[openssl/openssl] e50931: Only free the read buffers if we're not using them
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: e5093133c35ca82874ad83697af76f4b0f7e3bd8 https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 38690cab18de88198f46478565fab423cf534efa) Commit: d9dd9afc9354e739954f55db85af7401ec9ca6ba https://github.com/openssl/openssl/commit/d9dd9afc9354e739954f55db85af7401ec9ca6ba Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Set rl->packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rl->packet pointer to NULL after we free it. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit bfb8128190632092b3a66465838b87b469455cec) Commit: 84e02300f343ac783d00b3c7f507416e45767900 https://github.com/openssl/openssl/commit/84e02300f343ac783d00b3c7f507416e45767900 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Extend the SSL_free_buffers testing Test that attempting to free the buffers at points where they should not be freed works as expected. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 566f3069169b9fab4fbb23da98c3c91730dd5209) Commit: 359b18de5b034fae1f876049875b6fdad002bc5f https://github.com/openssl/openssl/commit/359b18de5b034fae1f876049875b6fdad002bc5f Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/sslapitest.c Log Message: --- Move the ability to load the dasync engine into ssltestlib.c The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 05752478df623a9ddf849f897b630c1e0728cb7c) Commit: 9c5ccb6c950989c42bc0426cd86f35fea308a525 https://github.com/openssl/openssl/commit/9c5ccb6c950989c42bc0426cd86f35fea308a525 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Further extend the SSL_free_buffers testing We extend the testing to test what happens when pipelining is in use. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab) Compare: https://github.com/openssl/openssl/compare/f84622c7e7f8...9c5ccb6c9509 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] c88c3d: Only free the read buffers if we're not using them
Branch: refs/heads/openssl-3.2 Home: https://github.com/openssl/openssl Commit: c88c3de51020c37e8706bf7a682a162593053aac https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 38690cab18de88198f46478565fab423cf534efa) Commit: 10171e5b511b700c5ecd4fd3e1086b19c34b1ae3 https://github.com/openssl/openssl/commit/10171e5b511b700c5ecd4fd3e1086b19c34b1ae3 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Set rl->packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rl->packet pointer to NULL after we free it. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit bfb8128190632092b3a66465838b87b469455cec) Commit: ec87bc54c8ccc13caa29bc7f74ae84d78ffa1f5e https://github.com/openssl/openssl/commit/ec87bc54c8ccc13caa29bc7f74ae84d78ffa1f5e Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Extend the SSL_free_buffers testing Test that attempting to free the buffers at points where they should not be freed works as expected. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 566f3069169b9fab4fbb23da98c3c91730dd5209) Commit: d0f5a122ba271c9c848e16970249f61b3fc11b2b https://github.com/openssl/openssl/commit/d0f5a122ba271c9c848e16970249f61b3fc11b2b Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/sslapitest.c Log Message: --- Move the ability to load the dasync engine into ssltestlib.c The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 05752478df623a9ddf849f897b630c1e0728cb7c) Commit: d03e6fdf54ea41fb35e0499134eb3a7f831b https://github.com/openssl/openssl/commit/d03e6fdf54ea41fb35e0499134eb3a7f831b Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Further extend the SSL_free_buffers testing We extend the testing to test what happens when pipelining is in use. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab) Compare: https://github.com/openssl/openssl/compare/17765d9cefed...d03e6fdf54ea To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 704f72: Only free the read buffers if we're not using them
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 704f725b96aa373ee45ecfb23f6abfe8be8d9177 https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177 Author: Watson Ladd Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/ssl_lib.c Log Message: --- Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/24395) Commit: d146349171101dec3a876c13eb7a6dea32ba62ba https://github.com/openssl/openssl/commit/d146349171101dec3a876c13eb7a6dea32ba62ba Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/rec_layer_s3.c M ssl/record/ssl3_buffer.c Log Message: --- Set rlayer.packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rlayer.packet pointer to NULL after we free it. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: 4238abc17d44383592f92d6254d89dac806ee76b https://github.com/openssl/openssl/commit/4238abc17d44383592f92d6254d89dac806ee76b Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Extend the SSL_free_buffers testing Test that attempting to free the buffers at points where they should not be freed works as expected. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: 0544c21a22f4d787e6f31d35e8f980402ac90a6d https://github.com/openssl/openssl/commit/0544c21a22f4d787e6f31d35e8f980402ac90a6d Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/sslapitest.c Log Message: --- Move the ability to load the dasync engine into ssltestlib.c The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: 6972d5ace1275faf404e7a53e806861962f4121c https://github.com/openssl/openssl/commit/6972d5ace1275faf404e7a53e806861962f4121c Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Further extend the SSL_free_buffers testing We extend the testing to test what happens when pipelining is in use. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Compare: https://github.com/openssl/openssl/compare/eb1b744102ae...6972d5ace127 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] b3f0eb: Only free the read buffers if we're not using them
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d Author: Watson Ladd Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/ssl_lib.c Log Message: --- Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 704f725b96aa373ee45ecfb23f6abfe8be8d9177) Commit: 2d05959073c4bf8803401668b9df85931a08e020 https://github.com/openssl/openssl/commit/2d05959073c4bf8803401668b9df85931a08e020 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/rec_layer_s3.c M ssl/record/ssl3_buffer.c Log Message: --- Set rlayer.packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rlayer.packet pointer to NULL after we free it. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit d146349171101dec3a876c13eb7a6dea32ba62ba) Commit: 6fef334f914abfcd988e53a32d19f01d84529f74 https://github.com/openssl/openssl/commit/6fef334f914abfcd988e53a32d19f01d84529f74 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Extend the SSL_free_buffers testing Test that attempting to free the buffers at points where they should not be freed works as expected. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 4238abc17d44383592f92d6254d89dac806ee76b) Commit: 1359c00e683840154760b7ba9204bad1b13dc074 https://github.com/openssl/openssl/commit/1359c00e683840154760b7ba9204bad1b13dc074 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/sslapitest.c Log Message: --- Move the ability to load the dasync engine into ssltestlib.c The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 0544c21a22f4d787e6f31d35e8f980402ac90a6d) Commit: d095674320c84b8ed1250715b1dd5ce05f9f267b https://github.com/openssl/openssl/commit/d095674320c84b8ed1250715b1dd5ce05f9f267b Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Further extend the SSL_free_buffers testing We extend the testing to test what happens when pipelining is in use. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) (cherry picked from commit 6972d5ace1275faf404e7a53e806861962f4121c) Compare: https://github.com/openssl/openssl/compare/ec559c2a6cca...d095674320c8 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 38690c: Only free the read buffers if we're not using them
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 38690cab18de88198f46478565fab423cf534efa https://github.com/openssl/openssl/commit/38690cab18de88198f46478565fab423cf534efa Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Only free the read buffers if we're not using them If we're part way through processing a record, or the application has not released all the records then we should not free our buffer because they are still needed. CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: bfb8128190632092b3a66465838b87b469455cec https://github.com/openssl/openssl/commit/bfb8128190632092b3a66465838b87b469455cec Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Set rl->packet to NULL after we've finished using it In order to ensure we do not have a UAF we reset the rl->packet pointer to NULL after we free it. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: 566f3069169b9fab4fbb23da98c3c91730dd5209 https://github.com/openssl/openssl/commit/566f3069169b9fab4fbb23da98c3c91730dd5209 Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Extend the SSL_free_buffers testing Test that attempting to free the buffers at points where they should not be freed works as expected. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: 05752478df623a9ddf849f897b630c1e0728cb7c https://github.com/openssl/openssl/commit/05752478df623a9ddf849f897b630c1e0728cb7c Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/sslapitest.c Log Message: --- Move the ability to load the dasync engine into ssltestlib.c The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Commit: c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab https://github.com/openssl/openssl/commit/c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab Author: Matt Caswell Date: 2024-05-28 (Tue, 28 May 2024) Changed paths: M test/sslbuffertest.c Log Message: --- Further extend the SSL_free_buffers testing We extend the testing to test what happens when pipelining is in use. Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/24395) Compare: https://github.com/openssl/openssl/compare/da9342ed5eda...c1bd38a003fa To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 50153a: Suppress a spurious error from the sysdefault test
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 50153ad2bb767a6e79e5c0c569f136f723a32700 https://github.com/openssl/openssl/commit/50153ad2bb767a6e79e5c0c569f136f723a32700 Author: Matt Caswell Date: 2024-05-15 (Wed, 15 May 2024) Changed paths: M test/recipes/90-test_sysdefault.t M test/sysdefaulttest.c Log Message: --- Suppress a spurious error from the sysdefault test Running the sysdefault test results in spurious error output - even though the test has actually passed Fixes #24383 Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24384) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] a14f15: Use OSSL_TIME instead of using arithmetic directly...
Branch: refs/heads/openssl-3.2 Home: https://github.com/openssl/openssl Commit: a14f15da406799f86eb4fff16356ab38f03893b9 https://github.com/openssl/openssl/commit/a14f15da406799f86eb4fff16356ab38f03893b9 Author: Matt Caswell Date: 2024-05-07 (Tue, 07 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Use OSSL_TIME instead of using arithmetic directly on time_t We have functions for adding/subtracting time. We should use them. Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24319) Commit: 9583f3fefdaf4fe60e51f06ccdba1c67e30d8341 https://github.com/openssl/openssl/commit/9583f3fefdaf4fe60e51f06ccdba1c67e30d8341 Author: Matt Caswell Date: 2024-05-07 (Tue, 07 May 2024) Changed paths: M test/build.info M test/sslapitest.c Log Message: --- Fix intermittent sslapitest early data related failures Early data is time sensitive. We have an approx 8 second allowance between writing the early data and reading it. If we exceed that time tests will fail. This can sometimes (rarely) occur in normal CI operation. We can try and detect this and just ignore the result of such test failures if the test has taken too long. We assume anything over 7 seconds is too long. This is a partial fix for #22605 Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24319) Compare: https://github.com/openssl/openssl/compare/63158eb2419c...9583f3fefdaf To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] ee2b7d: Fix intermittent sslapitest early data related fai...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: ee2b7d5264d9e5498393744e9355dc8b735ab237 https://github.com/openssl/openssl/commit/ee2b7d5264d9e5498393744e9355dc8b735ab237 Author: Matt Caswell Date: 2024-05-07 (Tue, 07 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Fix intermittent sslapitest early data related failures Early data is time sensitive. We have an approx 8 second allowance between writing the early data and reading it. If we exceed that time tests will fail. This can sometimes (rarely) occur in normal CI operation. We can try and detect this and just ignore the result of such test failures if the test has taken too long. We assume anything over 7 seconds is too long. This is a partial fix for #22605 Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24320) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 87e08b: Fix intermittent sslapitest early data related fai...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 87e08b7526c8af86675aa34f783501d09911c16b https://github.com/openssl/openssl/commit/87e08b7526c8af86675aa34f783501d09911c16b Author: Matt Caswell Date: 2024-05-07 (Tue, 07 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Fix intermittent sslapitest early data related failures Early data is time sensitive. We have an approx 8 second allowance between writing the early data and reading it. If we exceed that time tests will fail. This can sometimes (rarely) occur in normal CI operation. We can try and detect this and just ignore the result of such test failures if the test has taken too long. We assume anything over 7 seconds is too long. This is a partial fix for #22605 Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24320) (cherry picked from commit ee2b7d5264d9e5498393744e9355dc8b735ab237) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] c8dddc: Add a test for the session_secret_cb
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: c8dddc61d49f84d1667de97e9548f07ccc92dddf https://github.com/openssl/openssl/commit/c8dddc61d49f84d1667de97e9548f07ccc92dddf Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0 https://github.com/openssl/openssl/commit/91c7ab27cebe4e6f6a6376e0a691736a2534fdd0 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: aecaaccaf93c4b36dd830accf08f2175059c5782 https://github.com/openssl/openssl/commit/aecaaccaf93c4b36dd830accf08f2175059c5782 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3 https://github.com/openssl/openssl/commit/97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Compare: https://github.com/openssl/openssl/compare/327261c076b8...97c6489b39c9 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 5cb2a8: Add a test for the session_secret_cb
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: 5cb2a8fcc91b7b9bfffc70695df1bef29b495a60 https://github.com/openssl/openssl/commit/5cb2a8fcc91b7b9bfffc70695df1bef29b495a60 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit c8dddc61d49f84d1667de97e9548f07ccc92dddf) Commit: 9919027446dd8bb0cf5aad7d9580c32782f2d253 https://github.com/openssl/openssl/commit/9919027446dd8bb0cf5aad7d9580c32782f2d253 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0) Commit: 5cd860825061dc8cb7ef666ea7ec8c51999a5553 https://github.com/openssl/openssl/commit/5cd860825061dc8cb7ef666ea7ec8c51999a5553 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782) Commit: 287165f1b7ce0193378b9365e675edd69fc289c4 https://github.com/openssl/openssl/commit/287165f1b7ce0193378b9365e675edd69fc289c4 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3) Compare: https://github.com/openssl/openssl/compare/168e49b5ab9e...287165f1b7ce To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 6f8ebf: Add a test for the session_secret_cb
Branch: refs/heads/openssl-3.2 Home: https://github.com/openssl/openssl Commit: 6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71 https://github.com/openssl/openssl/commit/6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit c8dddc61d49f84d1667de97e9548f07ccc92dddf) Commit: 8cdda690348d281abb75b787a436cd1c9462a9fd https://github.com/openssl/openssl/commit/8cdda690348d281abb75b787a436cd1c9462a9fd Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0) Commit: 6e526a0d987912891220617d682170976185cb5b https://github.com/openssl/openssl/commit/6e526a0d987912891220617d682170976185cb5b Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782) Commit: a79636d3aca7e996c2dc056a020488ea1fa396b1 https://github.com/openssl/openssl/commit/a79636d3aca7e996c2dc056a020488ea1fa396b1 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3) Compare: https://github.com/openssl/openssl/compare/a0f6e1f26287...a79636d3aca7 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] eb3b90: Use OSSL_TIME instead of using arithmetic directly...
