Re: [openssl-dev] [openssl.org #4352] Failed test 'Duplicate ClientHello extension' when testing under Clang undefined behavior sanitizer

2016-02-27 Thread Kurt Roeckx via RT
On Sat, Feb 27, 2016 at 01:58:26AM +, noloa...@gmail.com via RT wrote: > Platform is Linux, x86_64. The failure occurs under Clang with the > sanitizer. GCC is fine. > > I'm guessing the error output from the Undefined Behavior sanitizer is > causing the test to be interpreted as a fail. It h

Re: [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

2016-02-26 Thread Kurt Roeckx
I can only find 1 place in the server that generates an SSL_R_BAD_SIGNATURE and that's in ssl3_get_cert_verify, in the case of signature algorithms are used, which is new in TLS 1.2. I don't see anything obviously wrong, and as far as I know the test suite also tests client authentication. Kurt

Re: [openssl-dev] [openssl.org #4343] master: EC_KEY_priv2buf (): check parameter sanity

2016-02-26 Thread Kurt Roeckx
On Fri, Feb 26, 2016 at 05:34:14PM +, Viktor Dukhovni wrote: > On Fri, Feb 26, 2016 at 05:29:26PM +, Salz, Rich wrote: > > > As just about the only team member who trolls through RT and closes things > > with any quantity, I am not sure that I agree that fixing a bug requires > > documenta

Re: [openssl-dev] openssl 1.0.2 SNAP 20160226 issues

2016-02-26 Thread Kurt Roeckx
On Fri, Feb 26, 2016 at 10:48:16AM +0100, Richard Levitte wrote: > > Please install makedepend I didn't know we needed that. I don't have it installed. It looks like in Debian it's in xutils-dev. Kurt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/opens

Re: [openssl-dev] Fwd: Assembly code errors while building openssl-1.0.2f on Ubuntu 14.04

2016-02-24 Thread Kurt Roeckx
On Wed, Feb 24, 2016 at 09:09:49AM -0800, Datta Prabhu Maddikunta wrote: > > /bin/as: Execution > > of /bin/compat-as/as failed with error code 0 You're trying to cross compile? What is th target? How did you call Configure? Kurt -- openssl-dev mailing list To unsubscribe: https://mta.openss

Re: [openssl-dev] OPenssl-SNAP-20160223 issue test/recipes/70-test_sslcertstatus.t

2016-02-23 Thread Kurt Roeckx
On Tue, Feb 23, 2016 at 10:00:44AM -0700, The Doctor wrote: > 136617832:error:20087002:BIO routines:BIO_lookup:system > lib:b_addr.c:711:Invali > d value for ai_flags Do you have any idea which flag it is that is causing problems? I find it rather strange that it knows about the flag, but then s

Re: [openssl-dev] [openssl.org #4301] [BUG] OpenSSL 1.1.0-pre2 fails to parse x509 certificate in DER format

2016-02-11 Thread Kurt Roeckx via RT
On Thu, Feb 11, 2016 at 10:53:25PM +, Blumenthal, Uri - 0553 - MITLL wrote: > Might I suggest that the right thing in this case would be to keep generation > strict, but relax the rules on parsing? "Be conservative in what you send, > and liberal with what you receive"? This might be good ad

Re: [openssl-dev] [openssl.org #4301] [BUG] OpenSSL 1.1.0-pre2 fails to parse x509 certificate in DER format

2016-02-11 Thread Kurt Roeckx
On Thu, Feb 11, 2016 at 10:53:25PM +, Blumenthal, Uri - 0553 - MITLL wrote: > Might I suggest that the right thing in this case would be to keep generation > strict, but relax the rules on parsing? "Be conservative in what you send, > and liberal with what you receive"? This might be good ad

Re: [openssl-dev] [openssl.org #4301] [BUG] OpenSSL 1.1.0-pre2 fails to parse x509 certificate in DER format

2016-02-11 Thread Kurt Roeckx
See X.690, 8.3.2: If the contents octets of an integer value encoding consist of more than one octet, then the bits of the first octet and bit 8 of the second octet: a) shall not all be ones; and b) shall not all be zero. NOTE - These rules ensure that an integer value is always encoded in the smal

Re: [openssl-dev] version script

2016-02-08 Thread Kurt Roeckx
On Mon, Feb 08, 2016 at 01:41:10PM +, Catalin Vasile wrote: > I'm trying to compile a custom OpenSSL library to work with nginx. > nginx requires that the SSL library have version data included in the .so > files, so I'm using this patch[1] for this. > The problem is that if I set the library

Re: [openssl-dev] [openssl.org #2460] OCSP server uses only IP6

2016-02-04 Thread Kurt Roeckx via RT
On Thu, Feb 04, 2016 at 08:07:15PM +, Rich Salz via RT wrote: > i think -- I'm not sure what you think. But all the apps currently only create 1 socket, which on some OSes could mean that it's IPv6 (or IPv4) only. It needs more work. Kurt

Re: [openssl-dev] [openssl.org #4075] Enhancement request: Camellia ECDHE+GCM suites

2016-02-04 Thread Kurt Roeckx via RT
On Thu, Feb 04, 2016 at 10:10:06AM +, Moonchild via RT wrote: > Really? > > That's all we get, a one-liner, no explanation, no rationale, response? > It's not even "brand new" functionality, Camellia as a raw cipher is already > in there, the only difference is wrapping it into GCM-based suite

