[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via d8278dac47996a442a480958702d913f2eff7b93 (commit) from a53d19cd0c4f28ed8c6ef708dcdd0599d1cbea27 (commit) - Log - commit d8278dac47996a442a480958702d913f2eff7b93 Author: Richard LevitteDate: Tue Mar 27 11:10:15 2018 +0200 Copy the produced .dll files to fuzz/ as well (Cygwin & mingw) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5759) --- Summary of changes: Configurations/unix-Makefile.tmpl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 07e2036..40cf2c3 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -927,8 +927,10 @@ EOF . (windowsdll() ? <<"EOF" : ""); rm -f apps/$shlib$shlibext rm -f test/$shlib$shlibext + rm -f fuzz/$shlib$shlibext cp -p $shlib$shlibext apps/ cp -p $shlib$shlibext test/ + cp -p $shlib$shlibext fuzz/ EOF } sub obj2dso { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [tools] master update
The branch master has been updated via 9b9a6e181f1e52b5b9eaef975c31885324db4ece (commit) from ab0c22d2655c626cbc93835d9f3042be28efa64c (commit) - Log - commit 9b9a6e181f1e52b5b9eaef975c31885324db4ece Author: Richard LevitteDate: Tue Mar 27 15:18:00 2018 +0200 release-tools: More precise extraction of version number, avoiding fips version --- Summary of changes: release-tools/release-check.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-tools/release-check.pl b/release-tools/release-check.pl index cac5918..42fbbfc 100644 --- a/release-tools/release-check.pl +++ b/release-tools/release-check.pl @@ -112,7 +112,7 @@ sub openssl_check_version_h { check_str( "opensslv.h: HEX version", $hexversion, $1, \$ok ); $hex_done = 1; } elsif ( -/OPENSSL_VERSION_TEXT\s+\"OpenSSL (\S*)\s+(\([[:alpha:]]+\)\s+)?(.*)\"/ +/OPENSSL_VERSION_TEXT\s+\"OpenSSL ([^-\s]+(?:-[^-\s]*)?)\s+(\([[:alpha:]]+\)\s+)?(.*)\"/ ) { check_str( "opensslv.h: version", $version, $1, \$ok ); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [tools] master update
The branch master has been updated via 3c38191688d11d556dee96ddf3c9edf87491d52b (commit) from d54658dd5fd7d7de0f967055b8933f1a5eb2c88e (commit) - Log - commit 3c38191688d11d556dee96ddf3c9edf87491d52b Author: Matt CaswellDate: Tue Mar 27 15:54:17 2018 +0100 Correct the notes for doing a release --- Summary of changes: release-tools/README.md | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/release-tools/README.md b/release-tools/README.md index acdceb3..93888cf 100644 --- a/release-tools/README.md +++ b/release-tools/README.md @@ -54,6 +54,9 @@ the directory where this README is): $HERE/do-copyright-year +Obtain approval for these commits from the reviewer and add the reviewed-by +headers as required. + Perform the local automated release steps. This can normally be done with: perl $HERE/mkrelease.pl --reviewer=NAME @@ -199,7 +202,7 @@ openssl user home directory, and then do the following sudo -u openssl gpg -u 8B3D79F5 --clearsign secadv_FILENAME sudo -u openssl mutt -s "OpenSSL Security Advisory" \ -openssl-project openssl-users openssl-announce +openssl-project openssl-users openssl-announce \ <~openssl/secadv_FILENAME.txt.asc Approve the openssl-announce email. Go to _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 9d5db9c9ab9b9f2f2a5ce9795405e8334cd2ce66 (commit) from 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d (commit) - Log - commit 9d5db9c9ab9b9f2f2a5ce9795405e8334cd2ce66 Author: Matt CaswellDate: Wed Mar 21 20:19:37 2018 + Assert that alpn_selected is NULL before we assign it The alpn_selected value in the session should be NULL before we first populate it if this is a new session. We assert to make sure it is. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5715) --- Summary of changes: ssl/statem/extensions_clnt.c | 10 +- ssl/statem/statem_srvr.c | 12 +++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 5c36004..e4a5b3c 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1679,7 +1679,15 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->ext.early_data_ok = 0; } if (!s->hit) { -/* If a new session then update it with the selected ALPN */ +/* + * This is a new session and so alpn_selected should have been + * initialised to NULL. We should update it with the selected ALPN. + */ +if (!ossl_assert(s->session->ext.alpn_selected == NULL)) { +SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, + ERR_R_INTERNAL_ERROR); +return 0; +} s->session->ext.alpn_selected = OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len); if (s->session->ext.alpn_selected == NULL) { diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 4985cdc..1313847 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2100,7 +2100,17 @@ int tls_handle_alpn(SSL *s) s->ext.early_data_ok = 0; if (!s->hit) { -/* If a new session update it with the new ALPN value */ +/* + * This is a new session and so alpn_selected should have + * been initialised to NULL. We should update it with the + * selected ALPN. + */ +if (!ossl_assert(s->session->ext.alpn_selected == NULL)) { +SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_HANDLE_ALPN, + ERR_R_INTERNAL_ERROR); +return 0; +} s->session->ext.alpn_selected = OPENSSL_memdup(selected, selected_len); if (s->session->ext.alpn_selected == NULL) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09 (commit) via 75a8f1eff03a1c91c22683b022e2145628962157 (commit) via 0b020b14882173918b9cc3e8e3bd85fb9ffac948 (commit) via 273f7fe16a6e4b2a443fb16846beaffd70461750 (commit) via 4cabbb9f485ba7d1edcfbbd2aa8610159f94543e (commit) from faec5c4a8aa3943d835bdad26800a103426b0eda (commit) - Log - commit f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09 Author: Matt CaswellDate: Tue Mar 27 10:58:34 2018 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Richard Levitte commit 75a8f1eff03a1c91c22683b022e2145628962157 Author: Andy Polyakov Date: Mon Mar 26 10:55:35 2018 +0200 test/test_test.c: add CRYPTO_memcmp regression test. Reviewed-by: Matt Caswell commit 0b020b14882173918b9cc3e8e3bd85fb9ffac948 Author: Andy Polyakov Date: Wed Mar 21 23:48:10 2018 +0100 pariscid.pl: fix nasty typo in CRYPTO_memcmp. Comparison was effectively reduced to least significant bits. CVE-2018-0733 Reviewed-by: Matt Caswell commit 273f7fe16a6e4b2a443fb16846beaffd70461750 Author: Matt Caswell Date: Fri Jan 26 16:23:03 2018 + Add fuzz corpora file that found the ASN.1 stack depth issue Reviewed-by: Rich Salz commit 4cabbb9f485ba7d1edcfbbd2aa8610159f94543e Author: Matt Caswell Date: Thu Mar 22 09:39:53 2018 + Limit ASN.1 constructed types recursive definition depth Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth. CVE-2018-0739 Credit to OSSFuzz for finding this issue. Reviewed-by: Rich Salz --- Summary of changes: CHANGES| 46 NEWS | 5 ++- crypto/asn1/asn1_err.c | 3 +- crypto/asn1/tasn_dec.c | 48 ++--- crypto/err/openssl.txt | 1 + crypto/pariscid.pl | 2 +- .../asn1/eba5151118ff75ce6a86438a3a6f819c41d8be40 | Bin 0 -> 73846 bytes include/openssl/asn1err.h | 1 + test/test_test.c | 5 +++ 9 files changed, 93 insertions(+), 18 deletions(-) create mode 100644 fuzz/corpora/asn1/eba5151118ff75ce6a86438a3a6f819c41d8be40 