(tempfile);
+use TLSProxy::Proxy;
+my $test_name = "test_tls13messages";
+setup($test_name);
+
+plan skip_all => "TLSProxy isn't usable on $^O"
+ if $^O =~ /^(VMS|MSWin32)$/;
+
+plan skip_all => "$test_name needs the dynamic engine feature enabled"
+ if disabled("engine") || disabled("dynamic-engine");
+
+plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
+plan skip_all => "$test_name needs TLS enabled"
+ if alldisabled(available_protocols("tls"));
+
+$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+
+use constant {
+ DEFAULT_HANDSHAKE => 1,
+ OCSP_HANDSHAKE => 2,
+ RESUME_HANDSHAKE => 4,
+ CLIENT_AUTH_HANDSHAKE => 8,
+ RENEG_HANDSHAKE => 16,
+
+ ALL_HANDSHAKES => 31
+};
+
+my @handmessages = (
+ [TLSProxy::Message::MT_CLIENT_HELLO, ALL_HANDSHAKES],
+ [TLSProxy::Message::MT_SERVER_HELLO, ALL_HANDSHAKES],
+ [TLSProxy::Message::MT_CERTIFICATE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE],
+ [TLSProxy::Message::MT_CERTIFICATE_STATUS, OCSP_HANDSHAKE],
+ #ServerKeyExchange handshakes not currently supported by TLSProxy
+ [TLSProxy::Message::MT_CERTIFICATE_REQUEST, CLIENT_AUTH_HANDSHAKE],
+ [TLSProxy::Message::MT_SERVER_HELLO_DONE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE],
+ [TLSProxy::Message::MT_CERTIFICATE, CLIENT_AUTH_HANDSHAKE],
+ [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE],
+ [TLSProxy::Message::MT_CERTIFICATE_VERIFY, CLIENT_AUTH_HANDSHAKE],
+ [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES],
+ [TLSProxy::Message::MT_NEW_SESSION_TICKET, ALL_HANDSHAKES & ~RESUME_HANDSHAKE],
+ [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES],
+ [TLSProxy::Message::MT_CLIENT_HELLO, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_SERVER_HELLO, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_CERTIFICATE, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_SERVER_HELLO_DONE, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_NEW_SESSION_TICKET, RENEG_HANDSHAKE],
+ [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE],
+ [0, 0]
+);
+
+my $proxy = TLSProxy::Proxy->new(
+ undef,
+ cmdstr(app(["openssl"]), display => 1),
+ srctop_file("apps", "server.pem"),
+ (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
+);
+
+sub checkmessages($$);
+
+#Test 1: Check we get all the right messages for a default handshake
+(undef, my $session) = tempfile();
+$proxy->serverconnects(2);
+$proxy->clientflags("-sess_out ".$session);
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 5;
+checkmessages(DEFAULT_HANDSHAKE, "Default handshake test");
+
+#Test 2: Resumption handshake
+$proxy->clearClient();
+$proxy->clientflags("-sess_in ".$session);
+$proxy->clientstart();
+checkmessages(RESUME_HANDSHAKE, "Resumption handshake test");
+unlink $session;
+
+#Test 3: A client auth handshake
+$proxy->clear();
+$proxy->clientflags("-cert ".srctop_file("apps", "server.pem"));
+$proxy->serverflags("-Verify 5");
+$proxy->start();
+checkmessages(CLIENT_AUTH_HANDSHAKE, "Client auth handshake test");
+
+#Test 4: A handshake with a renegotiation
+$proxy->clear();
+$proxy->reneg(1);
+$proxy->start();
+checkmessages(RENEG_HANDSHAKE, "Rengotiation handshake test");
+
+#Test 5: A handshake with a renegotiation and client auth
+$proxy->clear();
+$proxy->clientflags("-cert ".srctop_file("apps", "server.pem"));
+$proxy->serverflags("-Verify 5");
+$proxy->reneg(1);
+$proxy->start();
+checkmessages(RENEG_HANDSHAKE | CLIENT_AUTH_HANDSHAKE,
+ "Renogitation and client auth handshake test");
+
+sub checkmessages($$)
+{
+ my ($handtype, $testname) = @_;
+
+ subtest $testname => sub {
+ my $loop = 0;
+ my $numtests;
+
+ #First count the number of tests
+ for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {
+ $numtests++ if (($handmessages[$loop][1] & $handtype) != 0);
+ }
+
+ plan tests => $numtests;
+
+ my $nextmess = 0;
+ my $message = undef;
+ for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) {
+ next if (($handmessages[$loop][1] & $handtype) == 0);
+ if (scalar @{$proxy->message_list} > $nextmess) {
+ $message = ${$proxy->message_list}[$nextmess];
+ $nextmess++;
+ } else {
+ $message = undef;
+ }
+ if (!defined $message) {
+ fail("Message type check. Got nothing, expected "
+ .$handmessages[$loop][0]);
+ } else {
+ ok($message->mt == $handmessages[$loop][0],
+ "Message type check. Got ".$message->mt
+ .", expected ".$handmessages[$loop][0]);
+ }
+ }
+ }
+}
diff -Nru openssl-1.1.0c/test/recipes/80-test_cms.t openssl-1.1.0d/test/recipes/80-test_cms.t
--- openssl-1.1.0c/test/recipes/80-test_cms.t 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/80-test_cms.t 2017-01-26 14:10:25.000000000 +0100