Re: [openssl-dev] [openssl.org #4075] Enhancement request: Camellia ECDHE+GCM suites

2016-02-04 Thread Kurt Roeckx
On Thu, Feb 04, 2016 at 10:10:06AM +, Moonchild via RT wrote: > Really? > > That's all we get, a one-liner, no explanation, no rationale, response? > It's not even "brand new" functionality, Camellia as a raw cipher is already > in there, the only difference is wrapping it into GCM-based suite

Re: [openssl-dev] [openssl.org #4288] [BUG] Xmm7 register is cobbered in aesni_gcm_decrypt on win64

2016-02-04 Thread Kurt Roeckx via RT
Fixed. Kurt - http://rt.openssl.org/Ticket/Display.html?id=4288 Please log in as guest with password guest if prompted ___ openssl-dev mailing list To unsubscribe: https://mta.

Re: [openssl-dev] Openssl SNAP 20160204 development

2016-02-04 Thread Kurt Roeckx
On Thu, Feb 04, 2016 at 06:39:19AM -0700, The Doctor wrote: > All right, I can compile,but > > test/recipes/70-test_sslcertstatus.t > > is hang in an infinite loop. > > Any explanation? That's an issue I'm not aware of yet, nor did I see it in any of our automated test runs. Can you give some

Re: [openssl-dev] Fwd: CVE-2014-8730 TLS CBC Incorrect Padding Abuse Vulnerability

2016-02-03 Thread Kurt Roeckx
On Wed, Feb 03, 2016 at 05:11:34PM +0530, Shyamal Bhowmik wrote: > > /* enc_err is: > * 0: (in non-constant time) if the record is publically invalid. > * 1: if the padding is valid > * -1: if the padding is invalid */ > if (enc_err == 0) > { > al=SSL_AD_DECR

Re: [openssl-dev] OpenSSL Security Advisory

2016-02-02 Thread Kurt Roeckx
On Tue, Feb 02, 2016 at 10:34:32PM +0100, Rainer Jung wrote: > Hi there, > > reading the last advisory again, I noticed, that there's one logical > inconsistency. > > First: > > OpenSSL before 1.0.2f will reuse the key if: > ... > - Static DH ciphersuites are used. The key is part of the certifi

Re: [openssl-dev] Fwd: latest OpenSSL causes OpenSMTPD to segv

2016-02-01 Thread Kurt Roeckx
On Mon, Feb 01, 2016 at 11:16:50PM +, Viktor Dukhovni wrote: > On Mon, Feb 01, 2016 at 10:52:56PM +, Viktor Dukhovni wrote: > > > The only thing I see that's plausibly pertinent is: > > > > commit 6656ba7152dfe4bba865e327dd362ea08544aa80 > > Author: Dr. Stephen Henson > > Date: Sun Dec

Re: [openssl-dev] [openssl.org #4286] Debug in OpenSSL

2016-02-01 Thread Kurt Roeckx via RT
On Mon, Feb 01, 2016 at 10:21:30PM +, Tiantian Liu via RT wrote: > Hi, ALL, > > I am software developer who is struggling with encryption and decryption > issues in my application. > > Our customer complained our application crashed at the point where OpenSSL > method, PEM_read_RSAPrivateK

Re: [openssl-dev] MSVC 2015 internal compiler error

2016-01-27 Thread Kurt Roeckx
On Sat, Jan 16, 2016 at 11:42:52AM +0100, Gisle Vanem wrote: > While building OpenSSL from today's git-repo: > > ssl\d1_srtp.c : fatal error C1001: An internalerror has occurred in the > compiler. > (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 246) > To work around this proble

Re: [openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open

2016-01-26 Thread Kurt Roeckx via RT
On Tue, Jan 26, 2016 at 02:17:57PM +, Sara Dickinson via RT wrote: > > > On 25 Jan 2016, at 18:42, Kurt Roeckx via RT wrote: > > > > On Mon, Jan 25, 2016 at 06:24:55PM +, Sara Dickinson via RT wrote: > >> Hi, > >> > >> I would like to re

Re: [openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open

2016-01-25 Thread Kurt Roeckx via RT
On Mon, Jan 25, 2016 at 06:24:55PM +, Sara Dickinson via RT wrote: > Hi, > > I would like to request that support be added to OpenSSL to enable client > applications to make use use of TCP Fast Open > (https://tools.ietf.org/html/rfc7413 ) > when initiat

Re: [openssl-dev] Upcoming build system change

2016-01-24 Thread Kurt Roeckx
On Sun, Jan 24, 2016 at 01:19:00PM +0100, Corinna Vinschen wrote: > On Jan 23 22:12, Richard Levitte wrote: > > In message <20160123210116.gb13...@calimero.vinschen.de> on Sat, 23 Jan > > 2016 22:01:16 +0100, Corinna Vinschen said: > > > > vinschen>

Re: [openssl-dev] Upcoming build system change

2016-01-23 Thread Kurt Roeckx
On Sat, Jan 23, 2016 at 10:01:16PM +0100, Corinna Vinschen wrote: > On Jan 23 21:35, Kurt Roeckx wrote: > > On Sat, Jan 23, 2016 at 09:27:58PM +0100, Corinna Vinschen wrote: > > > > > > Last but not least, we have another problem with enginesdir. To allow a > >