diff --git a/CHANGES b/CHANGES index 3f6c8de..462394c 100644 --- a/CHANGES +++ b/CHANGES @@ -292,6 +292,52 @@ Changes between 1.1.0g and 1.1.0h [xx XXX ] + *) Constructed ASN.1 types with a recursive definition could exceed the stack + + Constructed ASN.1 types with a recursive definition (such as can be found + in PKCS7) could eventually exceed the stack given malicious input with + excessive recursion. This could result in a Denial Of Service attack. There + are no such structures used within SSL/TLS that come from untrusted sources + so this is considered safe. + + This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz + project. + (CVE-2018-0739) + [Matt Caswell] + + *) Incorrect CRYPTO_memcmp on HP-UX PA-RISC + + Because of an implementation bug the PA-RISC CRYPTO_memcmp function is + effectively reduced to only comparing the least significant bit of each + byte. This allows an attacker to forge messages that would be considered as + authenticated in an amount of tries lower than that guaranteed by the + security claims of the scheme. The module can only be compiled by the + HP-UX assembler, so that only HP-UX PA-RISC targets are affected. + + This issue was reported to OpenSSL on 2nd March 2018 by Peter Waltenberg + (IBM). + (CVE-2018-0733) + [Andy Polyakov] + + *) Add a build target 'build_all_generated', to build all generated files + and only that. This can be used to prepare everything that requires + things like perl for a system that lacks perl and then move everything + to that system and do the rest of the build there. + [Richard Levitte] + + *) Backport SSL_OP_NO_RENGOTIATION + + OpenSSL 1.0.2 and below had the ability to disable renegotiation using the + (undocumented) SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag. Due to the opacity + changes this is no longer possible in 1.1.0. Therefore the new + SSL_OP_NO_RENEGOTIATION option from 1.1.1-dev has been backported to + 1.1.0 to provide equivalent functionality. + +
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via f3f8e72f494b36d05e0d04fe418f92b692fbb261 (commit) from 69a61c26f2148d04c9d529c67064a9c36dacf69b (commit) - Log - commit f3f8e72f494b36d05e0d04fe418f92b692fbb261 Author: Matt CaswellDate: Thu Mar 22 14:33:05 2018 + Don't write out a bad OID If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5725) (cherry picked from commit 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d) --- Summary of changes: crypto/asn1/tasn_enc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 081a9d5..1f534df 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -588,6 +588,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, otmp = (ASN1_OBJECT *)*pval; cont = otmp->data; len = otmp->length; +if (cont == NULL || len == 0) +return -1; break; case V_ASN1_NULL: _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via b403cc386cb927f6838a2fc300cd1d872007ba65 (commit) via d4e4bd2a8163f355fa8a3884077eaec7adc75ff7 (commit) via f520f134d17c8022f684505b937522dcda8b61e1 (commit) via bcbde69b87584ce5b21f3c959c90a7808ef0c13d (commit) via 56d5a4bfcaf37fa420aef2bb881aa55e61cf5f2f (commit) via e25aef64a5f2874cc4903d3e4bd447983a7eff9e (commit) via 2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 (commit) from d8278dac47996a442a480958702d913f2eff7b93 (commit) - Log - commit b403cc386cb927f6838a2fc300cd1d872007ba65 Author: Matt CaswellDate: Tue Mar 27 14:51:46 2018 +0100 Prepare for 1.1.0i-dev Reviewed-by: Richard Levitte commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7 Author: Matt Caswell Date: Tue Mar 27 14:50:36 2018 +0100 Prepare for 1.1.0h release Reviewed-by: Richard Levitte commit f520f134d17c8022f684505b937522dcda8b61e1 Author: Matt Caswell Date: Tue Mar 27 13:43:23 2018 +0100 Update copyright year Reviewed-by: Richard Levitte commit bcbde69b87584ce5b21f3c959c90a7808ef0c13d Author: Matt Caswell Date: Tue Mar 27 10:58:34 2018 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Richard Levitte commit 56d5a4bfcaf37fa420aef2bb881aa55e61cf5f2f Author: Andy Polyakov Date: Wed Mar 21 23:48:10 2018 +0100 pariscid.pl: fix nasty typo in CRYPTO_memcmp. Comparison was effectively reduced to least significant bits. CVE-2018-0733 Reviewed-by: Matt Caswell commit e25aef64a5f2874cc4903d3e4bd447983a7eff9e Author: Matt Caswell Date: Fri Jan 26 16:23:03 2018 + Add fuzz corpora file that found the ASN.1 stack depth issue Reviewed-by: Rich Salz commit 2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 Author: Matt Caswell Date: Thu Mar 22 09:39:53 2018 + Limit ASN.1 constructed types recursive definition depth Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth. CVE-2018-0739 Credit to OSSFuzz for finding this issue. Reviewed-by: Rich Salz --- Summary of changes: CHANGES| 33 +- Configure | 2 +- NEWS | 9 +++- README | 2 +- apps/apps.h| 2 +- apps/ca.c | 2 +- apps/dsaparam.c| 2 +- apps/ecparam.c | 2 +- apps/enc.c | 2 +- apps/genrsa.c | 2 +- apps/openssl.c | 2 +- apps/pkeyutl.c | 2 +- apps/prime.c | 2 +- apps/progs.pl | 4 +- apps/rand.c| 2 +- apps/s_client.c| 2 +- apps/s_server.c| 2 +- apps/s_socket.c| 2 +- apps/s_time.c | 2 +- apps/speed.c | 2 +- apps/srp.c | 2 +- apps/version.c | 2 +- apps/x509.c| 2 +- config.com | 2 +- crypto/aes/asm/aes-armv4.pl| 2 +- crypto/aes/asm/bsaes-armv7.pl | 2 +- crypto/asn1/ameth_lib.c| 2 +- crypto/asn1/asn1_err.c | 3 +- crypto/asn1/asn_mime.c | 2 +- crypto/asn1/tasn_dec.c | 49 ++--- crypto/async/arch/async_posix.h| 2 +- crypto/bio/b_dump.c| 2 +- crypto/bio/b_sock2.c | 2 +- crypto/bio/bf_lbuf.c | 2 +- crypto/bio/bf_null.c | 2 +- crypto/bio/bio_lib.c | 2 +- crypto/bio/bio_meth.c | 2 +-
[openssl-commits] [tools] master update
The branch master has been updated via d54658dd5fd7d7de0f967055b8933f1a5eb2c88e (commit) from 9b9a6e181f1e52b5b9eaef975c31885324db4ece (commit) - Log - commit d54658dd5fd7d7de0f967055b8933f1a5eb2c88e Author: Richard LevitteDate: Tue Mar 27 15:18:00 2018 +0200 release-tools: More precise extraction of version number, avoiding fips version --- Summary of changes: release-tools/release-check.pl | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/release-tools/release-check.pl b/release-tools/release-check.pl index 42fbbfc..2eac1e3 100644 --- a/release-tools/release-check.pl +++ b/release-tools/release-check.pl @@ -111,8 +111,12 @@ sub openssl_check_version_h { if (/OPENSSL_VERSION_NUMBER\s+(0x[0-9a-f]+)L/) { check_str( "opensslv.h: HEX version", $hexversion, $1, \$ok ); $hex_done = 1; -} elsif ( -/OPENSSL_VERSION_TEXT\s+\"OpenSSL ([^-\s]+(?:-[^-\s]*)?)\s+(\([[:alpha:]]+\)\s+)?(.*)\"/ +} elsif (/OPENSSL_VERSION_TEXT\s+\"OpenSSL\s + ([^-\s]+(?!-fips)(?:-[^-\s]*)?) # version without -fips + \s+ + (\([[:alpha:]]+\)\s+)?# Possible lable + (.*)\"# The rest (date) +/x ) { check_str( "opensslv.h: version", $version, $1, \$ok ); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0h create