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: eb3b903af9b8de754f198a4ea5ea239f3721e3ee https://github.com/openssl/openssl/commit/eb3b903af9b8de754f198a4ea5ea239f3721e3ee Author: Matt Caswell Date: 2024-05-01 (Wed, 01 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Use OSSL_TIME instead of using arithmetic directly on time_t We have functions for adding/subtracting time. We should use them. Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/23966) (cherry picked from commit afb6ce0d0f5b8e88f8b4f420aba0a8e59f58934f) Commit: 91d5fd54ee3ad87b5d3a57668e8dc9495d72bab6 https://github.com/openssl/openssl/commit/91d5fd54ee3ad87b5d3a57668e8dc9495d72bab6 Author: Matt Caswell Date: 2024-05-01 (Wed, 01 May 2024) Changed paths: M test/build.info M test/sslapitest.c Log Message: --- Fix intermittent sslapitest early data related failures Early data is time sensitive. We have an approx 8 second allowance between writing the early data and reading it. If we exceed that time tests will fail. This can sometimes (rarely) occur in normal CI operation. We can try and detect this and just ignore the result of such test failures if the test has taken too long. We assume anything over 7 seconds is too long. This is a partial fix for #22605 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/23966) (cherry picked from commit 1848c561ec39a9ea91ff1bf740a554be274f98b0) Compare: https://github.com/openssl/openssl/compare/bbae0c9f05f3...91d5fd54ee3a To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] afb6ce: Use OSSL_TIME instead of using arithmetic directly...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: afb6ce0d0f5b8e88f8b4f420aba0a8e59f58934f https://github.com/openssl/openssl/commit/afb6ce0d0f5b8e88f8b4f420aba0a8e59f58934f Author: Matt Caswell Date: 2024-05-01 (Wed, 01 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Use OSSL_TIME instead of using arithmetic directly on time_t We have functions for adding/subtracting time. We should use them. Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/23966) Commit: 1848c561ec39a9ea91ff1bf740a554be274f98b0 https://github.com/openssl/openssl/commit/1848c561ec39a9ea91ff1bf740a554be274f98b0 Author: Matt Caswell Date: 2024-05-01 (Wed, 01 May 2024) Changed paths: M test/build.info M test/sslapitest.c Log Message: --- Fix intermittent sslapitest early data related failures Early data is time sensitive. We have an approx 8 second allowance between writing the early data and reading it. If we exceed that time tests will fail. This can sometimes (rarely) occur in normal CI operation. We can try and detect this and just ignore the result of such test failures if the test has taken too long. We assume anything over 7 seconds is too long. This is a partial fix for #22605 Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/23966) Compare: https://github.com/openssl/openssl/compare/af75373eeab6...1848c561ec39 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 31efcf: Fix the ceiling on how much encryption growth we c...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 31efcf2c872f8f4d09ad5209ccbf1ada73436775 https://github.com/openssl/openssl/commit/31efcf2c872f8f4d09ad5209ccbf1ada73436775 Author: Matt Caswell Date: 2022-12-05 (Mon, 05 Dec 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Fix the ceiling on how much encryption growth we can have Stitched ciphersuites can grow by more during encryption than the code allowed for. We fix the calculation and add an assert to check we go it right. Also if we are adding the MAC independently of the cipher algorithm then the encryption growth will not include that MAC so we should remove it from the amount of bytes that we reserve for that growth. Otherwise we might exceed our buffer size and the WPACKET_reserve operation will fail. Note that this is not a security issue. Even though we can overflow the amount of bytes reserved in the WPACKET for the encryption, the underlying buffer is still big enough. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19585)
[openssl/openssl] 2fcf42: Drop a spurious printf in evp_test.c
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 2fcf42c062cf4aca157f0bd30e7a03f0ed752600 https://github.com/openssl/openssl/commit/2fcf42c062cf4aca157f0bd30e7a03f0ed752600 Author: Matt Caswell Date: 2022-12-05 (Mon, 05 Dec 2022) Changed paths: M test/evp_test.c Log Message: --- Drop a spurious printf in evp_test.c A spurious printf was added to evp_test.c - probably for debugging purposes. This actually causes runtime errors in some cases because the name being printed can be NULL. Fixes #19814 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19820) (cherry picked from commit 12c20c5486b6440a9b667c93f130a8fdea029b81)
[openssl/openssl] 12c20c: Drop a spurious printf in evp_test.c
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 12c20c5486b6440a9b667c93f130a8fdea029b81 https://github.com/openssl/openssl/commit/12c20c5486b6440a9b667c93f130a8fdea029b81 Author: Matt Caswell Date: 2022-12-05 (Mon, 05 Dec 2022) Changed paths: M test/evp_test.c Log Message: --- Drop a spurious printf in evp_test.c A spurious printf was added to evp_test.c - probably for debugging purposes. This actually causes runtime errors in some cases because the name being printed can be NULL. Fixes #19814 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19820)
[openssl/openssl] 14c593: Don't set cancel state/type
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 14c593e0034ddb9ca68f4a8e06b251afa127c6d0 https://github.com/openssl/openssl/commit/14c593e0034ddb9ca68f4a8e06b251afa127c6d0 Author: Matt Caswell Date: 2022-12-01 (Thu, 01 Dec 2022) Changed paths: M crypto/thread/arch/thread_posix.c Log Message: --- Don't set cancel state/type pthread_cancel() is never called by OpenSSL. Therefore this is no point in setting the cancel state/type. The functions to set the cancel state/type are not supported on Android and result in compilation failures. Therefore we remove these calls completely. Fixes #19559 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19779)
[openssl/openssl] ee2462: Refactor: a separate func for provider activation ...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: ee246234bf591cd2a9779a4ad3a2ee3c53848213 https://github.com/openssl/openssl/commit/ee246234bf591cd2a9779a4ad3a2ee3c53848213 Author: Dmitry Belyavskiy Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M crypto/provider_conf.c Log Message: --- Refactor: a separate func for provider activation from config Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17099) (cherry picked from commit 07ba69483a7d8005a53284cbde55b9dac8c5c554) Commit: 8436ef8bdb96c0a977a15ec707d28404d97c3a6c https://github.com/openssl/openssl/commit/8436ef8bdb96c0a977a15ec707d28404d97c3a6c Author: Hugo Landau Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M crypto/bio/bss_core.c M crypto/context.c M crypto/core_namemap.c M crypto/encode_decode/decoder_meth.c M crypto/encode_decode/encoder_meth.c M crypto/evp/evp_fetch.c M crypto/initthread.c M crypto/property/defn_cache.c M crypto/property/property.c M crypto/property/property_string.c M crypto/provider_child.c M crypto/provider_conf.c M crypto/provider_core.c M crypto/rand/rand_lib.c M crypto/self_test_core.c M crypto/store/store_meth.c M doc/internal/man3/ossl_lib_ctx_get_data.pod A include/crypto/context.h M include/internal/cryptlib.h M providers/fips/fipsprov.c M providers/implementations/rands/crngt.c M providers/implementations/rands/drbg.c M test/context_internal_test.c Log Message: --- Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized eagerly rather than lazily, which avoids the need for locking on access in most cases. Fixes #17116. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17881) (cherry picked from commit 927d0566ded0dff9d6c5abc8a40bb84068446b76) Commit: a48081ac606c7bbce5e3adad7ad2d6dfc1b4f215 https://github.com/openssl/openssl/commit/a48081ac606c7bbce5e3adad7ad2d6dfc1b4f215 Author: Tomas Mraz Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M crypto/params.c Log Message: --- OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17997) (cherry picked from commit 327a720d5dd011b853acbdd0223933f6ecd22928) Commit: 519481c7748dded8577164f137f62ecd9424b7be https://github.com/openssl/openssl/commit/519481c7748dded8577164f137f62ecd9424b7be Author: Todd C. Miller Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M Configurations/10-main.conf Log Message: --- Add -static-libgcc to solaris-sparcv7-gcc shared_ldflag This avoids a run-time dependency on libgcc_s.so which may not be present on all systems. OpenSSL already uses -static-libgcc for the solaris-x86-gcc and solaris64-x86_64-gcc configurations. CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/14538) (cherry picked from commit 1c529128f53ed1cb33a829dafe7fb4201c7ce69a) Commit: 553e125aff68274e9a5883fd7d51a7c57e60734e https://github.com/openssl/openssl/commit/553e125aff68274e9a5883fd7d51a7c57e60734e Author: Hugo Landau Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M crypto/context.c M include/internal/cryptlib.h Log Message: --- Remove unused libctx functions (runonce, onfree) Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18031) (cherry picked from commit ed7c64fc540c5808efe4092465af1147c76555a1) Commit: 2535075bf0bd1a599a7f483d06b3ef019104ee7c https://github.com/openssl/openssl/commit/2535075bf0bd1a599a7f483d06b3ef019104ee7c Author: Daniel Hu Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: M crypto/evp/e_sm4.c A crypto/sm4/asm/vpsm4-armv8.pl M crypto/sm4/build.info M include/crypto/sm4_platform.h M providers/implementations/ciphers/cipher_sm4_gcm_hw.c M providers/implementations/ciphers/cipher_sm4_hw.c Log Message: --- SM4 optimization for ARM by ASIMD This patch optimizes SM4 for ARM processor using ASIMD instruction It will improve performance if both of following conditions are met: 1) Input data equal to or more than 4 blocks 2) Cipher mode allows parallelism, including ECB,CTR,GCM or CBC decryption This patch implements SM4 SBOX lookup in vector registers, with the benefit of constant processing time over existing C implementation. It is only enabled for micro-architecture N1/V1. In the ideal scenario, performance can reach up to 2.7X When either
[openssl/openssl] 88113f: Design document for the QUIC-TLS integration
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 88113f5dc6828694820d39612c3a760e386a0aa5 https://github.com/openssl/openssl/commit/88113f5dc6828694820d39612c3a760e386a0aa5 Author: Matt Caswell Date: 2022-11-21 (Mon, 21 Nov 2022) Changed paths: A doc/designs/quic-design/quic-tls.md Log Message: --- Design document for the QUIC-TLS integration Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19683)
[openssl/openssl] 14b544: Add a record layer design document
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 14b54475d141bf92390934a30ff406a0551e36e9 https://github.com/openssl/openssl/commit/14b54475d141bf92390934a30ff406a0551e36e9 Author: Matt Caswell Date: 2022-11-18 (Fri, 18 Nov 2022) Changed paths: A doc/designs/quic-design/record-layer.md Log Message: --- Add a record layer design document Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/17969) Commit: 48cc4e0c2046624c28d431ac51cdfce1a6e6a597 https://github.com/openssl/openssl/commit/48cc4e0c2046624c28d431ac51cdfce1a6e6a597 Author: Matt Caswell Date: 2022-11-18 (Fri, 18 Nov 2022) Changed paths: M doc/designs/quic-design/record-layer.md Log Message: --- Update the record layer design based on implementation experience Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/17969) Compare: https://github.com/openssl/openssl/compare/5e38e0acf4e1...48cc4e0c2046
[openssl/openssl] 3d004c: Use the same encryption growth macro consistently
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 3d004cefec5135a3b080dc898d7f7d5452ef309f https://github.com/openssl/openssl/commit/3d004cefec5135a3b080dc898d7f7d5452ef309f Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Use the same encryption growth macro consistently We had two different macros for calculating the potential growth due to encryption. The macro we use for allocating the underlying buffer should be the same one that we use for reserving bytes for encryption growth. Also if we are adding the MAC independently of the cipher algorithm then the encryption growth will not include that MAC so we should remove it from the amount of bytes that we reserve for that growth. Otherwise we might exceed our buffer size and the WPACKET_reserve operation will fail. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19264)
[openssl/openssl] bb0190: Use the same encryption growth macro consistently
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: bb0190e8a4d43d06a8ba6e6fca68571b4c3361a5 https://github.com/openssl/openssl/commit/bb0190e8a4d43d06a8ba6e6fca68571b4c3361a5 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Use the same encryption growth macro consistently We had two different macros for calculating the potential growth due to encryption. The macro we use for allocating the underlying buffer should be the same one that we use for reserving bytes for encryption growth. Also if we are adding the MAC independently of the cipher algorithm then the encryption growth will not include that MAC so we should remove it from the amount of bytes that we reserve for that growth. Otherwise we might exceed our buffer size and the WPACKET_reserve operation will fail. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19264) (cherry picked from commit 3d004cefec5135a3b080dc898d7f7d5452ef309f)
[openssl/openssl] 732435: Resolve a TODO in ssl3_dispatch_alert
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 732435026b0141063084fb68c076bc1c9fd9bee8 https://github.com/openssl/openssl/commit/732435026b0141063084fb68c076bc1c9fd9bee8 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/d1_msg.c M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/s3_lib.c M ssl/s3_msg.c M ssl/ssl_lib.c M ssl/ssl_local.h Log Message: --- Resolve a TODO in ssl3_dispatch_alert Properly handle the case where there is pending write data and we want to send an alert. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19550) Commit: cbf965b4f3ba8567624767239aebe4d04c62558a https://github.com/openssl/openssl/commit/cbf965b4f3ba8567624767239aebe4d04c62558a Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M test/sslapitest.c Log Message: --- Test SSL_shutdown() with async writes As well as SSL_shutdown() itself this excercises the async write paths in ssl3_dispatch_alert(). Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19550) Compare: https://github.com/openssl/openssl/compare/6f3072212c2d...cbf965b4f3ba
[openssl/openssl] f471f6: Remove remaining refs to enc_(write|read)_ctx/(rea...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: f471f60a8adcbb72314be974f6bc320943786b96 https://github.com/openssl/openssl/commit/f471f60a8adcbb72314be974f6bc320943786b96 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/ssl_lib.c M ssl/ssl_local.h M ssl/statem/statem_clnt.c Log Message: --- Remove remaining refs to enc_(write|read)_ctx/(read|write)_hash Those fields are no longer used. Their previous function is now in the new record layer. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: 6d814fd6074b5f293abc3f19a190d3e34c426b6a https://github.com/openssl/openssl/commit/6d814fd6074b5f293abc3f19a190d3e34c426b6a Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/ssl_lib.c M ssl/ssl_local.h Log Message: --- Remove compress/expand fields from SSL_CONNECTION They are no longer needed. The new record layer handles this. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: b83eac48ed44afecd0d392c2fa055d345578078d https://github.com/openssl/openssl/commit/b83eac48ed44afecd0d392c2fa055d345578078d Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/ssl_local.h M ssl/tls13_enc.c Log Message: --- Remove the read_iv/write_iv fields from SSL_CONNECTION These fields are instead held in the new record layer code and are therefore no longer needed. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: 1e42708e175f1453bd12f4632fbc0c61bade4e81 https://github.com/openssl/openssl/commit/1e42708e175f1453bd12f4632fbc0c61bade4e81 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/ssl_local.h M ssl/statem/statem_dtls.c Log Message: --- Remove references to read_mac_secret and write_mac_secret They are no longer used and can be removed. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: c89c21f8f59d4973b7ccda6d6aaa2756636e2121 https://github.com/openssl/openssl/commit/c89c21f8f59d4973b7ccda6d6aaa2756636e2121 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/build.info M ssl/record/methods/build.info A ssl/record/methods/tls_pad.c R ssl/record/tls_pad.c Log Message: --- Move tls_pad.c into ssl/record/methods This file is used by libssl record layer methods and therefore should now be in the methods subdir Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: 23c57f001d997b939f9b7c76ffbf9e81a16b0141 https://github.com/openssl/openssl/commit/23c57f001d997b939f9b7c76ffbf9e81a16b0141 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/build.info M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/record_local.h R ssl/record/ssl3_record.c Log Message: --- Move declarations out of record.h and record_local.h We move many of the declarations in record.h and record_local.h into locations inside ssl/record/methods instead. Also many declarations were no longer required and could be removed completely. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: e9189cc4af045523f91b2d9265add1ab1326fcdf https://github.com/openssl/openssl/commit/e9189cc4af045523f91b2d9265add1ab1326fcdf Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tls_multib.c M util/indent.pro Log Message: --- Rename SSL3_BUFFER to TLS_BUFFER The SSL3 prefix no longer seems appropriate. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19586) Commit: 22094d11a780f7485f0929ccfac806e0d02f82a9 https://github.com/openssl/openssl/commit/22094d11a780f7485f0929ccfac806e0d02f82a9 Author: Matt Caswell Date: 2022-11-14 (Mon, 14 Nov 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record
[openssl/openssl] ecacbc: Use the same encryption growth macro consistently
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: ecacbc5e3c48901417e8e05bbf1d29df78610607 https://github.com/openssl/openssl/commit/ecacbc5e3c48901417e8e05bbf1d29df78610607 Author: Matt Caswell Date: 2022-11-07 (Mon, 07 Nov 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Use the same encryption growth macro consistently We had two different macros for calculating the potential growth due to encryption. The macro we use for allocating the underlying buffer should be the same one that we use for reserving bytes for encryption growth. Also if we are adding the MAC independently of the cipher algorithm then the encryption growth will not include that MAC so we should remove it from the amount of bytes that we reserve for that growth. Otherwise we might exceed our buffer size and the WPACKET_reserve operation will fail. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19622)
[openssl/openssl] 830eae: Fix the ceiling on how much encryption growth we c...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 830eae60a61876a5bcd267f47e224269852dcc29 https://github.com/openssl/openssl/commit/830eae60a61876a5bcd267f47e224269852dcc29 Author: Matt Caswell Date: 2022-11-07 (Mon, 07 Nov 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Fix the ceiling on how much encryption growth we can have Stitched ciphersuites can grow by more during encryption than the code allowed for. We fix the calculation and add an assert to check we go it right. Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19516) Commit: b05fbac1fc4f9c54a4e7a71728396e8f1b18707e https://github.com/openssl/openssl/commit/b05fbac1fc4f9c54a4e7a71728396e8f1b18707e Author: Matt Caswell Date: 2022-11-07 (Mon, 07 Nov 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls_common.c M ssl/t1_enc.c Log Message: --- Fix dtls_get_max_record_overhead() We fix dtls_get_max_record_overhead() to give a better value for the max record overhead. We can't realistically handle the compression case so we just ignore that. Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19516) Commit: 351ad225b3758f96a5875eb11ac3acda006a1c00 https://github.com/openssl/openssl/commit/351ad225b3758f96a5875eb11ac3acda006a1c00 Author: Matt Caswell Date: 2022-11-07 (Mon, 07 Nov 2022) Changed paths: M ssl/statem/statem_dtls.c Log Message: --- Assert that we do not exceed the DTLS MTU Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19516) Compare: https://github.com/openssl/openssl/compare/3840271e9840...351ad225b375