@@ -107,6 +107,14 @@
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
],
+ [ "signed content S/MIME format, RSA key SHA1",
+ [ "-sign", "-in", $smcont, "-md", "sha1",
+ "-certfile", catfile($smdir, "smroot.pem"),
+ "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
+ [ "-verify", "-in", "test.cms",
+ "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
+ ],
+
[ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
[ "-sign", "-in", $smcont, "-nodetach",
"-signer", catfile($smdir, "smrsa1.pem"),
diff -Nru openssl-1.1.0c/test/recipes/80-test_ssl_old.t openssl-1.1.0d/test/recipes/80-test_ssl_old.t
--- openssl-1.1.0c/test/recipes/80-test_ssl_old.t 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/80-test_ssl_old.t 2017-01-26 14:10:25.000000000 +0100
@@ -468,9 +468,14 @@
foreach my $protocol (@protocols) {
note "Testing ciphersuites for $protocol";
foreach my $cipher (@{$ciphersuites{$protocol}}) {
- ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
- $protocol eq "SSLv3" ? ("-ssl3") : ()])),
- "Testing $cipher");
+ if ($protocol eq "SSLv3" && $cipher =~ /ECDH/ ) {
+ note "*****SKIPPING $protocol $cipher";
+ ok(1);
+ } else {
+ ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
+ $protocol eq "SSLv3" ? ("-ssl3") : ()])),
+ "Testing $cipher");
+ }
}
is(run(test([@ssltest,
"-s_cipher", "EDH",
diff -Nru openssl-1.1.0c/test/recipes/tconversion.pl openssl-1.1.0d/test/recipes/tconversion.pl
--- openssl-1.1.0c/test/recipes/tconversion.pl 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/recipes/tconversion.pl 2017-01-26 14:10:25.000000000 +0100
@@ -19,6 +19,7 @@
# Default conversion forms. Other series may be added with
# specific test types as key.
"*" => [ "d", "p" ],
+ "msb" => [ "d", "p", "msblob" ],
);
sub tconversion {
my $testtype = shift;
diff -Nru openssl-1.1.0c/test/sslapitest.c openssl-1.1.0d/test/sslapitest.c
--- openssl-1.1.0c/test/sslapitest.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/sslapitest.c 2017-01-26 14:10:26.000000000 +0100
@@ -17,6 +17,7 @@
#include "ssltestlib.h"
#include "testutil.h"
+#include "e_os.h"
static char *cert = NULL;
static char *privkey = NULL;
@@ -101,8 +102,16 @@
goto end;
}
- testresult = 1;
+ /*
+ * Calling SSL_clear() first is not required but this tests that SSL_clear()
+ * doesn't leak (when using enable-crypto-mdebug).
+ */
+ if (!SSL_clear(serverssl)) {
+ printf("Unexpected failure from SSL_clear()\n");
+ goto end;
+ }
+ testresult = 1;
end:
X509_free(chaincert);
SSL_free(serverssl);
@@ -867,6 +876,126 @@
EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down);
}
+typedef struct {
+ /* The list of sig algs */
+ const int *list;
+ /* The length of the list */
+ size_t listlen;
+ /* A sigalgs list in string format */
+ const char *liststr;
+ /* Whether setting the list should succeed */
+ int valid;
+ /* Whether creating a connection with the list should succeed */
+ int connsuccess;
+} sigalgs_list;
+
+static const int validlist1[] = {NID_sha256, EVP_PKEY_RSA};
+static const int validlist2[] = {NID_sha256, EVP_PKEY_RSA, NID_sha512, EVP_PKEY_EC};
+static const int validlist3[] = {NID_sha512, EVP_PKEY_EC};
+static const int invalidlist1[] = {NID_undef, EVP_PKEY_RSA};
+static const int invalidlist2[] = {NID_sha256, NID_undef};
+static const int invalidlist3[] = {NID_sha256, EVP_PKEY_RSA, NID_sha256};
+static const int invalidlist4[] = {NID_sha256};
+static const sigalgs_list testsigalgs[] = {
+ {validlist1, OSSL_NELEM(validlist1), NULL, 1, 1},
+ {validlist2, OSSL_NELEM(validlist2), NULL, 1, 1},
+ {validlist3, OSSL_NELEM(validlist3), NULL, 1, 0},
+ {NULL, 0, "RSA+SHA256", 1, 1},
+ {NULL, 0, "RSA+SHA256:ECDSA+SHA512", 1, 1},
+ {NULL, 0, "ECDSA+SHA512", 1, 0},
+ {invalidlist1, OSSL_NELEM(invalidlist1), NULL, 0, 0},
+ {invalidlist2, OSSL_NELEM(invalidlist2), NULL, 0, 0},
+ {invalidlist3, OSSL_NELEM(invalidlist3), NULL, 0, 0},
+ {invalidlist4, OSSL_NELEM(invalidlist4), NULL, 0, 0},
+ {NULL, 0, "RSA", 0, 0},
+ {NULL, 0, "SHA256", 0, 0},
+ {NULL, 0, "RSA+SHA256:SHA256", 0, 0},
+ {NULL, 0, "Invalid", 0, 0}};
+
+static int test_set_sigalgs(int idx)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+ const sigalgs_list *curr;
+ int testctx;
+
+ /* Should never happen */
+ if ((size_t)idx >= OSSL_NELEM(testsigalgs) * 2)
+ return 0;
+
+ testctx = ((size_t)idx < OSSL_NELEM(testsigalgs));
+ curr = testctx ? &testsigalgs[idx]
+ : &testsigalgs[idx - OSSL_NELEM(testsigalgs)];
+
+ if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
+ &cctx, cert, privkey)) {
+ printf("Unable to create SSL_CTX pair\n");