The annotated tag OpenSSL_1_1_0h has been created at 09deb2c8c8b843c3a5b28c5c7ee021bb0487c6f9 (tag) tagging d4e4bd2a8163f355fa8a3884077eaec7adc75ff7 (commit) replaces OpenSSL_1_1_0g tagged by Matt Caswell on Tue Mar 27 14:50:36 2018 +0100 - Log - OpenSSL 1.1.0h release tag -BEGIN PGP SIGNATURE- iQEuBAABCAAYBQJaukwsERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESR/OEH +wc9X6juNCIN1lz+k0ot/iE4ZihHzbYobC6Et8PxUsmDUgA1oyL5ivvhHoq+bgGr rVv5Qs28YVbltEboONOl+6Sjlj/HsPHZcdQsuF1thREZUwnyN3ZiU72+C/KgsDop ZtgNbYm3XWXZjTi0w3ZRupUGNGy/CmqgvVXcFz3MRYArphZzWNDR+HQ8IJjx6AyN 64nigsv4gkdm1uCxgECt90vmtFK/QCVjFQ4V5QoA3QnMAvWuyUiKWH3D+17d6wu5 balkRq/Jx8+s1iCXN6kwUKAEpRossTiMfAPkvPqYISXVtDeuf4OZgYi2U7BoXdEP prJuDc+TJ/KdSoVQ9ryQcS4= =T1WG -END PGP SIGNATURE- Alex Gaynor (1): Fixed a typo in a man page Andy Polyakov (14): aes/asm/{aes-armv4|bsaes-armv7}.pl: make it work with binutils-2.29. rc4/build.info: fix HP-UX rc4-ia64 rule. Configurations/unix-Makefile.tmpl: fix HP-UX build. util/copy.pl: work around glob quirk in some of earlier 5.1x Perl versions. asn1/a_strex.c: fix flags truncation in do_esc_char. bn/bn_add.c: address performance regression. bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2. ec/ecp_nistp*.c: sanitize for undefined/implmentation-specific behaviour. test/recipes/80-test_pkcs12.t: handle lack of Win32::API. mem_sec.c: relax POSIX requirement. mem_sec.c: portability fixup. Configurations/10-main.conf: add -fno-common back to darwin-ppc-cc. Configurations/unix-Makefile.tmpl: overhaul assembler make rules. pariscid.pl: fix nasty typo in CRYPTO_memcmp. Ben Kaduk (2): make update Fix more OCSP_resp_get0_signer() nits Benjamin Kaduk (7): Fix typo in comment Add an API to get the signer of an OCSP response Add OCSP API test executable Fix coverity-reported errors in ocspapitest Wrap more of ocspapitest.c in OPENSSL_NO_OCSP Fix strict-warnings build on FreeBSD Do not cache sessions with zero sid_ctx_length when SSL_VERIFY_PEER Bernd Edlinger (24): Remove test-runs dir Fix a gcc fallthru warning Fix invalid function type casts. Rename bio_info_cb to BIO_info_cb. Stop using unimplemented cipher classes. Add comments to no longer usable ciphers. Catch SIGPIPE in TLSProxy::Proxy::clientstart Explicitly shut the socket down in s_client Use constant value 1 instead of SHUT_WR in do_server Set OPENSSL_ENGINES for Windows Add a configure option to opt-out secure memory Fix setting of IPV6_V6ONLY on Windows Make the s_server command listen on IPv6 only when requested Fix some style nits in commit eee8a40 Swap the check in ssl3_write_pending to avoid using the possibly indeterminate pointer value in wpend_buf. Remove code that prints "" in hexdumps when the data block ends with SPACEs or NULs. Fix some bugs with the cfb1 bitsize handling Fix a possible memory leak in engine_table_register Fix error handling in b2i_dss and b2i_rsa Fix a memory leak in n_ssl3_mac Fix a memory leak in tls1_mac Cleanup the s_time command. Handle partial messages in TLSProxy Fix ecparam -genkey with point compression or DER outform Fix dsaparam -genkey with DER outform Previously this x509 command line was working, restore that Brad Spencer (1): Test the result of CMS_RecipientInfo_ktri_get0_algs() before using its output in rsa_cms_encrypt(). Christian Heimes (1): Fix signature of min/max proto getter Daniel Bevenius (3): Correct minor typo in ssl_locl.h comment Make BIO_METHOD struct definitions consistent Add comments to NULL func ptrs in bio_method_st David Benjamin (5): Pretty-print large INTEGERs and ENUMERATEDs in hex. Make BN_num_bits_word constant-time. Don't leak the exponent bit width in BN_mod_exp_mont_consttime. Fix timing leak in BN_from_montgomery_word. Always use adr with __thumb2__. David von Oheimb (1): Various small build improvements on mkdef.pl, progs.pl Dr. Matthias St. Pierre (3): bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data d2i_X509.pod: clarify usage of the 'pp' function parameter BIO_s_mem.pod: fix indirection for out parameter **pp FdaSilvaYY (5): Spelling doc #3580 Duplicated tests descriptions Fix possible leaks on sk_X509_EXTENSION_push() failure ... Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate Fix an incoherent test. Useless conf != NULL test Ivan Filenko (1): Fix typo in ASN1_STRING_length doc Johannes Bauer (1): Make pkeyutl a bit more user-friendly Konstantin Shemyak (1): Corrected 'cms' exit status when key or
[openssl-commits] [openssl] OpenSSL_1_0_2o create
The annotated tag OpenSSL_1_0_2o has been created at d891c9c53470048f5a4ff334bcd2036f9070d3aa (tag) tagging 3ce7bc40a3c48da1c96c2d04c10045bd797c6aa3 (commit) replaces OpenSSL_1_0_2n tagged by Matt Caswell on Tue Mar 27 14:55:22 2018 +0100 - Log - OpenSSL 1.0.2o release tag -BEGIN PGP SIGNATURE- iQEuBAABCAAYBQJauk1KERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESRWP0I AIze+GYMM6xnkVgogSCBcFGeYA06M0KRyHMc/P6CG4EvIlj4U8Wl3ru+WCdIhco+ iQIHa3V7vrO6TXMvh3x7Cj/y/SZYQRlCFvAB39iucorQTtxnsJcMcqD7UxLIoKSI 6Yxc/jVPRRIK1WIO0UtOscm5CjysBswfxnLiDmFCfpHq3C8cG1/3JxpdBdKzSA1X OQyGbWMJlBhTMepxgbPn/UC7zysVegE59aW38bYUXC/UnsAbgHB23sqQDYY6Ae4T S857Mq9s59x4SRTop2dK9+412R4gKgoQeAoiaVnTYgvp+KefhV3YFuQpPtaNcN3X N66Zi91pjiBjFv0Vws4Igeg= =vDy1 -END PGP SIGNATURE- Andy Polyakov (2): ec/ecp_nistp*.c: sanitize for undefined/implmentation-specific behaviour. Fix timing leak in BN_from_montgomery_word. Bernd Edlinger (7): Swap the check in ssl3_write_pending to avoid using the possibly indeterminate pointer value in wpend_buf. Remove code that prints "" in hexdumps when the data block ends with SPACEs or NULs. Fix a possible memory leak in engine_table_register Minor style fixup on recent commit 99bb59d at ssl_scan_clienthello_tlsext Fix some bugs with the cfb1 bitsize handling Fix ecparam -genkey with point compression or DER outform Fix dsaparam -genkey with DER outform Cristian Stoica (2): merge two mutual exclusive #ifdefs to improve clarity fix several typos in README.gost David Benjamin (2): Make BN_num_bits_word constant-time. Don't leak the exponent bit width in BN_mod_exp_mont_consttime. Dr. Matthias St. Pierre (3): Add missing prototype for FIPS callback bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data BIO_s_mem.pod: fix indirection for out parameter **pp FdaSilvaYY (1): Fix an incoherent test. Ivan Filenko (1): Fix typo in ASN1_STRING_length doc J Mohan Rao Arisankala (1): Cleanup ctxs if callback fail to retrieve session ticket Jonathan Scalise (1): Changed OPENSSL_gmtime so macOS uses threadsafe gmtime_r instead of gmtime. Konstantin Shemyak (1): Corrected 'cms' exit status when key or certificate cannot be opened Kurt Roeckx (1): Fix propotype to include the const qualifier Matt Caswell (23): Prepare for 1.0.2o-dev Fix initialisation in fatalerrtest Fix the buffer sizing in the fatalerrtest Fix a switch statement fallthrough Tolerate DTLS alerts with an incorrect version number Revert BN_copy() flag copy semantics change Don't allow an empty Subject when creating a Certificate Don't crash on a missing Subject in index.txt Make sure we check an incoming reneg ClientHello in DTLS Sanity check the ticket length before using key name/IV Improve error handling in pk7_doit Free the correct type in OBJ_add_object() Revert "Don't allow an empty Subject when creating a Certificate" Revert "Don't crash on a missing Subject in index.txt" Report a readable error on a duplicate cert in ca app Allow multiple entries without a Subject even if unique_subject == yes Fix a memory leak in the ca application The default conv_form is uncompressed Limit ASN.1 constructed types recursive definition depth Update CHANGES and NEWS for the new release Update copyright year make update Prepare for 1.0.2o release Pavel Kopyl (2): X509V3_EXT_add_nconf_sk, X509v3_add_ext: fix errors handling do_body: fix heap-use-after-free. Philippe Antoine (1): Checks ec_points_format extension size Rich Salz (5): Standardize syntax around sizeof(foo) Add fingerprint text, remove MD5 Fix BN doc Add warnings to thread doc. Fix credit for SRP code Richard Levitte (8): Remove unicode characters from source Remove three test programs that snuck in Configure: use a better method to identify gcc and derivates Add missing tests to the VMS test scripts test/maketests.com: remove irrelevant comment Update the license end year Remove useless -D_ENDIAN from MPE/iX-gcc config crypto/engine/eng_cryptodev.c: don't treat a void* like an array Samuel Weiser (3): Replaced variable-time GCD with consttime inversion to avoid side-channel attacks on RSA key generation used ERR set/pop mark consttime flag changed Todd Short (1): Fix error-path memory leak in asn_mime.c Viktor Dukhovni (3): Document the X509_V_FLAG_PARTIAL_CHAIN flag Add missing comma between references Fix wrong case in documentation of -CRLfile option White_Rabbit (1): Update s_client doc adding xmpp as value for -starttls
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 69a61c26f2148d04c9d529c67064a9c36dacf69b (commit) via 3ce7bc40a3c48da1c96c2d04c10045bd797c6aa3 (commit) via 699a72a5e99f7da8825136f307e0b1831bc2d38a (commit) via f8e9126449c37a4e4cb52eb8141ac875e14d6d3f (commit) via b621f604e9b52ce8f568b6d3677a19b1e862613a (commit) via 9310d45087ae546e27e61ddf8f6367f29848220d (commit) from 3ffc95b1a9d14d8833f6f116a0afe0fb83eeaa17 (commit) - Log - commit 69a61c26f2148d04c9d529c67064a9c36dacf69b Author: Matt CaswellDate: Tue Mar 27 14:56:15 2018 +0100 Prepare for 1.0.2p-dev Reviewed-by: Richard Levitte commit 3ce7bc40a3c48da1c96c2d04c10045bd797c6aa3 Author: Matt Caswell Date: Tue Mar 27 14:55:22 2018 +0100 Prepare for 1.0.2o release Reviewed-by: Richard Levitte commit 699a72a5e99f7da8825136f307e0b1831bc2d38a Author: Matt Caswell Date: Tue Mar 27 14:55:22 2018 +0100 make update Reviewed-by: Richard Levitte commit f8e9126449c37a4e4cb52eb8141ac875e14d6d3f Author: Matt Caswell Date: Tue Mar 27 13:46:45 2018 +0100 Update copyright year Reviewed-by: Richard Levitte commit b621f604e9b52ce8f568b6d3677a19b1e862613a Author: Matt Caswell Date: Tue Mar 27 10:58:34 2018 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Richard Levitte commit 9310d45087ae546e27e61ddf8f6367f29848220d Author: Matt Caswell Date: Thu Mar 22 10:05:40 2018 + Limit ASN.1 constructed types recursive definition depth Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth. CVE-2018-0739 Credit to OSSFuzz for finding this issue. Reviewed-by: Rich Salz --- Summary of changes: CHANGES | 17 - NEWS | 7 +- README| 2 +- apps/cms.c| 2 +- apps/ecparam.c| 2 +- crypto/asn1/asn1.h| 1 + crypto/asn1/asn1_err.c| 3 ++- crypto/asn1/asn_mime.c| 2 +- crypto/asn1/tasn_dec.c| 64 +++ crypto/bn/bn_exp.c| 2 +- crypto/bn/bn_mont.c | 2 +- crypto/engine/eng_table.c | 2 +- crypto/evp/e_aes.c| 2 +- crypto/evp/e_camellia.c | 2 +- crypto/evp/evp_locl.h | 2 +- crypto/mem_dbg.c | 2 +- crypto/o_time.c | 2 +- crypto/opensslv.h | 6 ++--- crypto/ts/Makefile| 3 ++- crypto/ts/ts_rsp_sign.c | 2 +- crypto/x509v3/v3_conf.c | 2 +- openssl.spec | 2 +- ssl/Makefile | 2 +- ssl/d1_pkt.c | 2 +- ssl/kssl.c| 2 +- ssl/s3_pkt.c | 2 +- ssl/t1_lib.c | 2 +- 27 files changed, 92 insertions(+), 49 deletions(-) diff --git a/CHANGES b/CHANGES index f2bc2b3..1da1a42 100644 --- a/CHANGES +++ b/CHANGES @@ -7,10 +7,25 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. - Changes between 1.0.2n and 1.0.2o [xx XXX ] + Changes between 1.0.2o and 1.0.2p [xx XXX ] *) + Changes between 1.0.2n and 1.0.2o [27 Mar 2018] + + *) Constructed ASN.1 types with a recursive definition could exceed the stack + + Constructed ASN.1 types with a recursive definition (such as can be found + in PKCS7) could eventually exceed the stack given malicious input with + excessive recursion. This could result in a Denial Of Service attack. There + are no such structures used within SSL/TLS that come from untrusted sources + so this is considered safe. + + This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz + project. + (CVE-2018-0739) + [Matt Caswell] + Changes between 1.0.2m and 1.0.2n [7 Dec 2017] *) Read/write after SSL object in error state diff --git a/NEWS b/NEWS index f688c5a..0fb4724 100644 --- a/NEWS +++ b/NEWS @@ -5,10 +5,15 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [under development] + Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [under development] o + Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018] + + o Constructed ASN.1 types with a recursive definition could exceed the +stack (CVE-2018-0739) + Major changes between OpenSSL
[openssl-commits] [web] master update
The branch master has been updated via b142b6fc2b1787bac79b0823c7a1cc37c301c68c (commit) via 8af698d4de2c19b45f702d03560c8045fc1bbec5 (commit) from ba28d8470fba25cac99a94b7b9fa27bddbd1622a (commit) - Log - commit b142b6fc2b1787bac79b0823c7a1cc37c301c68c Author: Matt Caswell <m...@openssl.org> Date: Tue Mar 27 14:25:09 2018 +0100 Publish security advisory commit 8af698d4de2c19b45f702d03560c8045fc1bbec5 Author: Matt Caswell <m...@openssl.org> Date: Tue Mar 27 14:10:47 2018 +0100 Update news for new release --- Summary of changes: news/newsflash.txt | 2 ++ news/secadv/20180327.txt | 82 news/vulnerabilities.xml | 73 -- 3 files changed, 155 insertions(+), 2 deletions(-) create mode 100644 news/secadv/20180327.txt diff --git a/news/newsflash.txt b/news/newsflash.txt index 572c8db..f7fd9a1 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,8 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +27-Mar-2018: OpenSSL 1.1.0h is now available, including bug and security fixes +27-Mar-2018: OpenSSL 1.0.2o is now available, including bug and security fixes 20-Mar-2018: OpenSSL 1.1.0h, 1.0.2o https://mta.openssl.org/pipermail/openssl-announce/2018-March/000116.html;>security release due on 27th March 2018 20-Mar-2018: Beta 1 of OpenSSL 1.1.1 is now available: please download and test it 01-Mar-2018: New Blog post: https://www.openssl.org/blog/blog/2018/03/01/last-license/;>Seeking Last Group of Contributors diff --git a/news/secadv/20180327.txt b/news/secadv/20180327.txt new file mode 100644 index 000..bddf0a6 --- /dev/null +++ b/news/secadv/20180327.txt @@ -0,0 +1,82 @@ + +OpenSSL Security Advisory [27 Mar 2018] + + +Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) +== + +Severity: Moderate + +Constructed ASN.1 types with a recursive definition (such as can be found in +PKCS7) could eventually exceed the stack given malicious input with +excessive recursion. This could result in a Denial Of Service attack. There are +no such structures used within SSL/TLS that come from untrusted sources so this +is considered safe. + +OpenSSL 1.1.0 users should upgrade to 1.1.0h +OpenSSL 1.0.2 users should upgrade to 1.0.2o + +This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz project. +The fix was developed by Matt Caswell of the OpenSSL development team. + +Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) + + +Severity: Moderate + +Because of an implementation bug the PA-RISC CRYPTO_memcmp function is +effectively reduced to only comparing the least significant bit of each byte. +This allows an attacker to forge messages that would be considered as +authenticated in an amount of tries lower than that guaranteed by the security +claims of the scheme. The module can only be compiled by the HP-UX assembler, so +that only HP-UX PA-RISC targets are affected. + +OpenSSL 1.1.0 users should upgrade to 1.1.0h + +This issue was reported to OpenSSL on 2nd March 2018 by Peter Waltenberg (IBM). +The fix was developed by Andy Polyakov of the OpenSSL development team. + +rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) += + +Severity: Low + +This issue has been reported in a previous OpenSSL security advisory and a fix +was provided for OpenSSL 1.0.2. Due to the low severity no fix was released at +that time for OpenSSL 1.1.0. The fix is now available in OpenSSL 1.1.0h. + +There is an overflow bug in the AVX2 Montgomery multiplication procedure +used in exponentiation with 1024-bit moduli. No EC algorithms are affected. +Analysis suggests that attacks against RSA and DSA as a result of this defect +would be very difficult to perform and are not believed likely. Attacks +against DH1024 are considered just feasible, because most of the work +necessary to deduce information about a private key may be performed offline. +The amount of resources required for such an attack would be significant. +However, for an attack on TLS to be meaningful, the server would have to share +the DH1024 private key among multiple clients, which is no longer an option +since CVE-2016-0701. + +This only affects processors that support the AVX2 but not ADX extensions +like Intel Haswell (4th generation). + +Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 +and CVE-2015-3193. + +OpenSSL 1.1.0 users should upgrade to 1.1.0h +OpenSSL 1.0.2 us
[openssl-commits] [openssl] master update
The branch master has been updated via 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d (commit) from f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09 (commit) - Log - commit 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d Author: Matt CaswellDate: Thu Mar 22 14:33:05 2018 + Don't write out a bad OID If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5725) --- Summary of changes: crypto/asn1/tasn_enc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index caa4869..8b562ba 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -528,6 +528,8 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, otmp = (ASN1_OBJECT *)*pval; cont = otmp->data; len = otmp->length; +if (cont == NULL || len == 0) +return -1; break; case V_ASN1_NULL: _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 68f04fa1ddc71c67822796bee7abaf32a87203a8 (commit) from b403cc386cb927f6838a2fc300cd1d872007ba65 (commit) - Log - commit 68f04fa1ddc71c67822796bee7abaf32a87203a8 Author: Matt CaswellDate: Thu Mar 22 14:33:05 2018 + Don't write out a bad OID If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5725) (cherry picked from commit 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d) --- Summary of changes: crypto/asn1/tasn_enc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index caa4869..8b562ba 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -528,6 +528,8 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, otmp = (ASN1_OBJECT *)*pval; cont = otmp->data; len = otmp->length; +if (cont == NULL || len == 0) +return -1; break; case V_ASN1_NULL: _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via b1eaed1c996da382efcbd44611a8917a68188dbf (commit) from 68f04fa1ddc71c67822796bee7abaf32a87203a8 (commit) - Log - commit b1eaed1c996da382efcbd44611a8917a68188dbf Author: Rich SalzDate: Mon Apr 24 20:24:38 2017 -0400 Fix typo in OPENSSL_LH_new compat API CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3292) (cherry picked from commit b3c42fc2503a685a9e51427c1a83c8f09487389d) --- Summary of changes: include/openssl/lhash.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/openssl/lhash.h b/include/openssl/lhash.h index 82d40c1..88d7d97 100644 --- a/include/openssl/lhash.h +++ b/include/openssl/lhash.h @@ -95,7 +95,7 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out); # define _LHASH OPENSSL_LHASH # define LHASH_NODE OPENSSL_LH_NODE # define lh_error OPENSSL_LH_error -# define lh_new OPENSSL_lh_new +# define lh_new OPENSSL_LH_new # define lh_free OPENSSL_LH_free # define lh_insert OPENSSL_LH_insert # define lh_delete OPENSSL_LH_delete _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 37a385956461ab526ecea2739a8a40364a8db259 (commit) via 320a81277e402f393289ae7229b2320324321fb1 (commit) from 9d5db9c9ab9b9f2f2a5ce9795405e8334cd2ce66 (commit) - Log - commit 37a385956461ab526ecea2739a8a40364a8db259 Author: Matt CaswellDate: Mon Mar 26 23:36:37 2018 +0100 Temporarily disable some tests that hang The previous commit causes some tests to hang so we temporarily disable them. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5757) commit 320a81277e402f393289ae7229b2320324321fb1 Author: Matt Caswell Date: Mon Mar 26 19:12:25 2018 +0100 Remove some code for a contributor that we cannot find This removes some code because we cannot trace the original contributor to get their agreement for the licence change (original commit e03ddfae). After this change there will be numerous failures in the test cases until someone rewrites the missing code. All *_free functions should accept a NULL parameter. After this change the following *_free functions will fail if a NULL parameter is passed: BIO_ACCEPT_free() BIO_CONNECT_free() BN_BLINDING_free() BN_CTX_free() BN_MONT_CTX_free() BN_RECP_CTX_free() BUF_MEM_free() COMP_CTX_free() ERR_STATE_free() TXT_DB_free() X509_STORE_free() ssl3_free() ssl_cert_free() SSL_SESSION_free() SSL_free() [skip ci] Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5757) --- Summary of changes: crypto/bio/bss_acpt.c | 3 --- crypto/bio/bss_conn.c | 3 --- crypto/bn/bn_blind.c| 3 --- crypto/bn/bn_ctx.c | 2 -- crypto/bn/bn_mont.c | 3 --- crypto/bn/bn_recp.c | 3 --- crypto/buffer/buffer.c | 3 --- crypto/comp/comp_lib.c | 3 --- crypto/err/err.c| 3 --- crypto/txt_db/txt_db.c | 3 --- crypto/x509/x509_lu.c | 3 --- ssl/s3_lib.c| 2 +- ssl/ssl_cert.c | 3 --- ssl/ssl_lib.c | 3 --- ssl/ssl_sess.c | 3 --- test/recipes/99-test_fuzz.t | 4 util/perl/TLSProxy/Proxy.pm | 5 + 17 files changed, 10 insertions(+), 42 deletions(-) diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index b7ec0c0..0171c49 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -101,9 +101,6 @@ static BIO_ACCEPT *BIO_ACCEPT_new(void) static void BIO_ACCEPT_free(BIO_ACCEPT *a) { -if (a == NULL) -return; - OPENSSL_free(a->param_addr); OPENSSL_free(a->param_serv); BIO_ADDRINFO_free(a->addr_first); diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 5c461ae..0fad02f 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -232,9 +232,6 @@ BIO_CONNECT *BIO_CONNECT_new(void) void BIO_CONNECT_free(BIO_CONNECT *a) { -if (a == NULL) -return; - OPENSSL_free(a->param_hostname); OPENSSL_free(a->param_service); BIO_ADDRINFO_free(a->addr_first); diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 006ad6e..8bd6156 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -80,9 +80,6 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) void BN_BLINDING_free(BN_BLINDING *r) { -if (r == NULL) -return; - BN_free(r->A); BN_free(r->Ai); BN_free(r->e); diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 68c0468..7202aef 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -156,8 +156,6 @@ BN_CTX *BN_CTX_secure_new(void) void BN_CTX_free(BN_CTX *ctx) { -if (ctx == NULL) -return; #ifdef BN_CTX_DEBUG { BN_POOL_ITEM *pool = ctx->pool.head; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 6357c60..bae7d23 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -217,9 +217,6 @@ void BN_MONT_CTX_init(BN_MONT_CTX *ctx) void BN_MONT_CTX_free(BN_MONT_CTX *mont) { -if (mont == NULL) -return; - BN_clear_free(&(mont->RR)); BN_clear_free(&(mont->N)); BN_clear_free(&(mont->Ni)); diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index e873699..923a9b3 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -32,9 +32,6 @@ BN_RECP_CTX *BN_RECP_CTX_new(void) void BN_RECP_CTX_free(BN_RECP_CTX *recp) { -if (recp == NULL) -return; - BN_free(&(recp->N)); BN_free(&(recp->Nr)); if (recp->flags & BN_FLG_MALLOCED) diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index cbd2e53..dfa5c23 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -42,9 +42,6 @@ BUF_MEM
[openssl-commits] [openssl] master update
The branch master has been updated via 242fcd695db6225ef98c5ad084e6f15ec5953158 (commit) from f770d75b1cac264d6280ec7326277daff6965cbb (commit) - Log - commit 242fcd695db6225ef98c5ad084e6f15ec5953158 Author: Andy PolyakovDate: Fri Mar 23 15:12:20 2018 +0100 rand/randfile.c: permit non-regular files in RAND_load_file. Apparently applications rely on RAND_load_file's ability to work with non-regular files, customarily with /dev/urandom, so that the ban was not exactly appropriate. Reviewed-by: Rich Salz Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/5737) --- Summary of changes: crypto/rand/randfile.c | 34 +++--- doc/man3/RAND_load_file.pod | 10 +++--- 2 files changed, 30 insertions(+), 14 deletions(-) diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index a979eb9..fa6f49e 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -32,6 +32,8 @@ # define chmod _chmod # define open_open # define fdopen _fdopen +# define fstat _fstat +# define fileno _fileno # endif #endif @@ -82,27 +84,45 @@ int RAND_load_file(const char *file, long bytes) if (bytes == 0) return 0; -#ifndef OPENSSL_NO_POSIX_IO -if (stat(file, ) < 0 || !S_ISREG(sb.st_mode)) { -RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_NOT_A_REGULAR_FILE); +if ((in = openssl_fopen(file, "rb")) == NULL) { +RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_CANNOT_OPEN_FILE); ERR_add_error_data(2, "Filename=", file); return -1; } -#endif -if ((in = openssl_fopen(file, "rb")) == NULL) { -RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_CANNOT_OPEN_FILE); + +#ifndef OPENSSL_NO_POSIX_IO +if (fstat(fileno(in), ) < 0) { +RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_INTERNAL_ERROR); ERR_add_error_data(2, "Filename=", file); return -1; } +if (!S_ISREG(sb.st_mode) && bytes < 0) +bytes = 256; +#endif +/* + * Don't buffer, because even if |file| is regular file, we have + * no control over the buffer, so why would we want a copy of its + * contents lying around? + */ +setbuf(in, NULL); + for ( ; ; ) { if (bytes > 0) n = (bytes < RAND_FILE_SIZE) ? (int)bytes : RAND_FILE_SIZE; else n = RAND_FILE_SIZE; i = fread(buf, 1, n, in); -if (i <= 0) +#ifdef EINTR +if (ferror(in) && errno == EINTR){ +clearerr(in); +if (i == 0) +continue; +} +#endif +if (i == 0) break; + RAND_add(buf, i, (double)i); ret += i; diff --git a/doc/man3/RAND_load_file.pod b/doc/man3/RAND_load_file.pod index 2fe932f..489ff2d 100644 --- a/doc/man3/RAND_load_file.pod +++ b/doc/man3/RAND_load_file.pod @@ -24,6 +24,9 @@ Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that B should be adequately protected so that an attacker cannot replace or examine the contents. +If B is not a regular file, then user is considered to be +responsible for any side effects, e.g. non-anticipated blocking or +capture of controlling terminal. RAND_write_file() writes a number of random bytes (currently 128) to file B which can be used to initialize the PRNG by calling @@ -70,13 +73,6 @@ error. L , L -=head1 HISTORY - -A comment in the source since at least OpenSSL 1.0.2 said that -RAND_load_file() and RAND_write_file() were only intended for regular files, -and not really device special files such as C. This was -poorly enforced before OpenSSL 1.1.1. - =head1 COPYRIGHT Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via ae43c92a337db1756c42e4d9f53f0ab92b40c04f (commit) from b1eaed1c996da382efcbd44611a8917a68188dbf (commit) - Log - commit ae43c92a337db1756c42e4d9f53f0ab92b40c04f Author: Miroslav SukDate: Thu Mar 22 09:20:43 2018 +0100 o_time.c: use gmtime_s with MSVC ts/ts_rsp_sign.c: change to OPENSSL_gmtime. Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5720) (cherry picked from commit 98c03302fb7b855647aa14022f61f5fb272e514a) --- Summary of changes: crypto/o_time.c | 4 crypto/ts/ts_rsp_sign.c | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/crypto/o_time.c b/crypto/o_time.c index b2fb38a..30b8155 100644 --- a/crypto/o_time.c +++ b/crypto/o_time.c @@ -41,6 +41,10 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) if (gmtime_r(timer, result) == NULL) return NULL; ts = result; +#elif defined (OPENSSL_SYS_WINDOWS) && defined(_MSC_VER) && _MSC_VER >= 1400 +if (gmtime_s(result, timer)) +return NULL; +ts = result; #else ts = gmtime(timer); if (ts == NULL) diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index aea7b92..91c4a42 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "ts_lcl.h" static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *); @@ -840,7 +841,7 @@ static ASN1_GENERALIZEDTIME long sec, long usec, unsigned precision) { time_t time_sec = (time_t)sec; -struct tm *tm = NULL; +struct tm *tm = NULL, tm_result; char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS]; char *p = genTime_str; char *p_end = genTime_str + sizeof(genTime_str); @@ -848,7 +849,7 @@ static ASN1_GENERALIZEDTIME if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) goto err; -if ((tm = gmtime(_sec)) == NULL) +if ((tm = OPENSSL_gmtime(_sec, _result)) == NULL) goto err; /* _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via dee0cc108fa92952df1f0a246e9e86bb660f1211 (commit) from 242fcd695db6225ef98c5ad084e6f15ec5953158 (commit) - Log - commit dee0cc108fa92952df1f0a246e9e86bb660f1211 Author: Philippe AntoineDate: Mon Mar 26 10:29:56 2018 +0200 statem/statem_clnt.c: omit redundant check in tls_construct_client_hello. Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5729) --- Summary of changes: ssl/statem/statem_clnt.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 86cf5b6..e940fc8 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -11,6 +11,7 @@ #include #include +#include #include "../ssl_locl.h" #include "statem_locl.h" #include @@ -1198,14 +1199,14 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) sess_id_len = 0; } } else { +assert(s->session->session_id_length <= sizeof(s->session->session_id)); sess_id_len = s->session->session_id_length; if (s->version == TLS1_3_VERSION) { s->tmp_session_id_len = sess_id_len; memcpy(s->tmp_session_id, s->session->session_id, sess_id_len); } } -if (sess_id_len > sizeof(s->session->session_id) -|| !WPACKET_start_sub_packet_u8(pkt) +if (!WPACKET_start_sub_packet_u8(pkt) || (sess_id_len != 0 && !WPACKET_memcpy(pkt, session_id, sess_id_len)) || !WPACKET_close(pkt)) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via c4eec78d221c6aa8d96d4d0ea9e7525490ffe222 (commit) from dee0cc108fa92952df1f0a246e9e86bb660f1211 (commit) - Log - commit c4eec78d221c6aa8d96d4d0ea9e7525490ffe222 Author: Konstantin ShemyakDate: Thu Mar 22 19:53:59 2018 +0200 doc/man1/x509.pod: corrected "S/MIME signing" requirements When the "certificate purpose" is checked and KeyUsage extension is present, either 'digitalSignature' or 'nonRepudiation' is accepted. Manual page corrected to reflect the above. Signed-off-by: Konstantin Shemyak Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5727) --- Summary of changes: doc/man1/x509.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index 81ce560..c375b3b 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -871,8 +871,8 @@ this is because some Verisign certificates don't set the S/MIME bit. =item B -In addition to the common S/MIME client tests the digitalSignature bit must -be set if the keyUsage extension is present. +In addition to the common S/MIME client tests the digitalSignature bit or +the nonRepudiation bit must be set if the keyUsage extension is present. =item B _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.16789
Build openssl master.16789 failed Commit 98c03302fb by Miroslav Suk on 3/27/2018 6:12 PM: o_time.c: use gmtime_s with MSVC Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via cdabf89acf65040560e0242cb70d945f3f3bdd5c (commit) from ae43c92a337db1756c42e4d9f53f0ab92b40c04f (commit) - Log - commit cdabf89acf65040560e0242cb70d945f3f3bdd5c Author: Philippe AntoineDate: Mon Mar 26 10:23:51 2018 +0200 Adds multiple checks to avoid buffer over reads Reviewed-by: Rich Salz Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5686) --- Summary of changes: ssl/t1_trce.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 76bdf79..e5b4085 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -725,6 +725,8 @@ static int ssl_print_extensions(BIO *bio, int indent, int server, BIO_puts(bio, "No Extensions\n"); return 1; } +if (msglen < 2) +return 0; extslen = (msg[0] << 8) | msg[1]; if (extslen != msglen - 2) return 0; @@ -1092,6 +1094,8 @@ static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, msglen -= xlen + 2; skip_sig: +if (msglen < 2) +return 0; xlen = (msg[0] << 8) | msg[1]; BIO_indent(bio, indent, 80); if (msglen < xlen + 2) @@ -1271,7 +1275,15 @@ void SSL_trace(int write_p, int version, int content_type, switch (content_type) { case SSL3_RT_HEADER: { -int hvers = msg[1] << 8 | msg[2]; +int hvers; + +/* avoid overlapping with length at the end of buffer */ +if (msglen < (SSL_IS_DTLS(ssl) ? 13 : 5)) { +BIO_puts(bio, write_p ? "Sent" : "Received"); +ssl_print_hex(bio, 0, " too short message", msg, msglen); +break; +} +hvers = msg[1] << 8 | msg[2]; BIO_puts(bio, write_p ? "Sent" : "Received"); BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", ssl_trace_str(hvers, ssl_version_tbl), hvers); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via f770d75b1cac264d6280ec7326277daff6965cbb (commit) from 37a385956461ab526ecea2739a8a40364a8db259 (commit) - Log - commit f770d75b1cac264d6280ec7326277daff6965cbb Author: Andy PolyakovDate: Mon Mar 26 12:35:57 2018 +0200 Configure: make LIST command work with dynamic 15-android.conf. This is quick-n-dirty ad-hoc solution, the problem asks for more elegant one... Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5755) --- Summary of changes: Configurations/15-android.conf | 4 Configure | 12 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/Configurations/15-android.conf b/Configurations/15-android.conf index 551f71b..d117386 100644 --- a/Configurations/15-android.conf +++ b/Configurations/15-android.conf @@ -16,6 +16,10 @@ sub android_ndk { unless (%$android_ndk) { +if ($now_printing =~ m|^android|) { +return $android_ndk = { bn_ops => "BN_AUTO" }; +} + my $ndk = $ENV{ANDROID_NDK}; die "\$ANDROID_NDK is not defined" if (!$ndk); die "\$ANDROID_NDK=$ndk is invalid" if (!-d "$ndk/platforms"); diff --git a/Configure b/Configure index 7a2ef9b..8770090 100755 --- a/Configure +++ b/Configure @@ -179,6 +179,10 @@ my $apitable = { our %table = (); our %config = (); our %withargs = (); +our $now_printing; # set to current entry's name in print_table_entry +# (todo: right thing would be to encapsulate name +# into %target [class] and make print_table_entry +# a method) # Forward declarations ### @@ -3108,8 +3112,8 @@ sub env sub print_table_entry { -my $target = shift; -my %target = resolve_config($target); +local $now_printing = shift; +my %target = resolve_config($now_printing); my $type = shift; # Don't print the templates @@ -3178,7 +3182,7 @@ sub print_table_entry if ($type eq "TABLE") { print "\n"; - print "*** $target\n"; + print "*** $now_printing\n"; foreach (@sequence) { if (ref($target{$_}) eq "ARRAY") { printf "\$%-12s = %s\n", $_, join(" ", @{$target{$_}}); @@ -3189,7 +3193,7 @@ sub print_table_entry } elsif ($type eq "HASH") { my $largest = length((sort { length($a) <=> length($b) } @sequence)[-1]); - print "'$target' => {\n"; + print "'$now_printing' => {\n"; foreach (@sequence) { if ($target{$_}) { if (ref($target{$_}) eq "ARRAY") { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 98c03302fb7b855647aa14022f61f5fb272e514a (commit) from c4eec78d221c6aa8d96d4d0ea9e7525490ffe222 (commit) - Log - commit 98c03302fb7b855647aa14022f61f5fb272e514a Author: Miroslav SukDate: Thu Mar 22 09:20:43 2018 +0100 o_time.c: use gmtime_s with MSVC ts/ts_rsp_sign.c: change to OPENSSL_gmtime. Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5720) --- Summary of changes: crypto/o_time.c | 4 crypto/ts/ts_rsp_sign.c | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/crypto/o_time.c b/crypto/o_time.c index b2fb38a..30b8155 100644 --- a/crypto/o_time.c +++ b/crypto/o_time.c @@ -41,6 +41,10 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) if (gmtime_r(timer, result) == NULL) return NULL; ts = result; +#elif defined (OPENSSL_SYS_WINDOWS) && defined(_MSC_VER) && _MSC_VER >= 1400 +if (gmtime_s(result, timer)) +return NULL; +ts = result; #else ts = gmtime(timer); if (ts == NULL) diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index eac40ab..ed45c00 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -13,6 +13,7 @@ #include #include #include +#include #include "ts_lcl.h" static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *); @@ -986,7 +987,7 @@ static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision( unsigned precision) { time_t time_sec = (time_t)sec; -struct tm *tm = NULL; +struct tm *tm = NULL, tm_result; char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS]; char *p = genTime_str; char *p_end = genTime_str + sizeof(genTime_str); @@ -994,7 +995,7 @@ static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision( if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) goto err; -if ((tm = gmtime(_sec)) == NULL) +if ((tm = OPENSSL_gmtime(_sec, _result)) == NULL) goto err; /* _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 46c815a97d21135561d2204574bbd7c184b1f0b5 (commit) from f3f8e72f494b36d05e0d04fe418f92b692fbb261 (commit) - Log - commit 46c815a97d21135561d2204574bbd7c184b1f0b5 Author: Philippe AntoineDate: Mon Mar 26 10:25:55 2018 +0200 Adds multiple checks to avoid buffer over reads Reviewed-by: Rich Salz Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5687) --- Summary of changes: ssl/t1_trce.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index dc62df8..8a5707a 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -645,6 +645,8 @@ static int ssl_print_extensions(BIO *bio, int indent, int server, BIO_puts(bio, "No Extensions\n"); return 1; } +if (msglen < 2) +return 0; extslen = (msg[0] << 8) | msg[1]; if (extslen != msglen - 2) return 0; @@ -1021,6 +1023,8 @@ static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, msglen -= xlen + 2; skip_sig: +if (msglen < 2) +return 0; xlen = (msg[0] << 8) | msg[1]; BIO_indent(bio, indent, 80); if (msglen < xlen + 2) @@ -1209,7 +1213,15 @@ void SSL_trace(int write_p, int version, int content_type, switch (content_type) { case SSL3_RT_HEADER: { -int hvers = msg[1] << 8 | msg[2]; +int hvers; + +/* avoid overlapping with length at the end of buffer */ +if (msglen < (SSL_IS_DTLS(ssl) ? 13 : 5)) { +BIO_puts(bio, write_p ? "Sent" : "Received"); +ssl_print_hex(bio, 0, " too short message", msg, msglen); +break; +} +hvers = msg[1] << 8 | msg[2]; BIO_puts(bio, write_p ? "Sent" : "Received"); BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", ssl_trace_str(hvers, ssl_version_tbl), hvers); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via e6e9170d6e28038768895e1af18e3aad8093bf4b (commit) from 98c03302fb7b855647aa14022f61f5fb272e514a (commit) - Log - commit e6e9170d6e28038768895e1af18e3aad8093bf4b Author: Rich SalzDate: Tue Mar 27 16:25:08 2018 -0400 Allow NULL for some _free routines. Based on the description in https://github.com/openssl/openssl/pull/5757, this re-implements the "allow NULL to be passed" behavior of a number of xxx_free routines. I also fixed up some egregious formatting errors that were nearby. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5761) --- Summary of changes: crypto/bio/bss_acpt.c | 2 ++ crypto/bio/bss_conn.c | 2 ++ crypto/bn/bn_blind.c | 2 ++ crypto/bn/bn_ctx.c | 2 ++ crypto/bn/bn_mont.c| 14 -- crypto/bn/bn_recp.c| 6 -- crypto/buffer/buffer.c | 2 ++ crypto/comp/comp_lib.c | 2 ++ crypto/err/err.c | 29 +++-- crypto/txt_db/txt_db.c | 2 ++ crypto/x509/x509_lu.c | 2 ++ ssl/s3_lib.c | 2 +- ssl/ssl_cert.c | 2 ++ ssl/ssl_lib.c | 2 ++ ssl/ssl_sess.c | 2 ++ 15 files changed, 50 insertions(+), 23 deletions(-) diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index 0171c49..64cc452 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -101,6 +101,8 @@ static BIO_ACCEPT *BIO_ACCEPT_new(void) static void BIO_ACCEPT_free(BIO_ACCEPT *a) { +if (a == NULL) +return; OPENSSL_free(a->param_addr); OPENSSL_free(a->param_serv); BIO_ADDRINFO_free(a->addr_first); diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 0fad02f..cc245ab 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -232,6 +232,8 @@ BIO_CONNECT *BIO_CONNECT_new(void) void BIO_CONNECT_free(BIO_CONNECT *a) { +if (a == NULL) +return; OPENSSL_free(a->param_hostname); OPENSSL_free(a->param_service); BIO_ADDRINFO_free(a->addr_first); diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 8bd6156..985d3ef 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -80,6 +80,8 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) void BN_BLINDING_free(BN_BLINDING *r) { +if (r == NULL) +return; BN_free(r->A); BN_free(r->Ai); BN_free(r->e); diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 7202aef..68c0468 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -156,6 +156,8 @@ BN_CTX *BN_CTX_secure_new(void) void BN_CTX_free(BN_CTX *ctx) { +if (ctx == NULL) +return; #ifdef BN_CTX_DEBUG { BN_POOL_ITEM *pool = ctx->pool.head; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index bae7d23..c882891 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -208,18 +208,20 @@ BN_MONT_CTX *BN_MONT_CTX_new(void) void BN_MONT_CTX_init(BN_MONT_CTX *ctx) { ctx->ri = 0; -bn_init(&(ctx->RR)); -bn_init(&(ctx->N)); -bn_init(&(ctx->Ni)); +bn_init(>RR); +bn_init(>N); +bn_init(>Ni); ctx->n0[0] = ctx->n0[1] = 0; ctx->flags = 0; } void BN_MONT_CTX_free(BN_MONT_CTX *mont) { -BN_clear_free(&(mont->RR)); -BN_clear_free(&(mont->N)); -BN_clear_free(&(mont->Ni)); +if (mont == NULL) +return; +BN_clear_free(>RR); +BN_clear_free(>N); +BN_clear_free(>Ni); if (mont->flags & BN_FLG_MALLOCED) OPENSSL_free(mont); } diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index 923a9b3..8eb500b 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -32,8 +32,10 @@ BN_RECP_CTX *BN_RECP_CTX_new(void) void BN_RECP_CTX_free(BN_RECP_CTX *recp) { -BN_free(&(recp->N)); -BN_free(&(recp->Nr)); +if (recp == NULL) +return; +BN_free(>N); +BN_free(>Nr); if (recp->flags & BN_FLG_MALLOCED) OPENSSL_free(recp); } diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index dfa5c23..48618a4 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -42,6 +42,8 @@ BUF_MEM *BUF_MEM_new(void) void BUF_MEM_free(BUF_MEM *a) { +if (a == NULL) +return; if (a->data != NULL) { if (a->flags & BUF_MEM_FLAG_SECURE) OPENSSL_secure_clear_free(a->data, a->max); diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c index 5bed187..c199bb3 100644 --- a/crypto/comp/comp_lib.c +++ b/crypto/comp/comp_lib.c @@ -45,6 +45,8 @@ const char *COMP_get_name(const COMP_METHOD *meth) void COMP_CTX_free(COMP_CTX *ctx) { +if (ctx == NULL) +return; if (ctx->meth->finish != NULL) ctx->meth->finish(ctx); diff --git a/crypto/err/err.c b/crypto/err/err.c index