some bugs
hi!
i would like to report some bugs in ssleay. unfortunately i don't have
diffs against latest openssl source, but the fixes are really small, so i
hope it's not too much trouble to incorporate them.
1) crypto/bio/b_printf.c uses static buffer for vsprintf which might
overflow. we should use vsnprintf. no source code to fix this bug :(
2) crypto/bio/bf_buff.c buffer_ctrl BIO_CTRL_FLUSH must flush the
underlying bios after write. (insert BIO_ctrl(b-next_bio,cmd,num,ptr);
before last break;)
3) crypto/bio/bf_buff.c buffer_gets does not insert final '\n' into
buffer. so it is not semanticaly equivalent with fgets. this is my version
of buffer_gets:
static int buffer_gets(b,buf,size)
BIO *b;
char *buf;
int size;
{
BIO_F_BUFFER_CTX *ctx;
int num=0,i;
char *p;
ctx=(BIO_F_BUFFER_CTX *)b-ptr;
size-= 2; /* leave room for '\n' and '\0' */
BIO_clear_retry_flags(b);
for (;;)
{
if (ctx-ibuf_len != 0)
{
p= (ctx-ibuf[ctx-ibuf_off]);
for (i=0;i ctx-ibuf_len i size p[i] !=
'\n'; i++)
{
*(buf++)=p[i];
}
num+=i;
size-=i;
ctx-ibuf_len-=i;
ctx-ibuf_off+=i;
*buf= '\0';
if (p[i] == '\n') /* append linefeed */
{
*(buf++)='\n';
*buf='\0';
num++;
size--;
ctx-ibuf_len--;
ctx-ibuf_off++;
return(num);
}
else if( i == size )/* output buffer full */
{
return(num);
}
}
else/* read another chunk */
{
i=BIO_read(b-next_bio,ctx-ibuf,ctx-ibuf_size);
if (i = 0)
{
BIO_copy_next_retry(b);
if (i 0) return((num 0)?num:i);
if (i == 0) return(num);
}
ctx-ibuf_len=i;
ctx-ibuf_off=0;
}
}
}
4) crypto/bio/bss_sock.c BIO_sock_should_retry has following code:
#if defined(WINDOWS) /* more microsoft stupidity */
if ((i == -1) (err == 0))
return(1);
#endif
i'm almost sure that this check is not needed. SSLeay 0.6.6 did not have
this check and it worked fine. in SSLeay 0.8.1 the function looked like
this:
#ifndef BIO_FD
int BIO_sock_should_retry(i)
#else
int BIO_fd_should_retry(i)
#endif
int i;
{
if ((i == 0) || (i == -1))
{
#if !defined(BIO_FD) defined(WINDOWS)
errno=WSAGetLastError();
#endif
#if defined(WINDOWS) /* more microsoft stupidity */
if ((i == -1) (errno == 0))
return(1);
#endif
#ifndef BIO_FD
return(BIO_sock_non_fatal_error(errno));
#else
return(BIO_fd_non_fatal_error(errno));
#endif
}
return(0);
}
using errno before WSAGetLastError is nasty bug. under Borland C for
example errno is defined as
#define errno (*__errno())
and __errno is function which allocates thread local variable for errno
and returns pointer to it. but the allocation of this variable is done via
system calls which reset the value returned by GetLastError (aka
WSAGetLastError) so the errno is always 0. and then they compensated this
by adding this check.
this check really hurts when i use non-blocking sockets under windows and
there is some non-io error during SSL handshake the handshake will never
finish. for example if i have a empty list of ciphers:
ssl3_connect in s3_pkt.c has at start WSASetLastError(0);
ssl3_client_hello creates list of ciphers, finds it is empty and returns
-1.
now i will call BIO_sock_should_retry(i) to determine if it is fatal error
or should i retry. but there is check in BIO_sock_should_retry which says
that i must retry even when the error is fatal.
5) crypto/err/err.c ERR_get_state has static variable fallback. this
should be initalized before returning pointer to it.