+ return 0;
+ }
+
+ if (testctx) {
+ int ret;
+ if (curr->list != NULL)
+ ret = SSL_CTX_set1_sigalgs(cctx, curr->list, curr->listlen);
+ else
+ ret = SSL_CTX_set1_sigalgs_list(cctx, curr->liststr);
+
+ if (!ret) {
+ if (curr->valid)
+ printf("Unexpected failure setting sigalgs in SSL_CTX (%d)\n",
+ idx);
+ else
+ testresult = 1;
+ goto end;
+ }
+ if (!curr->valid) {
+ printf("Unexpected success setting sigalgs in SSL_CTX (%d)\n", idx);
+ goto end;
+ }
+ }
+
+ if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
+ printf("Unable to create SSL objects\n");
+ goto end;
+ }
+
+ if (!testctx) {
+ int ret;
+
+ if (curr->list != NULL)
+ ret = SSL_set1_sigalgs(clientssl, curr->list, curr->listlen);
+ else
+ ret = SSL_set1_sigalgs_list(clientssl, curr->liststr);
+ if (!ret) {
+ if (curr->valid)
+ printf("Unexpected failure setting sigalgs in SSL (%d)\n", idx);
+ else
+ testresult = 1;
+ goto end;
+ }
+ if (!curr->valid) {
+ printf("Unexpected success setting sigalgs in SSL (%d)\n", idx);
+ goto end;
+ }
+ }
+
+ if (curr->connsuccess != create_ssl_connection(serverssl, clientssl)) {
+ printf("Unexpected return value creating SSL connection (%d)\n", idx);
+ goto end;
+ }
+
+ testresult = 1;
+
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+
+ return testresult;
+}
+
int main(int argc, char *argv[])
{
BIO *err = NULL;
@@ -901,6 +1030,7 @@
ADD_TEST(test_ssl_bio_pop_ssl_bio);
ADD_TEST(test_ssl_bio_change_rbio);
ADD_TEST(test_ssl_bio_change_wbio);
+ ADD_ALL_TESTS(test_set_sigalgs, OSSL_NELEM(testsigalgs) * 2);
testresult = run_tests(argv[0]);
diff -Nru openssl-1.1.0c/test/ssl_test.c openssl-1.1.0d/test/ssl_test.c
--- openssl-1.1.0c/test/ssl_test.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl_test.c 2017-01-26 14:10:26.000000000 +0100
@@ -198,6 +198,17 @@
return 1;
}
+static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
+{
+ if (test_ctx->expected_tmp_key_type == 0
+ || test_ctx->expected_tmp_key_type == result->tmp_key_type)
+ return 1;
+ fprintf(stderr, "Tmp key type mismatch, %s vs %s\n",
+ OBJ_nid2ln(test_ctx->expected_tmp_key_type),
+ OBJ_nid2ln(result->tmp_key_type));
+ return 0;
+}
+
/*
* This could be further simplified by constructing an expected
* HANDSHAKE_RESULT, and implementing comparison methods for
@@ -218,6 +229,7 @@
#endif
ret &= check_alpn(result, test_ctx);
ret &= check_resumption(result, test_ctx);
+ ret &= check_tmp_key(result, test_ctx);
}
return ret;
}
diff -Nru openssl-1.1.0c/test/ssl_test_ctx.c openssl-1.1.0d/test/ssl_test_ctx.c
--- openssl-1.1.0c/test/ssl_test_ctx.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl_test_ctx.c 2017-01-26 14:10:26.000000000 +0100
@@ -431,6 +431,30 @@
IMPLEMENT_SSL_TEST_INT_OPTION(SSL_TEST_CTX, test, max_fragment_size)
+/***********************/
+/* ExpectedTmpKeyType */
+/***********************/
+
+__owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx,
+ const char *value)
+{
+ int nid;
+
+ if (value == NULL)
+ return 0;
+ nid = OBJ_sn2nid(value);
+ if (nid == NID_undef)
+ nid = OBJ_ln2nid(value);
+#ifndef OPENSSL_NO_EC
+ if (nid == NID_undef)
+ nid = EC_curve_nist2nid(value);
+#endif
+ if (nid == NID_undef)
+ return 0;
+ test_ctx->expected_tmp_key_type = nid;
+ return 1;
+}
+
/*************************************************************/
/* Known test options and their corresponding parse methods. */
/*************************************************************/
@@ -455,6 +479,7 @@
{ "ResumptionExpected", &parse_test_resumption_expected },
{ "ApplicationData", &parse_test_app_data_size },
{ "MaxFragmentSize", &parse_test_max_fragment_size },
+ { "ExpectedTmpKeyType", &parse_expected_tmp_key_type },
};
/* Nested client options. */
diff -Nru openssl-1.1.0c/test/ssl_test_ctx.h openssl-1.1.0d/test/ssl_test_ctx.h
--- openssl-1.1.0c/test/ssl_test_ctx.h 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl_test_ctx.h 2017-01-26 14:10:26.000000000 +0100
@@ -159,6 +159,8 @@
char *expected_alpn_protocol;
/* Whether the second handshake is resumed or a full handshake (boolean). */
int resumption_expected;
+ /* Expected temporary key type */
+ int expected_tmp_key_type;
} SSL_TEST_CTX;
const char *ssl_test_result_name(ssl_test_result_t result);
diff -Nru openssl-1.1.0c/test/ssltest_old.c openssl-1.1.0d/test/ssltest_old.c
--- openssl-1.1.0c/test/ssltest_old.c 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssltest_old.c 2017-01-26 14:10:26.000000000 +0100
@@ -92,8 +92,6 @@
# include <openssl/ct.h>
#endif
-#include "../ssl/ssl_locl.h"
-
/*
* Or gethostname won't be declared properly
* on Compaq platforms (at least with DEC C).
