some bugs
hi! i would like to report some bugs in ssleay. unfortunately i don't have diffs against latest openssl source, but the fixes are really small, so i hope it's not too much trouble to incorporate them. 1) crypto/bio/b_printf.c uses static buffer for vsprintf which might overflow. we should use vsnprintf. no source code to fix this bug :( 2) crypto/bio/bf_buff.c buffer_ctrl BIO_CTRL_FLUSH must flush the underlying bios after write. (insert BIO_ctrl(b-next_bio,cmd,num,ptr); before last break;) 3) crypto/bio/bf_buff.c buffer_gets does not insert final '\n' into buffer. so it is not semanticaly equivalent with fgets. this is my version of buffer_gets: static int buffer_gets(b,buf,size) BIO *b; char *buf; int size; { BIO_F_BUFFER_CTX *ctx; int num=0,i; char *p; ctx=(BIO_F_BUFFER_CTX *)b-ptr; size-= 2; /* leave room for '\n' and '\0' */ BIO_clear_retry_flags(b); for (;;) { if (ctx-ibuf_len != 0) { p= (ctx-ibuf[ctx-ibuf_off]); for (i=0;i ctx-ibuf_len i size p[i] != '\n'; i++) { *(buf++)=p[i]; } num+=i; size-=i; ctx-ibuf_len-=i; ctx-ibuf_off+=i; *buf= '\0'; if (p[i] == '\n') /* append linefeed */ { *(buf++)='\n'; *buf='\0'; num++; size--; ctx-ibuf_len--; ctx-ibuf_off++; return(num); } else if( i == size )/* output buffer full */ { return(num); } } else/* read another chunk */ { i=BIO_read(b-next_bio,ctx-ibuf,ctx-ibuf_size); if (i = 0) { BIO_copy_next_retry(b); if (i 0) return((num 0)?num:i); if (i == 0) return(num); } ctx-ibuf_len=i; ctx-ibuf_off=0; } } } 4) crypto/bio/bss_sock.c BIO_sock_should_retry has following code: #if defined(WINDOWS) /* more microsoft stupidity */ if ((i == -1) (err == 0)) return(1); #endif i'm almost sure that this check is not needed. SSLeay 0.6.6 did not have this check and it worked fine. in SSLeay 0.8.1 the function looked like this: #ifndef BIO_FD int BIO_sock_should_retry(i) #else int BIO_fd_should_retry(i) #endif int i; { if ((i == 0) || (i == -1)) { #if !defined(BIO_FD) defined(WINDOWS) errno=WSAGetLastError(); #endif #if defined(WINDOWS) /* more microsoft stupidity */ if ((i == -1) (errno == 0)) return(1); #endif #ifndef BIO_FD return(BIO_sock_non_fatal_error(errno)); #else return(BIO_fd_non_fatal_error(errno)); #endif } return(0); } using errno before WSAGetLastError is nasty bug. under Borland C for example errno is defined as #define errno (*__errno()) and __errno is function which allocates thread local variable for errno and returns pointer to it. but the allocation of this variable is done via system calls which reset the value returned by GetLastError (aka WSAGetLastError) so the errno is always 0. and then they compensated this by adding this check. this check really hurts when i use non-blocking sockets under windows and there is some non-io error during SSL handshake the handshake will never finish. for example if i have a empty list of ciphers: ssl3_connect in s3_pkt.c has at start WSASetLastError(0); ssl3_client_hello creates list of ciphers, finds it is empty and returns -1. now i will call BIO_sock_should_retry(i) to determine if it is fatal error or should i retry. but there is check in BIO_sock_should_retry which says that i must retry even when the error is fatal. 5) crypto/err/err.c ERR_get_state has static variable fallback. this should be initalized before returning pointer to it. 6) crypto/rsa/rsa_enc.c RSA_eay_mod_exp at the end: - BN_CTX_free(ctx); + if (ctx != NULL ) BN_CTX_free(ctx); 7) crypto/x509/x509name.c X509_NAME_add_entry frees wrong name entry in case of error: err: if (new_name != NULL) -
RE: Certificte extensions: thoughts.