[openssl/openssl] f8e6dd: Fix the ceiling on how much encryption growth we c...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: f8e6dda7b7c2d9456ca3b175ac6aa0d0b9bc84b0 https://github.com/openssl/openssl/commit/f8e6dda7b7c2d9456ca3b175ac6aa0d0b9bc84b0 Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Fix the ceiling on how much encryption growth we can have Stitched ciphersuites can grow by more during encryption than the code allowed for. We fix the calculation and add an assert to check we go it right. Note that this is not a security issue. Even though we can overflow the amount of bytes reserved in the WPACKET for the encryption, the underlying buffer is still big enough. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19517) (cherry picked from commit eaa206007322ab0b1eaf9f83485e56deafc9df80)
[openssl/openssl] eaa206: Fix the ceiling on how much encryption growth we c...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: eaa206007322ab0b1eaf9f83485e56deafc9df80 https://github.com/openssl/openssl/commit/eaa206007322ab0b1eaf9f83485e56deafc9df80 Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Fix the ceiling on how much encryption growth we can have Stitched ciphersuites can grow by more during encryption than the code allowed for. We fix the calculation and add an assert to check we go it right. Note that this is not a security issue. Even though we can overflow the amount of bytes reserved in the WPACKET for the encryption, the underlying buffer is still big enough. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19517)
[openssl/openssl] b718f6: Add a test for TLS pipelining
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: b718f6fcc4bbf48cfc6ab3fa64e6cb95453299b3 https://github.com/openssl/openssl/commit/b718f6fcc4bbf48cfc6ab3fa64e6cb95453299b3 Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M ssl/record/methods/tls_common.c M test/sslapitest.c Log Message: --- Add a test for TLS pipelining TLS pipelining provides the ability for libssl to read or write multiple records in parallel. It requires special ciphers to do this, and there are currently no built-in ciphers that provide this capability. However, the dasync engine does have such a cipher, so we add a test for this capability using that engine. Reviewed-by: Hugo Landau Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19456) Commit: 3961af375e1522a3d37d2af8628bff43103ab4f5 https://github.com/openssl/openssl/commit/3961af375e1522a3d37d2af8628bff43103ab4f5 Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M ssl/record/methods/tls1_meth.c Log Message: --- Pipeline output/input buf arrays must live until the EVP_Cipher is called The pipeline input/output buf arrays must remain accessible to the EVP_CIPHER_CTX until EVP_Cipher is subsequently called. This fixes an asan error discovered by the newly added pipeline test. Reviewed-by: Hugo Landau Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19456) Commit: 8ccde3fc78b8db0acf8c11454b5dc4fb01485f4c https://github.com/openssl/openssl/commit/8ccde3fc78b8db0acf8c11454b5dc4fb01485f4c Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Fix read pipelining During read pipelining we must ensure that the buffer is sufficiently large to read enough data to fill our pipelines. We also remove some code that moved data to the start of the packet if we can. This was unnecessary because of later code which would end up moving it anyway. The earlier move was also incorrect in the case that |clearold| was 0. This would cause the read pipelining code to fail with sufficiently large records. Reviewed-by: Hugo Landau Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19456) Commit: 3929345ee49f6b3a04f446c9589bb338f12e71ac https://github.com/openssl/openssl/commit/3929345ee49f6b3a04f446c9589bb338f12e71ac Author: Matt Caswell Date: 2022-11-02 (Wed, 02 Nov 2022) Changed paths: M doc/man3/SSL_CTX_set_split_send_fragment.pod Log Message: --- Update the pipelining docs Document the effect on the internal read buffer when using pipelining. Reviewed-by: Hugo Landau Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19456) Compare: https://github.com/openssl/openssl/compare/a88e97fcace0...3929345ee49f
[openssl/openssl] 7eb39e: Make SSL_alloc_buffers() and SSL_free_buffers() wo...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 7eb39ecb299db3eade11946f9385f5dee1d458d3 https://github.com/openssl/openssl/commit/7eb39ecb299db3eade11946f9385f5dee1d458d3 Author: Matt Caswell Date: 2022-10-27 (Thu, 27 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/recordmethod.h M ssl/ssl_lib.c Log Message: --- Make SSL_alloc_buffers() and SSL_free_buffers() work again Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19472) Commit: fba0206da7c0cc68854bb63a6ee9b96a74f4ed7a https://github.com/openssl/openssl/commit/fba0206da7c0cc68854bb63a6ee9b96a74f4ed7a Author: Matt Caswell Date: 2022-10-27 (Thu, 27 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/recordmethod.h Log Message: --- Remove some unused OSSL_RECORD_METHOD functions Remove two function pointers from the OSSL_RECORD_METHOD. Those functions were no-ops and were never called. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19472) Commit: ee05588dabeac7b9d034bf16dad122a93d1688a4 https://github.com/openssl/openssl/commit/ee05588dabeac7b9d034bf16dad122a93d1688a4 Author: Matt Caswell Date: 2022-10-27 (Thu, 27 Oct 2022) Changed paths: M test/sslbuffertest.c Log Message: --- Check whether buffers have actually been allocated/freed In the sslbuffertest we test the operation of SSL_alloc_buffers() and SSL_free_buffers(). However this was done entirely using the public API, and did not confirm that the buffers were actually allocated/freed. We now extend the test to confirm this. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19472) Compare: https://github.com/openssl/openssl/compare/225f94e818d9...ee05588dabea
[openssl/openssl] 9cbd2e: Fix a lock in provider_remove_store_methods()
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 9cbd2e1098caea4b327b06a1e1e353a58793b50c https://github.com/openssl/openssl/commit/9cbd2e1098caea4b327b06a1e1e353a58793b50c Author: Matt Caswell Date: 2022-10-25 (Tue, 25 Oct 2022) Changed paths: M crypto/provider_core.c Log Message: --- Fix a lock in provider_remove_store_methods() We were taking a read lock. It should have been a write lock. Fixes #19474 Reviewed-by: Tim Hudson Reviewed-by: Hugo Landau Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19481) (cherry picked from commit 6962e21b7c51480343db1a275f52525754dcbe44)
[openssl/openssl] 02be04: Fix a lock in provider_remove_store_methods()
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 02be04e5359fc93279306fcbe3b0063311712fb2 https://github.com/openssl/openssl/commit/02be04e5359fc93279306fcbe3b0063311712fb2 Author: Matt Caswell Date: 2022-10-25 (Tue, 25 Oct 2022) Changed paths: M crypto/provider_core.c Log Message: --- Fix a lock in provider_remove_store_methods() We were taking a read lock. It should have been a write lock. Fixes #19474 Reviewed-by: Tim Hudson Reviewed-by: Hugo Landau Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19481) (cherry picked from commit 6962e21b7c51480343db1a275f52525754dcbe44)
[openssl/openssl] 6962e2: Fix a lock in provider_remove_store_methods()
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 6962e21b7c51480343db1a275f52525754dcbe44 https://github.com/openssl/openssl/commit/6962e21b7c51480343db1a275f52525754dcbe44 Author: Matt Caswell Date: 2022-10-25 (Tue, 25 Oct 2022) Changed paths: M crypto/provider_core.c Log Message: --- Fix a lock in provider_remove_store_methods() We were taking a read lock. It should have been a write lock. Fixes #19474 Reviewed-by: Tim Hudson Reviewed-by: Hugo Landau Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19481)
[openssl/openssl] 50bed9: Fix test_tls13_encryption()
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 50bed93a7655dc6d990aa42e52b316a97e2dc820 https://github.com/openssl/openssl/commit/50bed93a7655dc6d990aa42e52b316a97e2dc820 Author: Matt Caswell Date: 2022-10-25 (Tue, 25 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c M test/tls13encryptiontest.c Log Message: --- Fix test_tls13_encryption() This test was disabled during the record write record layer refactor. We can now enable it again. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19470)
[openssl/openssl] bb2bbd: Fix a compilation failure in bio_comp_test.c
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: bb2bbd53d49c510c2ae705d86e8fd2ed829cbd92 https://github.com/openssl/openssl/commit/bb2bbd53d49c510c2ae705d86e8fd2ed829cbd92 Author: Matt Caswell Date: 2022-10-24 (Mon, 24 Oct 2022) Changed paths: M test/bio_comp_test.c Log Message: --- Fix a compilation failure in bio_comp_test.c Compiling with clang, --strict-warnings and enable-zlib-dynamic resulted in a compilation failure. This fixes it. Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19480)
[openssl/openssl] 3c153d: Fix make update
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 3c153d8722d52ac6faa0d98873060272e5f160ea https://github.com/openssl/openssl/commit/3c153d8722d52ac6faa0d98873060272e5f160ea Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M crypto/err/openssl.txt M include/openssl/sslerr.h Log Message: --- Fix make update The recent DTLS write record layer code and the certificate compression code both added new SSL_R_ reason codes. The numbers are conflicting due to rebase issues and causing make update to fail. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19457)
[openssl/openssl] 22d6e8: Remove create_empty_fragment from do_dtls1_write()
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 22d6e8547f11dae2e4c026be93331e9acfe9b940 https://github.com/openssl/openssl/commit/22d6e8547f11dae2e4c026be93331e9acfe9b940 Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/d1_msg.c M ssl/record/rec_layer_d1.c M ssl/record/record.h Log Message: --- Remove create_empty_fragment from do_dtls1_write() do_dtls1_write() was never called with a value for create_empty_fragment that was ever non-zero - so this is dead code and can be removed. The equivalent code in the TLS processing is used for TLS1.0/SSLv3 to protect against known IV weaknesses because those protocol versions do not have an explicit IV. However DTLS1.0 is based on TLSv1.1 and *does* have an explicit IV - so this is not useful there. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: 88bf978eb1766bec720c198deabe8d0a5de157bb https://github.com/openssl/openssl/commit/88bf978eb1766bec720c198deabe8d0a5de157bb Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/rec_layer_d1.c Log Message: --- Create a dlts_write_records() function In preparation for moving the DTLS code to use the new write record layer architecture we first restructure the code to create a dtls_write_records() function that mirrors the functionality that the record layer will provide. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: fc938db6cc46c6b59ab9da39f3c5b9c9a97ad33a https://github.com/openssl/openssl/commit/fc938db6cc46c6b59ab9da39f3c5b9c9a97ad33a Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/rec_layer_d1.c Log Message: --- Move dlts_write_records() function in the record layer At the this stage we just move the code and don't restructure it to do it the record layer way yet. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: bf04cbfafe77ddc67f1a9c06ffb044f9bf44057c https://github.com/openssl/openssl/commit/bf04cbfafe77ddc67f1a9c06ffb044f9bf44057c Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tlsany_meth.c Log Message: --- Use record layer buffers for DTLS rather than the buffers in s->rlayer Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: 4cdd198ec204a4c2ec6b3ec728ebcc8af04abc86 https://github.com/openssl/openssl/commit/4cdd198ec204a4c2ec6b3ec728ebcc8af04abc86 Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/rec_layer_d1.c Log Message: --- Convert dtls_write_records() to return the correct return values We now use standard record layer return values for this function. We also convert the code to use RLAYERfatal instead of SSLfatal. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: 602ee1f672a41f984e8923ad7430ca51ca42abde https://github.com/openssl/openssl/commit/602ee1f672a41f984e8923ad7430ca51ca42abde Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls1_meth.c M ssl/record/methods/tlsany_meth.c Log Message: --- Use common tls_write_records() even for DTLS In practice this just means have a DTLS specific write_records that the common tls_write_records() just calls. We also replace the use of ssl3_write_pending() with tls_retry_write_records(). Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19424) Commit: 248a9bf21ad5a61d911765964e2758e0da3c554c https://github.com/openssl/openssl/commit/248a9bf21ad5a61d911765964e2758e0da3c554c Author: Matt Caswell Date: 2022-10-20 (Thu, 20 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tlsany_meth.c Log Message: --- Start using WPACKET in the dtls write records code Previously this was writing to the buffers directly. We use the safer WPACKET instead Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/open
[openssl/openssl] 3df6ae: Ensure that the key share group is allowed for our...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 3df6aed7826640d944da382f78af5ab87ea790db https://github.com/openssl/openssl/commit/3df6aed7826640d944da382f78af5ab87ea790db Author: Matt Caswell Date: 2022-10-19 (Wed, 19 Oct 2022) Changed paths: M ssl/statem/extensions_clnt.c M ssl/statem/extensions_srvr.c Log Message: --- Ensure that the key share group is allowed for our protocol version We should never send or accept a key share group that is not in the supported groups list or a group that isn't suitable for use in TLSv1.3 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19404) Commit: 78d00e05a537495287b979bcad79365d5d9607d4 https://github.com/openssl/openssl/commit/78d00e05a537495287b979bcad79365d5d9607d4 Author: Matt Caswell Date: 2022-10-19 (Wed, 19 Oct 2022) Changed paths: M test/recipes/70-test_key_share.t Log Message: --- Add a test for where a client sends a non-TLSv1.3 key share This should not happen but we should tolerate and send an HRR Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19404) Commit: c861c3ee142ac00d5facd112fd8891e87c50bc7b https://github.com/openssl/openssl/commit/c861c3ee142ac00d5facd112fd8891e87c50bc7b Author: Matt Caswell Date: 2022-10-19 (Wed, 19 Oct 2022) Changed paths: M test/ssl-tests/14-curves.cnf M test/ssl-tests/14-curves.cnf.in Log Message: --- Add a test for TLSv1.3 only client sending a correct key_share Make sure that a TLSv1.3 only client does not send a TLSv1.3 key_share. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19404) Compare: https://github.com/openssl/openssl/compare/e2b2e6b166b2...c861c3ee142a
[openssl/openssl] 79edcf: Update CHANGES.md and NEWS.md for new release
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 79edcf4da7d4525acf0db894bc6af6f9ca2b9b9b https://github.com/openssl/openssl/commit/79edcf4da7d4525acf0db894bc6af6f9ca2b9b9b Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M CHANGES.md M NEWS.md Log Message: --- Update CHANGES.md and NEWS.md for new release Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19379)
[openssl/openssl] 247b8e: Ensure that the key share group is allowed for our...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 247b8e52527ed4facd9ff07cdef0df819193c0c3 https://github.com/openssl/openssl/commit/247b8e52527ed4facd9ff07cdef0df819193c0c3 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/statem/extensions_clnt.c M ssl/statem/extensions_srvr.c Log Message: --- Ensure that the key share group is allowed for our protocol version We should never send or accept a key share group that is not in the supported groups list or a group that isn't suitable for use in TLSv1.3 Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 04719b208992750ffe2b9232c62ca9179185f3e5 https://github.com/openssl/openssl/commit/04719b208992750ffe2b9232c62ca9179185f3e5 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/recipes/70-test_key_share.t Log Message: --- Add a test for where a client sends a non-TLSv1.3 key share This should not happen but we should tolerate and send an HRR Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 7b141d4934ab1254d65fd1859ca1c6eff1113b50 https://github.com/openssl/openssl/commit/7b141d4934ab1254d65fd1859ca1c6eff1113b50 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/ssl-tests/14-curves.cnf M test/ssl-tests/14-curves.cnf.in Log Message: --- Add a test for TLSv1.3 only client sending a correct key_share Make sure that a TLSv1.3 only client does not send a TLSv1.3 key_share. Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Compare: https://github.com/openssl/openssl/compare/f78c51995e35...7b141d4934ab
[openssl/openssl] 2c50d7: Convert the TLSv1.3 crypto code to the new write r...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 https://github.com/openssl/openssl/commit/2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/ssl_local.h M ssl/statem/statem_clnt.c M ssl/t1_enc.c M ssl/tls13_enc.c M test/sslapitest.c Log Message: --- Convert the TLSv1.3 crypto code to the new write record layer We also clean up some of the KTLS code while we are doing it now that all users of KTLS have been moved to the new write record layer. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: bfda3aeec5986d9374e1ceb33b823a2d82bd29ca https://github.com/openssl/openssl/commit/bfda3aeec5986d9374e1ceb33b823a2d82bd29ca Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Remove most of the DTLS special casing from the write record code Most of this was unnecessary anyway since DTLS isn't using these codepaths. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f https://github.com/openssl/openssl/commit/2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Remove some unneeded usage of the SSL_CONNECTION object Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 4bf610bdce3b0e474c5ce7db5be77e152f3649b6 https://github.com/openssl/openssl/commit/4bf610bdce3b0e474c5ce7db5be77e152f3649b6 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/s3_enc.c M ssl/statem/statem.c M ssl/statem/statem.h M ssl/t1_enc.c M ssl/tls13_enc.c Log Message: --- Remove enc_write_state This field was used to track whether a cipher ctx was valid for writing or not, and also whether we should write out plaintext alerts. With the new record layer design we no longer need to track whether a cipher ctx is valid since the whole record layer will be aborted if it is not. Also we have a different mechanism for tracking whether we should write out plaintext alerts. Therefore this field is removed from the SSL object. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 435d88d70813825533c8789faa71c6287e0d43c9 https://github.com/openssl/openssl/commit/435d88d70813825533c8789faa71c6287e0d43c9 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/recordmethod.h M ssl/ssl_lib.c M ssl/statem/extensions.c Log Message: --- Use the configured max_send_fragment value in the write record layer Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 https://github.com/openssl/openssl/commit/f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Remove an old TODO from the code Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 91fe8ff02a323eddb0404f975d5c9a03c024593b https://github.com/openssl/openssl/commit/91fe8ff02a323eddb0404f975d5c9a03c024593b Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: --- Defer write buffer and WPACKET allocation/initialisation to protocol code We move some protocol specific code for write buffer and WPACKET allocation and initialisation out of tls_common.c and into the protocol specific files. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 7ca61d63e99726ef7874b88b96892dae75f51156
[openssl/openssl] 2b4cf9: make update
