[openssl-dev] [openssl.org #4140] GITHUB PULL REQUEST: do not load engines twice
Hi, https://github.com/openssl/openssl/pull/466 If you try to run OPENSSL_config twice, it will fail on loading engines. (We encountered this case with ruby and libzypp both running OPENSSL_config in the same process.) Ciao, Marcus -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4132] test/dsatest.c wrong argument to BIO_printf
Hi, apply this patch ... commit c01f7e9e233e5e5dabd1ec01eb17198b0798e092 Author: Marcus Meissner Date: Tue Nov 10 16:24:51 2015 +0100 fixed wrong argument to BIO_printf diff --git a/test/dsatest.c b/test/dsatest.c index 1f4b837..fe25352 100644 --- a/test/dsatest.c +++ b/test/dsatest.c @@ -247,7 +247,7 @@ static int dsa_cb(int p, int n, BN_GENCB *arg) (void)BIO_flush(BN_GENCB_get_arg(arg)); if (!ok && (p == 0) && (num > 1)) { -BIO_printf((BIO *)arg, "error in dsatest\n"); +BIO_printf(BN_GENCB_get_arg(arg), "error in dsatest\n"); return 0; } return 1; ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4121] avoid configuring openssl twice
Hi, In a mix of various libraries using openssl it can happen that OPENSSL_config is called multiple times. Usually this works, but e.g. if you have engines configured, the second load of engines will not work. OPENSSL_config checks openssl_configured on begin, but does not set it when done. (only in OPENSSL_no_config). So lets set it at the end of OPENSSL_config. Sent as https://github.com/openssl/openssl/pull/466 Ciao, Marcus -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3927] regression in 1.0.2c spotted by Net-SSLeay
Hi, I am debugging a testsuite error in the perl Net-SSLeay module, which got introduced between 1.0.2a and 1.0.2c. The test code looks like this: ... private key in $pk ... ok(my $alg2 = Net::SSLeay::EVP_get_cipherbyname("DES-EDE3-OFB"), "EVP_get_cipherbyname"); like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg2), qr/-BEGIN (ENCRYPTED|RSA) PRIVATE KEY-/, "PEM_get_string_PrivateKey+passwd+enc_alg"); Previously it returned a encrypted key, now it does not. The error stack has: 0:error:0D0A706C:asn1 encoding routines:PKCS5_pbe2_set_iv:cipher has no object identifier:p5_pbev2.c:104: 0:error:2307D00D:PKCS12 routines:PKCS8_encrypt:ASN1 lib:p12_p8e.c:86: Which I _think_ is caused by this change between 1.0.2a and 1.0.2c: diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 5cd755d..aca382a 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -400,6 +400,8 @@ static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp) j = (a->length - b->length); if (j) return (j); +if (a->length == 0) +return 0; return (memcmp(a->data, b->data, a->length)); } @@ -415,6 +417,9 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) if (a->nid != 0) return (a->nid); +if (a->length == 0) +return NID_undef; + if (added != NULL) { ad.type = ADDED_DATA; ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */ which comes from the objects entry: obj_dat.h:{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0}, obj_dat.h:{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0}, I was not able to find out why des-ede3-cbc does have length 8, but ofb does not? How to fix this? Should it have length 8 too? Ciao, Marcus ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl.org #3402] spurios change in perl NET_SSLeay module
On Thu, Jun 12, 2014 at 07:11:24PM +0200, Stephen Henson via RT wrote: > On Thu Jun 12 18:16:55 2014, meiss...@suse.de wrote: > > Hi, > > > > The Net-SSLeay perl module failed its testsuite after 1.0.1g -> 1.0.1h > > update. > > > > The code looks like this: > > > > ... create more X509 certificate stuff ... > > is(Net::SSLeay::X509_NAME_print_ex($name), "O=Company > > Name,C=UK,CN=Common name text X509", "X509_NAME_print_ex"); > > is(unpack("H*",Net::SSLeay::X509_NAME_digest($name, $sha1_digest)), > > "044d7ea7fddced7b9b63799600b9989a63b36819", "X509_NAME_digest"); > > > > The sha1 sum of the ASN.1 encoding changed. > > > > The reason for this is commit > > > > git show 3009244da47b989c4cc59ba > > commit 3009244da47b989c4cc59ba02cf81a4e9d8f8431 > > Author: Dr. Stephen Henson > > Date: Sun Jun 1 15:03:00 2014 +0100 > > > > Set default global mask to UTF8 only. > > > > diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c > > index dedc488..8993264 100644 > > --- a/crypto/asn1/a_strnid.c > > +++ b/crypto/asn1/a_strnid.c > > @@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * > > const *a, > > * certain software (e.g. Netscape) has problems with them. > > */ > > > > -static unsigned long global_mask = 0xL; > > +static unsigned long global_mask = B_ASN1_UTF8STRING; > > > > void ASN1_STRING_set_default_mask(unsigned long mask) > > { > > > > Should this change the above behaviour? > > > > Yes it would change that behaviour. When OpenSSL is asked to construct a DN it > uses various criteria to determine what string types to use. for > DirectoryString. Before that change it was using some ancient rules which > would > use long obsolete type. After that change it is brought up to date. > > Because the string types change that means the encoding and hence the hash > will > change. Sounds sensible. The ticket could be closed again ;) Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3402] spurios change in perl NET_SSLeay module
Hi, The Net-SSLeay perl module failed its testsuite after 1.0.1g -> 1.0.1h update. The code looks like this: ... create more X509 certificate stuff ... is(Net::SSLeay::X509_NAME_print_ex($name), "O=Company Name,C=UK,CN=Common name text X509", "X509_NAME_print_ex"); is(unpack("H*",Net::SSLeay::X509_NAME_digest($name, $sha1_digest)), "044d7ea7fddced7b9b63799600b9989a63b36819", "X509_NAME_digest"); The sha1 sum of the ASN.1 encoding changed. The reason for this is commit git show 3009244da47b989c4cc59ba commit 3009244da47b989c4cc59ba02cf81a4e9d8f8431 Author: Dr. Stephen Henson Date: Sun Jun 1 15:03:00 2014 +0100 Set default global mask to UTF8 only. diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index dedc488..8993264 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, * certain software (e.g. Netscape) has problems with them. */ -static unsigned long global_mask = 0xL; +static unsigned long global_mask = B_ASN1_UTF8STRING; void ASN1_STRING_set_default_mask(unsigned long mask) { Should this change the above behaviour? Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3336] 1.0.1g breaks IronPORT SMTP appliance (padding extension)
Hi, SUSE has received a bugreport from a user, that the "padding" extension change breaks IronPort SMTP appliances. There might a RT on this already, not sure. https://bugzilla.novell.com/show_bug.cgi?id=875639 http://postfix.1071664.n5.nabble.com/OpenSSL-1-0-1g-and-Ironport-SMTP-appliances-interop-issue-td66873.html Quoting from our openSUSE bugreport: Last upgrade to openssl-1.0.1g-11.36.1.x86_64 broke SSL connections to some services, e.g. Cisco Ironport SMTP appliances. 1.0.1g not only fixes the Heartbleed bug but also adds another change by adding: #define TLSEXT_TYPE_padding 21 This in turn breaks SSL connections to e.g. Ironports, probably others: SSL23_GET_SERVER_HELLO:tlsv1 alert decode error Workaround: Force protocol to SSLv3 or recompile without the define above. For details, please refer to: postfix.1071664.n5.nabble.com/OpenSSL-1-0-1g-and-Ironport-SMTP-appliances-interop-issue-td66873.html Reproducible: Always Steps to Reproduce: 1. openssl s_client -connect some.ironport.com:25 -starttls smtp Note: Send me an email for a hostname of an Ironport SMTP appliance to test with. I don't want to disclose it here. Actual Results: CONNECTED(0003) 139718758192784:error:1407741A:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert decode error:s23_clnt.c:762: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 129 bytes and written 552 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- Expected Results: CONNECTED(0003) --- Certificate chain [...cut...] New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 [...cut..-] 250 STARTTLS __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2531] small memory leak in t1_lib