6) crypto/rsa/rsa_enc.c RSA_eay_mod_exp at the end:
- BN_CTX_free(ctx);
+ if (ctx != NULL ) BN_CTX_free(ctx);
7) crypto/x509/x509name.c X509_NAME_add_entry frees wrong name entry in
case of error:
err:
if (new_name != NULL)
-
RE: Certificte extensions: thoughts.
Currently V3 extension support is almost absent.
We've done almost all of what you're suggesting:
typedef struct x509_extension_method_st
{
int nid;
void (*clear)();
int (*get_bool)(); // used if extn is ASN1_BIT_STRING
int (*set_bool)();
int (*get_str)(); // used if extn is ASN1_STRING or array of them
int (*set_str)();
char *(*get_struct)(); // used if extn is constructed type
int (*set_struct)();
ASN1_OCTET_STRING *(*a2i)();
int (*i2a)();
} X509_EXTENSION_METHOD;
We've integrated this into the X509 code (i.e., for Certs and CRL's), as
well as
the req and ca apps. For example, here's a snippet from a config file:
[ gto_root_extensions ]
keyUsage = critical|nonRepudiation|digitalSignature|keyCertSign
certificatePolicies =
critical,2.16.840.1.113731.9.2.1,cps,http://www.gto.com/cps
basicConstraints = critical,TRUE
authorityInfoAccess = id-ad-ocspResponder,http://www.gto.com/ocspv1
(We've got a good chunk, but not all, of the PKIX extensions implemented.)
We'd love to see this code adopted by the project. We've held back from
being public
before because we were waiting to hear back from Eric -- we wanted to avoid
version
and architecture skew. But since things are open right now...
/r$
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: Certificte extensions: thoughts.
[EMAIL PROTECTED] wrote:
Currently V3 extension support is almost absent.
We've done almost all of what you're suggesting:
typedef struct x509_extension_method_st
{
int nid;
void (*clear)();
int (*get_bool)(); // used if extn is ASN1_BIT_STRING
int (*set_bool)();
int (*get_str)(); // used if extn is ASN1_STRING or array of them
int (*set_str)();
char *(*get_struct)(); // used if extn is constructed type
int (*set_struct)();
ASN1_OCTET_STRING *(*a2i)();
int (*i2a)();
} X509_EXTENSION_METHOD;
We've integrated this into the X509 code (i.e., for Certs and CRL's), as
well as
the req and ca apps. For example, here's a snippet from a config file:
[ gto_root_extensions ]
keyUsage = critical|nonRepudiation|digitalSignature|keyCertSign
certificatePolicies =
critical,2.16.840.1.113731.9.2.1,cps,http://www.gto.com/cps
basicConstraints = critical,TRUE
authorityInfoAccess = id-ad-ocspResponder,http://www.gto.com/ocspv1
(We've got a good chunk, but not all, of the PKIX extensions implemented.)
We'd love to see this code adopted by the project. We've held back from
being public
before because we were waiting to hear back from Eric -- we wanted to avoid
version
and architecture skew. But since things are open right now...
I've been developing things along the lines I mentioned myself. I've
currently got support for strings, bit strings and basicConstraints and
it will happily print out things like:
Netscape Comment:
THIS IS A TEST CERTIFICATE
X509v3 Extended Key Usage:
2.16.840.1.113733.1.8.1, 2.16.840.1.113730.4.1
X509v3 Basic Constraints:
CA=TRUE, pathlen=10
Netscape Cert Type:
SSL CA, S/MIME CA, Object Signing CA
I didn't precisely want to follow what it looked like Eric intended
because it seemed that the a2i,i2a stuff would be duplicating a lot of
code. Just passing it a STACK of name+value pairs and having some
higher level wrappers decompose the config file into the name+value
parts would make the writing of individual extension code much easier.
It seems that almost any extension can be represented in this way.
There are a few exceptions: e.g. those whose values vary from one
request to another (e.g. subjectAltName, various hash based
identifiers).
The reason I mentioned a separate section for this stuff is that it's
the easiest way with the current config stuff to handle things. The
method where you do:
basicConstraints=section_name
[section_name]
CA=TRUE
pathlen=10
allows the STACK of name+value pairs to be easily obtained using the
current config lib stuff.