@@ -1421,7 +1419,7 @@
printf("Available compression methods:");
for (j = 0; j < n; j++) {
SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
- printf(" %s:%d", c->name, c->id);
+ printf(" %s:%d", SSL_COMP_get0_name(c), SSL_COMP_get_id(c));
}
printf("\n");
}
@@ -2664,8 +2662,29 @@
SSL_set_max_send_fragment(c_ssl, max_frag);
BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
+ /*
+ * We've just given our ref to these BIOs to c_ssl. We need another one to
+ * give to s_ssl
+ */
+ if (!BIO_up_ref(c_to_s)) {
+ /* c_to_s and s_to_c will get freed when we free c_ssl */
+ c_to_s = NULL;
+ s_to_c = NULL;
+ goto err;
+ }
+ if (!BIO_up_ref(s_to_c)) {
+ /* s_to_c will get freed when we free c_ssl */
+ s_to_c = NULL;
+ goto err;
+ }
+
SSL_set_accept_state(s_ssl);
SSL_set_bio(s_ssl, c_to_s, s_to_c);
+
+ /* We've used up all our refs to these now */
+ c_to_s = NULL;
+ s_to_c = NULL;
+
SSL_set_max_send_fragment(s_ssl, max_frag);
BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
@@ -2878,23 +2897,6 @@
}
ret = 0;
err:
- /*
- * We have to set the BIO's to NULL otherwise they will be
- * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
- * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
- * c_ssl are sharing the same BIO structure and SSL_set_bio() and
- * SSL_free() automatically BIO_free non NULL entries. You should not
- * normally do this or be required to do this
- */
- if (s_ssl != NULL) {
- s_ssl->rbio = NULL;
- s_ssl->wbio = NULL;
- }
- if (c_ssl != NULL) {
- c_ssl->rbio = NULL;
- c_ssl->wbio = NULL;
- }
-
BIO_free(c_to_s);
BIO_free(s_to_c);
BIO_free_all(c_bio);
diff -Nru openssl-1.1.0c/test/ssl-tests/14-curves.conf openssl-1.1.0d/test/ssl-tests/14-curves.conf
--- openssl-1.1.0c/test/ssl-tests/14-curves.conf 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/14-curves.conf 2017-01-26 14:10:26.000000000 +0100
@@ -54,6 +54,7 @@
[test-0]
ExpectedResult = Success
+ExpectedTmpKeyType = sect163k1
# ===========================================================
@@ -79,6 +80,7 @@
[test-1]
ExpectedResult = Success
+ExpectedTmpKeyType = sect163r1
# ===========================================================
@@ -104,6 +106,7 @@
[test-2]
ExpectedResult = Success
+ExpectedTmpKeyType = sect163r2
# ===========================================================
@@ -129,6 +132,7 @@
[test-3]
ExpectedResult = Success
+ExpectedTmpKeyType = sect193r1
# ===========================================================
@@ -154,6 +158,7 @@
[test-4]
ExpectedResult = Success
+ExpectedTmpKeyType = sect193r2
# ===========================================================
@@ -179,6 +184,7 @@
[test-5]
ExpectedResult = Success
+ExpectedTmpKeyType = sect233k1
# ===========================================================
@@ -204,6 +210,7 @@
[test-6]
ExpectedResult = Success
+ExpectedTmpKeyType = sect233r1
# ===========================================================
@@ -229,6 +236,7 @@
[test-7]
ExpectedResult = Success
+ExpectedTmpKeyType = sect239k1
# ===========================================================
@@ -254,6 +262,7 @@
[test-8]
ExpectedResult = Success
+ExpectedTmpKeyType = sect283k1
# ===========================================================
@@ -279,6 +288,7 @@
[test-9]
ExpectedResult = Success
+ExpectedTmpKeyType = sect283r1
# ===========================================================
@@ -304,6 +314,7 @@
[test-10]
ExpectedResult = Success
+ExpectedTmpKeyType = sect409k1
# ===========================================================
@@ -329,6 +340,7 @@
[test-11]
ExpectedResult = Success
+ExpectedTmpKeyType = sect409r1
# ===========================================================
@@ -354,6 +366,7 @@
[test-12]
ExpectedResult = Success
+ExpectedTmpKeyType = sect571k1
# ===========================================================
@@ -379,6 +392,7 @@
[test-13]
ExpectedResult = Success
+ExpectedTmpKeyType = sect571r1
# ===========================================================
@@ -404,6 +418,7 @@
[test-14]
ExpectedResult = Success
+ExpectedTmpKeyType = secp160k1
# ===========================================================
@@ -429,6 +444,7 @@
[test-15]
ExpectedResult = Success
+ExpectedTmpKeyType = secp160r1
# ===========================================================
@@ -454,6 +470,7 @@
[test-16]
ExpectedResult = Success
+ExpectedTmpKeyType = secp160r2
# ===========================================================
@@ -479,6 +496,7 @@
[test-17]
ExpectedResult = Success
+ExpectedTmpKeyType = secp192k1