Re: [openssl-dev] Upcoming build system change

2016-01-23 Thread Kurt Roeckx
On Sat, Jan 23, 2016 at 09:27:58PM +0100, Corinna Vinschen wrote: > > Last but not least, we have another problem with enginesdir. To allow a > rolling release cycle, we have to support multiple versions of openssl > in parallel. The problem here is that the enginesdir needs to be > versioned to

Re: [openssl-dev] [openssl.org #4148] PCKS1 type 1 Padding check error

2016-01-23 Thread Kurt Roeckx via RT
On Wed, Nov 18, 2015 at 03:24:51PM +, Özgan, Tolgahan Jonas via RT wrote: > Dear List, > I have found a BUG in the function > " RSA_padding_check_PKCS1_type_1 " [...] > > the pointer p is incremented after the check therefore p is always the first > octet of the padded string. In the Case of

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 2 published

2016-01-17 Thread Kurt Roeckx
On Sun, Jan 17, 2016 at 01:14:14AM +0100, Richard Levitte wrote: > OPT_FLAGS would be for optimizing, do I get that right? I suggest you > have a look at Configurations/10-main.conf, you might notice > configuration items like debug_cflags, release_cflags, debug_lflags > and release_lflags. If yo

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 2 published

2016-01-16 Thread Kurt Roeckx
On Sat, Jan 16, 2016 at 07:42:50PM +0100, Corinna Vinschen wrote: > On Jan 16 19:37, Corinna Vinschen wrote: > > On Jan 14 15:44, Richard Levitte wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA1 > > > > > > > > >OpenSSL version 1.1.0 pre release 2 (alpha) > > >

Re: [openssl-dev] '-CIPHER_DEBUG' error on 'dh_dsa'

2016-01-16 Thread Kurt Roeckx
On Sat, Jan 16, 2016 at 03:03:41PM +, Alessandro Ghedini wrote: > On Sat, Jan 16, 2016 at 01:51:28pm +0100, Gisle Vanem wrote: > > Having '-DCIPHER_DEBUG' in the CFLAGS causes this error in > > MingW (gcc 5.1): > > ssl/ssl_lib.c:2499:58: error: 'dh_dsa' undeclared (first use in this > > func

Re: [openssl-dev] [openssl.org #4227] openssl rand 10000000000 does not produce 10000000000 random bytes

2016-01-12 Thread Kurt Roeckx
On Wed, Jan 13, 2016 at 11:00:09AM +1000, Paul Dale wrote: > On Wed, 13 Jan 2016 12:32:39 AM Viktor Dukhovni wrote: > > In most cases, just overwriting a disk with zeros is as good as > > with any other pattern. > > Peter Gutmann published a paper showing that it is possible to read zeroed > bits

Re: [openssl-dev] [openssl.org #4151] [PATCH] Function pop_info in crypto/mem_dbg.c returns a dangling pointer

2016-01-11 Thread Kurt Roeckx via RT
The patch has been applied. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl-users] OPenssl and dependencies such as openssh

2016-01-06 Thread Kurt Roeckx
On Wed, Jan 06, 2016 at 01:17:27AM -0500, Viktor Dukhovni wrote: > > > On Jan 6, 2016, at 1:14 AM, Kurt Roeckx wrote: > > > > On Tue, Jan 05, 2016 at 03:40:03PM -0700, The Doctor wrote: > >> tls.o(.text+0xf32): undefined reference to `SSLv23_server_method' >

Re: [openssl-dev] [openssl-users] OPenssl and dependencies such as openssh

2016-01-05 Thread Kurt Roeckx
On Tue, Jan 05, 2016 at 03:40:03PM -0700, The Doctor wrote: > tls.o(.text+0xf32): undefined reference to `SSLv23_server_method' Are you sure it's finding the correct headers? Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/ma

Re: [openssl-dev] [openssl.org #4218] Invalid typecasting in CRYPTO_ctr128_encrypt

2016-01-05 Thread Kurt Roeckx via RT
On Tue, Jan 05, 2016 at 05:36:35PM +, Bjorn Kornefalk via RT wrote: > OpenSSL 1.0.2e > > At line 156 of crypto/modes/ctr128.c > > const unsigned char *in, > unsigned char *out, > unsigned char ivec[16], > unsigned char ecount_buf[16] > >*(size_t *)(out + n) = >*(size_t *)(in + n

Re: [openssl-dev] [openssl.org #4206] [PATCH] Add cipher alias for ChaCha20

2015-12-28 Thread Kurt Roeckx via RT
On Mon, Dec 28, 2015 at 03:01:28PM +, Short, Todd via RT wrote: > Hello OpenSSL.org: > > This is a patch for the master branch. The changes in master to add ChaCha20 > to OpenSSL do not include an alias for the cipher in the "openssl cipher" > command, nor in the cipher f

Re: [openssl-dev] [openssl.org #4203] OpenSSL 1.0.2e. Failed build due to (possibly) wrong include of dummytest.c