Although simple this is a bit messy and parsing a comma separated list
of options would be better e.g.
basicConstraints=CA:TRUE,pathlen:10
In my proposal this would just need a cleverer wrapper: the individual
extension code would be unchanged.
Any code you wish to donate would be of course welcome. Particularly for
some of the nastier extensions.
Steve.
--
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant.
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED]
NOTE NEW (13/12/98) PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: some bugs
Arne Ansper wrote:
hi!
i would like to report some bugs in ssleay. unfortunately i don't have
diffs against latest openssl source, but the fixes are really small, so i
hope it's not too much trouble to incorporate them.
1) crypto/bio/b_printf.c uses static buffer for vsprintf which might
overflow. we should use vsnprintf. no source code to fix this bug :(
Sigh. This means snarfing the snprint stuff from, for instance, Apache.
I'll think about it.
2) crypto/bio/bf_buff.c buffer_ctrl BIO_CTRL_FLUSH must flush the
underlying bios after write. (insert BIO_ctrl(b-next_bio,cmd,num,ptr);
before last break;)
Fixed.
3) crypto/bio/bf_buff.c buffer_gets does not insert final '\n' into
buffer. so it is not semanticaly equivalent with fgets. this is my version
of buffer_gets:
My reading of the current OpenSSL source says this is fixed. It'd be
nice if you could confirm that.
4) crypto/bio/bss_sock.c BIO_sock_should_retry has following code:
#if defined(WINDOWS) /* more microsoft stupidity */
if ((i == -1) (err == 0))
return(1);
#endif
You've convinced me. I've committed the fix.
5) crypto/err/err.c ERR_get_state has static variable fallback. this
should be initalized before returning pointer to it.
As far as I can see it is only used when allocation fails. In this case,
what should it be initialised to?
6) crypto/rsa/rsa_enc.c RSA_eay_mod_exp at the end:
- BN_CTX_free(ctx);
+ if (ctx != NULL ) BN_CTX_free(ctx);
In fact rsa_enc.c is not used (any more?), but I made the equivalent
change to rsa_eay.c.
7) crypto/x509/x509name.c X509_NAME_add_entry frees wrong name entry in
case of error:
err:
if (new_name != NULL)
- X509_NAME_ENTRY_free(ne);
+ X509_NAME_ENTRY_free(new_name);
return(0);
Fixed.
8) ssl/s2_pkt.c and ssl/s3_pkt.c write_pending and ssl3_write_pending have
unnecessary check at the beginning which stops me from moving data around
in my buffers between calls to SSL_write. this data is already copied to
internal buffers and there is no need for this check. i tested ssleay
without this check (non-blocking sockets and stuff) under various
platforms and everything worked as expected.
if ((s-s3-wpend_tot (int)len) || (s-s3-wpend_buf != buf)
|| (s-s3-wpend_type != type))
{
SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
return(-1);
}
I'm reluctant to commit this. It seems to me that you need to find a way
to fix things up if you move data around (why do you do that anyway?).
i have couple of bigger addiotions to ssleay too: i added write capability
to conf module and rewrote it to use bio; bio_log module for logging to
syslog/event log and bio_reliable module for creating reliable streams. i
can send them directly to someone in core team for addition if you are
interested.
They sound interesting. I'd really prefer it if they patch against the
current version, of course...
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Ghandi
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: X509_LOOKUP problem
Hi, I suggest we dump the whole logic and instead use PEM_X509_INFO_read_bio() to read in the whole lot. This is designed to Hadn't even noticed this function - looks a lot simpler. I'll try it out and probably move to that for now. Unless someone feels strongly one way or another about the the by_file_ctrl (as used by SSL_CTX_load_verify_locations -- X509_STORE_load_locations) issue I'm going to ignore it. read in combinations of CRLs, certificates and private keys. The private keys can be discarded (for now). [and I've just noticed that it will need changing to handle my new trust code: erk!] :-) There's an example of its use in apps/crl2p7.c but I'd suggest a better way to handle things would be to up the reference counts of the used CRLs and certificates then sk_pop_free the whole thing. Thanks for the pointer - I'll take a look. BTW: Had anyone else noticed SSL_CTX_load_verify_locations failing when only loading a CA file?? I'd traced back through the snapshots and the change has (or appears to have) been there since Oct-27. Cheers, ME -- Geoff ThorpeEmail: [EMAIL PROTECTED] Cryptographic Software Engineer, C2Net Europehttp://www.int.c2.net -- May I just take this opportunity to say that of all the people I have EVER emailed, you are definitely one of them. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Compilation and test problems report
-BEGIN PGP SIGNED MESSAGE- I have a few problems to report with openssl 0.9.4. Please note that I'm not reporting in order to criticize your work, which I consider wonderful and extremely useful, or to attempt to get free support, but only because the docs asks me to do so. config -t: Operating system: sun4u-sun-solaris2 WARNING! Do consider upgrading to gcc-2.8 or later. Configuring for solaris-sparcv9-gcc27 /bin/perl ./Configure solaris-sparcv9-gcc27 GCC is 2.7.2.1. The first problem is that in crypto/md5/Makefile, line 80, there appears to be a missing "a", so that the file is sm/... instead of asm/..., a very trivial thing. With that fix make succeeds, but it fails in "make test": ... (lots of passed tests deleted) test BN_mod 960 tests done 1024 tests done error *** Error code 1 make: Fatal error: Command failed for target `test_bn' Current working directory /users/labs/openssl-0.9.4/test *** Error code 1 make: Fatal error: Command failed for target `tests' openssl version -a: OpenSSL 0.9.4 09 Aug 1999 built on: Tue Nov 2 11:13:23 MET 1999 platform: solaris-sparcv9-gcc27 options: bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowf ish(ptr) compiler: gcc -DTHREADS -D_REENTRANT -mv8 -O3 -fomit-frame-pointer - Wall -DB_END IAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM I retried with -O2 instead of -O3 in CFLAGS, and now it worked, and completed all test. In my humble understanding, this is a gcc problem, that you might want to work around by having "config" define -O2 instead of -O3 when it sees this gcc version. Hope this helps, Michele Bergonzoni -BEGIN PGP SIGNATURE- Version: 2.6.2i iQCVAgUBOB7FQ1pltLxEra/9AQEYAwQAr7sqHVeqzFoZOBOfROdq1JL3lTrJ9C/E BiiZtC7O++UPMlWg1kcs3ywG+RVuSDUWjmP0uLGnvGLSY0iYCubvsVRdwde77OFg PhYCQPzcSmJycNLCkfRlLoHZYGDFdoSfHstzHOCtSMck0wdBHbBKeNUJ8jhep0p/ QdvhNlPgaf8= =IMxJ -END PGP SIGNATURE- --- Ing. Michele Bergonzoni - Laboratori Fondazione Guglielmo Marconi info and PGP key at http://www.labs.it/bergonz/ Phone:+39-051-6781926 Fax:+39-051-846479 e-mail: [EMAIL PROTECTED] Telecommunications consultants, Microwave systems circuits development. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
No Subject
Country Name (2 letter code) [AU]:AU Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name) []:Brother 1 Common Name (eg, YOUR name) []:Brother 2 Request (and private key) is in newreq.pem Using configuration from ../apps/openssl.cnf error on line 6 of config file '../apps/openssl.cnf' 14041:error:0E065068:configuation file routines:STR_COPY:variable has no value:c onf.c:578:line 6 cat: Cannot open newcert.pem: No such file or directory Signed certificate is in newcert.pem *** Error exit code 1 Stop. === Ana Isabel Lara Gutierrez Servicio de Informatica Universidad Carlos III de Madrid Telf : 91-624.95.03 e-mail : [EMAIL PROTECTED] = __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Certificate verification after session reload
Hi, after first establishing a session, the verify_result can be obtained via SSL_get_verify_result(SSL *con), it may yield X509_V_OK or not! When reloading an old session, the certificate is not checked again; as verify_result is not stored in SSL_SESSION (at least I didnĀ“t find it) and the default value is X509_V_OK, SSL_get_verify_result() will return ok even for a certificate, that was not ok! 1. Is this behaviour intended? 2. How can I easily call the X509 verifcation routines? It seems, that a lot of things have to be set up correctly (X509_STORE_CTX) to recheck a certificate. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