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 2b4cf94ad676bcf2ab5d0614fe00ae483d2ab613 https://github.com/openssl/openssl/commit/2b4cf94ad676bcf2ab5d0614fe00ae483d2ab613 Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M providers/fips-sources.checksums M providers/fips.checksum Log Message: --- make update Reviewed-by: Richard Levitte Release: yes Commit: 75a6bc17f32505421a78476a972d4d9b74f303b6 https://github.com/openssl/openssl/commit/75a6bc17f32505421a78476a972d4d9b74f303b6 Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES.md M NEWS.md M VERSION.dat Log Message: --- Prepare for release of 3.0.6 Reviewed-by: Richard Levitte Release: yes Commit: cdb505ea4754367a3b930446f43911351b3ac43e https://github.com/openssl/openssl/commit/cdb505ea4754367a3b930446f43911351b3ac43e Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES.md M NEWS.md M VERSION.dat Log Message: --- Prepare for 3.0.7 Reviewed-by: Richard Levitte Release: yes Compare: https://github.com/openssl/openssl/compare/4b20cbbe1ccd...cdb505ea4754
[openssl/openssl] fbda8a: Prepare for 1.1.1r release
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: fbda8a9e3b6266da377a6f57d597d657257d9cff https://github.com/openssl/openssl/commit/fbda8a9e3b6266da377a6f57d597d657257d9cff Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES M NEWS M README M include/openssl/opensslv.h Log Message: --- Prepare for 1.1.1r release Reviewed-by: Richard Levitte Release: yes Commit: 0ca7eae5cc2e3042d7af8383eacac6c9c414de68 https://github.com/openssl/openssl/commit/0ca7eae5cc2e3042d7af8383eacac6c9c414de68 Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES M NEWS M README M include/openssl/opensslv.h Log Message: --- Prepare for 1.1.1s-dev Reviewed-by: Richard Levitte Release: yes Compare: https://github.com/openssl/openssl/compare/0874d7f21b91...0ca7eae5cc2e
[openssl/openssl] 0874d7: Update copyright year
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 0874d7f21b918ce4e860644e8cc697753ef871ef https://github.com/openssl/openssl/commit/0874d7f21b918ce4e860644e8cc697753ef871ef Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M apps/apps.h M apps/ca.c M apps/ocsp.c M apps/s_cb.c M crypto/aes/asm/aesv8-armx.pl M crypto/bn/bn_nist.c M crypto/objects/obj_dat.pl M crypto/objects/objects.pl M crypto/objects/objxref.pl M crypto/pem/pem_lib.c M crypto/rand/drbg_lib.c M crypto/rand/rand_lib.c M crypto/rand/rand_win.c M crypto/x509/x509_req.c M crypto/x509/x_all.c M crypto/x509v3/v3_lib.c M doc/man1/x509.pod M doc/man3/EC_KEY_new.pod M doc/man3/EVP_EncryptInit.pod M doc/man3/OPENSSL_LH_COMPFUNC.pod M ssl/packet.c M ssl/packet_local.h M ssl/record/rec_layer_s3.c M ssl/ssl_rsa.c M ssl/statem/extensions_srvr.c M ssl/tls13_enc.c M test/dtlstest.c M test/ec_internal_test.c M test/recipes/25-test_x509.t M test/ssltestlib.c M test/ssltestlib.h M test/x509_internal_test.c Log Message: --- Update copyright year Reviewed-by: Richard Levitte Release: yes (Merged from https://github.com/openssl/openssl/pull/19383)
[openssl/openssl] 4b20cb: Update copyright year
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 4b20cbbe1ccd6b3aea2da70f314c38691f99436d https://github.com/openssl/openssl/commit/4b20cbbe1ccd6b3aea2da70f314c38691f99436d Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M .github/workflows/compiler-zoo.yml M .github/workflows/coveralls.yml M .github/workflows/cross-compiles.yml M .github/workflows/fips-checksums.yml M .github/workflows/fips-label.yml M .github/workflows/fuzz-checker.yml M .github/workflows/main.yml M .github/workflows/run-checker-daily.yml M .github/workflows/run-checker-merge.yml M .github/workflows/windows.yml M apps/dgst.c M apps/genrsa.c M apps/include/apps.h M apps/lib/s_cb.c M apps/mac.c M apps/pkcs12.c M apps/pkeyparam.c M crypto/aes/asm/aesv8-armx.pl M crypto/arm_arch.h M crypto/armcap.c M crypto/asn1/asn_mime.c M crypto/bio/bio_lib.c M crypto/bn/asm/rsaz-avx512.pl M crypto/bn/bn_prime.c M crypto/bn/bn_rand.c M crypto/cmp/cmp_http.c M crypto/cmp/cmp_util.c M crypto/cms/cms_enc.c M crypto/cms/cms_lib.c M crypto/cms/cms_pwri.c M crypto/conf/conf_sap.c M crypto/dh/dh_pmeth.c M crypto/evp/evp_rand.c M crypto/evp/kdf_lib.c M crypto/evp/kem.c M crypto/evp/keymgmt_meth.c M crypto/evp/mac_lib.c M crypto/evp/signature.c M crypto/ffc/ffc_key_generate.c M crypto/mem_sec.c M crypto/objects/obj_dat.c M crypto/packet.c M crypto/pkcs12/p12_decr.c M crypto/rand/prov_seed.c M crypto/stack/stack.c M crypto/threads_win.c M crypto/x509/v3_lib.c M crypto/x509/x509_req.c M crypto/x509/x509_vpm.c M crypto/x509/x_all.c M doc/man1/openssl-cmds.pod.in M doc/man1/openssl-ec.pod.in M doc/man1/openssl-mac.pod.in M doc/man1/openssl-pkcs12.pod.in M doc/man1/openssl-x509.pod.in M doc/man1/openssl.pod M doc/man3/BIO_f_ssl.pod M doc/man3/BIO_s_accept.pod M doc/man3/DH_new.pod M doc/man3/DH_new_by_nid.pod M doc/man3/EC_KEY_new.pod M doc/man3/EVP_PBE_CipherInit.pod M doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod M doc/man3/EVP_PKEY_fromdata.pod M doc/man3/OPENSSL_LH_COMPFUNC.pod M doc/man3/OPENSSL_malloc.pod M doc/man3/OSSL_HTTP_REQ_CTX.pod M doc/man3/OSSL_HTTP_transfer.pod M doc/man3/OSSL_LIB_CTX.pod M doc/man3/OSSL_trace_set_channel.pod M doc/man3/SSL_CTX_use_certificate.pod M doc/man3/X509_CRL_get0_by_serial.pod M doc/man3/X509_STORE_add_cert.pod M doc/man3/X509_cmp_time.pod M doc/man3/X509v3_get_ext_by_NID.pod M doc/man7/EVP_KDF-X942-ASN1.pod M doc/man7/EVP_SIGNATURE-RSA.pod M include/crypto/rand.h M include/internal/ffc.h M include/internal/packet.h M providers/implementations/asymciphers/rsa_enc.c M providers/implementations/ciphers/ciphercommon_gcm.c M providers/implementations/include/prov/ciphercommon.h M providers/implementations/rands/seeding/rand_win.c M providers/implementations/signature/eddsa_sig.c M ssl/ktls.c M ssl/record/rec_layer_s3.c M ssl/record/ssl3_record_tls13.c M ssl/ssl_ciph.c M ssl/statem/statem.c M ssl/statem/statem_local.h M test/asynctest.c M test/dtlstest.c M test/ec_internal_test.c M test/ext_internal_test.c M test/ffc_internal_test.c M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/ocspapitest.c M test/recipes/15-test_ec.t M test/recipes/20-test_dhparam.t M test/recipes/30-test_evp.t M test/recipes/30-test_evp_data/evpmac_common.txt M test/recipes/30-test_evp_data/evpmac_sm3.txt M test/recipes/80-test_cmp_http.t M test/recipes/80-test_ssl_new.t M test/rsa_complex.c M test/test_test.c M test/testutil.h M test/testutil/output.h M test/testutil/provider.c Log Message: --- Update copyright year Reviewed-by: Richard Levitte Release: yes (Merged from https://github.com/openssl/openssl/pull/19382)
[openssl/openssl] 3d28f7: Updated CHANGES and NEWS for new release
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 3d28f748269f5cdd2577a34e585e4edd406dd68b https://github.com/openssl/openssl/commit/3d28f748269f5cdd2577a34e585e4edd406dd68b Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES M NEWS Log Message: --- Updated CHANGES and NEWS for new release Reviewed-by: Richard Levitte Release: yes (Merged from https://github.com/openssl/openssl/pull/19381)
[openssl/openssl] a92e53: Update CHANGES.md and NEWS.md for new release
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: a92e538a757bc3bdc9c7d6370154a0e8b4dd2c26 https://github.com/openssl/openssl/commit/a92e538a757bc3bdc9c7d6370154a0e8b4dd2c26 Author: Matt Caswell Date: 2022-10-11 (Tue, 11 Oct 2022) Changed paths: M CHANGES.md M NEWS.md Log Message: --- Update CHANGES.md and NEWS.md for new release Reviewed-by: Richard Levitte Release: yes (Merged from https://github.com/openssl/openssl/pull/19380)
[openssl/openssl] 16f0e9: Partial revert and reimplement "Enable brainpool c...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 16f0e91cf82e13c327f0b0402459dfbf78ef787c https://github.com/openssl/openssl/commit/16f0e91cf82e13c327f0b0402459dfbf78ef787c Author: Matt Caswell Date: 2022-10-07 (Fri, 07 Oct 2022) Changed paths: M ssl/s3_lib.c M ssl/ssl_local.h M ssl/statem/extensions.c M ssl/statem/extensions_clnt.c M ssl/statem/extensions_srvr.c M ssl/statem/statem_lib.c M ssl/t1_lib.c Log Message: --- Partial revert and reimplement "Enable brainpool curves for TLS1.3" This partially reverts commit 0a10825a0 in order to reimplement it in a simpler way in the next commit. The reverted aspects are all related to the TLSv1.3 brainpool curves in the supported_groups extension. Rather than special casing the handling of these curves we simply add new entries to the groups table to represent them. They can then be handled without any additional special casing. This makes the code simpler to maintain. Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19315) Commit: c9ee6e3646258f79a9970be96394cb2b93b7eddd https://github.com/openssl/openssl/commit/c9ee6e3646258f79a9970be96394cb2b93b7eddd Author: Matt Caswell Date: 2022-10-07 (Fri, 07 Oct 2022) Changed paths: M crypto/objects/obj_dat.h M crypto/objects/obj_mac.num M crypto/objects/objects.txt M include/openssl/obj_mac.h M providers/common/capabilities.c M ssl/t1_lib.c M ssl/t1_trce.c M test/ssl-tests/20-cert-select.cnf M test/ssl-tests/20-cert-select.cnf.in Log Message: --- Reimplement brainpool TLSv1.3 support group support Create new TLS_GROUP_ENTRY values for these groups. Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19315) Commit: 3f76339a3fe7be412b754ffe7b0a5438a1297f28 https://github.com/openssl/openssl/commit/3f76339a3fe7be412b754ffe7b0a5438a1297f28 Author: Matt Caswell Date: 2022-10-07 (Fri, 07 Oct 2022) Changed paths: M test/helpers/ssl_test_ctx.c M test/ssl-tests/14-curves.cnf M test/ssl-tests/14-curves.cnf.in Log Message: --- Add some more brainpool tests for TLSv1.3 Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19315) Commit: 8377f26c2e6dadd9a1728805cd895fa94669f2d0 https://github.com/openssl/openssl/commit/8377f26c2e6dadd9a1728805cd895fa94669f2d0 Author: Matt Caswell Date: 2022-10-07 (Fri, 07 Oct 2022) Changed paths: M doc/man3/SSL_CTX_set1_curves.pod Log Message: --- Update the SSL_CTX_set1_groups documentation Mention the brainpool curves in the documentation Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19315) Compare: https://github.com/openssl/openssl/compare/c007f466aaeb...8377f26c2e6d
[openssl/openssl] 9251c3: Convert the TLSv1.0/1.1/1.2 crypto code to use the...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 9251c3c4c7695b6268fcd122e18643d61f02b5dd https://github.com/openssl/openssl/commit/9251c3c4c7695b6268fcd122e18643d61f02b5dd Author: Matt Caswell Date: 2022-10-05 (Wed, 05 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tls_multib.c M ssl/t1_enc.c Log Message: --- Convert the TLSv1.0/1.1/1.2 crypto code to use the new write record layer Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19217) Commit: 1e76110b7214a4fb39dc1397cbc4771538d06f39 https://github.com/openssl/openssl/commit/1e76110b7214a4fb39dc1397cbc4771538d06f39 Author: Matt Caswell Date: 2022-10-05 (Wed, 05 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c M ssl/record/rec_layer_s3.c M ssl/record/recordmethod.h M ssl/ssl_lib.c M test/sslapitest.c Log Message: --- Enable the ability to query the COMP_METHOD being used in the record layer We also convert to passing COMP_METHOD rather than SSL_COMP to the record layer. The former is a public type while the latter is internal only - and the only thing we need from SSL_COMP is the method. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19217) Commit: a8572674f12ceb39f7e66ccbaa8918b922c76739 https://github.com/openssl/openssl/commit/a8572674f12ceb39f7e66ccbaa8918b922c76739 Author: Matt Caswell Date: 2022-10-05 (Wed, 05 Oct 2022) Changed paths: M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls_common.c M ssl/record/record.h M ssl/record/ssl3_record.c M ssl/s3_enc.c M ssl/s3_lib.c Log Message: --- Move the SSLv3 crypto code into the new record layer Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19217) Compare: https://github.com/openssl/openssl/compare/830225901365...a8572674f12c
[openssl/openssl] 5485c5: Fix usage of custom EVP_CIPHER objects
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b https://github.com/openssl/openssl/commit/5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/digest.c M crypto/evp/evp_enc.c Log Message: --- Fix usage of custom EVP_CIPHER objects If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit 25d47cccf203c3b71171e78865e48ea061a039a8) Commit: a2893b62333d97c8dfaaf655eaea919d30fb9a7b https://github.com/openssl/openssl/commit/a2893b62333d97c8dfaaf655eaea919d30fb9a7b Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/evp_enc.c Log Message: --- Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTX In some circumstances we were not calling the cleanup() function to remove cipher specific data from an EVP_CIPHER_CTX. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit f817a7439eaa705429cf699dd0485e665b0ffc49) Commit: b2f68ebeb5eef96249a22591199d43f960789c41 https://github.com/openssl/openssl/commit/b2f68ebeb5eef96249a22591199d43f960789c41 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M test/evp_extra_test.c Log Message: --- Test usage of a custom EVP_CIPHER Test that a custom EVP_CIPHER gets used in EVP_CipherInit_ex() calls. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit 8c7d847e2e6ac6bfded210c19fd8461254bb2be3) Compare: https://github.com/openssl/openssl/compare/9f0867da4cbf...b2f68ebeb5ee
[openssl/openssl] 25d47c: Fix usage of custom EVP_CIPHER objects
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 25d47cccf203c3b71171e78865e48ea061a039a8 https://github.com/openssl/openssl/commit/25d47cccf203c3b71171e78865e48ea061a039a8 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/digest.c M crypto/evp/evp_enc.c Log Message: --- Fix usage of custom EVP_CIPHER objects If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Commit: f817a7439eaa705429cf699dd0485e665b0ffc49 https://github.com/openssl/openssl/commit/f817a7439eaa705429cf699dd0485e665b0ffc49 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/evp_enc.c Log Message: --- Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTX In some circumstances we were not calling the cleanup() function to remove cipher specific data from an EVP_CIPHER_CTX. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Commit: 8c7d847e2e6ac6bfded210c19fd8461254bb2be3 https://github.com/openssl/openssl/commit/8c7d847e2e6ac6bfded210c19fd8461254bb2be3 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M test/evp_extra_test.c Log Message: --- Test usage of a custom EVP_CIPHER Test that a custom EVP_CIPHER gets used in EVP_CipherInit_ex() calls. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Compare: https://github.com/openssl/openssl/compare/fcae2ae4f675...8c7d847e2e6a
[openssl/openssl] 104c60: Test a 0 return from the ticket key callback
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 104c60e90016401c4319eb7c80363f742bc74643 https://github.com/openssl/openssl/commit/104c60e90016401c4319eb7c80363f742bc74643 Author: Matt Caswell Date: 2022-09-27 (Tue, 27 Sep 2022) Changed paths: M test/sslapitest.c Log Message: --- Test a 0 return from the ticket key callback A 0 return from a ticket key callback should indicate that crypto parameters are not currently available and that the handshake should continue without generating/using the ticket. Reviewed-by: Tomas Mraz Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/19249) Commit: 61f8d46d4987d44cfa74acfb2f81393b92dd https://github.com/openssl/openssl/commit/61f8d46d4987d44cfa74acfb2f81393b92dd Author: Matt Caswell Date: 2022-09-27 (Tue, 27 Sep 2022) Changed paths: M ssl/statem/statem.c M ssl/statem/statem_srvr.c Log Message: --- If a ticket key callback returns 0 in TLSv1.3 don't send a ticket If we can't construct the ticket don't send one. This requires a change to the TLS state machine to be able to a handle a construction function deciding not to send a message after all. Fixes #18977 Reviewed-by: Tomas Mraz Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/19249) Compare: https://github.com/openssl/openssl/compare/a2c0a959e0bb...61f8d46d49ee
[openssl/openssl] a56686: Move initial TLS write record layer code into new ...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: a566864b607317fc95cbe190bbf0b8b928fcfa77 https://github.com/openssl/openssl/commit/a566864b607317fc95cbe190bbf0b8b928fcfa77 Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/recordmethod.h M ssl/s3_msg.c Log Message: --- Move initial TLS write record layer code into new structure The new write record layer architecture splits record writing into a "write_records" call and a "retry_write_records" call - where multiple records can be sent to "write_records" in one go. We restructure the code into that format in order that future commits can move these functions into the new record layer more easily. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: 2b71b042202d11854801682d48ccf4e4e34cd5cf https://github.com/openssl/openssl/commit/2b71b042202d11854801682d48ccf4e4e34cd5cf Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/recordmethod.h M ssl/s3_enc.c M ssl/s3_msg.c M ssl/ssl_lib.c M ssl/t1_enc.c M ssl/tls13_enc.c Log Message: --- Create the write record layer method and object and use it Make sure we set the write record layer method and create the object where appropriate. Move the newly restructured writing code into the record layer object. For now we are cheating and still accessing the underlying SSL_CONNECTION object. This will be removed in subsequent commits. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: 3eaead7166ef5aff027e571a9be0def6581ef20c https://github.com/openssl/openssl/commit/3eaead7166ef5aff027e571a9be0def6581ef20c Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c Log Message: --- Move checking for alerts to dispatch out of the record layer This isn't a record layer responsibility so should be removed from write_records. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: 310590139e45116d86627dcc85e83f2e3fcbb6b4 https://github.com/openssl/openssl/commit/310590139e45116d86627dcc85e83f2e3fcbb6b4 Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Use the record layer msg_callback not the SSL object msg_callback This removes unnecessary usage of the SSL object from the record layer. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: b5cf81f7c9775d2502730ba126893ce8af4db90e https://github.com/openssl/openssl/commit/b5cf81f7c9775d2502730ba126893ce8af4db90e Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/s3_msg.c M ssl/ssl_lib.c Log Message: --- Replace references to s->wbio with rl->bio We use the record layer reference to the BIO rather than the SSL object reference. This removes an unneeded SSL object usage. Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: 151f313e53c1515f2730b3b36e3fc966e1a8010b https://github.com/openssl/openssl/commit/151f313e53c1515f2730b3b36e3fc966e1a8010b Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/ssl3_buffer.c M ssl/t1_enc.c M ssl/tls13_enc.c Log Message: --- Move write buffer management into the write record layer Reviewed-by: Hugo Landau Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/19198) Commit: e7694c69b5fed37f5cdf72b70f507c7188db7e3d https://github.com/openssl/openssl/commit/e7694c69b5fed37f5cdf72b70f507c7188db7e3d Author: Matt Caswell Date: 2022-09-23 (Fri, 23 Sep 2022) Changed paths: M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_
[openssl/openssl] 9cdee3: Correctly handle a retransmitted ClientHello
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 9cdee31c892e8abe0048b69fddca53d8e0da8380 https://github.com/openssl/openssl/commit/9cdee31c892e8abe0048b69fddca53d8e0da8380 Author: Matt Caswell Date: 2022-09-22 (Thu, 22 Sep 2022) Changed paths: M ssl/statem/statem_dtls.c Log Message: --- Correctly handle a retransmitted ClientHello If we receive a ClientHello and send back a HelloVerifyRequest, we need to be able to handle the scenario where the HelloVerifyRequest gets lost and we receive another ClientHello with the message sequence number set to 0. Fixes #18635 Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18654) (cherry picked from commit 81926c91567cd5d11eec38b9980438f45b276d72) Commit: 290c1d8d629636f57e938bd8328dc6c8f98c4752 https://github.com/openssl/openssl/commit/290c1d8d629636f57e938bd8328dc6c8f98c4752 Author: Matt Caswell Date: 2022-09-22 (Thu, 22 Sep 2022) Changed paths: M test/dtlstest.c Log Message: --- Add additional messages to the DTLS dropped records test Ensure we are testing a handshake that includes a HelloVerifyRequest and what happens if we drop it. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18654) (cherry picked from commit a29ad912b82f50ef876bef99c66522dccd41b6f8) Compare: https://github.com/openssl/openssl/compare/33796db4a5c3...290c1d8d6296
[openssl/openssl] 81926c: Correctly handle a retransmitted ClientHello
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 81926c91567cd5d11eec38b9980438f45b276d72 https://github.com/openssl/openssl/commit/81926c91567cd5d11eec38b9980438f45b276d72 Author: Matt Caswell Date: 2022-09-22 (Thu, 22 Sep 2022) Changed paths: M ssl/statem/statem_dtls.c Log Message: --- Correctly handle a retransmitted ClientHello If we receive a ClientHello and send back a HelloVerifyRequest, we need to be able to handle the scenario where the HelloVerifyRequest gets lost and we receive another ClientHello with the message sequence number set to 0. Fixes #18635 Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18654) Commit: a29ad912b82f50ef876bef99c66522dccd41b6f8 https://github.com/openssl/openssl/commit/a29ad912b82f50ef876bef99c66522dccd41b6f8 Author: Matt Caswell Date: 2022-09-22 (Thu, 22 Sep 2022) Changed paths: M test/dtlstest.c Log Message: --- Add additional messages to the DTLS dropped records test Ensure we are testing a handshake that includes a HelloVerifyRequest and what happens if we drop it. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18654) Compare: https://github.com/openssl/openssl/compare/0ff98137445e...a29ad912b82f
[openssl/openssl] 3b7a32: Test a 0 return from the ticket key callback
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 3b7a3241c225b152ba8519f540bcac5b680312c2 https://github.com/openssl/openssl/commit/3b7a3241c225b152ba8519f540bcac5b680312c2 Author: Matt Caswell Date: 2022-09-20 (Tue, 20 Sep 2022) Changed paths: M test/sslapitest.c Log Message: --- Test a 0 return from the ticket key callback A 0 return from a ticket key callback should indicate that crypto parameters are not currently available and that the handshake should continue without generating/using the ticket. Reviewed-by: Viktor Dukhovni Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18990) Commit: 3e93c5fe1eab677500448e18e4274b26e4b246ae https://github.com/openssl/openssl/commit/3e93c5fe1eab677500448e18e4274b26e4b246ae Author: Matt Caswell Date: 2022-09-20 (Tue, 20 Sep 2022) Changed paths: M ssl/statem/statem.c M ssl/statem/statem_srvr.c Log Message: --- If a ticket key callback returns 0 in TLSv1.3 don't send a ticket If we can't construct the ticket don't send one. This requires a change to the TLS state machine to be able to a handle a construction function deciding not to send a message after all. Fixes #18977 Reviewed-by: Viktor Dukhovni Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18990) Commit: 67ec6d2b747810db609330003dcf08c8c584105b https://github.com/openssl/openssl/commit/67ec6d2b747810db609330003dcf08c8c584105b Author: Matt Caswell Date: 2022-09-20 (Tue, 20 Sep 2022) Changed paths: M ssl/statem/statem.c M ssl/statem/statem.h M ssl/statem/statem_clnt.c M ssl/statem/statem_dtls.c M ssl/statem/statem_lib.c M ssl/statem/statem_local.h M ssl/statem/statem_srvr.c Log Message: --- Use an enum for the return value from a construction function Construction return values are no longer boolean but can return 3 different values, so we use an enum to represent them. Reviewed-by: Viktor Dukhovni Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18990) Compare: https://github.com/openssl/openssl/compare/9b25f52a4425...67ec6d2b7478
[openssl/openssl] f3f8e5: Add some API tests for TLSv1.3 record padding
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: f3f8e53c852f07d38c124e45f7c678e854be4a54 https://github.com/openssl/openssl/commit/f3f8e53c852f07d38c124e45f7c678e854be4a54 Author: Matt Caswell Date: 2022-09-09 (Fri, 09 Sep 2022) Changed paths: M test/sslapitest.c Log Message: --- Add some API tests for TLSv1.3 record padding We have some ssl_test_new tests for record padding. But these only use the block padding approach set via a config file on the SSL_CTX. We add tests for all the various API calls. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19103)
[openssl/openssl] 209342: Tolerate a bad record version in TLSv1.3 plaintext...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2093428834151ea4788aa773b5aa2d35e0bbc90a https://github.com/openssl/openssl/commit/2093428834151ea4788aa773b5aa2d35e0bbc90a Author: Matt Caswell Date: 2022-08-29 (Mon, 29 Aug 2022) Changed paths: M ssl/record/methods/tlsany_meth.c Log Message: --- Tolerate a bad record version in TLSv1.3 plaintext records When a server responds to a second TLSv1.3 ClientHello it is required to set the legacy_record_version to 0x0303 (TLSv1.2). The client is required to ignore that field even if it is wrong. The recent changes to the read record layer in PR #18132 made the record layer stricter and it was checking that the legacy_record_version was the correct value. This caused connection failures when talking to buggy servers that set the wrong legacy_record_version value. We make us more tolerant again. Fixes #19051 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19058) Commit: 723844d3762c05727e8f6f21d0a1098e23302ebd https://github.com/openssl/openssl/commit/723844d3762c05727e8f6f21d0a1098e23302ebd Author: Matt Caswell Date: 2022-08-29 (Mon, 29 Aug 2022) Changed paths: M test/recipes/70-test_sslrecords.t Log Message: --- Test that we ignore a bad record version in a plaintext TLSv1.3 record The RFC requires us to ignore this field in plaintext records - so even if it is set incorrectly we should tolerate it. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19058) Compare: https://github.com/openssl/openssl/compare/6347b86778a3...723844d3762c
[openssl/openssl] 200d95: Drop the optimisation level for ppc64le cross-compile
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 200d9521a0d406a7d02778d1c6c5a5230caeecf5 https://github.com/openssl/openssl/commit/200d9521a0d406a7d02778d1c6c5a5230caeecf5 Author: Matt Caswell Date: 2022-08-24 (Wed, 24 Aug 2022) Changed paths: M .github/workflows/cross-compiles.yml Log Message: --- Drop the optimisation level for ppc64le cross-compile The default cross compiler (gcc 9.4.0) for ppc64le on Ubunut 20.04 seems buggy and causes a seg fault in sslapitest. This doesn't impact any other CI cross compile platforms and does not seem to impact the gcc 10.3.0 cross compiler. We just drop the optimisation level on that platform. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19056)
[openssl/openssl] e92188: Fix the return type for the rlayer_skip_early_data...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: e921882d57201e14cc6a48765b2281065d6f5c65 https://github.com/openssl/openssl/commit/e921882d57201e14cc6a48765b2281065d6f5c65 Author: Matt Caswell Date: 2022-08-23 (Tue, 23 Aug 2022) Changed paths: M ssl/record/record.h Log Message: --- Fix the return type for the rlayer_skip_early_data callback There was a copy & paste error in the definition of the rlayer_skip_early_data callback. The return type is supposed to be "int" but it was defined as a pointer type. This was causing test failures on some platforms. Fixes #19037 Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19048)
[openssl/openssl] 79a1f3: Add the recordmethod header from the draft design
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6 https://github.com/openssl/openssl/commit/79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6 Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: A ssl/record/recordmethod.h Log Message: --- Add the recordmethod header from the draft design Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: 11653dcd6ecbc7ff3c53f694474ece08ce4473aa https://github.com/openssl/openssl/commit/11653dcd6ecbc7ff3c53f694474ece08ce4473aa Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M ssl/record/recordmethod.h Log Message: --- Fix compilation issues in the imported recordmethod.h Also, rename the "new" function pointer to "new_record_layer" to avoid a C++ reserved name Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: 34a4068cc402c38e2134a6b46d9633ad3112bfa5 https://github.com/openssl/openssl/commit/34a4068cc402c38e2134a6b46d9633ad3112bfa5 Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M ssl/build.info A ssl/record/tlsrecord.c Log Message: --- Add a skeleton TLS record method It doesn't yet do anything. This is a placeholder which will be filled in by susbsequent commits. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: 0c974fc754e4b0525819ca9f6c3e124141b690ad https://github.com/openssl/openssl/commit/0c974fc754e4b0525819ca9f6c3e124141b690ad Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M ssl/record/recordmethod.h Log Message: --- Make settings and options parameters const in recordmethod.h Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: e2d5742b1460c45bf39094ea08e4e85a8f507ea8 https://github.com/openssl/openssl/commit/e2d5742b1460c45bf39094ea08e4e85a8f507ea8 Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M crypto/err/openssl.txt M include/openssl/core_names.h M include/openssl/sslerr.h M ssl/d1_lib.c M ssl/ktls.c M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/record/record_local.h M ssl/record/recordmethod.h M ssl/record/ssl3_buffer.c M ssl/record/ssl3_record.c M ssl/record/tlsrecord.c M ssl/ssl_err.c M ssl/ssl_lib.c M ssl/ssl_local.h M ssl/sslerr.h M ssl/t1_enc.c Log Message: --- Transfer the functionality from ssl3_read_n to the new record layer This transfers the low level function ssl3_read_n to the new record layer. We temporarily make the read_n function a top level record layer function. Eventually, in later commits in this refactor, we will remove it as a top level function and it will just be called from read_record. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: 26dad42e9ca609569073463165263173ab2a27ab https://github.com/openssl/openssl/commit/26dad42e9ca609569073463165263173ab2a27ab Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M test/dtlstest.c M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h M test/quicapitest.c M test/sslapitest.c Log Message: --- Add a DTLSv1_listen() test Add a test to ensure that a connection started via DTLSv1_listen() can be completed through to handshake success. Previous DTLSv1_listen() testing only tested the function itself and did not confirm that a connection can actually be achieved using it. This is important to test some codepaths being affected by the record layer refactor. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: 4030869d24309bfb5292e7bec41cd2b3012ba99d https://github.com/openssl/openssl/commit/4030869d24309bfb5292e7bec41cd2b3012ba99d Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M crypto/err/openssl.txt M include/openssl/sslerr.h M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/record_local.h M ssl/record/recordmethod.h M ssl/record/ssl3_record.c M ssl/record/tlsrecord.c M ssl/ssl_err.c M ssl/statem/statem_lib.c M test/sslapitest.c Log Message: --- Convert ssl3_get_record to tls_read_record We move the old ssl3_get_record function to conform with the new record layer design. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18132) Commit: aedbb71b6334a6cb616c
[openssl/openssl] 405d6d: Add some documentation for X509_gmtime_adj()
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 405d6dcd09388d34cad8290601dd726d9484f6c0 https://github.com/openssl/openssl/commit/405d6dcd09388d34cad8290601dd726d9484f6c0 Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M doc/man3/X509_cmp_time.pod M util/missingcrypto.txt Log Message: --- Add some documentation for X509_gmtime_adj() Other very similar functions were documented, but this one was missing. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18974) (cherry picked from commit 425e972dfaf867affb5b3d438d9ca67bb6aeed65)
[openssl/openssl] 425e97: Add some documentation for X509_gmtime_adj()
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 425e972dfaf867affb5b3d438d9ca67bb6aeed65 https://github.com/openssl/openssl/commit/425e972dfaf867affb5b3d438d9ca67bb6aeed65 Author: Matt Caswell Date: 2022-08-18 (Thu, 18 Aug 2022) Changed paths: M doc/man3/X509_cmp_time.pod M util/missingcrypto.txt Log Message: --- Add some documentation for X509_gmtime_adj() Other very similar functions were documented, but this one was missing. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18974)
[openssl/openssl] 9e4b57: Don't incorrectly skip the multiblock test
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 9e4b57fbe9544326e4c7119fe30e5319803f5e17 https://github.com/openssl/openssl/commit/9e4b57fbe9544326e4c7119fe30e5319803f5e17 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M test/sslapitest.c Log Message: --- Don't incorrectly skip the multiblock test sslapitest has a test for multiblock writes. Since multiblock writing is only available on some platforms the multiblock test checks whether we are on such a platform first, and skips the test if we are not. Unfortunately a bug in the check meant that we always skipped the test regardless of the platform. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18983) (cherry picked from commit 7c82a7a8f3a66f47f727d31691d6298d88ed158b) Commit: 0f0634bc8cf8a6d82a2110a6e983cf92032115c9 https://github.com/openssl/openssl/commit/0f0634bc8cf8a6d82a2110a6e983cf92032115c9 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M .github/workflows/ci.yml Log Message: --- Ensure we build ub sanitizer builds with -DPEDANTIC Otherwise we may get spurious results from ub sanitizer. For example we assume we can tolerate some unaligned write without this define that ub sanitizer will complain about. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18983) (cherry picked from commit 17b94de3df327e6619e52529e345a340d4a0a100) Compare: https://github.com/openssl/openssl/compare/d4b9a613839c...0f0634bc8cf8
[openssl/openssl] 7c82a7: Don't incorrectly skip the multiblock test
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 7c82a7a8f3a66f47f727d31691d6298d88ed158b https://github.com/openssl/openssl/commit/7c82a7a8f3a66f47f727d31691d6298d88ed158b Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M test/sslapitest.c Log Message: --- Don't incorrectly skip the multiblock test sslapitest has a test for multiblock writes. Since multiblock writing is only available on some platforms the multiblock test checks whether we are on such a platform first, and skips the test if we are not. Unfortunately a bug in the check meant that we always skipped the test regardless of the platform. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18983) Commit: 17b94de3df327e6619e52529e345a340d4a0a100 https://github.com/openssl/openssl/commit/17b94de3df327e6619e52529e345a340d4a0a100 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M .github/workflows/ci.yml Log Message: --- Ensure we build ub sanitizer builds with -DPEDANTIC Otherwise we may get spurious results from ub sanitizer. For example we assume we can tolerate some unaligned write without this define that ub sanitizer will complain about. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18983) Compare: https://github.com/openssl/openssl/compare/b7cf9dd2393d...17b94de3df32
[openssl/openssl] 01fc81: Fix SSL_pending() and SSL_has_pending() with DTLS
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 01fc812cb0aafc3cfc271303b6646d1c0a86b020 https://github.com/openssl/openssl/commit/01fc812cb0aafc3cfc271303b6646d1c0a86b020 Author: Matt Caswell Date: 2022-08-10 (Wed, 10 Aug 2022) Changed paths: M ssl/record/rec_layer_s3.c M ssl/ssl_lib.c Log Message: --- Fix SSL_pending() and SSL_has_pending() with DTLS If app data is received before a Finished message in DTLS then we buffer it to return later. The function SSL_pending() is supposed to tell you how much processed app data we have already buffered, and SSL_has_pending() is supposed to tell you if we have any data buffered (whether processed or not, and whether app data or not). Neither SSL_pending() or SSL_has_pending() were taking account of this DTLS specific app data buffer. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18976) Commit: d87e99df3162b2d56b8d44907fde88b67d7e3900 https://github.com/openssl/openssl/commit/d87e99df3162b2d56b8d44907fde88b67d7e3900 Author: Matt Caswell Date: 2022-08-10 (Wed, 10 Aug 2022) Changed paths: M test/dtlstest.c M test/ssltestlib.c M test/ssltestlib.h Log Message: --- Test that swapping the first app data record with Finished msg works If the first app data record arrives before the Finished message we should be able to buffer it and move on to the Finished message. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18976) Compare: https://github.com/openssl/openssl/compare/464883930047...d87e99df3162
[openssl/openssl] 1b89d8: Fix SSL_pending() and SSL_has_pending() with DTLS
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 1b89d835ab8a3c3e971049d090b71a52649b1423 https://github.com/openssl/openssl/commit/1b89d835ab8a3c3e971049d090b71a52649b1423 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M ssl/record/rec_layer_s3.c M ssl/ssl_lib.c Log Message: --- Fix SSL_pending() and SSL_has_pending() with DTLS If app data is received before a Finished message in DTLS then we buffer it to return later. The function SSL_pending() is supposed to tell you how much processed app data we have already buffered, and SSL_has_pending() is supposed to tell you if we have any data buffered (whether processed or not, and whether app data or not). Neither SSL_pending() or SSL_has_pending() were taking account of this DTLS specific app data buffer. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18975) Commit: d4b9a613839c07d9dd18d51106f6b94c64291402 https://github.com/openssl/openssl/commit/d4b9a613839c07d9dd18d51106f6b94c64291402 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M test/dtlstest.c M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h Log Message: --- Test that swapping the first app data record with Finished msg works If the first app data record arrives before the Finished message we should be able to buffer it and move on to the Finished message. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18975) Compare: https://github.com/openssl/openssl/compare/ba8fd22b358c...d4b9a613839c
[openssl/openssl] 5a07d9: Correct the documentation for OPENSSL_MALLOC_FD
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 5a07d91dc9e787e5e4a2ff5b41bc0ebdcb4efd0a https://github.com/openssl/openssl/commit/5a07d91dc9e787e5e4a2ff5b41bc0ebdcb4efd0a Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M doc/man3/OPENSSL_malloc.pod Log Message: --- Correct the documentation for OPENSSL_MALLOC_FD The documentation was misleading in that it suggests that this environment variable will record information about all allocations. While this is true it doesn't record the most useful information that you might expect such as the requested size of the allocation! It is mainly for use in conjunction with OPENSSL_MALLOC_FAILURES, and reports information about what chance an allocation has of failing. We also clarify that the mem_debug functions are actually no-ops in 3.0. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18967) (cherry picked from commit 2c35d61790603530d11f52eda9132ff8640f9852) Commit: b89f113149b7bd5173f4100884aab354ad6da74d https://github.com/openssl/openssl/commit/b89f113149b7bd5173f4100884aab354ad6da74d Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M crypto/mem.c Log Message: --- CRYPTO_mem_debug_push() and CRYPTO_mem_debug_pop() should return 0 Those 2 functions historically only ever returned 0 or 1. In OpenSSL 3.0 they were made no-ops and the documentation says they always return 0. In fact they were returning -1. If any application was actually using these functions then it may appear that they were actually successful (e.g. -1 could be interpreted as "true"). Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18967) (cherry picked from commit f868454257560c78570549f6a34d5918f03898a0) Compare: https://github.com/openssl/openssl/compare/8bb9fecf6341...b89f113149b7
[openssl/openssl] 2c35d6: Correct the documentation for OPENSSL_MALLOC_FD
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2c35d61790603530d11f52eda9132ff8640f9852 https://github.com/openssl/openssl/commit/2c35d61790603530d11f52eda9132ff8640f9852 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M doc/man3/OPENSSL_malloc.pod Log Message: --- Correct the documentation for OPENSSL_MALLOC_FD The documentation was misleading in that it suggests that this environment variable will record information about all allocations. While this is true it doesn't record the most useful information that you might expect such as the requested size of the allocation! It is mainly for use in conjunction with OPENSSL_MALLOC_FAILURES, and reports information about what chance an allocation has of failing. We also clarify that the mem_debug functions are actually no-ops in 3.0. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18967) Commit: f868454257560c78570549f6a34d5918f03898a0 https://github.com/openssl/openssl/commit/f868454257560c78570549f6a34d5918f03898a0 Author: Matt Caswell Date: 2022-08-17 (Wed, 17 Aug 2022) Changed paths: M crypto/mem.c Log Message: --- CRYPTO_mem_debug_push() and CRYPTO_mem_debug_pop() should return 0 Those 2 functions historically only ever returned 0 or 1. In OpenSSL 3.0 they were made no-ops and the documentation says they always return 0. In fact they were returning -1. If any application was actually using these functions then it may appear that they were actually successful (e.g. -1 could be interpreted as "true"). Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18967) Compare: https://github.com/openssl/openssl/compare/b2ccfd81025f...f86845425756
[openssl/openssl] 20394c: Revert "Note that EVP_CIPHER_get_iv_length returns...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 20394c34ef2e058a1dc7e9cf7db2546338b11eb1 https://github.com/openssl/openssl/commit/20394c34ef2e058a1dc7e9cf7db2546338b11eb1 Author: Matt Caswell Date: 2022-08-03 (Wed, 03 Aug 2022) Changed paths: M doc/man3/EVP_EncryptInit.pod Log Message: --- Revert "Note that EVP_CIPHER_get_iv_length returns negative values on error" This reverts commit 2a6275f58bdb2371c603be7f89310f7b4906e5c0. Reviewed-by: Hugo Landau Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18946) Commit: b0501275ef56950bd77950dac1382357d91f8e7f https://github.com/openssl/openssl/commit/b0501275ef56950bd77950dac1382357d91f8e7f Author: Matt Caswell Date: 2022-08-03 (Wed, 03 Aug 2022) Changed paths: M crypto/evp/evp_lib.c Log Message: --- Revert "Fix bug in EVP_CIPHER_CTX_get_iv_length()" This reverts commit f428e2112c6c795db76d804e0fcb36aac40f1477. Reviewed-by: Hugo Landau Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18946) Compare: https://github.com/openssl/openssl/compare/2a6275f58bdb...b0501275ef56
[openssl/openssl] 6d6b29: Fix SSL_pending() and SSL_has_pending() with DTLS
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 6d6b295ac39fcb0461f25fda69983d2dbb75f8f1 https://github.com/openssl/openssl/commit/6d6b295ac39fcb0461f25fda69983d2dbb75f8f1 Author: Matt Caswell Date: 2022-08-01 (Mon, 01 Aug 2022) Changed paths: M ssl/record/rec_layer_s3.c M ssl/ssl_lib.c Log Message: --- Fix SSL_pending() and SSL_has_pending() with DTLS If app data is received before a Finished message in DTLS then we buffer it to return later. The function SSL_pending() is supposed to tell you how much processed app data we have already buffered, and SSL_has_pending() is supposed to tell you if we have any data buffered (whether processed or not, and whether app data or not). Neither SSL_pending() or SSL_has_pending() were taking account of this DTLS specific app data buffer. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18868) Commit: 4000827fdbf3f6d70949186fdd2bc57638500885 https://github.com/openssl/openssl/commit/4000827fdbf3f6d70949186fdd2bc57638500885 Author: Matt Caswell Date: 2022-08-01 (Mon, 01 Aug 2022) Changed paths: M test/dtlstest.c M test/helpers/ssltestlib.c M test/helpers/ssltestlib.h Log Message: --- Test that swapping the first app data record with Finished msg works If the first app data record arrives before the Finished message we should be able to buffer it and move on to the Finished message. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18868) Compare: https://github.com/openssl/openssl/compare/0113ec8460a9...4000827fdbf3
[openssl/openssl] 5a4ba7: Give BIO_s_mem() the ability to support datagrams
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 5a4ba72f00f9b336a4d65abff822699ceb9617c6 https://github.com/openssl/openssl/commit/5a4ba72f00f9b336a4d65abff822699ceb9617c6 Author: Matt Caswell Date: 2022-07-28 (Thu, 28 Jul 2022) Changed paths: M crypto/bio/bss_mem.c M include/openssl/bio.h.in M util/libcrypto.num Log Message: --- Give BIO_s_mem() the ability to support datagrams We introduce a new BIO ctrl that switches a BIO_s_mem() into datagram mode. Packet boundaries are respected. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18596) Commit: 3bfc58ad6f150e343c75565e2b162b80ec39a28d https://github.com/openssl/openssl/commit/3bfc58ad6f150e343c75565e2b162b80ec39a28d Author: Matt Caswell Date: 2022-07-28 (Thu, 28 Jul 2022) Changed paths: M test/build.info A test/membio_test.c A test/recipes/04-test_membio.t Log Message: --- Add a test for BIO_s_mem() when using datagrams The previous commit added support to BIO_s_mem() for using datagrams. We now add tests for that functionality. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18596) Commit: ce602bb0a20589e5a84c48a55ce13219ab881e84 https://github.com/openssl/openssl/commit/ce602bb0a20589e5a84c48a55ce13219ab881e84 Author: Matt Caswell Date: 2022-07-28 (Thu, 28 Jul 2022) Changed paths: M CHANGES.md M doc/man3/BIO_s_mem.pod Log Message: --- Add some documentation for the BIO_s_mem() datagram capability Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18596) Compare: https://github.com/openssl/openssl/compare/08c00377cb82...ce602bb0a205
[openssl/openssl] a6843e: Fix no-dtls1_2
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: a6843e6ae8ae0551aae8555783f06dab7951f112 https://github.com/openssl/openssl/commit/a6843e6ae8ae0551aae8555783f06dab7951f112 Author: Matt Caswell Date: 2022-07-25 (Mon, 25 Jul 2022) Changed paths: M test/dtlstest.c Log Message: --- Fix no-dtls1_2 dtlstest.c needs some adjusting to handle no-dtls1_2 since commit 7bf2e4d7f0c banned DTLSv1 at the default security level - causing the test to fail. Reviewed-by: Tomas Mraz Reviewed-by: Todd Short Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18848)
[openssl/openssl] 65e30e: Fix ipv4_from_asc behavior on invalid Ip addresses
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 65e30e7d56f01008d29e65c9ae7a42ce074def2f https://github.com/openssl/openssl/commit/65e30e7d56f01008d29e65c9ae7a42ce074def2f Author: Amir Mohammadi Date: 2022-07-25 (Mon, 25 Jul 2022) Changed paths: M crypto/x509v3/v3_utl.c Log Message: --- Fix ipv4_from_asc behavior on invalid Ip addresses sscanf() call in ipv4_from_asc does not check that the string is terminated immediately after the last digit. (cherry picked from commit 8b9a13b43ba3d71e441fca47a52e800ce79b3d2b) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18847) Commit: bd41b84bede84c1a5716be4eafddd1dd052faa72 https://github.com/openssl/openssl/commit/bd41b84bede84c1a5716be4eafddd1dd052faa72 Author: Christian Heimes Date: 2022-07-25 (Mon, 25 Jul 2022) Changed paths: M test/x509_internal_test.c Log Message: --- Test case for a2i_IPADDRESS Unit test to show that a2i_IPADDRESS("1.2.3.4.test.example") ignores trailing data. See: https://github.com/openssl/openssl/issues/12649 See: https://bugs.python.org/issue41556 (cherry picked from commit 1a9411a30b09a98498366979a1ea4898f70f6d19) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18847) Commit: c3b0279bda7bf4f0f81a3dba952698fa68a51639 https://github.com/openssl/openssl/commit/c3b0279bda7bf4f0f81a3dba952698fa68a51639 Author: Amir Mohammadi Date: 2022-07-25 (Mon, 25 Jul 2022) Changed paths: M test/x509_internal_test.c Log Message: --- Fix test case for a2i_IPADDRESS (cherry picked from commit 9b887d5d5a8ef9aa1c3ce6e54a82ddcba25b9415) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18847) Commit: 264a3f453c418dc01f4b74928ed2a76a08a65513 https://github.com/openssl/openssl/commit/264a3f453c418dc01f4b74928ed2a76a08a65513 Author: Matt Caswell Date: 2022-07-25 (Mon, 25 Jul 2022) Changed paths: M crypto/x509v3/v3_addr.c M test/v3ext.c Log Message: --- Fix a crash in v2i_IPAddrBlocks() If an IP address prefix value is supplied that is too large then a crash can result. v2i_IPAddrBlocks() should sanity check the prefix value, as should X509v3_addr_add_prefix(). Reported by Theo Buehler (@botovq) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18847) Compare: https://github.com/openssl/openssl/compare/952fab01bebb...264a3f453c41
[openssl/openssl] bb2e11: Fix a crash in v2i_IPAddrBlocks()
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: bb2e11081aa9ec923680227d62b82a6ee416f0be https://github.com/openssl/openssl/commit/bb2e11081aa9ec923680227d62b82a6ee416f0be Author: Matt Caswell Date: 2022-07-22 (Fri, 22 Jul 2022) Changed paths: M crypto/x509/v3_addr.c M test/v3ext.c Log Message: --- Fix a crash in v2i_IPAddrBlocks() If an IP address prefix value is supplied that is too large then a crash can result. v2i_IPAddrBlocks() should sanity check the prefix value, as should X509v3_addr_add_prefix(). Reported by Theo Buehler (@botovq) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18523) (cherry picked from commit b91ad3c69c27c35be4fd7f1e8811c33c31b02afd)
[openssl/openssl] b91ad3: Fix a crash in v2i_IPAddrBlocks()
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: b91ad3c69c27c35be4fd7f1e8811c33c31b02afd https://github.com/openssl/openssl/commit/b91ad3c69c27c35be4fd7f1e8811c33c31b02afd Author: Matt Caswell Date: 2022-07-22 (Fri, 22 Jul 2022) Changed paths: M crypto/x509/v3_addr.c M test/v3ext.c Log Message: --- Fix a crash in v2i_IPAddrBlocks() If an IP address prefix value is supplied that is too large then a crash can result. v2i_IPAddrBlocks() should sanity check the prefix value, as should X509v3_addr_add_prefix(). Reported by Theo Buehler (@botovq) Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18523)
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 9c1973e1c57d7de4d57f10545b3e9c921b34df23 (commit) from 0ec286a62840c2a0de4b7a1b5063ace3338a925f (commit) - Log - commit 9c1973e1c57d7de4d57f10545b3e9c921b34df23 Author: Matt Caswell Date: Wed Feb 23 11:16:07 2022 + Fix a failure in sslapitest The SNI test in test_cert_cb_int() was always failing because it used SSL_CTX_new() instead of SSL_CTX_new_ex() and was therefore not using the correct libctx. PR #17739 amended the test to check the return value from SSL_CTX_new() which made the failure obvious. Fixes #17757 Reviewed-by: Richard Levitte Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17758) (cherry picked from commit 7e1eda483ec9ead36c05066b45ecad618475544c) --- Summary of changes: test/sslapitest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/sslapitest.c b/test/sslapitest.c index b2f3471548..de2eeec3e8 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -8075,7 +8075,7 @@ static int test_cert_cb_int(int prot, int tst) cert_cb_cnt = 0; if (tst == 2) { -snictx = SSL_CTX_new(TLS_server_method()); +snictx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method()); if (!TEST_ptr(snictx)) goto end; }
[openssl] master update
The branch master has been updated via 7e1eda483ec9ead36c05066b45ecad618475544c (commit) from 8d215738a05350baa583c47a2c52371d9cff3197 (commit) - Log - commit 7e1eda483ec9ead36c05066b45ecad618475544c Author: Matt Caswell Date: Wed Feb 23 11:16:07 2022 + Fix a failure in sslapitest The SNI test in test_cert_cb_int() was always failing because it used SSL_CTX_new() instead of SSL_CTX_new_ex() and was therefore not using the correct libctx. PR #17739 amended the test to check the return value from SSL_CTX_new() which made the failure obvious. Fixes #17757 Reviewed-by: Richard Levitte Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17758) --- Summary of changes: test/sslapitest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/sslapitest.c b/test/sslapitest.c index 8ba5d8125c..0c6a5e14c1 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -8091,7 +8091,7 @@ static int test_cert_cb_int(int prot, int tst) cert_cb_cnt = 0; if (tst == 2) { -snictx = SSL_CTX_new(TLS_server_method()); +snictx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method()); if (!TEST_ptr(snictx)) goto end; }
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 7349bf14be158ed8190d7d94dad5c6dec22e4908 (commit) via aaa583758ff42a5443ac853b19b6158791bbb8e1 (commit) via 588702d59995d29be00d4f3e2d9573ae4f3f11f9 (commit) from 0b13bd04d66d48490e7b27167b27b0086143 (commit) - Log - commit 7349bf14be158ed8190d7d94dad5c6dec22e4908 Author: Matt Caswell Date: Thu Jan 13 15:16:39 2022 + Document purpose and trust setting functions In particular: X509_STORE_CTX_set_purpose() X509_STORE_CTX_set_trust(); X509_STORE_CTX_purpose_inherit(); Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/17604) commit aaa583758ff42a5443ac853b19b6158791bbb8e1 Author: Matt Caswell Date: Thu Dec 30 16:38:28 2021 + Add a test for X509_STORE_CTX_set_purpose() This function was previously incorrectly failing if it is called with X509_PURPOSE_ANY. Add a test to catch this. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/17604) commit 588702d59995d29be00d4f3e2d9573ae4f3f11f9 Author: Matt Caswell Date: Thu Dec 30 16:37:06 2021 + Ensure X509_STORE_CTX_purpose_inherit handles a 0 default purpose The function X509_STORE_CTX_purpose_inherit() can be called with a 0 default purpose. If the main purpose was set to X509_PURPOSE_ANY this would case the function to incorrectly return an error response. Fixes #17367 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/17604) --- Summary of changes: crypto/x509/x509_vfy.c | 11 ++-- doc/man3/X509_STORE_CTX_new.pod | 69 +- test/recipes/70-test_verify_extra.t | 7 +-- test/verify_extra_test.c| 114 +--- 4 files changed, 181 insertions(+), 20 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index e404fcc602..c084aea7a7 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2201,6 +2201,12 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, /* If purpose not set use default */ if (!purpose) purpose = def_purpose; +/* + * If purpose is set but we don't have a default then set the default to + * the current purpose + */ +else if (def_purpose == 0) +def_purpose = purpose; /* If we have a purpose then check it is valid */ if (purpose) { X509_PURPOSE *ptmp; @@ -2213,11 +2219,6 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, ptmp = X509_PURPOSE_get0(idx); if (ptmp->trust == X509_TRUST_DEFAULT) { idx = X509_PURPOSE_get_by_id(def_purpose); -/* - * XXX: In the two callers above def_purpose is always 0, which is - * not a known value, so idx will always be -1. How is the - * X509_TRUST_DEFAULT case actually supposed to be handled? - */ if (idx == -1) { X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, X509_R_UNKNOWN_PURPOSE_ID); diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index aba7fff781..bd179e6274 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -11,7 +11,10 @@ X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, -X509_STORE_CTX_verify_fn +X509_STORE_CTX_verify_fn, +X509_STORE_CTX_set_purpose, +X509_STORE_CTX_set_trust, +X509_STORE_CTX_purpose_inherit - X509_STORE_CTX initialisation =head1 SYNOPSIS @@ -44,6 +47,11 @@ X509_STORE_CTX_verify_fn typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *); void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify); + int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); + int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); + int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, +int purpose, int trust); + =head1 DESCRIPTION These functions initialise an B structure for subsequent use @@ -120,6 +128,65 @@ following signature: This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure. +X509 certificates may contain information about what purposes keys contained +within them can be used for. For example "TLS WWW Server Authentication" or +"Email Protection". This "key usage" information is held internally to the +certificate itself. In addition the trust store containing trusted certificates +can declare what purposes we trust differ
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 99a8af3049661e84c52be79ed9cf377a845ab158 (commit) via d6e0042de87f9b2de4edd7152c391ab2a77b61ef (commit) via 75d6cb0d925c66b5b1f86d287c4ee1be3376cb05 (commit) from 41d979c7f5f70ab06fcf5a4880c252e40e99ad98 (commit) - Log - commit 99a8af3049661e84c52be79ed9cf377a845ab158 Author: Matt Caswell Date: Thu Jan 13 15:16:39 2022 + Document purpose and trust setting functions In particular: X509_STORE_CTX_set_purpose() X509_STORE_CTX_set_trust(); X509_STORE_CTX_purpose_inherit(); Reviewed-by: Shane Lontis Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17603) commit d6e0042de87f9b2de4edd7152c391ab2a77b61ef Author: Matt Caswell Date: Thu Dec 30 16:38:28 2021 + Add a test for X509_STORE_CTX_set_purpose() This function was previously incorrectly failing if it is called with X509_PURPOSE_ANY. Add a test to catch this. Reviewed-by: Shane Lontis Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17603) commit 75d6cb0d925c66b5b1f86d287c4ee1be3376cb05 Author: Matt Caswell Date: Thu Dec 30 16:37:06 2021 + Ensure X509_STORE_CTX_purpose_inherit handles a 0 default purpose The function X509_STORE_CTX_purpose_inherit() can be called with a 0 default purpose. If the main purpose was set to X509_PURPOSE_ANY this would case the function to incorrectly return an error response. Fixes #17367 Reviewed-by: Shane Lontis Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17603) --- Summary of changes: crypto/x509/x509_vfy.c | 11 ++-- doc/man3/X509_STORE_CTX_new.pod | 69 +++- test/recipes/70-test_verify_extra.t | 8 +-- test/verify_extra_test.c| 121 util/missingcrypto.txt | 3 - 5 files changed, 185 insertions(+), 27 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index ff3ca83de6..b407c4abf5 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2230,6 +2230,12 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, /* If purpose not set use default */ if (purpose == 0) purpose = def_purpose; +/* + * If purpose is set but we don't have a default then set the default to + * the current purpose + */ +else if (def_purpose == 0) +def_purpose = purpose; /* If we have a purpose then check it is valid */ if (purpose != 0) { X509_PURPOSE *ptmp; @@ -2242,11 +2248,6 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, ptmp = X509_PURPOSE_get0(idx); if (ptmp->trust == X509_TRUST_DEFAULT) { idx = X509_PURPOSE_get_by_id(def_purpose); -/* - * XXX: In the two callers above def_purpose is always 0, which is - * not a known value, so idx will always be -1. How is the - * X509_TRUST_DEFAULT case actually supposed to be handled? - */ if (idx == -1) { ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index 56a36bfecd..3bf964e802 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -11,7 +11,10 @@ X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, -X509_STORE_CTX_verify_fn +X509_STORE_CTX_verify_fn, +X509_STORE_CTX_set_purpose, +X509_STORE_CTX_set_trust, +X509_STORE_CTX_purpose_inherit - X509_STORE_CTX initialisation =head1 SYNOPSIS @@ -45,6 +48,11 @@ X509_STORE_CTX_verify_fn typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *); void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify); + int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); + int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); + int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, +int purpose, int trust); + =head1 DESCRIPTION These functions initialise an B structure for subsequent use @@ -155,6 +163,65 @@ following signature: This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure. +X509 certificates may contain information about what purposes keys contained +within them can be used for. For example "TLS WWW Server Authentication" or +"Email Protection". This "key usage" information is held internally to the +certificate it
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via d259be3fe23a6af97fb901699b096d6fb329b357 (commit) from 9fa43878ec74f8fa1aa70d9838d913e1c843c4e3 (commit) - Log - commit d259be3fe23a6af97fb901699b096d6fb329b357 Author: Matt Caswell Date: Wed Jan 26 12:35:30 2022 + Ensure ciphers command honours -propquery Any propquery passed via the -propquery option to the ciphers command was being ignored. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17595) (cherry picked from commit 4ed381736b063284bdbd5d302988617aa4366a3f) --- Summary of changes: apps/ciphers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/ciphers.c b/apps/ciphers.c index 9c494224a1..50bff07c29 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -187,7 +187,7 @@ int ciphers_main(int argc, char **argv) goto end; } -ctx = SSL_CTX_new(meth); +ctx = SSL_CTX_new_ex(app_get0_libctx(), app_get0_propq(), meth); if (ctx == NULL) goto err; if (SSL_CTX_set_min_proto_version(ctx, min_version) == 0)
[openssl] master update
The branch master has been updated via 4ed381736b063284bdbd5d302988617aa4366a3f (commit) from 7b75b973fbd9087714daa19e07bb92b2101eba28 (commit) - Log - commit 4ed381736b063284bdbd5d302988617aa4366a3f Author: Matt Caswell Date: Wed Jan 26 12:35:30 2022 + Ensure ciphers command honours -propquery Any propquery passed via the -propquery option to the ciphers command was being ignored. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17595) --- Summary of changes: apps/ciphers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/ciphers.c b/apps/ciphers.c index dcf0d3fa1e..d3453e915b 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -186,7 +186,7 @@ int ciphers_main(int argc, char **argv) goto end; } -ctx = SSL_CTX_new(meth); +ctx = SSL_CTX_new_ex(app_get0_libctx(), app_get0_propq(), meth); if (ctx == NULL) goto err; if (SSL_CTX_set_min_proto_version(ctx, min_version) == 0)
[openssl] master update
The branch master has been updated via 7b75b973fbd9087714daa19e07bb92b2101eba28 (commit) via 8447f2e3912c810a02ed1c8641db27ff70ded5ba (commit) via 4aa82850267defd772ddf74a88d515ef4fb566b8 (commit) from 2ce0a3d19005271e7e3c351b562d9da93e2d4c80 (commit) - Log - commit 7b75b973fbd9087714daa19e07bb92b2101eba28 Author: Matt Caswell Date: Thu Jan 13 15:16:39 2022 + Document purpose and trust setting functions In particular: X509_STORE_CTX_set_purpose() X509_STORE_CTX_set_trust(); X509_STORE_CTX_purpose_inherit(); Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17382) commit 8447f2e3912c810a02ed1c8641db27ff70ded5ba Author: Matt Caswell Date: Thu Dec 30 16:38:28 2021 + Add a test for X509_STORE_CTX_set_purpose() This function was previously incorrectly failing if it is called with X509_PURPOSE_ANY. Add a test to catch this. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17382) commit 4aa82850267defd772ddf74a88d515ef4fb566b8 Author: Matt Caswell Date: Thu Dec 30 16:37:06 2021 + Ensure X509_STORE_CTX_purpose_inherit handles a 0 default purpose The function X509_STORE_CTX_purpose_inherit() can be called with a 0 default purpose. If the main purpose was set to X509_PURPOSE_ANY this would case the function to incorrectly return an error response. Fixes #17367 Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/17382) --- Summary of changes: crypto/x509/x509_vfy.c | 11 ++-- doc/man3/X509_STORE_CTX_new.pod | 69 +++- test/recipes/70-test_verify_extra.t | 8 +-- test/verify_extra_test.c| 121 util/missingcrypto.txt | 3 - 5 files changed, 185 insertions(+), 27 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 8a7f1ba8e8..817901e6cb 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2230,6 +2230,12 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, /* If purpose not set use default */ if (purpose == 0) purpose = def_purpose; +/* + * If purpose is set but we don't have a default then set the default to + * the current purpose + */ +else if (def_purpose == 0) +def_purpose = purpose; /* If we have a purpose then check it is valid */ if (purpose != 0) { X509_PURPOSE *ptmp; @@ -2242,11 +2248,6 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, ptmp = X509_PURPOSE_get0(idx); if (ptmp->trust == X509_TRUST_DEFAULT) { idx = X509_PURPOSE_get_by_id(def_purpose); -/* - * XXX: In the two callers above def_purpose is always 0, which is - * not a known value, so idx will always be -1. How is the - * X509_TRUST_DEFAULT case actually supposed to be handled? - */ if (idx == -1) { ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index 56a36bfecd..3bf964e802 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -11,7 +11,10 @@ X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, -X509_STORE_CTX_verify_fn +X509_STORE_CTX_verify_fn, +X509_STORE_CTX_set_purpose, +X509_STORE_CTX_set_trust, +X509_STORE_CTX_purpose_inherit - X509_STORE_CTX initialisation =head1 SYNOPSIS @@ -45,6 +48,11 @@ X509_STORE_CTX_verify_fn typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *); void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify); + int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); + int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); + int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, +int purpose, int trust); + =head1 DESCRIPTION These functions initialise an B structure for subsequent use @@ -155,6 +163,65 @@ following signature: This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure. +X509 certificates may contain information about what purposes keys contained +within them can be used for. For example "TLS WWW Server Authentication" or +"Email Protection". This "key usage" information is held internally to the +certificate itself. In addition the trust store containing trusted certificates +can declare what purpose
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 46670c739d1f28c874b900e93952173d9846bec9 (commit) from 2ee3e38f8f456db4b5afb023ae0472ff79204369 (commit) - Log - commit 46670c739d1f28c874b900e93952173d9846bec9 Author: Shreenidhi Shedi Date: Wed Jan 12 20:55:38 2022 +0530 Add a comment to indicate ineffective macro EVP_MD_CTX_FLAG_NON_FIPS_ALLOW macro is obsolete and unused from openssl-3.0 onwards CLA: trivial Signed-off-by: Shreenidhi Shedi Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17484) (cherry picked from commit 79704a88eb5aa70fa506e3e59a29fcda21f428af) --- Summary of changes: include/openssl/evp.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 1850381720..be57127e36 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -205,8 +205,8 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, * don't accidentally reuse the values for other purposes. */ -# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS -* digest in FIPS mode */ +/* This flag has no effect from openssl-3.0 onwards */ +# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* * The following PAD options are also currently ignored in 1.0.0, digest
[openssl] master update
The branch master has been updated via 79704a88eb5aa70fa506e3e59a29fcda21f428af (commit) from 8c870f6bed241ec80c67453e60592461f0d8f2b8 (commit) - Log - commit 79704a88eb5aa70fa506e3e59a29fcda21f428af Author: Shreenidhi Shedi Date: Wed Jan 12 20:55:38 2022 +0530 Add a comment to indicate ineffective macro EVP_MD_CTX_FLAG_NON_FIPS_ALLOW macro is obsolete and unused from openssl-3.0 onwards CLA: trivial Signed-off-by: Shreenidhi Shedi Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17484) --- Summary of changes: include/openssl/evp.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 1850381720..be57127e36 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -205,8 +205,8 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, * don't accidentally reuse the values for other purposes. */ -# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS -* digest in FIPS mode */ +/* This flag has no effect from openssl-3.0 onwards */ +# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* * The following PAD options are also currently ignored in 1.0.0, digest
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 16535ba9b86dcb99558201e66613f018fb1d3f65 (commit) from 589e0ab4ebf35e1e73d826ad08160b9e6060e616 (commit) - Log - commit 16535ba9b86dcb99558201e66613f018fb1d3f65 Author: Matt Caswell Date: Tue Jan 11 17:13:39 2022 + Clear md_data only when necessary PR #17255 fixed a bug in EVP_DigestInit_ex(). While backporting the PR to 1.1.1 (see #17472) I spotted an error in the original patch. This fixes it. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17473) (cherry picked from commit 8086b267fb3395c53cd5fc29eea68ba4826b333d) --- Summary of changes: crypto/evp/digest.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index eb6ccfaca2..066f2a4af9 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -33,9 +33,10 @@ static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) ctx->digest->cleanup(ctx); if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 && (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) -|| force)) +|| force)) { OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; +ctx->md_data = NULL; +} } }
[openssl] master update
The branch master has been updated via 8086b267fb3395c53cd5fc29eea68ba4826b333d (commit) from 3d4d5305c292f5db62b4abf732f6682b2ada6f44 (commit) - Log - commit 8086b267fb3395c53cd5fc29eea68ba4826b333d Author: Matt Caswell Date: Tue Jan 11 17:13:39 2022 + Clear md_data only when necessary PR #17255 fixed a bug in EVP_DigestInit_ex(). While backporting the PR to 1.1.1 (see #17472) I spotted an error in the original patch. This fixes it. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17473) --- Summary of changes: crypto/evp/digest.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index cdcb60092e..d4685e6489 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -33,9 +33,10 @@ static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) ctx->digest->cleanup(ctx); if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 && (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) -|| force)) +|| force)) { OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; +ctx->md_data = NULL; +} } }
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 4c5c2a5efbc315d7926cafbd5a19044ee3e087fa (commit) via 93dd7ab35f6ccfb8bde7a7a6e38ea5817c5b54e2 (commit) from 5e7098e11581b6b3a4083a1c17889ed817e8ac22 (commit) - Log - commit 4c5c2a5efbc315d7926cafbd5a19044ee3e087fa Author: Matt Caswell Date: Wed Dec 29 16:39:11 2021 + Add a test for a custom digest created via EVP_MD_meth_new() We check that the init and cleanup functions for the custom method are called as expected. Based on an original reproducer by Dmitry Belyavsky from issue #17149. Reviewed-by: Paul Dale Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/17472) commit 93dd7ab35f6ccfb8bde7a7a6e38ea5817c5b54e2 Author: Matt Caswell Date: Fri Dec 10 17:17:27 2021 + Fix a leak in EVP_DigestInit_ex() If an EVP_MD_CTX is reused then memory allocated and stored in md_data can be leaked unless the EVP_MD's cleanup function is called. Fixes #17149 Reviewed-by: Paul Dale Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/17472) --- Summary of changes: crypto/evp/digest.c | 32 + test/evp_extra_test.c | 78 +++ 2 files changed, 99 insertions(+), 11 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index d1bfa274ca..41ecdd8e5a 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -15,6 +15,22 @@ #include "crypto/evp.h" #include "evp_local.h" + +static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) +{ +if (ctx->digest != NULL) { +if (ctx->digest->cleanup != NULL +&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) +ctx->digest->cleanup(ctx); +if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 +&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) +|| force)) { +OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); +ctx->md_data = NULL; +} +} +} + /* This call frees resources associated with the context */ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) { @@ -25,13 +41,8 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because * sometimes only copies of the context are ever finalised. */ -if (ctx->digest && ctx->digest->cleanup -&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) -ctx->digest->cleanup(ctx); -if (ctx->digest && ctx->digest->ctx_size && ctx->md_data -&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -} +cleanup_old_md_data(ctx, 0); + /* * pctx should be freed by the user of EVP_MD_CTX * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set @@ -76,6 +87,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if (ctx->engine && ctx->digest && (type == NULL || (type->type == ctx->digest->type))) goto skip_to_init; + if (type) { /* * Ensure an ENGINE left lying around from last time is cleared (the @@ -119,10 +131,8 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) } #endif if (ctx->digest != type) { -if (ctx->digest && ctx->digest->ctx_size) { -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; -} +cleanup_old_md_data(ctx, 1); + ctx->digest = type; if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index e4a0b180d7..538bff4659 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1762,6 +1762,83 @@ static int test_EVP_PKEY_set1_DH(void) } #endif /* OPENSSL_NO_DH */ +typedef struct { +int data; +} custom_dgst_ctx; + +static int custom_md_init_called = 0; +static int custom_md_cleanup_called = 0; + +static int custom_md_init(EVP_MD_CTX *ctx) +{ +custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx); + +if (p == NULL) +return 0; + +custom_md_init_called++; +return 1; +} + +static int custom_md_cleanup(EVP_MD_CTX *ctx) +{ +custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx); + +if (p == NULL) +/* Nothing to do */ +return 1; + +custom_md_cleanup_called++; +return 1; +} + +static int test_cust
[openssl] master update
The branch master has been updated via 7ee992a5d931ab5ad9df00d2d8e47e1b7a72d7ac (commit) from fbbe7202eba9fba243c18513f4f0316dafb3496d (commit) - Log - commit 7ee992a5d931ab5ad9df00d2d8e47e1b7a72d7ac Author: Matt Caswell Date: Thu Dec 23 13:59:12 2021 + Statically link the legacy provider to endecode_test We already statically link libcrypto to endecode_test even in a "shared" build. This can cause problems on some platforms with tests that load the legacy provider which is dynamically linked to libcrypto. Two versions of libcrypto are then linked to the same executable which can lead to crashes. Fixes #17059 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17345) --- Summary of changes: crypto/build.info| 4 ++-- test/build.info | 8 test/endecode_test.c | 14 ++ 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/crypto/build.info b/crypto/build.info index efca6cc105..8c7a3a9c22 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -74,8 +74,8 @@ DEFINE[../providers/libfips.a]=$CPUIDDEF # already gets everything that the static libcrypto.a has, and doesn't need it # added again. IF[{- !$disabled{module} && !$disabled{shared} -}] - SOURCE[../providers/liblegacy.a]=$CPUID_COMMON - DEFINE[../providers/liblegacy.a]=$CPUIDDEF + SOURCE[../providers/legacy]=$CPUID_COMMON + DEFINE[../providers/legacy]=$CPUIDDEF ENDIF # Implementations are now spread across several libraries, so the CPUID define diff --git a/test/build.info b/test/build.info index ec4bd8d5db..188b850beb 100644 --- a/test/build.info +++ b/test/build.info @@ -867,6 +867,14 @@ IF[{- !$disabled{tests} -}] SOURCE[endecode_test]=endecode_test.c helpers/predefined_dhparams.c INCLUDE[endecode_test]=.. ../include ../apps/include DEPEND[endecode_test]=../libcrypto.a libtestutil.a + IF[{- !$disabled{module} && !$disabled{legacy} -}] +DEFINE[endecode_test]=STATIC_LEGACY +SOURCE[endecode_test]=../providers/legacyprov.c +INCLUDE[endecode_test]=../providers/common/include \ + ../providers/implementations/include +DEPEND[endecode_test]=../providers/liblegacy.a \ + ../providers/libcommon.a + ENDIF IF[{- !$disabled{'deprecated-3.0'} -}] PROGRAMS{noinst}=endecoder_legacy_test diff --git a/test/endecode_test.c b/test/endecode_test.c index 1698867b40..0c33dff0ee 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -26,6 +26,10 @@ #include "helpers/predefined_dhparams.h" #include "testutil.h" +#ifdef STATIC_LEGACY +OSSL_provider_init_fn ossl_legacy_provider_init; +#endif + /* Extended test macros to allow passing file & line number */ #define TEST_FL_ptr(a) test_ptr(file, line, #a, a) #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n) @@ -1305,6 +1309,16 @@ int setup_tests(void) return 0; } +#ifdef STATIC_LEGACY +/* + * This test is always statically linked against libcrypto. We must not + * attempt to load legacy.so that might be dynamically linked against + * libcrypto. Instead we use a built-in version of the legacy provider. + */ +if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init)) +return 0; +#endif + /* Separate provider/ctx for generating the test data */ if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new())) return 0;
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via afaa7755aa3e577348e1267d5ad34da695292917 (commit) via fa2029250e38947ebd68a9b5861bedaa2384d85d (commit) via 43927f81a5d1ea1d32508430eee2df85736ba105 (commit) from 617203e64f17371b95fc8d64fc7fde9f8bc6e9db (commit) - Log - commit afaa7755aa3e577348e1267d5ad34da695292917 Author: Matt Caswell Date: Wed Dec 29 16:39:11 2021 + Add a test for a custom digest created via EVP_MD_meth_new() We check that the init and cleanup functions for the custom method are called as expected. Based on an original reproducer by Dmitry Belyavsky from issue #17149. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) (cherry picked from commit fbbe7202eba9fba243c18513f4f0316dafb3496d) commit fa2029250e38947ebd68a9b5861bedaa2384d85d Author: Matt Caswell Date: Fri Dec 10 17:17:27 2021 + Fix a leak in EVP_DigestInit_ex() If an EVP_MD_CTX is reused then memory allocated and stored in md_data can be leaked unless the EVP_MD's cleanup function is called. Fixes #17149 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) (cherry picked from commit 357bccc8ba64ec8a5f587b04b5d6b6ca9e8dcbdc) commit 43927f81a5d1ea1d32508430eee2df85736ba105 Author: Matt Caswell Date: Fri Dec 10 16:53:02 2021 + Ensure that MDs created via EVP_MD_meth_new() go down the legacy route MDs created via EVP_MD_meth_new() are inherently legacy and therefore need to go down the legacy route when they are used. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) (cherry picked from commit d9ad5b16b32172df6f7d02cfb1c339cc85d0db01) --- Summary of changes: crypto/evp/digest.c | 34 - test/evp_extra_test.c | 85 +++ 2 files changed, 104 insertions(+), 15 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index d92059cbcc..eb6ccfaca2 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -25,6 +25,19 @@ #include "crypto/evp.h" #include "evp_local.h" +static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) +{ +if (ctx->digest != NULL) { +if (ctx->digest->cleanup != NULL +&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) +ctx->digest->cleanup(ctx); +if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 +&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) +|| force)) +OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); +ctx->md_data = NULL; +} +} void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force) { @@ -41,12 +54,7 @@ void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force) * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because * sometimes only copies of the context are ever finalised. */ -if (ctx->digest && ctx->digest->cleanup -&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) -ctx->digest->cleanup(ctx); -if (ctx->digest && ctx->digest->ctx_size && ctx->md_data -&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) || force)) -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); +cleanup_old_md_data(ctx, force); if (force) ctx->digest = NULL; @@ -207,7 +215,8 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) || tmpimpl != NULL #endif -|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) { +|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0 +|| type->origin == EVP_ORIG_METH) { if (ctx->digest == ctx->fetched_digest) ctx->digest = NULL; EVP_MD_free(ctx->fetched_digest); @@ -215,10 +224,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, goto legacy; } -if (ctx->digest != NULL && ctx->digest->ctx_size > 0) { -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; -} +cleanup_old_md_data(ctx, 1); /* Start of non-legacy code below */ @@ -307,10 +313,8 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, } #endif if (ctx->digest != type) { -if (ctx->digest && ctx->digest->ctx_size) { -OPENSSL_clear_free(ctx->md_
[openssl] master update
The branch master has been updated via fbbe7202eba9fba243c18513f4f0316dafb3496d (commit) via 357bccc8ba64ec8a5f587b04b5d6b6ca9e8dcbdc (commit) via d9ad5b16b32172df6f7d02cfb1c339cc85d0db01 (commit) from 64a8f6008acce93d0bf184559c63e66c0cc0e23d (commit) - Log - commit fbbe7202eba9fba243c18513f4f0316dafb3496d Author: Matt Caswell Date: Wed Dec 29 16:39:11 2021 + Add a test for a custom digest created via EVP_MD_meth_new() We check that the init and cleanup functions for the custom method are called as expected. Based on an original reproducer by Dmitry Belyavsky from issue #17149. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) commit 357bccc8ba64ec8a5f587b04b5d6b6ca9e8dcbdc Author: Matt Caswell Date: Fri Dec 10 17:17:27 2021 + Fix a leak in EVP_DigestInit_ex() If an EVP_MD_CTX is reused then memory allocated and stored in md_data can be leaked unless the EVP_MD's cleanup function is called. Fixes #17149 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) commit d9ad5b16b32172df6f7d02cfb1c339cc85d0db01 Author: Matt Caswell Date: Fri Dec 10 16:53:02 2021 + Ensure that MDs created via EVP_MD_meth_new() go down the legacy route MDs created via EVP_MD_meth_new() are inherently legacy and therefore need to go down the legacy route when they are used. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17255) --- Summary of changes: crypto/evp/digest.c | 34 - test/evp_extra_test.c | 85 +++ 2 files changed, 104 insertions(+), 15 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 322cfe7646..cdcb60092e 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -25,6 +25,19 @@ #include "crypto/evp.h" #include "evp_local.h" +static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) +{ +if (ctx->digest != NULL) { +if (ctx->digest->cleanup != NULL +&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) +ctx->digest->cleanup(ctx); +if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 +&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) +|| force)) +OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); +ctx->md_data = NULL; +} +} void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force) { @@ -41,12 +54,7 @@ void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force) * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because * sometimes only copies of the context are ever finalised. */ -if (ctx->digest && ctx->digest->cleanup -&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) -ctx->digest->cleanup(ctx); -if (ctx->digest && ctx->digest->ctx_size && ctx->md_data -&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) || force)) -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); +cleanup_old_md_data(ctx, force); if (force) ctx->digest = NULL; @@ -208,7 +216,8 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, || tmpimpl != NULL # endif #endif -|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) { +|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0 +|| type->origin == EVP_ORIG_METH) { if (ctx->digest == ctx->fetched_digest) ctx->digest = NULL; EVP_MD_free(ctx->fetched_digest); @@ -216,10 +225,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, goto legacy; } -if (ctx->digest != NULL && ctx->digest->ctx_size > 0) { -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; -} +cleanup_old_md_data(ctx, 1); /* Start of non-legacy code below */ @@ -308,10 +314,8 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, } #endif if (ctx->digest != type) { -if (ctx->digest && ctx->digest->ctx_size) { -OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -ctx->md_data = NULL; -} +cleanup_old_md_data(ctx, 1); + ctx->digest = type; if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->up
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 824b0d56e757f4a5c0f8af48add768db33d8ce51 (commit) from 5713edd873e87a620fbb8be90c7bc1a51fa43c5c (commit) - Log - commit 824b0d56e757f4a5c0f8af48add768db33d8ce51 Author: Matt Caswell Date: Wed Dec 29 14:44:00 2021 + Fix the symbol_presence test with a shlib_variant If a shlib_variant is used then the dynamic version information for symbols will be different from what the symbol presence test was expecting. We just make it more liberal about what it accepts as dynamic version information. Fixes #17366 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17372) (cherry picked from commit 805bdac5f37bb820658f70269941086bef6c085b) --- Summary of changes: test/recipes/01-test_symbol_presence.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index efe0760c25..5530ade0ad 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -76,7 +76,7 @@ foreach my $libname (@libnames) { # Drop the first space and everything following it s| .*||; # Drop OpenSSL dynamic version information if there is any -s|\@\@OPENSSL_[0-9._]+[a-z]?$||; +s|\@\@.+$||; # Return the result $_ }
[openssl] master update
The branch master has been updated via 805bdac5f37bb820658f70269941086bef6c085b (commit) from ad1a1d715dcab875dafd6e792b8eb65eb84d6b9f (commit) - Log - commit 805bdac5f37bb820658f70269941086bef6c085b Author: Matt Caswell Date: Wed Dec 29 14:44:00 2021 + Fix the symbol_presence test with a shlib_variant If a shlib_variant is used then the dynamic version information for symbols will be different from what the symbol presence test was expecting. We just make it more liberal about what it accepts as dynamic version information. Fixes #17366 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17372) --- Summary of changes: test/recipes/01-test_symbol_presence.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index efe0760c25..5530ade0ad 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -76,7 +76,7 @@ foreach my $libname (@libnames) { # Drop the first space and everything following it s| .*||; # Drop OpenSSL dynamic version information if there is any -s|\@\@OPENSSL_[0-9._]+[a-z]?$||; +s|\@\@.+$||; # Return the result $_ }
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via c680b3f9c1ed6f70d68c3c597ee4e99b4ce0fa55 (commit) from 5da141ff6c617505777bee174bab8d58f8b7cae5 (commit) - Log - commit c680b3f9c1ed6f70d68c3c597ee4e99b4ce0fa55 Author: Matt Caswell Date: Thu Dec 9 16:27:47 2021 + Ensure s_client sends SNI data when used with -proxy The use of -proxy prevented s_client from correctly sending the target hostname as SNI data. Fixes #17232 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17249) --- Summary of changes: apps/s_client.c | 11 +++ 1 file changed, 11 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index 121cd1444f..00effc8037 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -938,6 +938,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; +char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1588,6 +1589,15 @@ int s_client_main(int argc, char **argv) "%s: -proxy argument malformed or ambiguous\n", prog); goto end; } +if (servername == NULL && !noservername) { +res = BIO_parse_hostserv(connectstr, _alloc, NULL, BIO_PARSE_PRIO_HOST); +if (!res) { +BIO_printf(bio_err, +"%s: -connect argument malformed or ambiguous\n", prog); +goto end; +} +servername = sname_alloc; +} } else { int res = 1; char *tmp_host = host, *tmp_port = port; @@ -3149,6 +3159,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif +OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost);
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 5713edd873e87a620fbb8be90c7bc1a51fa43c5c (commit) from db82fa2ac4ac9bed62e82d96561964aee9969d6b (commit) - Log - commit 5713edd873e87a620fbb8be90c7bc1a51fa43c5c Author: Matt Caswell Date: Thu Dec 9 16:27:47 2021 + Ensure s_client sends SNI data when used with -proxy The use of -proxy prevented s_client from correctly sending the target hostname as SNI data. Fixes #17232 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17248) (cherry picked from commit ea24196ef224d3aa3aaecb804bb7a0a100a2) --- Summary of changes: apps/s_client.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index 30a9b34ccb..3240467fb2 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -843,6 +843,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; +char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1530,6 +1531,14 @@ int s_client_main(int argc, char **argv) goto opthelp; } +if (servername == NULL && !noservername) { +servername = sname_alloc = OPENSSL_strdup(host); +if (sname_alloc == NULL) { +BIO_printf(bio_err, "%s: out of memory\n", prog); +goto end; +} +} + /* Retain the original target host:port for use in the HTTP proxy connect string */ thost = OPENSSL_strdup(host); tport = OPENSSL_strdup(port); @@ -3038,6 +3047,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif +OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost);
[openssl] master update
The branch master has been updated via ea24196ef224d3aa3aaecb804bb7a0a100a2 (commit) from ff7cdc15875293a330831a80d83edbafd25a9d36 (commit) - Log - commit ea24196ef224d3aa3aaecb804bb7a0a100a2 Author: Matt Caswell Date: Thu Dec 9 16:27:47 2021 + Ensure s_client sends SNI data when used with -proxy The use of -proxy prevented s_client from correctly sending the target hostname as SNI data. Fixes #17232 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17248) --- Summary of changes: apps/s_client.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index cdff15a1b6..1d73e1b39e 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -847,6 +847,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; +char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1541,6 +1542,14 @@ int s_client_main(int argc, char **argv) goto opthelp; } +if (servername == NULL && !noservername) { +servername = sname_alloc = OPENSSL_strdup(host); +if (sname_alloc == NULL) { +BIO_printf(bio_err, "%s: out of memory\n", prog); +goto end; +} +} + /* Retain the original target host:port for use in the HTTP proxy connect string */ thost = OPENSSL_strdup(host); tport = OPENSSL_strdup(port); @@ -3053,6 +3062,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif +OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost);
[openssl] master update
The branch master has been updated via 0fcf2351ecff5db21cba431704e4da631b74904a (commit) via 752aa4a6f0f3098258fb6be5592fd18929da59c0 (commit) via 3269c8bd9489cf9b03abceab5dee24f831a5e492 (commit) via 6894e20b50c1204bfc990093b4e7ccd10f92865d (commit) via c1c1bb7c5e2baa109baec62d2af09d24caae5557 (commit) via 5eef9e1deb11d769dff3b76a21634e39bd56 (commit) from 32a3b9b766315a799982ddda82dc40c338b614f7 (commit) - Log - commit 0fcf2351ecff5db21cba431704e4da631b74904a Author: Matt Caswell Date: Fri Dec 3 15:28:31 2021 + Add a test case for the name constraints bug Where a chain has name constraints but a certificate does not have a SAN extension but the CN meets the constraints, then this should be acceptable. However, and OpenSSL bug meant that an internal error was being reported. This adds a test case for that scenario. Test for CVE-2021-4044 Reviewed-by: Tomas Mraz commit 752aa4a6f0f3098258fb6be5592fd18929da59c0 Author: Matt Caswell Date: Fri Dec 3 15:18:27 2021 + Add a TLS test for name constraints with an EE cert without a SAN It is valid for name constraints to be in force but for there to be no SAN extension in a certificate. Previous versions of OpenSSL mishandled this. Test for CVE-2021-4044 Reviewed-by: Tomas Mraz commit 3269c8bd9489cf9b03abceab5dee24f831a5e492 Author: Matt Caswell Date: Thu Dec 2 17:26:15 2021 + Add a new Name Constraints test cert Add a cert which complies with the name constraints but has no SAN extension Reviewed-by: Tomas Mraz commit 6894e20b50c1204bfc990093b4e7ccd10f92865d Author: Tobias Nießen Date: Mon Nov 29 03:41:20 2021 + Fix infinite verification loops due to has_san_id Where name constraints apply, X509_verify() would incorrectly report an internal error in the event that a certificate has no SAN extension. CVE-2021-4044 Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell commit c1c1bb7c5e2baa109baec62d2af09d24caae5557 Author: Matt Caswell Date: Fri Dec 3 15:56:58 2021 + Fix invalid handling of verify errors in libssl In the event that X509_verify() returned an internal error result then libssl would mishandle this and set rwstate to SSL_RETRY_VERIFY. This subsequently causes SSL_get_error() to return SSL_ERROR_WANT_RETRY_VERIFY. That return code is supposed to only ever be returned if an application is using an app verify callback to complete replace the use of X509_verify(). Applications may not be written to expect that return code and could therefore crash (or misbehave in some other way) as a result. CVE-2021-4044 Reviewed-by: Tomas Mraz commit 5eef9e1deb11d769dff3b76a21634e39bd56 Author: Matt Caswell Date: Tue Dec 14 13:15:58 2021 + Update CHANGES and NEWS for new release Reviewed-by: Richard Levitte --- Summary of changes: CHANGES.md | 26 - NEWS.md | 12 +++--- crypto/x509/x509_vfy.c | 2 +- ssl/ssl_cert.c | 15 ++-- ssl/statem/statem_clnt.c | 2 +- test/certs/goodcn2-cert.pem | 19 test/certs/{ncca1-cert.pem => goodcn2-chain.pem} | 19 test/certs/goodcn2-key.pem | 28 +++ test/certs/mkcert.sh | 29 +--- test/certs/setup.sh | 6 + test/recipes/25-test_verify.t| 5 +++- test/ssl-tests/01-simple.cnf | 26 - test/ssl-tests/01-simple.cnf.in | 12 ++ 13 files changed, 183 insertions(+), 18 deletions(-) create mode 100644 test/certs/goodcn2-cert.pem copy test/certs/{ncca1-cert.pem => goodcn2-chain.pem} (52%) create mode 100644 test/certs/goodcn2-key.pem diff --git a/CHANGES.md b/CHANGES.md index 11e5864c83..8fd7e7288a 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -72,13 +72,37 @@ OpenSSL 3.1 ### Changes between 3.0.0 and 3.0.1 [xx XXX ] + * Fixed invalid handling of X509_verify_cert() internal errors in libssl + Internally libssl in OpenSSL calls X509_verify_cert() on the client side to + verify a certificate supplied by a server. That function may return a + negative return value to indicate an internal error (for example out of + memory). Such a negative return value is mishandled by OpenSSL and will cause + an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate + success and a subsequen
[openssl] OpenSSL_1_1_1m create
The annotated tag OpenSSL_1_1_1m has been created at a38e83deaf94cf3c1158b9d93f9083396757ce55 (tag) tagging ac3cef223a4c61d6bee34527b6d4c8c6432494a7 (commit) replaces OpenSSL_1_1_1l tagged by Matt Caswell on Tue Dec 14 15:45:01 2021 + - Log - OpenSSL 1.1.1m release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmG4u/0RHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJFewwf9G8f/XdZCd78zLY7wAIpT3XIkHMgzRvOb 1EXk0pQ0dkdN5JUsHhH1aPOKEd9WtXnVAoY4mPkpXJQflGZWQ6Y4lpO6Hx73423X loiRP1P5o308jmFyZBk5NTGqHBRmLXPkRyJd7L+XFYiLOdmsv/Ye9hoAhuVd62tx 1ZMWBcxuemvVuLmFG87Pt6JfW1ercWzbXRHlcTbe6CzRU0F47Yg9V3H3Gh2LaFrF aIgVlnNNxbjaFro7E1/3kIRfSCyF153gutIDKRDMit3iAbHzS4f7VYcT02YVH/N8 fNyfSTfCJHubuH3Aa37iLaIidn2WVSOPbKVGPmFvC+Z2fkE+cEEk0Q== =Qi2w -END PGP SIGNATURE- Allan Jude (1): Fix detection of ARMv7 and ARM64 CPU features on FreeBSD Bernd Edlinger (19): Fix the array size of dtlsseq in tls1_enc Avoid using undefined value in generate_stateless_cookie_callback Fix some strict gcc-12 warnings Check for null-pointer dereference in dh_cms_set_peerkey Fix instances of pointer addition with the NULL pointer Fix enable-asan with C++ buildtest Fix the "Out of memory" EVP KDF scrypt test Fix no-tls1_3 tests Use applink to fix windows tests Fix a NPD bug in engines/e_dasync.c Fix a memory leak in the afalg engine Fix some possible memory leaks in EVP_CipherInit_ex Fix double-free in e_dasync.c Fix a memory leak in tls_parse_stoc_key_share Fix a memory leak in ssl_create_cipher_list Avoid loading of a dynamic engine twice Add a test case for duplicate engine loading Fix a deadlock in OBJ_NAME_add Fix a carry overflow bug in bn_sqr_comba4/8 for mips 32-bit targets Chenglong Zhang (1): Fix speed, use OPENSSL_free instead of free Daniel Krügler (1): Ensure that _GNU_SOURCE is defined for bss_dgram.c David Carlier (1): Darwin platform allows to build on releases before Yosemite/ios 8. Dmitry Belyavskiy (2): Bindhost/bindport should be freed No EtM for GOST ciphers Dr. David von Oheimb (4): BIO_push.pod: fix confusing text and add details on corner cases Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE BIO_f_ssl.pod: Make clear where an SSL BIOs are expected as an argument OBJ_nid2obj.pod: Replace remaining 'B<' by 'I<' were appropriate Dr. Matthias St. Pierre (1): doc/man3/SSL_set_fd.pod: add note about Windows compiler warning Lenny Primak (1): MacOS prior to 10.12 does not support random API correctly Matt Caswell (15): Prepare for 1.1.1m-dev Clarify what SSL_get_session() does on the server side in TLSv1.3 Correct the documentation for SSL_set_num_tickets() New extensions can be sent in a certificate request Extend custom extension testing Ensure pkey_set_type handles ENGINE references correctly Add tests for ENGINE problems Fix the s_server psk_server_cb for use in DTLS Fix no-cmac Fix a gcc 11.2.0 warning Reset the rwstate before calling ASYNC_start_job() Clarify and correct the EVP_CTRL_AEAD_SET_TAG docs Fix documentation for tlsext_ticket_key Update copyright year Prepare for 1.1.1m release Mattias Ellert (1): Openssl fails to compile on Debian with kfreebsd kernels (kfreebsd-amd64, kfreebsd-i386). The error reported by the compiler is: Mingjun.Yang (1): Add sm2 encryption test case from GM/T 0003.5-2012 Nicola Tuveri (3): Add tests for i2d_TYPE_fp and d2i_TYPE_fp Fix d2i_ECPKParameters_fp and i2d_ECPKParameters_fp macros [ec] Do not default to OPENSSL_EC_NAMED_CURVE for curves without OID Nikita Ivanov (1): Fix nc_email to check ASN1 strings with NULL byte in the middle PW Hu (2): Fix some documentation errors related to return values Fix: invoking x509_name_cannon improperly Pauli (3): doc: document the rsa_oaep_md: pkeyopt speed: range check the argument given to -multi for 1.1.1 doc: fix macro name Peiwei Hu (2): test/ssl_old_test.c: Fix potential leak Fix BIO_get_md_ctx return value check Richard Levitte (12): test/ec_internal_test: link with libapps.a too VMS: Compensate for compiler type incompatibility DOCS: Update the page for 'openssl passwd' to not duplicate some info VMS: Fix misspelt type Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries Fix test/recipes/01-test_symbol_presence.t to disregard version info ERR: Add a missing common reason string DOC: Add a few previously documented functions TEST: Enable and fix test_bn2padded() in test/bntest.c Fix faulty detail in BN_rand() manual Add some CHANGES entries for 1.1
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via e9dc49c009a34b429d6dddcbb1813efa561481c7 (commit) via ac3cef223a4c61d6bee34527b6d4c8c6432494a7 (commit) from b82cf49c6c3b5fae12bd21885e02eda6430a601f (commit) - Log - commit e9dc49c009a34b429d6dddcbb1813efa561481c7 Author: Matt Caswell Date: Tue Dec 14 15:45:09 2021 + Prepare for 1.1.1n-dev Reviewed-by: Richard Levitte commit ac3cef223a4c61d6bee34527b6d4c8c6432494a7 Author: Matt Caswell Date: Tue Dec 14 15:45:01 2021 + Prepare for 1.1.1m release Reviewed-by: Richard Levitte --- Summary of changes: CHANGES| 6 +- NEWS | 6 +- README | 2 +- include/openssl/opensslv.h | 4 ++-- 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 21f63950d1..8a33c22774 100644 --- a/CHANGES +++ b/CHANGES @@ -7,7 +7,11 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. - Changes between 1.1.1l and 1.1.1m [xx XXX ] + Changes between 1.1.1m and 1.1.1n [xx XXX ] + + *) + + Changes between 1.1.1l and 1.1.1m [14 Dec 2021] *) Avoid loading of a dynamic engine twice. diff --git a/NEWS b/NEWS index ecbe5c2b21..a10c981491 100644 --- a/NEWS +++ b/NEWS @@ -5,7 +5,11 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [under development] + Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [under development] + + o + + Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021] o None diff --git a/README b/README index 0ac818f779..faf32e4cc9 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 1.1.1m-dev + OpenSSL 1.1.1n-dev Copyright (c) 1998-2021 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h index 2a5fb9f46f..094082bd99 100644 --- a/include/openssl/opensslv.h +++ b/include/openssl/opensslv.h @@ -39,8 +39,8 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x101010d0L -# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.1m-dev xx XXX " +# define OPENSSL_VERSION_NUMBER 0x101010e0L +# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.1n-dev xx XXX " /*- * The macros below are to be used for shared library (.so, .dll, ...)