Hi, probably not triggers in real life conditions. also spotted by Coverity, untested. --- ssl/t1_lib.c.xx 2011-05-18 15:50:08.0 + +++ ssl/t1_lib.c2011-05-18 15:50:22.0 + @@ -1714,8 +1714,10 @@ return -1; } EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen); - if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) + if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) { + OPENSSL_free(sdec); goto tickerr; + } slen += mlen; EVP_CIPHER_CTX_cleanup(&ctx); p = sdec; Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2530] crypto/dsa/dsa_gen.c::dsa_builtin_paramgen has potential uninitialized seed
Hi, (I am not fully sure I understand it right.) Coverity thinks dsa_builtin_paramgen() can use portions of "seed" uninitialized and I can agree. If seed_len is > 0 but < qsize, the memcpy(seed,seed_in,seed_len) does not trigger, but "seed" is used, being a uninitialized stack variable. This would probably means that the seeding is done with whatever is on the stack if a seed_len >0 (size_t)qsize) seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2529] potential bug in ssl/bio_ssl.c::ssl_ctrl BIO_C_SET_SSL
Hi, Coverity thinks that in this sequence b->ptr is used after free and I have to agree: case BIO_C_SET_SSL: if (ssl != NULL) ssl_free(b);// MARCUS: frees also b->ptr b->shutdown=(int)num; ssl=(SSL *)ptr; ((BIO_SSL *)b->ptr)->ssl=ssl; // MARCUS: Derferences freed b->ptr bio=SSL_get_rbio(ssl); if (bio != NULL) { if (b->next_bio != NULL) BIO_push(bio,b->next_bio); b->next_bio=bio; CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO); } b->init=1; break; Not sure what was really intended in the second commented line. Ciao, MArcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2528] setup_engine curious return value
HI, apps/engine.c, function setup_engine() It has "return e;" on success, but the code has: /* Free our "structural" reference. */ ENGINE_free(e); } return e; ENGINE_free(e) makes e invalid, so returning it is very dangerous. The return value mostly seems to be unused though, so perhaps get fully rid of it. Spotted also by Coverity. Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2527] doublefree in apps/asn1parse.c
Hi, NCONF_free(cnf) is again called later when errors are handled, which would lead to double free of cnf. Spotted by Coverity checker. Ciao, Marcus --- apps/asn1pars.c.xx 2011-05-18 14:40:29.0 +0200 +++ apps/asn1pars.c 2011-05-18 14:40:43.0 +0200 @@ -408,6 +408,7 @@ atyp = ASN1_generate_nconf(genstr, cnf); NCONF_free(cnf); + cnf = NULL; if (!atyp) return -1; __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2526] bad sequence in OCSP_parse_url
OCSP_parse_url has a bad sequence of initializing the parameter returns and buf strdupping + error handling. If the first error handling triggers, it will access the 3 argument pointers uninitialized memory. (the goto mem_err; patch will free **pport et.al.) found by Coverity scanner. Ciao, Marcus --- crypto/ocsp/ocsp_lib.c.xx 2011-05-18 14:17:25.0 +0200 +++ crypto/ocsp/ocsp_lib.c 2011-05-18 14:17:34.0 +0200 @@ -170,14 +170,14 @@ char *host, *port; - /* dup the buffer since we are going to mess with it */ - buf = BUF_strdup(url); - if (!buf) goto mem_err; - *phost = NULL; *pport = NULL; *ppath = NULL; + /* dup the buffer since we are going to mess with it */ + buf = BUF_strdup(url); + if (!buf) goto mem_err; + /* Check for initial colon */ p = strchr(buf, ':'); __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2200] patch: fixed a crash with "openssl req"
Our QA found a scenario where openssl req is crashing, this is tracked in https://bugzilla.novell.com/show_bug.cgi?id=430141 It seems a non-asn1 converted string is passed into ASN1_TYPE_set1. We applied the patch attached. Ciao, Marcus Index: openssl-0.9.8h/crypto/x509/x509_att.c --- openssl-0.9.8h/crypto/x509/x509_att.c +++ openssl-0.9.8h/crypto/x509/x509_att.c @@ -305,7 +305,7 @@ if(!(ttmp = ASN1_TYPE_new())) goto err; if (len == -1) { - if (!ASN1_TYPE_set1(ttmp, attrtype, data)) + if (!ASN1_TYPE_set1(ttmp, attrtype, stmp)) goto err; } else
[openssl.org #2199] patch: mark assembler as non-exec-stack
Hi, Type: patch We use the following patch on openSUSE to make sure that openssl uses non-executable stack by marking the assembler code as not requiring x-stack. Ciao, Marcus --- crypto/perlasm/x86unix.pl +++ crypto/perlasm/x86unix.pl @@ -586,6 +586,7 @@ push(@out,$const); $const=""; } + push(@out, ".section .note.GNU-stack,\"\",\...@progbits"); } sub main'data_word