# ===========================================================
@@ -504,6 +522,7 @@
[test-18]
ExpectedResult = Success
+ExpectedTmpKeyType = prime192v1
# ===========================================================
@@ -529,6 +548,7 @@
[test-19]
ExpectedResult = Success
+ExpectedTmpKeyType = secp224k1
# ===========================================================
@@ -554,6 +574,7 @@
[test-20]
ExpectedResult = Success
+ExpectedTmpKeyType = secp224r1
# ===========================================================
@@ -579,6 +600,7 @@
[test-21]
ExpectedResult = Success
+ExpectedTmpKeyType = secp256k1
# ===========================================================
@@ -604,6 +626,7 @@
[test-22]
ExpectedResult = Success
+ExpectedTmpKeyType = prime256v1
# ===========================================================
@@ -629,6 +652,7 @@
[test-23]
ExpectedResult = Success
+ExpectedTmpKeyType = secp384r1
# ===========================================================
@@ -654,6 +678,7 @@
[test-24]
ExpectedResult = Success
+ExpectedTmpKeyType = secp521r1
# ===========================================================
@@ -679,6 +704,7 @@
[test-25]
ExpectedResult = Success
+ExpectedTmpKeyType = brainpoolP256r1
# ===========================================================
@@ -704,6 +730,7 @@
[test-26]
ExpectedResult = Success
+ExpectedTmpKeyType = brainpoolP384r1
# ===========================================================
@@ -729,6 +756,7 @@
[test-27]
ExpectedResult = Success
+ExpectedTmpKeyType = brainpoolP512r1
# ===========================================================
@@ -754,5 +782,6 @@
[test-28]
ExpectedResult = Success
+ExpectedTmpKeyType = X25519
diff -Nru openssl-1.1.0c/test/ssl-tests/14-curves.conf.in openssl-1.1.0d/test/ssl-tests/14-curves.conf.in
--- openssl-1.1.0c/test/ssl-tests/14-curves.conf.in 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/14-curves.conf.in 2017-01-26 14:10:26.000000000 +0100
@@ -33,7 +33,10 @@
"CipherString" => "ECDHE",
"Curves" => $curve
},
- test => { "ExpectedResult" => "Success" },
+ test => {
+ "ExpectedTmpKeyType" => $curve,
+ "ExpectedResult" => "Success"
+ },
};
}
}
diff -Nru openssl-1.1.0c/test/ssl-tests/17-renegotiate.conf openssl-1.1.0d/test/ssl-tests/17-renegotiate.conf
--- openssl-1.1.0c/test/ssl-tests/17-renegotiate.conf 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/17-renegotiate.conf 2017-01-26 14:10:26.000000000 +0100
@@ -1,11 +1,13 @@
# Generated with generate_ssl_tests.pl
-num_tests = 4
+num_tests = 6
test-0 = 0-renegotiate-client-no-resume
test-1 = 1-renegotiate-client-resume
test-2 = 2-renegotiate-server-no-resume
test-3 = 3-renegotiate-server-resume
+test-4 = 4-renegotiate-client-auth-require
+test-5 = 5-renegotiate-client-auth-once
# ===========================================================
[0-renegotiate-client-no-resume]
@@ -112,3 +114,67 @@
ResumptionExpected = Yes
+# ===========================================================
+
+[4-renegotiate-client-auth-require]
+ssl_conf = 4-renegotiate-client-auth-require-ssl
+
+[4-renegotiate-client-auth-require-ssl]
+server = 4-renegotiate-client-auth-require-server
+client = 4-renegotiate-client-auth-require-client
+
+[4-renegotiate-client-auth-require-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+Options = NoResumptionOnRenegotiation
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[4-renegotiate-client-auth-require-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-4]
+ExpectedResult = Success
+HandshakeMode = RenegotiateServer
+Method = TLS
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[5-renegotiate-client-auth-once]
+ssl_conf = 5-renegotiate-client-auth-once-ssl
+
+[5-renegotiate-client-auth-once-ssl]
+server = 5-renegotiate-client-auth-once-server
+client = 5-renegotiate-client-auth-once-client
+
+[5-renegotiate-client-auth-once-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+Options = NoResumptionOnRenegotiation
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Once
+
+[5-renegotiate-client-auth-once-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-5]
+ExpectedResult = Success
+HandshakeMode = RenegotiateServer
+Method = TLS
+ResumptionExpected = No
+
+
diff -Nru openssl-1.1.0c/test/ssl-tests/17-renegotiate.conf.in openssl-1.1.0d/test/ssl-tests/17-renegotiate.conf.in
--- openssl-1.1.0c/test/ssl-tests/17-renegotiate.conf.in 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/17-renegotiate.conf.in 2017-01-26 14:10:26.000000000 +0100
@@ -14,6 +14,7 @@
package ssltests;
+my $dir_sep = $^O ne "VMS" ? "/" : "";