2015-12-26 Thread Kurt Roeckx via RT
On Sat, Dec 26, 2015 at 08:26:24PM +, Anton Prytkov via RT wrote: > 3. Build fails at c:/openssl/1.0.2e/test/md2test.c, line 1 > Can not parse. It says: #include Why can't that be parsed? > 4. Solution: > change line 1: > openssl-1.0.2e/dummytest.c > to: > #include "dummytest.c" There is n

Re: [openssl-dev] [openssl.org #4192] [PATCH] differentiate SSL_* from from SSL_CTX_* in documentation

2015-12-23 Thread Kurt Roeckx via RT
The SSL_CTX_set1_verify_cert_store.pod changes have been applied in the master and 1.0.2 branch, doesn't exist in other branches. SSL_set_tmp_rsa_callback has been removed, so I didn't fix that. Kurt ___ openssl-dev mailing list To unsubscribe: https

Re: [openssl-dev] about "Rename some BUF_xxx to OPENSSL_xxx"

2015-12-23 Thread Kurt Roeckx
On Tue, Dec 22, 2015 at 09:52:05AM +0200, Roumen Petrov wrote: > Hello, > > After modification OPENSSL_strlcpy is declared twice. Patch applied. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] __STDC_VERSION__ is not defined

2015-12-23 Thread Kurt Roeckx
On Tue, Dec 22, 2015 at 09:46:37AM +0200, Roumen Petrov wrote: > Hello, > > Compilation of an application with current master branch and c89 compiler > produce a lot of warnings. > Proposed patch > "0001-__STDC_VERSION__-is-not-defined-for-c89-compilers.patch" fix them. Patch applied. Kurt ___

Re: [openssl-dev] [openssl.org #4195] remove duplicates in util/libeay.num

2015-12-23 Thread Kurt Roeckx via RT
On Tue, Dec 22, 2015 at 09:03:56AM +, Roumen Petrov via RT wrote: > Hello, > > After remove of some global variables in export file left double Patch applied. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/lis

Re: [openssl-dev] [openssl.org #4155] In function int_thread_del_item, when hash == int_thread_hash, one is passed to free and the other is used in a comparison

2015-12-23 Thread Kurt Roeckx via RT
On Mon, Nov 30, 2015 at 08:12:58PM +, Kurt Roeckx via RT wrote: > On Tue, Nov 24, 2015 at 11:06:44AM +, Pascal Cuoq via RT wrote: > > This issue is similar in nature to 4151 > > (http://www.mail-archive.com/openssl-dev@openssl.org/msg40950.html ): it is > > about a d

Re: [openssl-dev] [openssl.org #4184] Memory leak in DSA redo case

2015-12-22 Thread Kurt Roeckx via RT
Fixed. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4190] Missing Check for duplicate Prime-Value of p and q in openssl 0.9.8o

2015-12-21 Thread Kurt Roeckx via RT
On Mon, Dec 21, 2015 at 01:51:45PM +, Felix via RT wrote: > That does not matter from a technical point of view. > > The Problem ist the same with 2048-Bit RSA. If you're worried that p and q might be the same random number, I think you should have other concerns. Kurt ___

Re: [openssl-dev] [openssl.org #4185] Bug in EVP_MD_CTX_copy_ex's malloc failure handling

2015-12-17 Thread Kurt Roeckx via RT
On Wed, Dec 16, 2015 at 11:34:56PM +, David Benjamin via RT wrote: > EVP_MD_CTX_copy_ex is implemented with memcpy, followed by manually fixing > up |out->pctx| and |out->md_data|. > > https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=crypto/evp/digest.c;h=5da0e01039a6da039942db9f1bf8b707

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-15 Thread Kurt Roeckx
On Tue, Dec 15, 2015 at 10:35:58PM +0100, Florian Weimer wrote: > * Kurt Roeckx: > > > On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote: > >> * Nico Williams: > >> > >> > On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote: >

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-15 Thread Kurt Roeckx
On Tue, Dec 15, 2015 at 09:57:32AM -0600, Benjamin Kaduk wrote: > On 12/15/2015 06:43 AM, Kurt Roeckx wrote: > > On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote: > >> * Nico Williams: > >> Not on Windows. > >> > >>> What's the al

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-15 Thread Kurt Roeckx
On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote: > * Nico Williams: > > > On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote: > >> > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill? > >> > >> It seems to have trouble to keep up with new architectures. >

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx via RT
On Thu, Dec 10, 2015 at 03:19:54PM +0100, Kurt Roeckx wrote: > On Thu, Dec 10, 2015 at 01:27:38PM +0100, Kurt Roeckx wrote: > > On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote: > > > On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > > > >

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx via RT
On Thu, Dec 10, 2015 at 01:27:38PM +0100, Kurt Roeckx wrote: > On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote: > > On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > > > Hi, > > > > > > Following my previous mail, here attached is a

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx via RT
On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote: > On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > > Hi, > > > > Following my previous mail, here attached is an updated patch against 1.02e > > to fix the SRP VBASE memory leaks. > > C

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx via RT
On Thu, Dec 10, 2015 at 12:17:04PM +, Kurt Roeckx via RT wrote: > On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > > Hi, > > > > Following my previous mail, here attached is an updated patch against 1.02e > > to fix the SRP VBASE memory leaks. >

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx
On Thu, Dec 10, 2015 at 12:17:04PM +, Kurt Roeckx via RT wrote: > On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > > Hi, > > > > Following my previous mail, here attached is an updated patch against 1.02e > > to fix the SRP VBASE memory leaks. >

Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory

2015-12-10 Thread Kurt Roeckx via RT
On Mon, Dec 07, 2015 at 03:47:56PM +, Michel via RT wrote: > Hi, > > Following my previous mail, here attached is an updated patch against 1.02e > to fix the SRP VBASE memory leaks. Can you confirm that this would be the correct patch for master? I still need to look at it. Kurt diff --g

Re: [openssl-dev] [openssl.org #4165] 1.0.1q release busted, does not compile

2015-12-04 Thread Kurt Roeckx via RT
On Thu, Dec 03, 2015 at 08:08:59PM +, Quanah Gibson-Mount via RT wrote: > make[5]: *** No rule to make target `../../include/openssl/idea.h', needed > by `e_idea.o'. Stop. You need to run make depend after configure. ___ openssl-dev mailing list

Re: [openssl-dev] [openssl.org #4155] In function int_thread_del_item, when hash == int_thread_hash, one is passed to free and the other is used in a comparison

2015-11-30 Thread Kurt Roeckx via RT
On Tue, Nov 24, 2015 at 11:06:44AM +, Pascal Cuoq via RT wrote: > This issue is similar in nature to 4151 > (http://www.mail-archive.com/openssl-dev@openssl.org/msg40950.html ): it is > about a dangling pointer being used, but not used for dereferencing, so it's > not a memory error. The dan

Re: [openssl-dev] [openssl.org #4160] Candidate bug, malloc failure related issues in s3_enc.c, hm_pmeth.c

2015-11-29 Thread Kurt Roeckx via RT
On Sun, Nov 29, 2015 at 11:09:35AM +, Trevor Larock via RT wrote: > Hi folks, > > Can I ask about malloc failure handling issues, seems affecting OpenSSL > 1.0.1p and 1.0.2d, > > 1. In s3_enc.c::ssl3_digest_cached_records, we have the below code. > > s->s3->handshake_dgst = > OP

Re: [openssl-dev] [openssl.org #4159] BUG ::: Null dereference in ssl3_free

2015-11-29 Thread Kurt Roeckx via RT
On Sun, Nov 29, 2015 at 11:09:34AM +, Srinivas Koripella via RT wrote: > Description. > > We are dereferencing s->s3 in ssl3_free without checking if s->s3 is null or > not. This has already been fixed in the current git versions. I'm wondering why you see this, you should only get this in

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-11-25 Thread Kurt Roeckx
On Wed, Nov 25, 2015 at 01:02:29PM +0100, Florian Weimer wrote: > On 11/23/2015 11:08 PM, Kurt Roeckx wrote: > > > I think that we currently don't do any compile / link test to > > detect features but that we instead explicitly say so for each > > platform.

Re: [openssl-dev] [openssl.org #3910] [PATCH] Build correctly when no_des option is enabled

2015-11-24 Thread Kurt Roeckx via RT
On Sun, Jun 14, 2015 at 11:59:59PM +, 84.le0n via RT wrote: > > I've had the same problem Osvaldo Calles had when building OpenSSL with > no-des option enabled . > This patch simply add an #ifndef around the first if clause avoiding > EVP_des_ede3_wrap call. This at least causes a test suite

Re: [openssl-dev] [openssl.org #4111] [PATCH] fix ssl3_free NULL dereference on out of memory condition

2015-11-24 Thread Kurt Roeckx via RT
This should be fixed now. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4110] [PATCH] fix ssl_new() error handling on out of memory condition

2015-11-24 Thread Kurt Roeckx via RT
This should be fixed now. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-11-24 Thread Kurt Roeckx
On Tue, Nov 24, 2015 at 03:16:59PM +, Jonathan Larmour wrote: > On 23/11/15 20:34, Matt Caswell wrote: > > One other option we could pursue is to use the "__thread" syntax for > > thread local variables and avoid the need for libpthread altogether. An > > earlier version of the code did this. I

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-11-23 Thread Kurt Roeckx
On Mon, Nov 23, 2015 at 02:48:25PM -0600, Nico Williams wrote: > > I use this in an autoconf project (I know, OpenSSL doesn't use autoconf): > > dnl Thread local storage > have___thread=no > AC_MSG_CHECKING(for thread-local storage) > AC_LINK_IFELSE([AC_LANG_SOURCE([ > static __thread i

Re: [openssl-dev] [openssl.org #4144] patch: Use '__sun' instead of 'sun' for strict ISO conforming, compiler/options

2015-11-22 Thread Kurt Roeckx via RT
On Tue, Nov 17, 2015 at 05:43:45PM +, Richard PALO via RT wrote: > I'd like to propose the attached patch to 1.0.2d which avoids problems > with strict ISO conforming compiler/options, which do not define 'sun' only > '__sun' as usual... such as gcc/clang -std=c99 > > This affects the build it

Re: [openssl-dev] We're working on license changes

2015-11-21 Thread Kurt Roeckx
On Sat, Nov 21, 2015 at 10:09:51PM +, Ben Laurie wrote: > On Sat, 21 Nov 2015 at 21:14 Kurt Roeckx wrote: > > > On Sat, Nov 21, 2015 at 12:02:22PM -0800, Quanah Gibson-Mount wrote: > > > --On Saturday, November 21, 2015 8:24 PM +0100 Kurt Roeckx < > > k...@roec

Re: [openssl-dev] We're working on license changes

2015-11-21 Thread Kurt Roeckx
On Sat, Nov 21, 2015 at 12:02:22PM -0800, Quanah Gibson-Mount wrote: > --On Saturday, November 21, 2015 8:24 PM +0100 Kurt Roeckx > wrote: > >>So the MPLv2 is compatible with the APLv2. The MPLv2 is compatible with > >>the GPLv2 and the APLv2 is copmatible with GPLv

Re: [openssl-dev] We're working on license changes

2015-11-21 Thread Kurt Roeckx
On Sat, Nov 21, 2015 at 11:07:36AM -0800, Quanah Gibson-Mount wrote: > --On Saturday, November 21, 2015 12:50 PM +0100 Kurt Roeckx > wrote: > > > > >I would like to point out that GPLv2 also isn't compatible with > >GPLv3, and that that is causing just as

Re: [openssl-dev] We're working on license changes

2015-11-21 Thread Kurt Roeckx
On Fri, Nov 20, 2015 at 01:01:37PM -0800, Quanah Gibson-Mount wrote: > --On Friday, November 20, 2015 9:47 PM +0100 Richard Levitte > wrote: > > >I would like to point out that the GNU project talks about the Apache > >v2 license in positive terms: > > > >http://www.gnu.org/licenses/license-list.

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

2015-11-20 Thread Kurt Roeckx via RT
> 4/ in BN_usub, ap = a->d; and rp = r->d; > then the 2 pointers can be incremented, but an identical number of times > > 5/ then memcpy is called with rp and ap that are still aliases, which is > undefined behavior The patch has been applied. Kurt _

Re: [openssl-dev] PBE_UNICODE

2015-11-20 Thread Kurt Roeckx
On Thu, Nov 19, 2015 at 11:16:23PM +0100, Andy Polyakov wrote: > > The way I read PKCS12 the string should be big-endian UTF-16 one. [...] > Correct procedure should be to convert it to wchar_t and > then ensure correct endianness. Please note that wchar_t itself might not have any relation with

Re: [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

2015-11-17 Thread Kurt Roeckx
On Tue, Nov 17, 2015 at 07:10:00PM +0100, Florian Weimer wrote: > * Viktor Dukhovni: > > > If I were to guess, it would be that the base crypto implementations > > of IDEA, SEED and binary elliptic curves need to stay. We could > > perhaps get away with removing CAST and RIPEMD. > > Just one dat

Re: [openssl-dev] [openssl.org #4144] patch: Use '__sun' instead of 'sun' for strict ISO conforming, compiler/options

2015-11-17 Thread Kurt Roeckx via RT
On Tue, Nov 17, 2015 at 06:33:22PM +, Richard PALO via RT wrote: > > Strict ISO conforming compilers don't define 'sun', only __sun. Ah, I clearly misunderstood your earlier message. Kurt ___ openssl-dev mailing list To unsubscribe: https://mta.

Re: [openssl-dev] [openssl.org #4144] patch: Use '__sun' instead of 'sun' for strict ISO conforming, compiler/options

2015-11-17 Thread Kurt Roeckx via RT
On Tue, Nov 17, 2015 at 05:43:45PM +, Richard PALO via RT wrote: > I'd like to propose the attached patch to 1.0.2d which avoids problems > with strict ISO conforming compiler/options, which do not define 'sun' only > '__sun' as usual... such as gcc/clang -std=c99 I fail to understand how this

Re: [openssl-dev] [openssl.org #4124] Illegal instruction when using aes-ni-sha256 stitched implementation on AMD CPU

2015-11-17 Thread Kurt Roeckx via RT
On Sun, Nov 08, 2015 at 11:37:55AM +, Tomas Mraz via RT wrote: > The aes-ni-sha256 stitched implementation causes SIGILL on AMD A4-6210. > It is caused by not using the AVX+SSSE3 code path for non-Intel CPUs > although the CPU seems to be fully capable of running it. The issue is now fixed in

[openssl-dev] [openssl.org #4138] Detection of assembler version

2015-11-12 Thread Kurt Roeckx via RT
Hi, I just found out that building with at least with the French locale the AVX code is missing. The problem is this code in crypto/sha/asm/sha1-x86_64.pl: if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1` =~ /GNU assembler version ([2-9]\.[0-9]+)/) { $avx

Re: [openssl-dev] [openssl.org #4116] [PATCH] Reimplement non-asm OPENSSL_cleanse()

2015-11-11 Thread Kurt Roeckx via RT
On Wed, Nov 11, 2015 at 05:15:06PM +, Kaduk, Ben via RT wrote: > On 11/11/2015 07:06 AM, Kurt Roeckx via RT wrote: > > On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote: > >> On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote: > >

Re: [openssl-dev] [openssl.org #4116] [PATCH] Reimplement non-asm OPENSSL_cleanse()

2015-11-11 Thread Kurt Roeckx via RT
On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote: > On Wed, Nov 11, 2015 at 11:52:56AM +0000, Kurt Roeckx via RT wrote: > > On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote: > > > Also, FTR, apparently SecureZeroMemory() doesn&#

Re: [openssl-dev] [openssl.org #4116] [PATCH] Reimplement non-asm OPENSSL_cleanse()

2015-11-11 Thread Kurt Roeckx via RT
On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote: > > I also added support for explicit_bzero() on OpenBSD. An explicit_bzero() call is no better than whatever OPENSSL_cleanse() does, because it has exactly the same problems. So I don't think this is useful to do. > Also

Re: [openssl-dev] [openssl.org #4124] Illegal instruction when using aes-ni-sha256 stitched implementation on AMD CPU

2015-11-08 Thread Kurt Roeckx via RT
On Sun, Nov 08, 2015 at 11:37:55AM +, Tomas Mraz via RT wrote: > The aes-ni-sha256 stitched implementation causes SIGILL on AMD A4-6210. > It is caused by not using the AVX+SSSE3 code path for non-Intel CPUs > although the CPU seems to be fully capable of running it. > > The ia32cap vector is

Re: [openssl-dev] [openssl.org #4116] [PATCH] Reimplement non-asm OPENSSL_cleanse()

2015-10-31 Thread Kurt Roeckx via RT
On Sat, Oct 31, 2015 at 09:58:50AM -1000, Brian Smith wrote: > Alessandro Ghedini via RT wrote: > > > I was also wondering whether it would make sense to just drop the asm > > implementations. Does the speed-up justify the added complexity? > > > > IMO, it should work like this: > * memset_s whe

Re: [openssl-dev] [openssl.org #4107] [PATCH] null pointer dereference: bn_wexpand return code not checked in bn_g2fm.c

2015-10-29 Thread Kurt Roeckx via RT
On Mon, Oct 26, 2015 at 10:29:43AM +, Pascal Cuoq via RT wrote: > If the calls to bn_wexpand() are guarded as in the attached patch, the null > pointer dereferences no longer occur. The patch has been applied. Kurt ___ openssl-dev mailing list T

Re: [openssl-dev] [openssl.org #4111] [PATCH] fix ssl3_free NULL dereference on out of memory condition

2015-10-28 Thread Kurt Roeckx via RT
On Wed, Oct 28, 2015 at 12:58:09AM +, Willy TARREAU via RT wrote: > This patch fixes a NULL dereference issue when SSL_new() fails due to a > low memory condition. Here it is possible that ssl3_new() fails, but > despite this ssl3_free() is called along the error path and doesn't check > that s

Re: [openssl-dev] Improving OpenSSL default RNG

2015-10-24 Thread Kurt Roeckx
On Sat, Oct 24, 2015 at 04:22:38PM +0200, Alessandro Ghedini wrote: > > So at some point I'd like to > try and make OPENSSL_malloc & co. aliases for malloc(), realloc() and free() > and remove (or deprecate) the custom memory functions... but that's probably a > whole different discussion. Please

Re: [openssl-dev] Improving OpenSSL default RNG

2015-10-23 Thread Kurt Roeckx
On Fri, Oct 23, 2015 at 03:22:39PM +0200, Alessandro Ghedini wrote: > Hello everyone, > > (sorry for the wall of text...) > > one of the things that both BoringSSL and LibreSSL have in common is the > replacement of OpenSSL's default RNG RAND_SSLeay() with a simpler and saner > alternative. Given

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

2015-10-19 Thread Kurt Roeckx via RT
On Mon, Oct 19, 2015 at 08:10:01PM +0200, Kurt Roeckx wrote: > The manpage says that for BN_add(), BN_mul(), BN_sqr(), BN_mod_mul() > and BN_gcd() r can be one of the other BIGNUMs that got passed, but > it doesn't say so for BN_sub(). BN_add() can of course already call BN_usub(

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

2015-10-19 Thread Kurt Roeckx via RT
On Mon, Oct 19, 2015 at 08:10:01PM +0200, Kurt Roeckx wrote: > The manpage says that for BN_add(), BN_mul(), BN_sqr(), BN_mod_mul() > and BN_gcd() r can be one of the other BIGNUMs that got passed, but > it doesn't say so for BN_sub(). So one could also argue that > proba

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

2015-10-19 Thread Kurt Roeckx via RT
On Mon, Oct 19, 2015 at 03:55:09PM +, Pascal Cuoq via RT wrote: > > One actual sequence for which the pointers ap and rp end up being identical > is as follows: > > 1/ probable_prime_dh_safe calls BN_sub(q, q, t1) > > 2/ in BN_sub, r and a are then aliases > > 3/ BN_sub calls BN_usub(r, a,

Re: [openssl-dev] [openssl.org #4094] Nonsensical pointer comparison in PACKET_buf_init

2015-10-16 Thread Kurt Roeckx via RT
On Fri, Oct 16, 2015 at 09:44:22PM +, Kaduk, Ben via RT wrote: > On 10/16/2015 04:35 PM, Kurt Roeckx via RT wrote: > > On Fri, Oct 16, 2015 at 06:50:36PM +0000, Kurt Roeckx via RT wrote: > >> On Fri, Oct 16, 2015 at 04:50:59PM +, Matt Caswell via RT wrote: > >>