Currently V3 extension support is almost absent. We've done almost all of what you're suggesting: typedef struct x509_extension_method_st { int nid; void (*clear)(); int (*get_bool)(); // used if extn is ASN1_BIT_STRING int (*set_bool)(); int (*get_str)(); // used if extn is ASN1_STRING or array of them int (*set_str)(); char *(*get_struct)(); // used if extn is constructed type int (*set_struct)(); ASN1_OCTET_STRING *(*a2i)(); int (*i2a)(); } X509_EXTENSION_METHOD; We've integrated this into the X509 code (i.e., for Certs and CRL's), as well as the req and ca apps. For example, here's a snippet from a config file: [ gto_root_extensions ] keyUsage = critical|nonRepudiation|digitalSignature|keyCertSign certificatePolicies = critical,2.16.840.1.113731.9.2.1,cps,http://www.gto.com/cps basicConstraints = critical,TRUE authorityInfoAccess = id-ad-ocspResponder,http://www.gto.com/ocspv1 (We've got a good chunk, but not all, of the PKIX extensions implemented.) We'd love to see this code adopted by the project. We've held back from being public before because we were waiting to hear back from Eric -- we wanted to avoid version and architecture skew. But since things are open right now... /r$ __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Certificte extensions: thoughts.
[EMAIL PROTECTED] wrote: Currently V3 extension support is almost absent. We've done almost all of what you're suggesting: typedef struct x509_extension_method_st { int nid; void (*clear)(); int (*get_bool)(); // used if extn is ASN1_BIT_STRING int (*set_bool)(); int (*get_str)(); // used if extn is ASN1_STRING or array of them int (*set_str)(); char *(*get_struct)(); // used if extn is constructed type int (*set_struct)(); ASN1_OCTET_STRING *(*a2i)(); int (*i2a)(); } X509_EXTENSION_METHOD; We've integrated this into the X509 code (i.e., for Certs and CRL's), as well as the req and ca apps. For example, here's a snippet from a config file: [ gto_root_extensions ] keyUsage = critical|nonRepudiation|digitalSignature|keyCertSign certificatePolicies = critical,2.16.840.1.113731.9.2.1,cps,http://www.gto.com/cps basicConstraints = critical,TRUE authorityInfoAccess = id-ad-ocspResponder,http://www.gto.com/ocspv1 (We've got a good chunk, but not all, of the PKIX extensions implemented.) We'd love to see this code adopted by the project. We've held back from being public before because we were waiting to hear back from Eric -- we wanted to avoid version and architecture skew. But since things are open right now... I've been developing things along the lines I mentioned myself. I've currently got support for strings, bit strings and basicConstraints and it will happily print out things like: Netscape Comment: THIS IS A TEST CERTIFICATE X509v3 Extended Key Usage: 2.16.840.1.113733.1.8.1, 2.16.840.1.113730.4.1 X509v3 Basic Constraints: CA=TRUE, pathlen=10 Netscape Cert Type: SSL CA, S/MIME CA, Object Signing CA I didn't precisely want to follow what it looked like Eric intended because it seemed that the a2i,i2a stuff would be duplicating a lot of code. Just passing it a STACK of name+value pairs and having some higher level wrappers decompose the config file into the name+value parts would make the writing of individual extension code much easier. It seems that almost any extension can be represented in this way. There are a few exceptions: e.g. those whose values vary from one request to another (e.g. subjectAltName, various hash based identifiers). The reason I mentioned a separate section for this stuff is that it's the easiest way with the current config stuff to handle things. The method where you do: basicConstraints=section_name [section_name] CA=TRUE pathlen=10 allows the STACK of name+value pairs to be easily obtained using the current config lib stuff. Although simple this is a bit messy and parsing a comma separated list of options would be better e.g. basicConstraints=CA:TRUE,pathlen:10 In my proposal this would just need a cleverer wrapper: the individual extension code would be unchanged. Any code you wish to donate would be of course welcome. Particularly for some of the nastier extensions. Steve. -- Dr Stephen N. Henson. UK based freelance Cryptographic Consultant. For info see homepage at http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED] NOTE NEW (13/12/98) PGP key: via homepage. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: some bugs
Arne Ansper wrote: hi! i would like to report some bugs in ssleay. unfortunately i don't have diffs against latest openssl source, but the fixes are really small, so i hope it's not too much trouble to incorporate them. 1) crypto/bio/b_printf.c uses static buffer for vsprintf which might overflow. we should use vsnprintf. no source code to fix this bug :( Sigh. This means snarfing the snprint stuff from, for instance, Apache. I'll think about it. 2) crypto/bio/bf_buff.c buffer_ctrl BIO_CTRL_FLUSH must flush the underlying bios after write. (insert BIO_ctrl(b-next_bio,cmd,num,ptr); before last break;) Fixed. 3) crypto/bio/bf_buff.c buffer_gets does not insert final '\n' into buffer. so it is not semanticaly equivalent with fgets. this is my version of buffer_gets: My reading of the current OpenSSL source says this is fixed. It'd be nice if you could confirm that. 4) crypto/bio/bss_sock.c BIO_sock_should_retry has following code: #if defined(WINDOWS) /* more microsoft stupidity */ if ((i == -1) (err == 0)) return(1); #endif You've convinced me. I've committed the fix. 5) crypto/err/err.c ERR_get_state has static variable fallback. this should be initalized before returning pointer to it. As far as I can see it is only used when allocation fails. In this case, what should it be initialised to? 6) crypto/rsa/rsa_enc.c RSA_eay_mod_exp at the end: - BN_CTX_free(ctx); + if (ctx != NULL ) BN_CTX_free(ctx); In fact rsa_enc.c is not used (any more?), but I made the equivalent change to rsa_eay.c. 7) crypto/x509/x509name.c X509_NAME_add_entry frees wrong name entry in case of error: err: if (new_name != NULL) - X509_NAME_ENTRY_free(ne); + X509_NAME_ENTRY_free(new_name); return(0); Fixed. 8) ssl/s2_pkt.c and ssl/s3_pkt.c write_pending and ssl3_write_pending have unnecessary check at the beginning which stops me from moving data around in my buffers between calls to SSL_write. this data is already copied to internal buffers and there is no need for this check. i tested ssleay without this check (non-blocking sockets and stuff) under various platforms and everything worked as expected. if ((s-s3-wpend_tot (int)len) || (s-s3-wpend_buf != buf) || (s-s3-wpend_type != type)) { SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); return(-1); } I'm reluctant to commit this. It seems to me that you need to find a way to fix things up if you move data around (why do you do that anyway?). i have couple of bigger addiotions to ssleay too: i added write capability to conf module and rewrote it to use bio; bio_log module for logging to syslog/event log and bio_reliable module for creating reliable streams. i can send them directly to someone in core team for addition if you are interested. They sound interesting. I'd really prefer it if they patch against the current version, of course... Cheers, Ben. -- http://www.apache-ssl.org/ben.html "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Ghandi __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: X509_LOOKUP problem
Hi, I suggest we dump the whole logic and instead use PEM_X509_INFO_read_bio() to read in the whole lot. This is designed to Hadn't even noticed this function - looks a lot simpler. I'll try it out and probably move to that for now. Unless someone feels strongly one way or another about the the by_file_ctrl (as used by SSL_CTX_load_verify_locations -- X509_STORE_load_locations) issue I'm going to ignore it. read in combinations of CRLs, certificates and private keys. The private keys can be discarded (for now). [and I've just noticed that it will need changing to handle my new trust code: erk!] :-) There's an example of its use in apps/crl2p7.c but I'd suggest a better way to handle things would be to up the reference counts of the used CRLs and certificates then sk_pop_free the whole thing. Thanks for the pointer - I'll take a look. BTW: Had anyone else noticed SSL_CTX_load_verify_locations failing when only loading a CA file?? I'd traced back through the snapshots and the change has (or appears to have) been there since Oct-27. Cheers, ME -- Geoff ThorpeEmail: [EMAIL PROTECTED] Cryptographic Software Engineer, C2Net Europehttp://www.int.c2.net -- May I just take this opportunity to say that of all the people I have EVER emailed, you are definitely one of them. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Compilation and test problems report
-BEGIN PGP SIGNED MESSAGE- I have a few problems to report with openssl 0.9.4. Please note that I'm not reporting in order to criticize your work, which I consider wonderful and extremely useful, or to attempt to get free support, but only because the docs asks me to do so. config -t: Operating system: sun4u-sun-solaris2 WARNING! Do consider upgrading to gcc-2.8 or later. Configuring for solaris-sparcv9-gcc27 /bin/perl ./Configure solaris-sparcv9-gcc27 GCC is 2.7.2.1. The first problem is that in crypto/md5/Makefile, line 80, there appears to be a missing "a", so that the file is sm/... instead of asm/..., a very trivial thing. With that fix make succeeds, but it fails in "make test": ... (lots of passed tests deleted) test BN_mod 960 tests done 1024 tests done error *** Error code 1 make: Fatal error: Command failed for target `test_bn' Current working directory /users/labs/openssl-0.9.4/test *** Error code 1 make: Fatal error: Command failed for target `tests' openssl version -a: OpenSSL 0.9.4 09 Aug 1999 built on: Tue Nov 2 11:13:23 MET 1999 platform: solaris-sparcv9-gcc27 options: bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowf ish(ptr) compiler: gcc -DTHREADS -D_REENTRANT -mv8 -O3 -fomit-frame-pointer - Wall -DB_END IAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM I retried with -O2 instead of -O3 in CFLAGS, and now it worked, and completed all test. In my humble understanding, this is a gcc problem, that you might want to work around by having "config" define -O2 instead of -O3 when it sees this gcc version. Hope this helps, Michele Bergonzoni -BEGIN PGP SIGNATURE- Version: 2.6.2i iQCVAgUBOB7FQ1pltLxEra/9AQEYAwQAr7sqHVeqzFoZOBOfROdq1JL3lTrJ9C/E BiiZtC7O++UPMlWg1kcs3ywG+RVuSDUWjmP0uLGnvGLSY0iYCubvsVRdwde77OFg PhYCQPzcSmJycNLCkfRlLoHZYGDFdoSfHstzHOCtSMck0wdBHbBKeNUJ8jhep0p/ QdvhNlPgaf8= =IMxJ -END PGP SIGNATURE- --- Ing. Michele Bergonzoni - Laboratori Fondazione Guglielmo Marconi info and PGP key at http://www.labs.it/bergonz/ Phone:+39-051-6781926 Fax:+39-051-846479 e-mail: [EMAIL PROTECTED] Telecommunications consultants, Microwave systems circuits development. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
No Subject
Country Name (2 letter code) [AU]:AU Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name) []:Brother 1 Common Name (eg, YOUR name) []:Brother 2 Request (and private key) is in newreq.pem Using configuration from ../apps/openssl.cnf error on line 6 of config file '../apps/openssl.cnf' 14041:error:0E065068:configuation file routines:STR_COPY:variable has no value:c onf.c:578:line 6 cat: Cannot open newcert.pem: No such file or directory Signed certificate is in newcert.pem *** Error exit code 1 Stop. === Ana Isabel Lara Gutierrez Servicio de Informatica Universidad Carlos III de Madrid Telf : 91-624.95.03 e-mail : [EMAIL PROTECTED] = __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Certificate verification after session reload
Hi, after first establishing a session, the verify_result can be obtained via SSL_get_verify_result(SSL *con), it may yield X509_V_OK or not! When reloading an old session, the certificate is not checked again; as verify_result is not stored in SSL_SESSION (at least I didnĀ“t find it) and the default value is X509_V_OK, SSL_get_verify_result() will return ok even for a certificate, that was not ok! 1. Is this behaviour intended? 2. How can I easily call the X509 verifcation routines? It seems, that a lot of things have to be set up correctly (X509_STORE_CTX) to recheck a certificate. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]