our @tests = (
{
@@ -64,4 +65,42 @@
"ExpectedResult" => "Success"
}
},
+ {
+ name => "renegotiate-client-auth-require",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2",
+ "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
+ "VerifyMode" => "Require",
+ },
+ client => {
+ "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
+ "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-client-auth-once",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2",
+ "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
+ "VerifyMode" => "Once",
+ },
+ client => {
+ "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
+ "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ }
);
diff -Nru openssl-1.1.0c/test/ssl-tests/18-dtls-renegotiate.conf openssl-1.1.0d/test/ssl-tests/18-dtls-renegotiate.conf
--- openssl-1.1.0c/test/ssl-tests/18-dtls-renegotiate.conf 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/18-dtls-renegotiate.conf 2017-01-26 14:10:26.000000000 +0100
@@ -1,10 +1,12 @@
# Generated with generate_ssl_tests.pl
-num_tests = 3
+num_tests = 5
test-0 = 0-renegotiate-client-no-resume
test-1 = 1-renegotiate-client-resume
test-2 = 2-renegotiate-server-resume
+test-3 = 3-renegotiate-client-auth-require
+test-4 = 4-renegotiate-client-auth-once
# ===========================================================
[0-renegotiate-client-no-resume]
@@ -81,6 +83,66 @@
ExpectedResult = Success
HandshakeMode = RenegotiateServer
Method = DTLS
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[3-renegotiate-client-auth-require]
+ssl_conf = 3-renegotiate-client-auth-require-ssl
+
+[3-renegotiate-client-auth-require-ssl]
+server = 3-renegotiate-client-auth-require-server
+client = 3-renegotiate-client-auth-require-client
+
+[3-renegotiate-client-auth-require-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[3-renegotiate-client-auth-require-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-3]
+ExpectedResult = Success
+HandshakeMode = RenegotiateServer
+Method = DTLS
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[4-renegotiate-client-auth-once]
+ssl_conf = 4-renegotiate-client-auth-once-ssl
+
+[4-renegotiate-client-auth-once-ssl]
+server = 4-renegotiate-client-auth-once-server
+client = 4-renegotiate-client-auth-once-client
+
+[4-renegotiate-client-auth-once-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Once
+
+[4-renegotiate-client-auth-once-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-4]
+ExpectedResult = Success
+HandshakeMode = RenegotiateServer
+Method = DTLS
ResumptionExpected = No
diff -Nru openssl-1.1.0c/test/ssl-tests/18-dtls-renegotiate.conf.in openssl-1.1.0d/test/ssl-tests/18-dtls-renegotiate.conf.in
--- openssl-1.1.0c/test/ssl-tests/18-dtls-renegotiate.conf.in 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/test/ssl-tests/18-dtls-renegotiate.conf.in 2017-01-26 14:10:26.000000000 +0100
@@ -14,6 +14,7 @@
package ssltests;
+my $dir_sep = $^O ne "VMS" ? "/" : "";
our @tests = (
{
@@ -60,4 +61,38 @@
"ExpectedResult" => "Success"
}
},
+ {
+ name => "renegotiate-client-auth-require",
+ server => {
+ "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
+ "VerifyMode" => "Require",
+ },
+ client => {
+ "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
+ "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
+ },
+ test => {
+ "Method" => "DTLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-client-auth-once",
+ server => {
+ "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
+ "VerifyMode" => "Once",
+ },
+ client => {
+ "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
+ "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
+ },
+ test => {
+ "Method" => "DTLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ }
);
diff -Nru openssl-1.1.0c/util/find-doc-nits.pl openssl-1.1.0d/util/find-doc-nits.pl
--- openssl-1.1.0c/util/find-doc-nits.pl 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/find-doc-nits.pl 2017-01-26 14:10:26.000000000 +0100
@@ -22,8 +22,8 @@
my %mandatory_sections =
( '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
- 1 => [ 'SYNOPSIS', '(COMMAND\s+)?OPTIONS' ],
- 3 => [ 'SYNOPSIS', 'RETURN\s+VALUES' ],
+ 1 => [ 'SYNOPSIS', 'OPTIONS' ],
+ 3 => [ 'SYNOPSIS', 'RETURN VALUES' ],
5 => [ ],
7 => [ ] );
my %default_sections =
@@ -70,7 +70,14 @@
my $sym;
$line =~ s/STACK_OF\([^)]+\)/int/g;
$line =~ s/__declspec\([^)]+\)//;
- if ( $line =~ /typedef.* (\S+);/ ) {
+ if ( $line =~ /env (\S*)=/ ) {
+ # environment variable env NAME=...