Re: [openssl-dev] [openssl.org #4094] Nonsensical pointer comparison in PACKET_buf_init

2015-10-16 Thread Kurt Roeckx via RT
On Fri, Oct 16, 2015 at 06:50:36PM +, Kurt Roeckx via RT wrote: > On Fri, Oct 16, 2015 at 04:50:59PM +, Matt Caswell via RT wrote: > > In a well-behaved program there is no undefined behaviour. The "buf + > > len < buf" check will always evaluate to false, so

Re: [openssl-dev] [openssl.org #4094] Nonsensical pointer comparison in PACKET_buf_init

2015-10-16 Thread Kurt Roeckx via RT
On Fri, Oct 16, 2015 at 04:50:59PM +, Matt Caswell via RT wrote: > In a well-behaved program there is no undefined behaviour. The "buf + > len < buf" check will always evaluate to false, so in that sense is > useless but it *is* well defined. The defined behaviour for the "buf + len" part is a

Re: [openssl-dev] [openssl.org #4094] Nonsensical pointer comparison in PACKET_buf_init

2015-10-16 Thread Kurt Roeckx
On Fri, Oct 16, 2015 at 04:50:59PM +, Matt Caswell via RT wrote: > In a well-behaved program there is no undefined behaviour. The "buf + > len < buf" check will always evaluate to false, so in that sense is > useless but it *is* well defined. The defined behaviour for the "buf + len" part is a

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

2015-10-16 Thread Kurt Roeckx via RT
On Fri, Oct 16, 2015 at 08:53:06AM +, Matt Caswell via RT wrote: > > So now I really don't know what the "right" way forward is. Should we be > applying the patch or not? Has anybody contact Oracle about this issue? It seems useful that they fix it on their end, regardless of what we do. K

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

2015-10-12 Thread Kurt Roeckx via RT
On Mon, Oct 12, 2015 at 06:54:46PM +, Matt Caswell via RT wrote: > > > On 12/10/15 19:11, Kurt Roeckx via RT wrote: > > On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote: > >> > >> Having done some more digging it seems the problem only o

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

2015-10-12 Thread Kurt Roeckx via RT
On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote: > > Having done some more digging it seems the problem only occurs if you > get the initial handshake, following by a second reneg handshake *and* > interleaved app data all within the scope of a *single* SSL_read call. > AFAICT

Re: [openssl-dev] [openssl.org #4089] NULL ciphersuites do not work in master

2015-10-11 Thread Kurt Roeckx via RT
On Sun, Oct 11, 2015 at 05:54:16PM +, Dmitry Belyavsky via RT wrote: > Hello! > > When I debug, I see that the cipher is forbidden by > the ssl_security_default_callback function because of not enough security > bits. You can change the security level by using: -cipher NULL-SHA256@SECLEVEL=0

Re: [openssl-dev] [openssl.org #3891] [PATCH] Fix undefined behavior executed through OpenSSL tests

2015-10-08 Thread Kurt Roeckx via RT
On Thu, Oct 08, 2015 at 01:36:07PM +, Pascal Cuoq via RT wrote: > > - ssl_locl.h.patch: I don't see a struct timeval > > crypto/x509v3/v3_scts.c. Does this comment still apply? Maybe > > we fixed the issue in some other way. > > Sorry, this comment was unnecessarily confusing. > > What we

Re: [openssl-dev] [openssl.org #4080] Malformed Client Hello messages are accepted (session_id length)

2015-10-08 Thread Kurt Roeckx
On Thu, Oct 08, 2015 at 05:19:06PM +, Alessandro Ghedini via RT wrote: > The problem most likely happens with SSLv2 backwards compatible ClientHello as > well, but that seems to be easier to fix... or maybe it's time to just drop > that compatibility code for v1.1? I would love to have dropped

Re: [openssl-dev] [openssl.org #4080] Malformed Client Hello messages are accepted (session_id length)

2015-10-08 Thread Kurt Roeckx via RT
On Thu, Oct 08, 2015 at 05:19:06PM +, Alessandro Ghedini via RT wrote: > The problem most likely happens with SSLv2 backwards compatible ClientHello as > well, but that seems to be easier to fix... or maybe it's time to just drop > that compatibility code for v1.1? I would love to have dropped

Re: [openssl-dev] [openssl.org #3891] [PATCH] Fix undefined behavior executed through OpenSSL tests

2015-10-07 Thread Kurt Roeckx via RT
On Tue, Jun 02, 2015 at 03:50:19PM +0200, Pascal Cuoq via RT wrote: > The attached archive contains a collection of patches for undefined behaviors > that happen while the tests in directory tests/ are executed, with a recent > (as of June 2015) OpenSSL git version. > > Each undefined behavior rea

Re: [openssl-dev] [openssl.org #4065] Re: Client Hello longer than 2^14 bytes are rejected

2015-09-25 Thread Kurt Roeckx via RT
On Fri, Sep 25, 2015 at 04:23:27PM +, Hubert Kario via RT wrote: > > Given that TLSv1.3 has a 1RTT mode planned (so Client Key Exchange ends > up as an extension, possibly multiple ones), and that quantum computing > resistant algorithms usually require fairly large key sizes (large > enoug

<    1   2   3   4   5   6   7   >