+ $sym = $1;
+ } elsif ( $line =~ /typedef.*\(\*(\S+)\)\(.*/ ) {
+ # a callback function: typedef ... (*NAME)(...
+ $sym = $1;
+ } elsif ( $line =~ /typedef.* (\S+);/ ) {
+ # a simple typedef: typedef ... NAME;
$sym = $1;
} elsif ( $line =~ /#define ([A-Za-z0-9_]+)/ ) {
$sym = $1;
@@ -162,7 +169,7 @@
}
foreach ((@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}})) {
- print "$id doesn't have a head1 section matching $_\n"
+ print "$id: missing $_ head1 section\n"
if $contents !~ /^=head1\s+${_}\s*$/m;
}
diff -Nru openssl-1.1.0c/util/indent.pro openssl-1.1.0d/util/indent.pro
--- openssl-1.1.0c/util/indent.pro 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/indent.pro 2017-01-26 14:10:26.000000000 +0100
@@ -35,24 +35,6 @@
-ts0
-T ACCESS_DESCRIPTION
-T ADDED_OBJ
--T AEP_BBOOL
--T AEP_CHAR
--T AEP_CHAR_PTR
--T AEP_CONNECTION_ENTRY
--T AEP_CONNECTION_HNDL
--T AEP_CONNECTION_HNDL_PTR
--T AEP_FLAGS
--T AEP_RV
--T AEP_TRANSACTION_ID
--T AEP_TRANSACTION_ID_PTR
--T AEP_U16
--T AEP_U32
--T AEP_U32_PTR
--T AEP_U64_PTR
--T AEP_U8
--T AEP_U8_PTR
--T AEP_VOID_PTR
--T AEP_VOID_PTR_PTR
-T AES_KEY
-T APP_INFO
-T ARGS
@@ -285,10 +267,6 @@
-T HEAPLIST32
-T HEARTBEAT_TEST_FIXTURE
-T HMAC_CTX
--T ICA_KEY_RSA_CRT
--T ICA_KEY_RSA_CRT_REC
--T ICA_KEY_RSA_MODEXPO
--T ICA_KEY_RSA_MODEXPO_REC
-T IDEA_KEY_SCHEDULE
-T IPAddrBlocks
-T IPAddressFamily
@@ -362,7 +340,6 @@
-T OPENSSL_ITEM
-T OPENSSL_PSTRING
-T OPENSSL_STRING
--T OPENSSL_STRING
-T OSSL_ASYNC_FD
-T OTHERNAME
-T P256_POINT
@@ -434,8 +411,6 @@
-T SSL
-T SSL2_STATE
-T SSL3_BUFFER
--T SSL3_BUF_FREELIST
--T SSL3_BUF_FREELIST_ENTRY
-T SSL3_COMP
-T SSL3_ENC_METHOD
-T SSL3_RECORD
@@ -450,43 +425,6 @@
-T SSL_SESSION
-T SSL_SESSION_ASN1
-T STACK_OF
--T STORE
--T STORE_ATTR_INFO
--T STORE_ATTR_TYPES
--T STORE_CERTIFICATE_STATUS
--T STORE_CLEANUP_FUNC_PTR
--T STORE_CTRL_FUNC_PTR
--T STORE_END_OBJECT_FUNC_PTR
--T STORE_GENERATE_OBJECT_FUNC_PTR
--T STORE_GENERIC_FUNC_PTR
--T STORE_GET_OBJECT_FUNC_PTR
--T STORE_HANDLE_OBJECT_FUNC_PTR
--T STORE_INITIALISE_FUNC_PTR
--T STORE_METHOD
--T STORE_MODIFY_OBJECT_FUNC_PTR
--T STORE_NEXT_OBJECT_FUNC_PTR
--T STORE_OBJECT
--T STORE_OBJECT_TYPES
--T STORE_PARAM_TYPES
--T STORE_START_OBJECT_FUNC_PTR
--T STORE_STORE_OBJECT_FUNC_PTR
--T SW_ALGTYPE
--T SW_BYTE
--T SW_COMMAND_BITMAP
--T SW_COMMAND_CODE
--T SW_CONTEXT_HANDLE
--T SW_CRT
--T SW_DSA
--T SW_EXP
--T SW_LARGENUMBER
--T SW_NVDATA
--T SW_OSHANDLE
--T SW_PARAM
--T SW_STATE
--T SW_STATUS
--T SW_U16
--T SW_U32
--T SW_U64
-T SXNET
-T SXNETID
-T TCHAR
@@ -662,7 +600,6 @@
-T STACK_OF_SRTP_PROTECTION_PROFILE_
-T STACK_OF_SSL_CIPHER_
-T STACK_OF_SSL_COMP_
--T STACK_OF_STORE_ATTR_INFO_
-T STACK_OF_STRING_
-T STACK_OF_SXNETID_
-T STACK_OF_SingleResponse_
diff -Nru openssl-1.1.0c/util/libcrypto.num openssl-1.1.0d/util/libcrypto.num
--- openssl-1.1.0c/util/libcrypto.num 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/libcrypto.num 2017-01-26 14:10:26.000000000 +0100
@@ -4208,3 +4208,9 @@
OCSP_RESPID_match 4159 1_1_0a EXIST::FUNCTION:OCSP
DSO_pathbyaddr 4170 1_1_0c EXIST::FUNCTION:
DSO_dsobyaddr 4171 1_1_0c EXIST::FUNCTION:
+CT_POLICY_EVAL_CTX_get_time 4172 1_1_0d EXIST::FUNCTION:CT
+CT_POLICY_EVAL_CTX_set_time 4173 1_1_0d EXIST::FUNCTION:CT
+X509_VERIFY_PARAM_set_inh_flags 4174 1_1_0d EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_inh_flags 4175 1_1_0d EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_time 4181 1_1_0d EXIST::FUNCTION:
+DH_check_params 4183 1_1_0d EXIST::FUNCTION:DH
diff -Nru openssl-1.1.0c/util/libssl.num openssl-1.1.0d/util/libssl.num
--- openssl-1.1.0c/util/libssl.num 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/libssl.num 2017-01-26 14:10:26.000000000 +0100
@@ -403,3 +403,5 @@
SSL_SESSION_get0_cipher 404 1_1_0 EXIST::FUNCTION:
SSL_SESSION_get0_id_context 405 1_1_0 EXIST::FUNCTION:
SSL_SESSION_set1_id 406 1_1_0 EXIST::FUNCTION:
+SSL_COMP_get_id 412 1_1_0d EXIST::FUNCTION:
+SSL_COMP_get0_name 413 1_1_0d EXIST::FUNCTION:
diff -Nru openssl-1.1.0c/util/process_docs.pl openssl-1.1.0d/util/process_docs.pl
--- openssl-1.1.0c/util/process_docs.pl 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/process_docs.pl 2017-01-26 14:10:26.000000000 +0100
@@ -105,7 +105,7 @@
if $options{debug};
unless ($options{"dry-run"}) {
@output = `$generate`;
- map { s|href="http://man\.he\.net/man|href="../man|g; } @output
+ map { s|href="http://man\.he\.net/(man\d/[^"]+)(?:\.html)?"|href="../$1.html|g; } @output
if $options{type} eq "html";
}
print STDERR "DEBUG: Done processing\n" if $options{debug};
diff -Nru openssl-1.1.0c/util/TLSProxy/Message.pm openssl-1.1.0d/util/TLSProxy/Message.pm
--- openssl-1.1.0c/util/TLSProxy/Message.pm 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/TLSProxy/Message.pm 2017-01-26 14:10:26.000000000 +0100
@@ -171,7 +171,7 @@
$recoffset += 4;
$payload = "";
- if ($recoffset < $record->decrypt_len) {
+ if ($recoffset <= $record->decrypt_len) {
#Some payload data is present in this record
if ($record->decrypt_len - $recoffset >= $messlen) {
#We can complete the message with this record
diff -Nru openssl-1.1.0c/util/TLSProxy/Proxy.pm openssl-1.1.0d/util/TLSProxy/Proxy.pm
--- openssl-1.1.0c/util/TLSProxy/Proxy.pm 2016-11-10 15:03:47.000000000 +0100
+++ openssl-1.1.0d/util/TLSProxy/Proxy.pm 2017-01-26 14:10:26.000000000 +0100
@@ -42,6 +42,7 @@
clientflags => "",
serverconnects => 1,
serverpid => 0,
+ reneg => 0,
#Public read
execute => $execute,
@@ -117,6 +118,7 @@
$self->{serverflags} = "";
$self->{serverconnects} = 1;
$self->{serverpid} = 0;
+ $self->{reneg} = 0;
}
sub restart
@@ -200,7 +202,13 @@
or die "Failed to redirect stdout: $!";
open(STDERR, ">&STDOUT");
}
- my $execcmd = "echo test | ".$self->execute
+ my $echostr;
+ if ($self->reneg()) {
+ $echostr = "R";
+ } else {
+ $echostr = "test";
+ }
+ my $execcmd = "echo ".$echostr." | ".$self->execute
." s_client -engine ossltest -connect "
.($self->proxy_addr).":".($self->proxy_port);
if ($self->cipherc ne "") {
@@ -299,6 +307,7 @@
print "Waiting for server process to close: "
.$self->serverpid."\n";
waitpid( $self->serverpid, 0);
+ die "exit code $? from server process\n" if $? != 0;
}
return 1;
}
@@ -504,4 +513,13 @@
return $ret;
}
+sub reneg
+{
+ my $self = shift;
+ if (@_) {
+ $self->{reneg} = shift;
+ }
+ return $self->{reneg};
+}
+
1;
Reply to: