From a81734f931d7dd55bdaf0d6d2b54458f8836fde6 Mon Sep 17 00:00:00 2001 From: jkim Date: Thu, 28 Jan 2016 21:42:10 +0000 Subject: Merge OpenSSL 1.0.1r. Relnotes: yes --- crypto/openssl/ACKNOWLEDGMENTS | 32 +-------- crypto/openssl/CHANGES | 24 +++++++ crypto/openssl/Configure | 33 +++++---- crypto/openssl/INSTALL | 8 +-- crypto/openssl/LICENSE | 2 +- crypto/openssl/Makefile | 40 +++++------ crypto/openssl/Makefile.org | 38 +++++----- crypto/openssl/NEWS | 5 ++ crypto/openssl/README | 13 ++-- crypto/openssl/apps/engine.c | 2 +- crypto/openssl/apps/ocsp.c | 2 +- crypto/openssl/apps/pkcs12.c | 42 +++++------ crypto/openssl/apps/speed.c | 2 +- crypto/openssl/apps/x509.c | 7 +- crypto/openssl/crypto/aes/aes.h | 2 +- crypto/openssl/crypto/aes/aes_cbc.c | 2 +- crypto/openssl/crypto/aes/aes_cfb.c | 2 +- crypto/openssl/crypto/aes/aes_core.c | 2 +- crypto/openssl/crypto/aes/aes_ctr.c | 2 +- crypto/openssl/crypto/aes/aes_ecb.c | 2 +- crypto/openssl/crypto/aes/aes_ige.c | 2 +- crypto/openssl/crypto/aes/aes_locl.h | 2 +- crypto/openssl/crypto/aes/aes_misc.c | 2 +- crypto/openssl/crypto/aes/aes_ofb.c | 2 +- crypto/openssl/crypto/aes/aes_x86core.c | 2 +- crypto/openssl/crypto/bio/bio.h | 8 ++- crypto/openssl/crypto/bio/bss_bio.c | 2 +- crypto/openssl/crypto/bio/bss_conn.c | 31 +++++--- crypto/openssl/crypto/bio/bss_dgram.c | 2 - crypto/openssl/crypto/bn/bn_exp.c | 41 ++++++++--- crypto/openssl/crypto/bn/exptest.c | 82 +++++++++++++++++++--- crypto/openssl/crypto/camellia/camellia.c | 4 +- crypto/openssl/crypto/camellia/camellia.h | 2 +- crypto/openssl/crypto/camellia/cmll_cbc.c | 2 +- crypto/openssl/crypto/camellia/cmll_cfb.c | 2 +- crypto/openssl/crypto/camellia/cmll_ctr.c | 2 +- crypto/openssl/crypto/camellia/cmll_ecb.c | 2 +- crypto/openssl/crypto/camellia/cmll_locl.h | 2 +- crypto/openssl/crypto/camellia/cmll_misc.c | 2 +- crypto/openssl/crypto/camellia/cmll_ofb.c | 2 +- crypto/openssl/crypto/camellia/cmll_utl.c | 2 +- crypto/openssl/crypto/des/des_old.c | 2 +- crypto/openssl/crypto/des/des_old.h | 2 +- crypto/openssl/crypto/des/des_old2.c | 2 +- crypto/openssl/crypto/dsa/dsa_ossl.c | 8 +-- crypto/openssl/crypto/dso/dso.h | 2 +- crypto/openssl/crypto/dso/dso_dl.c | 2 +- crypto/openssl/crypto/dso/dso_dlfcn.c | 2 +- crypto/openssl/crypto/dso/dso_lib.c | 2 +- crypto/openssl/crypto/ec/ectest.c | 2 +- crypto/openssl/crypto/engine/eng_all.c | 2 +- crypto/openssl/crypto/evp/e_camellia.c | 2 +- crypto/openssl/crypto/evp/e_old.c | 2 +- crypto/openssl/crypto/evp/e_seed.c | 2 +- crypto/openssl/crypto/mem_clr.c | 2 +- crypto/openssl/crypto/o_dir.c | 2 +- crypto/openssl/crypto/o_dir.h | 2 +- crypto/openssl/crypto/o_dir_test.c | 2 +- crypto/openssl/crypto/o_str.c | 2 +- crypto/openssl/crypto/o_str.h | 2 +- crypto/openssl/crypto/o_time.c | 2 +- crypto/openssl/crypto/o_time.h | 2 +- crypto/openssl/crypto/opensslv.h | 6 +- crypto/openssl/crypto/rc4/rc4_utl.c | 2 +- crypto/openssl/crypto/rsa/rsa_chk.c | 2 +- crypto/openssl/crypto/rsa/rsa_sign.c | 4 +- crypto/openssl/crypto/seed/seed_cbc.c | 2 +- crypto/openssl/crypto/seed/seed_cfb.c | 2 +- crypto/openssl/crypto/seed/seed_ecb.c | 2 +- crypto/openssl/crypto/seed/seed_ofb.c | 2 +- crypto/openssl/crypto/sha/sha1test.c | 2 +- crypto/openssl/crypto/store/store.h | 2 +- crypto/openssl/crypto/store/str_lib.c | 2 +- crypto/openssl/crypto/store/str_locl.h | 2 +- crypto/openssl/crypto/store/str_mem.c | 2 +- crypto/openssl/crypto/store/str_meth.c | 2 +- crypto/openssl/crypto/ts/ts_rsp_verify.c | 3 +- crypto/openssl/crypto/ui/ui.h | 2 +- crypto/openssl/crypto/ui/ui_compat.c | 2 +- crypto/openssl/crypto/ui/ui_compat.h | 2 +- crypto/openssl/crypto/ui/ui_lib.c | 2 +- crypto/openssl/crypto/ui/ui_locl.h | 2 +- crypto/openssl/crypto/ui/ui_openssl.c | 2 +- crypto/openssl/crypto/ui/ui_util.c | 2 +- crypto/openssl/crypto/x509/x509_vfy.c | 39 ++++++---- crypto/openssl/crypto/x509/x509_vfy.h | 2 +- crypto/openssl/crypto/x509v3/v3_pci.c | 2 +- crypto/openssl/crypto/x509v3/v3_pcia.c | 2 +- crypto/openssl/doc/apps/s_time.pod | 4 +- crypto/openssl/doc/crypto/BIO_s_connect.pod | 4 +- .../doc/ssl/SSL_CTX_set_tlsext_status_cb.pod | 73 +++++++++++++++++++ .../doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 ++------ crypto/openssl/engines/e_chil.c | 2 +- crypto/openssl/ssl/d1_both.c | 70 ++++++++++++------ crypto/openssl/ssl/kssl.c | 2 +- crypto/openssl/ssl/kssl.h | 2 +- crypto/openssl/ssl/kssl_lcl.h | 2 +- crypto/openssl/ssl/s2_srvr.c | 20 +++++- crypto/openssl/ssl/s3_clnt.c | 63 +++++++++-------- crypto/openssl/ssl/s3_lib.c | 19 ++--- crypto/openssl/ssl/s3_srvr.c | 25 +++---- crypto/openssl/ssl/ssl.h | 2 +- crypto/openssl/ssl/ssl_sess.c | 3 - crypto/openssl/ssl/t1_enc.c | 2 +- crypto/openssl/ssl/t1_lib.c | 14 ++-- crypto/openssl/util/pl/VC-32.pl | 8 ++- crypto/openssl/util/pod2mantest | 58 +++++++++++++++ 107 files changed, 621 insertions(+), 385 deletions(-) create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod create mode 100755 crypto/openssl/util/pod2mantest (limited to 'crypto') diff --git a/crypto/openssl/ACKNOWLEDGMENTS b/crypto/openssl/ACKNOWLEDGMENTS index 59c6f01..d21dccb 100644 --- a/crypto/openssl/ACKNOWLEDGMENTS +++ b/crypto/openssl/ACKNOWLEDGMENTS @@ -1,30 +1,2 @@ -The OpenSSL project depends on volunteer efforts and financial support from -the end user community. That support comes in the form of donations and paid -sponsorships, software support contracts, paid consulting services -and commissioned software development. - -Since all these activities support the continued development and improvement -of OpenSSL we consider all these clients and customers as sponsors of the -OpenSSL project. - -We would like to identify and thank the following such sponsors for their past -or current significant support of the OpenSSL project: - -Major support: - - Qualys http://www.qualys.com/ - -Very significant support: - - OpenGear: http://www.opengear.com/ - -Significant support: - - PSW Group: http://www.psw.net/ - Acano Ltd. http://acano.com/ - -Please note that we ask permission to identify sponsors and that some sponsors -we consider eligible for inclusion here have requested to remain anonymous. - -Additional sponsorship or financial support is always welcome: for more -information please contact the OpenSSL Software Foundation. +Please https://www.openssl.org/community/thanks.html for the current +acknowledgements. diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index d920954..b84ff94 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -2,6 +2,30 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1q and 1.0.1r [28 Jan 2016] + + *) Protection for DH small subgroup attacks + + As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been + switched on by default and cannot be disabled. This could have some + performance impact. + [Matt Caswell] + + *) SSLv2 doesn't block disabled ciphers + + A malicious client can negotiate SSLv2 ciphers that have been disabled on + the server and complete SSLv2 handshakes even if all SSLv2 ciphers have + been disabled, provided that the SSLv2 protocol was not also disabled via + SSL_OP_NO_SSLv2. + + This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram + and Sebastian Schinzel. + (CVE-2015-3197) + [Viktor Dukhovni] + + *) Reject DH handshakes with parameters shorter than 1024 bits. + [Kurt Roeckx] + Changes between 1.0.1p and 1.0.1q [3 Dec 2015] *) Certificate verify crash with missing PSS parameter diff --git a/crypto/openssl/Configure b/crypto/openssl/Configure index fdf8d9a..0a5ffac 100755 --- a/crypto/openssl/Configure +++ b/crypto/openssl/Configure @@ -105,6 +105,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED"; +# Warn that "make depend" should be run? +my $warn_make_depend = 0; + my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Qunused-arguments"; my $strict_warnings = 0; @@ -1446,7 +1449,7 @@ if ($target =~ /\-icc$/) # Intel C compiler # linker only when --prefix is not /usr. if ($target =~ /^BSD\-/) { - $shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|); + $shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|); } if ($sys_id ne "") @@ -1953,14 +1956,8 @@ EOF &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s'); } if ($depflags ne $default_depflags && !$make_depend) { - print < (note that your message will be recorded in the request tracker publicly readable - via http://www.openssl.org/support/rt.html and will be forwarded to a - public mailing list). Include the output of "make report" in your message. - Please check out the request tracker. Maybe the bug was already - reported or has already been fixed. + at https://www.openssl.org/community/index.html#bugs and will be + forwarded to a public mailing list). Include the output of "make + report" in your message. Please check out the request tracker. Maybe + the bug was already reported or has already been fixed. [If you encounter assembler error messages, try the "no-asm" configuration option as an immediate fix.] diff --git a/crypto/openssl/LICENSE b/crypto/openssl/LICENSE index e47d101..fb03713 100644 --- a/crypto/openssl/LICENSE +++ b/crypto/openssl/LICENSE @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/crypto/openssl/Makefile b/crypto/openssl/Makefile index 18bc72a..7945cde 100644 --- a/crypto/openssl/Makefile +++ b/crypto/openssl/Makefile @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1q +VERSION=1.0.1r MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 @@ -181,8 +181,7 @@ SHARED_LDFLAGS= GENERAL= Makefile BASENAME= openssl NAME= $(BASENAME)-$(VERSION) -TARFILE= $(NAME).tar -WTARFILE= $(NAME)-win.tar +TARFILE= ../$(NAME).tar EXHEADER= e_os2.h HEADER= e_os.h @@ -501,38 +500,35 @@ TABLE: Configure # would occur. Therefore the list of files is temporarily stored into a file # and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal # tar does not support the --files-from option. -TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \ - --owner openssl:0 --group openssl:0 \ - --transform 's|^|openssl-$(VERSION)/|' \ +TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \ + --owner 0 --group 0 \ + --transform 's|^|$(NAME)/|' \ -cvf - -../$(TARFILE).list: +$(TARFILE).list: find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \ \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \ - \! -name '*test' \! -name '.#*' \! -name '*~' \ - | sort > ../$(TARFILE).list + \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \ + \! -name '.#*' \! -name '*~' \! -type l \ + | sort > $(TARFILE).list -tar: ../$(TARFILE).list +tar: $(TARFILE).list find . -type d -print | xargs chmod 755 find . -type f -print | xargs chmod a+r find . -type f -perm -0100 -print | xargs chmod a+x - $(TAR_COMMAND) | gzip --best >../$(TARFILE).gz - rm -f ../$(TARFILE).list - ls -l ../$(TARFILE).gz + $(TAR_COMMAND) | gzip --best > $(TARFILE).gz + rm -f $(TARFILE).list + ls -l $(TARFILE).gz -tar-snap: ../$(TARFILE).list - $(TAR_COMMAND) > ../$(TARFILE) - rm -f ../$(TARFILE).list - ls -l ../$(TARFILE) +tar-snap: $(TARFILE).list + $(TAR_COMMAND) > $(TARFILE) + rm -f $(TARFILE).list + ls -l $(TARFILE) dist: $(PERL) Configure dist - @$(MAKE) dist_pem_h @$(MAKE) SDIRS='$(SDIRS)' clean - @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar - -dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar install: all install_docs install_sw diff --git a/crypto/openssl/Makefile.org b/crypto/openssl/Makefile.org index 248d859..81edc1e 100644 --- a/crypto/openssl/Makefile.org +++ b/crypto/openssl/Makefile.org @@ -179,8 +179,7 @@ SHARED_LDFLAGS= GENERAL= Makefile BASENAME= openssl NAME= $(BASENAME)-$(VERSION) -TARFILE= $(NAME).tar -WTARFILE= $(NAME)-win.tar +TARFILE= ../$(NAME).tar EXHEADER= e_os2.h HEADER= e_os.h @@ -499,38 +498,35 @@ TABLE: Configure # would occur. Therefore the list of files is temporarily stored into a file # and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal # tar does not support the --files-from option. -TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \ - --owner openssl:0 --group openssl:0 \ - --transform 's|^|openssl-$(VERSION)/|' \ +TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \ + --owner 0 --group 0 \ + --transform 's|^|$(NAME)/|' \ -cvf - -../$(TARFILE).list: +$(TARFILE).list: find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \ \! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \ - \! -name '*test' \! -name '.#*' \! -name '*~' \ - | sort > ../$(TARFILE).list + \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \ + \! -name '.#*' \! -name '*~' \! -type l \ + | sort > $(TARFILE).list -tar: ../$(TARFILE).list +tar: $(TARFILE).list find . -type d -print | xargs chmod 755 find . -type f -print | xargs chmod a+r find . -type f -perm -0100 -print | xargs chmod a+x - $(TAR_COMMAND) | gzip --best >../$(TARFILE).gz - rm -f ../$(TARFILE).list - ls -l ../$(TARFILE).gz + $(TAR_COMMAND) | gzip --best > $(TARFILE).gz + rm -f $(TARFILE).list + ls -l $(TARFILE).gz -tar-snap: ../$(TARFILE).list - $(TAR_COMMAND) > ../$(TARFILE) - rm -f ../$(TARFILE).list - ls -l ../$(TARFILE) +tar-snap: $(TARFILE).list + $(TAR_COMMAND) > $(TARFILE) + rm -f $(TARFILE).list + ls -l $(TARFILE) dist: $(PERL) Configure dist - @$(MAKE) dist_pem_h @$(MAKE) SDIRS='$(SDIRS)' clean - @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar - -dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar install: all install_docs install_sw diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS index 40d1284..c8193d5 100644 --- a/crypto/openssl/NEWS +++ b/crypto/openssl/NEWS @@ -5,6 +5,11 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] + + o Protection for DH small subgroup attacks + o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) + Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] o Certificate verify crash with missing PSS parameter (CVE-2015-3194) diff --git a/crypto/openssl/README b/crypto/openssl/README index 7239452..5e914f8 100644 --- a/crypto/openssl/README +++ b/crypto/openssl/README @@ -1,5 +1,5 @@ - OpenSSL 1.0.1q 3 Dec 2015 + OpenSSL 1.0.1r 28 Jan 2016 Copyright (c) 1998-2015 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson @@ -90,11 +90,12 @@ In order to avoid spam, this is a moderated mailing list, and it might take a day for the ticket to show up. (We also scan posts to make sure - that security disclosures aren't publically posted by mistake.) Mail to - this address is recorded in the public RT (request tracker) database (see - https://www.openssl.org/support/rt.html for details) and also forwarded - the public openssl-dev mailing list. Confidential mail may be sent to - openssl-security@openssl.org (PGP key available from the key servers). + that security disclosures aren't publically posted by mistake.) Mail + to this address is recorded in the public RT (request tracker) database + (see https://www.openssl.org/community/index.html#bugs for details) and + also forwarded the public openssl-dev mailing list. Confidential mail + may be sent to openssl-security@openssl.org (PGP key available from the + key servers). Please do NOT use this for general assistance or support queries. Just because something doesn't work the way you expect does not mean it diff --git a/crypto/openssl/apps/engine.c b/crypto/openssl/apps/engine.c index 460ec60..f54631b 100644 --- a/crypto/openssl/apps/engine.c +++ b/crypto/openssl/apps/engine.c @@ -1,4 +1,4 @@ -/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */ +/* apps/engine.c */ /* * Written by Richard Levitte for the OpenSSL project * 2000. diff --git a/crypto/openssl/apps/ocsp.c b/crypto/openssl/apps/ocsp.c index 9fd9568..bb420c2 100644 --- a/crypto/openssl/apps/ocsp.c +++ b/crypto/openssl/apps/ocsp.c @@ -1003,7 +1003,7 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, bs = OCSP_BASICRESP_new(); thisupd = X509_gmtime_adj(NULL, 0); if (ndays != -1) - nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24); + nextupd = X509_time_adj_ex(NULL, ndays, nmin * 60, NULL); /* Examine each certificate id in the request */ for (i = 0; i < id_count; i++) { diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c index e41b445..cbb75b7 100644 --- a/crypto/openssl/apps/pkcs12.c +++ b/crypto/openssl/apps/pkcs12.c @@ -79,7 +79,8 @@ const EVP_CIPHER *enc; # define CLCERTS 0x8 # define CACERTS 0x10 -int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain); +static int get_cert_chain(X509 *cert, X509_STORE *store, + STACK_OF(X509) **chain); int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass); int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, @@ -594,7 +595,7 @@ int MAIN(int argc, char **argv) vret = get_cert_chain(ucert, store, &chain2); X509_STORE_free(store); - if (!vret) { + if (vret == X509_V_OK) { /* Exclude verified certificate */ for (i = 1; i < sk_X509_num(chain2); i++) sk_X509_push(certs, sk_X509_value(chain2, i)); @@ -602,7 +603,7 @@ int MAIN(int argc, char **argv) X509_free(sk_X509_value(chain2, 0)); sk_X509_free(chain2); } else { - if (vret >= 0) + if (vret != X509_V_ERR_UNSPECIFIED) BIO_printf(bio_err, "Error %s getting chain.\n", X509_verify_cert_error_string(vret)); else @@ -906,36 +907,25 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass, /* Given a single certificate return a verified chain or NULL if error */ -/* Hope this is OK .... */ - -int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) +static int get_cert_chain(X509 *cert, X509_STORE *store, + STACK_OF(X509) **chain) { X509_STORE_CTX store_ctx; - STACK_OF(X509) *chn; + STACK_OF(X509) *chn = NULL; int i = 0; - /* - * FIXME: Should really check the return status of X509_STORE_CTX_init - * for an error, but how that fits into the return value of this function - * is less obvious. - */ - X509_STORE_CTX_init(&store_ctx, store, cert, NULL); - if (X509_verify_cert(&store_ctx) <= 0) { - i = X509_STORE_CTX_get_error(&store_ctx); - if (i == 0) - /* - * avoid returning 0 if X509_verify_cert() did not set an - * appropriate error value in the context - */ - i = -1; - chn = NULL; - goto err; - } else + if (!X509_STORE_CTX_init(&store_ctx, store, cert, NULL)) { + *chain = NULL; + return X509_V_ERR_UNSPECIFIED; + } + + if (X509_verify_cert(&store_ctx) > 0) chn = X509_STORE_CTX_get1_chain(&store_ctx); - err: + else if ((i = X509_STORE_CTX_get_error(&store_ctx)) == 0) + i = X509_V_ERR_UNSPECIFIED; + X509_STORE_CTX_cleanup(&store_ctx); *chain = chn; - return i; } diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c index 7d9fd8a..ef727230 100644 --- a/crypto/openssl/apps/speed.c +++ b/crypto/openssl/apps/speed.c @@ -1,4 +1,4 @@ -/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */ +/* apps/speed.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index 929359b..e5fe610 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -1170,12 +1170,7 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL) goto err; - /* Lets just make it 12:00am GMT, Jan 1 1970 */ - /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */ - /* 28 days to be certified */ - - if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) == - NULL) + if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL) goto err; if (!X509_set_pubkey(x, pkey)) diff --git a/crypto/openssl/crypto/aes/aes.h b/crypto/openssl/crypto/aes/aes.h index 87bf60f..faa66c4 100644 --- a/crypto/openssl/crypto/aes/aes.h +++ b/crypto/openssl/crypto/aes/aes.h @@ -1,4 +1,4 @@ -/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes.h */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_cbc.c b/crypto/openssl/crypto/aes/aes_cbc.c index e39231f..805d0e2 100644 --- a/crypto/openssl/crypto/aes/aes_cbc.c +++ b/crypto/openssl/crypto/aes/aes_cbc.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_cbc.c */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_cfb.c b/crypto/openssl/crypto/aes/aes_cfb.c index 1c79ce2..1225000 100644 --- a/crypto/openssl/crypto/aes/aes_cfb.c +++ b/crypto/openssl/crypto/aes/aes_cfb.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_cfb.c */ /* ==================================================================== * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_core.c b/crypto/openssl/crypto/aes/aes_core.c index 2ddb086..7019b5d 100644 --- a/crypto/openssl/crypto/aes/aes_core.c +++ b/crypto/openssl/crypto/aes/aes_core.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_core.c */ /** * rijndael-alg-fst.c * diff --git a/crypto/openssl/crypto/aes/aes_ctr.c b/crypto/openssl/crypto/aes/aes_ctr.c index 3ee3822..9e760c4 100644 --- a/crypto/openssl/crypto/aes/aes_ctr.c +++ b/crypto/openssl/crypto/aes/aes_ctr.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_ctr.c */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_ecb.c b/crypto/openssl/crypto/aes/aes_ecb.c index 2e0d20c..52151a5 100644 --- a/crypto/openssl/crypto/aes/aes_ecb.c +++ b/crypto/openssl/crypto/aes/aes_ecb.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_ecb.c */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_ige.c b/crypto/openssl/crypto/aes/aes_ige.c index cf31c9b..8f2b770 100644 --- a/crypto/openssl/crypto/aes/aes_ige.c +++ b/crypto/openssl/crypto/aes/aes_ige.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_ige.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_locl.h b/crypto/openssl/crypto/aes/aes_locl.h index fabfd02..7acd74e 100644 --- a/crypto/openssl/crypto/aes/aes_locl.h +++ b/crypto/openssl/crypto/aes/aes_locl.h @@ -1,4 +1,4 @@ -/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes.h */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_misc.c b/crypto/openssl/crypto/aes/aes_misc.c index ab948ad..fafad4d 100644 --- a/crypto/openssl/crypto/aes/aes_misc.c +++ b/crypto/openssl/crypto/aes/aes_misc.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_misc.c */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_ofb.c b/crypto/openssl/crypto/aes/aes_ofb.c index e6153f9..64a08ca 100644 --- a/crypto/openssl/crypto/aes/aes_ofb.c +++ b/crypto/openssl/crypto/aes/aes_ofb.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_ofb.c */ /* ==================================================================== * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/aes/aes_x86core.c b/crypto/openssl/crypto/aes/aes_x86core.c index 1defbb1..428bd58 100644 --- a/crypto/openssl/crypto/aes/aes_x86core.c +++ b/crypto/openssl/crypto/aes/aes_x86core.c @@ -1,4 +1,4 @@ -/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/aes/aes_core.c */ /** * rijndael-alg-fst.c * diff --git a/crypto/openssl/crypto/bio/bio.h b/crypto/openssl/crypto/bio/bio.h index d583cc1..c5c95de 100644 --- a/crypto/openssl/crypto/bio/bio.h +++ b/crypto/openssl/crypto/bio/bio.h @@ -478,11 +478,11 @@ struct bio_dgram_sctp_prinfo { # define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) # define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) # define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) +# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,0,NULL) # define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) -/* BIO_s_accept_socket() */ +/* BIO_s_accept() */ # define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) # define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) /* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ @@ -495,6 +495,7 @@ struct bio_dgram_sctp_prinfo { # define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) # define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) +/* BIO_s_accept() and BIO_s_connect() */ # define BIO_do_connect(b) BIO_do_handshake(b) # define BIO_do_accept(b) BIO_do_handshake(b) # define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) @@ -514,12 +515,15 @@ struct bio_dgram_sctp_prinfo { # define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) # define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) +/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */ # define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) # define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) +/* BIO_s_file() */ # define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) # define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) +/* BIO_s_fd() and BIO_s_file() */ # define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) # define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) diff --git a/crypto/openssl/crypto/bio/bss_bio.c b/crypto/openssl/crypto/bio/bss_bio.c index d629a37..4d8727f 100644 --- a/crypto/openssl/crypto/bio/bss_bio.c +++ b/crypto/openssl/crypto/bio/bss_bio.c @@ -1,4 +1,4 @@ -/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */ +/* crypto/bio/bss_bio.c */ /* ==================================================================== * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/bio/bss_conn.c b/crypto/openssl/crypto/bio/bss_conn.c index 6a5e8de..ed214ca 100644 --- a/crypto/openssl/crypto/bio/bss_conn.c +++ b/crypto/openssl/crypto/bio/bss_conn.c @@ -419,7 +419,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) { BIO *dbio; int *ip; - const char **pptr; + const char **pptr = NULL; long ret = 1; BIO_CONNECT *data; @@ -442,19 +442,28 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_GET_CONNECT: if (ptr != NULL) { pptr = (const char **)ptr; - if (num == 0) { - *pptr = data->param_hostname; + } - } else if (num == 1) { - *pptr = data->param_port; - } else if (num == 2) { - *pptr = (char *)&(data->ip[0]); - } else if (num == 3) { - *((int *)ptr) = data->port; + if (b->init) { + if (pptr != NULL) { + ret = 1; + if (num == 0) { + *pptr = data->param_hostname; + } else if (num == 1) { + *pptr = data->param_port; + } else if (num == 2) { + *pptr = (char *)&(data->ip[0]); + } else { + ret = 0; + } + } + if (num == 3) { + ret = data->port; } - if ((!b->init) || (ptr == NULL)) + } else { + if (pptr != NULL) *pptr = "not initialized"; - ret = 1; + ret = 0; } break; case BIO_C_SET_CONNECT: diff --git a/crypto/openssl/crypto/bio/bss_dgram.c b/crypto/openssl/crypto/bio/bss_dgram.c index e3e3dd0..d12b83a 100644 --- a/crypto/openssl/crypto/bio/bss_dgram.c +++ b/crypto/openssl/crypto/bio/bss_dgram.c @@ -515,10 +515,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) switch (cmd) { case BIO_CTRL_RESET: num = 0; - case BIO_C_FILE_SEEK: ret = 0; break; - case BIO_C_FILE_TELL: case BIO_CTRL_INFO: ret = 0; break; diff --git a/crypto/openssl/crypto/bn/bn_exp.c b/crypto/openssl/crypto/bn/bn_exp.c index 7e33ba9..4839625 100644 --- a/crypto/openssl/crypto/bn/bn_exp.c +++ b/crypto/openssl/crypto/bn/bn_exp.c @@ -271,9 +271,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } bits = BN_num_bits(p); - if (bits == 0) { - ret = BN_one(r); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) { + ret = 1; + BN_zero(r); + } else { + ret = BN_one(r); + } return ret; } @@ -407,7 +412,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } bits = BN_num_bits(p); if (bits == 0) { - ret = BN_one(rr); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) { + ret = 1; + BN_zero(rr); + } else { + ret = BN_one(rr); + } return ret; } @@ -579,7 +590,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, * precomputation memory layout to limit data-dependency to a minimum to * protect secret exponents (cf. the hyper-threading timing attacks pointed * out by Colin Percival, - * http://www.daemong-consideredperthreading-considered-harmful/) + * http://www.daemonology.net/hyperthreading-considered-harmful/) */ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, @@ -608,7 +619,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, bits = BN_num_bits(p); if (bits == 0) { - ret = BN_one(rr); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) { + ret = 1; + BN_zero(rr); + } else { + ret = BN_one(rr); + } return ret; } @@ -908,8 +925,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, if (BN_is_one(m)) { ret = 1; BN_zero(rr); - } else + } else { ret = BN_one(rr); + } return ret; } if (a == 0) { @@ -1023,9 +1041,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } bits = BN_num_bits(p); - - if (bits == 0) { - ret = BN_one(r); + if (bits == 0) { + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) { + ret = 1; + BN_zero(r); + } else { + ret = BN_one(r); + } return ret; } diff --git a/crypto/openssl/crypto/bn/exptest.c b/crypto/openssl/crypto/bn/exptest.c index 8b3a4ba..ac611c2 100644 --- a/crypto/openssl/crypto/bn/exptest.c +++ b/crypto/openssl/crypto/bn/exptest.c @@ -73,14 +73,34 @@ static const char rnd_seed[] = "string to make the random number generator think it has entropy"; /* + * Test that r == 0 in test_exp_mod_zero(). Returns one on success, + * returns zero and prints debug output otherwise. + */ +static int a_is_zero_mod_one(const char *method, const BIGNUM *r, + const BIGNUM *a) { + if (!BN_is_zero(r)) { + fprintf(stderr, "%s failed:\n", method); + fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n"); + fprintf(stderr, "a = "); + BN_print_fp(stderr, a); + fprintf(stderr, "\nr = "); + BN_print_fp(stderr, r); + fprintf(stderr, "\n"); + return 0; + } + return 1; +} + +/* * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ static int test_exp_mod_zero() { BIGNUM a, p, m; BIGNUM r; + BN_ULONG one_word = 1; BN_CTX *ctx = BN_CTX_new(); - int ret = 1; + int ret = 1, failed = 0; BN_init(&m); BN_one(&m); @@ -92,21 +112,65 @@ static int test_exp_mod_zero() BN_zero(&p); BN_init(&r); - BN_mod_exp(&r, &a, &p, &m, ctx); - BN_CTX_free(ctx); - if (BN_is_zero(&r)) - ret = 0; - else { - printf("1**0 mod 1 = "); - BN_print_fp(stdout, &r); - printf(", should be 0\n"); + if (!BN_rand(&a, 1024, 0, 0)) + goto err; + + if (!BN_mod_exp(&r, &a, &p, &m, ctx)) + goto err; + + if (!a_is_zero_mod_one("BN_mod_exp", &r, &a)) + failed = 1; + + if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx)) + goto err; + + if (!a_is_zero_mod_one("BN_mod_exp_recp", &r, &a)) + failed = 1; + + if (!BN_mod_exp_simple(&r, &a, &p, &m, ctx)) + goto err; + + if (!a_is_zero_mod_one("BN_mod_exp_simple", &r, &a)) + failed = 1; + + if (!BN_mod_exp_mont(&r, &a, &p, &m, ctx, NULL)) + goto err; + + if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a)) + failed = 1; + + if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) { + goto err; + } + + if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", &r, &a)) + failed = 1; + + /* + * A different codepath exists for single word multiplication + * in non-constant-time only. + */ + if (!BN_mod_exp_mont_word(&r, one_word, &p, &m, ctx, NULL)) + goto err; + + if (!BN_is_zero(&r)) { + fprintf(stderr, "BN_mod_exp_mont_word failed:\n"); + fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n"); + fprintf(stderr, "r = "); + BN_print_fp(stderr, &r); + fprintf(stderr, "\n"); + return 0; } + ret = failed; + + err: BN_free(&r); BN_free(&a); BN_free(&p); BN_free(&m); + BN_CTX_free(ctx); return ret; } diff --git a/crypto/openssl/crypto/camellia/camellia.c b/crypto/openssl/crypto/camellia/camellia.c index b4a6766..719fa61 100644 --- a/crypto/openssl/crypto/camellia/camellia.c +++ b/crypto/openssl/crypto/camellia/camellia.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia.c */ /* ==================================================================== * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . * ALL RIGHTS RESERVED. @@ -67,7 +67,7 @@ /* * Algorithm Specification - * http://info.isl.llia/specicrypt/eng/camellia/specifications.html + * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html */ /* diff --git a/crypto/openssl/crypto/camellia/camellia.h b/crypto/openssl/crypto/camellia/camellia.h index 9be7c0f..45e8d25 100644 --- a/crypto/openssl/crypto/camellia/camellia.h +++ b/crypto/openssl/crypto/camellia/camellia.h @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia.h */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_cbc.c b/crypto/openssl/crypto/camellia/cmll_cbc.c index a4907ca..4017e00 100644 --- a/crypto/openssl/crypto/camellia/cmll_cbc.c +++ b/crypto/openssl/crypto/camellia/cmll_cbc.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_cbc.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_cfb.c b/crypto/openssl/crypto/camellia/cmll_cfb.c index 59b8522..78f2ae4 100644 --- a/crypto/openssl/crypto/camellia/cmll_cfb.c +++ b/crypto/openssl/crypto/camellia/cmll_cfb.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_cfb.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_ctr.c b/crypto/openssl/crypto/camellia/cmll_ctr.c index b8f523d..95e2662 100644 --- a/crypto/openssl/crypto/camellia/cmll_ctr.c +++ b/crypto/openssl/crypto/camellia/cmll_ctr.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_ctr.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_ecb.c b/crypto/openssl/crypto/camellia/cmll_ecb.c index 16f1af8..b030791 100644 --- a/crypto/openssl/crypto/camellia/cmll_ecb.c +++ b/crypto/openssl/crypto/camellia/cmll_ecb.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_ecb.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_locl.h b/crypto/openssl/crypto/camellia/cmll_locl.h index 4e4707b..2bd79b8 100644 --- a/crypto/openssl/crypto/camellia/cmll_locl.h +++ b/crypto/openssl/crypto/camellia/cmll_locl.h @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_locl.h */ /* ==================================================================== * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . * ALL RIGHTS RESERVED. diff --git a/crypto/openssl/crypto/camellia/cmll_misc.c b/crypto/openssl/crypto/camellia/cmll_misc.c index cbd2502..694d2fa 100644 --- a/crypto/openssl/crypto/camellia/cmll_misc.c +++ b/crypto/openssl/crypto/camellia/cmll_misc.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_misc.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_ofb.c b/crypto/openssl/crypto/camellia/cmll_ofb.c index 46c3ae2..85eb892 100644 --- a/crypto/openssl/crypto/camellia/cmll_ofb.c +++ b/crypto/openssl/crypto/camellia/cmll_ofb.c @@ -1,4 +1,4 @@ -/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/camellia_ofb.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/camellia/cmll_utl.c b/crypto/openssl/crypto/camellia/cmll_utl.c index d19ee19..d5eb6b4 100644 --- a/crypto/openssl/crypto/camellia/cmll_utl.c +++ b/crypto/openssl/crypto/camellia/cmll_utl.c @@ -1,4 +1,4 @@ -/* crypto/camellia/cmll_utl.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/camellia/cmll_utl.c */ /* ==================================================================== * Copyright (c) 2011 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/des/des_old.c b/crypto/openssl/crypto/des/des_old.c index 54b0968..c5c5a00 100644 --- a/crypto/openssl/crypto/des/des_old.c +++ b/crypto/openssl/crypto/des/des_old.c @@ -1,4 +1,4 @@ -/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/des/des_old.c */ /*- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING diff --git a/crypto/openssl/crypto/des/des_old.h b/crypto/openssl/crypto/des/des_old.h index f1e1e2c..ee7607a 100644 --- a/crypto/openssl/crypto/des/des_old.h +++ b/crypto/openssl/crypto/des/des_old.h @@ -1,4 +1,4 @@ -/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/des/des_old.h */ /*- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING diff --git a/crypto/openssl/crypto/des/des_old2.c b/crypto/openssl/crypto/des/des_old2.c index f7d28a6..247ff8d 100644 --- a/crypto/openssl/crypto/des/des_old2.c +++ b/crypto/openssl/crypto/des/des_old2.c @@ -1,4 +1,4 @@ -/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/des/des_old.c */ /* * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The diff --git a/crypto/openssl/crypto/dsa/dsa_ossl.c b/crypto/openssl/crypto/dsa/dsa_ossl.c index 6edb26d..9a3772e 100644 --- a/crypto/openssl/crypto/dsa/dsa_ossl.c +++ b/crypto/openssl/crypto/dsa/dsa_ossl.c @@ -187,9 +187,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) goto err; - ret = DSA_SIG_new(); - if (ret == NULL) - goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. @@ -201,11 +198,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } + ret = DSA_SIG_new(); + if (ret == NULL) + goto err; ret->r = r; ret->s = s; err: - if (!ret) { + if (ret == NULL) { DSAerr(DSA_F_DSA_DO_SIGN, reason); BN_free(r); BN_free(s); diff --git a/crypto/openssl/crypto/dso/dso.h b/crypto/openssl/crypto/dso/dso.h index 7c4a1dc..c9013f5 100644 --- a/crypto/openssl/crypto/dso/dso.h +++ b/crypto/openssl/crypto/dso/dso.h @@ -1,4 +1,4 @@ -/* dso.h -*- mode:C; c-file-style: "eay" -*- */ +/* dso.h */ /* * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * 2000. diff --git a/crypto/openssl/crypto/dso/dso_dl.c b/crypto/openssl/crypto/dso/dso_dl.c index 0087ac5..ceedf66 100644 --- a/crypto/openssl/crypto/dso/dso_dl.c +++ b/crypto/openssl/crypto/dso/dso_dl.c @@ -1,4 +1,4 @@ -/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */ +/* dso_dl.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2000. diff --git a/crypto/openssl/crypto/dso/dso_dlfcn.c b/crypto/openssl/crypto/dso/dso_dlfcn.c index f629f03..78df723 100644 --- a/crypto/openssl/crypto/dso/dso_dlfcn.c +++ b/crypto/openssl/crypto/dso/dso_dlfcn.c @@ -1,4 +1,4 @@ -/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */ +/* dso_dlfcn.c */ /* * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * 2000. diff --git a/crypto/openssl/crypto/dso/dso_lib.c b/crypto/openssl/crypto/dso/dso_lib.c index 09b8eaf..3312450 100644 --- a/crypto/openssl/crypto/dso/dso_lib.c +++ b/crypto/openssl/crypto/dso/dso_lib.c @@ -1,4 +1,4 @@ -/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */ +/* dso_lib.c */ /* * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * 2000. diff --git a/crypto/openssl/crypto/ec/ectest.c b/crypto/openssl/crypto/ec/ectest.c index fede530..efab0b0 100644 --- a/crypto/openssl/crypto/ec/ectest.c +++ b/crypto/openssl/crypto/ec/ectest.c @@ -1591,7 +1591,7 @@ struct nistp_test_params { int degree; /* * Qx, Qy and D are taken from - * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf * Otherwise, values are standard curve parameters from FIPS 180-3 */ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d; diff --git a/crypto/openssl/crypto/engine/eng_all.c b/crypto/openssl/crypto/engine/eng_all.c index 7edf12e..66c4374 100644 --- a/crypto/openssl/crypto/engine/eng_all.c +++ b/crypto/openssl/crypto/engine/eng_all.c @@ -1,4 +1,4 @@ -/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */ +/* crypto/engine/eng_all.c */ /* * Written by Richard Levitte for the OpenSSL project * 2000. diff --git a/crypto/openssl/crypto/evp/e_camellia.c b/crypto/openssl/crypto/evp/e_camellia.c index 27bc489..f7b135d 100644 --- a/crypto/openssl/crypto/evp/e_camellia.c +++ b/crypto/openssl/crypto/evp/e_camellia.c @@ -1,4 +1,4 @@ -/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/evp/e_camellia.c */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/evp/e_old.c b/crypto/openssl/crypto/evp/e_old.c index c93f5a5..a23d143 100644 --- a/crypto/openssl/crypto/evp/e_old.c +++ b/crypto/openssl/crypto/evp/e_old.c @@ -1,4 +1,4 @@ -/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/evp/e_old.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2004. diff --git a/crypto/openssl/crypto/evp/e_seed.c b/crypto/openssl/crypto/evp/e_seed.c index c948a8f..7249d1b 100644 --- a/crypto/openssl/crypto/evp/e_seed.c +++ b/crypto/openssl/crypto/evp/e_seed.c @@ -1,4 +1,4 @@ -/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/evp/e_seed.c */ /* ==================================================================== * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/mem_clr.c b/crypto/openssl/crypto/mem_clr.c index 1a06636..ab85344 100644 --- a/crypto/openssl/crypto/mem_clr.c +++ b/crypto/openssl/crypto/mem_clr.c @@ -1,4 +1,4 @@ -/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/mem_clr.c */ /* * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * 2002. diff --git a/crypto/openssl/crypto/o_dir.c b/crypto/openssl/crypto/o_dir.c index 2624244..f9dbed8 100644 --- a/crypto/openssl/crypto/o_dir.c +++ b/crypto/openssl/crypto/o_dir.c @@ -1,4 +1,4 @@ -/* crypto/o_dir.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_dir.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2004. diff --git a/crypto/openssl/crypto/o_dir.h b/crypto/openssl/crypto/o_dir.h index d554311..bf45a14 100644 --- a/crypto/openssl/crypto/o_dir.h +++ b/crypto/openssl/crypto/o_dir.h @@ -1,4 +1,4 @@ -/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_dir.h */ /* * Copied from Richard Levitte's (richard@levitte.org) LP library. All * symbol names have been changed, with permission from the author. diff --git a/crypto/openssl/crypto/o_dir_test.c b/crypto/openssl/crypto/o_dir_test.c index 7cdbbbc..60436b7 100644 --- a/crypto/openssl/crypto/o_dir_test.c +++ b/crypto/openssl/crypto/o_dir_test.c @@ -1,4 +1,4 @@ -/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_dir.h */ /* * Copied from Richard Levitte's (richard@levitte.org) LP library. All * symbol names have been changed, with permission from the author. diff --git a/crypto/openssl/crypto/o_str.c b/crypto/openssl/crypto/o_str.c index b23ef32..fd4087f 100644 --- a/crypto/openssl/crypto/o_str.c +++ b/crypto/openssl/crypto/o_str.c @@ -1,4 +1,4 @@ -/* crypto/o_str.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_str.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/o_str.h b/crypto/openssl/crypto/o_str.h index 5313528..fa512eb 100644 --- a/crypto/openssl/crypto/o_str.h +++ b/crypto/openssl/crypto/o_str.h @@ -1,4 +1,4 @@ -/* crypto/o_str.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_str.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/o_time.c b/crypto/openssl/crypto/o_time.c index e18b71d..297bfaf 100644 --- a/crypto/openssl/crypto/o_time.c +++ b/crypto/openssl/crypto/o_time.c @@ -1,4 +1,4 @@ -/* crypto/o_time.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_time.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/o_time.h b/crypto/openssl/crypto/o_time.h index 901b200..8e49e66 100644 --- a/crypto/openssl/crypto/o_time.h +++ b/crypto/openssl/crypto/o_time.h @@ -1,4 +1,4 @@ -/* crypto/o_time.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/o_time.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/opensslv.h b/crypto/openssl/crypto/opensslv.h index 6dd2ffe..3e5179b 100644 --- a/crypto/openssl/crypto/opensslv.h +++ b/crypto/openssl/crypto/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000111fL +# define OPENSSL_VERSION_NUMBER 0x1000112fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q-fips 3 Dec 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1r-fips 28 Jan 2016" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q-freebsd 3 Dec 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1r-freebsd 28 Jan 2016" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/openssl/crypto/rc4/rc4_utl.c b/crypto/openssl/crypto/rc4/rc4_utl.c index 7c6a15f..cbd4a24 100644 --- a/crypto/openssl/crypto/rc4/rc4_utl.c +++ b/crypto/openssl/crypto/rc4/rc4_utl.c @@ -1,4 +1,4 @@ -/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/rc4/rc4_utl.c */ /* ==================================================================== * Copyright (c) 2011 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/rsa/rsa_chk.c b/crypto/openssl/crypto/rsa/rsa_chk.c index f438386..607faa0 100644 --- a/crypto/openssl/crypto/rsa/rsa_chk.c +++ b/crypto/openssl/crypto/rsa/rsa_chk.c @@ -1,4 +1,4 @@ -/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */ +/* crypto/rsa/rsa_chk.c */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/rsa/rsa_sign.c b/crypto/openssl/crypto/rsa/rsa_sign.c index 41c827f..cf4c026 100644 --- a/crypto/openssl/crypto/rsa/rsa_sign.c +++ b/crypto/openssl/crypto/rsa/rsa_sign.c @@ -84,7 +84,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return 0; } #endif - if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) { + if (rsa->meth->rsa_sign) { return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); } /* Special case: SSL signature, just check the length */ @@ -304,7 +304,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, const unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { - if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) { + if (rsa->meth->rsa_verify) { return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); } diff --git a/crypto/openssl/crypto/seed/seed_cbc.c b/crypto/openssl/crypto/seed/seed_cbc.c index 33e6887..ee1115b 100644 --- a/crypto/openssl/crypto/seed/seed_cbc.c +++ b/crypto/openssl/crypto/seed/seed_cbc.c @@ -1,4 +1,4 @@ -/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/seed/seed_cbc.c */ /* ==================================================================== * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/seed/seed_cfb.c b/crypto/openssl/crypto/seed/seed_cfb.c index 3437d7b..b6a5648 100644 --- a/crypto/openssl/crypto/seed/seed_cfb.c +++ b/crypto/openssl/crypto/seed/seed_cfb.c @@ -1,4 +1,4 @@ -/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/seed/seed_cfb.c */ /* ==================================================================== * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/seed/seed_ecb.c b/crypto/openssl/crypto/seed/seed_ecb.c index 937a31b..9363d55 100644 --- a/crypto/openssl/crypto/seed/seed_ecb.c +++ b/crypto/openssl/crypto/seed/seed_ecb.c @@ -1,4 +1,4 @@ -/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/seed/seed_ecb.c */ /* ==================================================================== * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/seed/seed_ofb.c b/crypto/openssl/crypto/seed/seed_ofb.c index 6974302..48b7122 100644 --- a/crypto/openssl/crypto/seed/seed_ofb.c +++ b/crypto/openssl/crypto/seed/seed_ofb.c @@ -1,4 +1,4 @@ -/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/seed/seed_ofb.c */ /* ==================================================================== * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/sha/sha1test.c b/crypto/openssl/crypto/sha/sha1test.c index 0052a95..551a348 100644 --- a/crypto/openssl/crypto/sha/sha1test.c +++ b/crypto/openssl/crypto/sha/sha1test.c @@ -157,8 +157,8 @@ int main(int argc, char *argv[]) if (err) printf("ERROR: %d\n", err); # endif - EXIT(err); EVP_MD_CTX_cleanup(&c); + EXIT(err); return (0); } diff --git a/crypto/openssl/crypto/store/store.h b/crypto/openssl/crypto/store/store.h index 8343341..ce3709d 100644 --- a/crypto/openssl/crypto/store/store.h +++ b/crypto/openssl/crypto/store/store.h @@ -1,4 +1,4 @@ -/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/store/store.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/store/str_lib.c b/crypto/openssl/crypto/store/str_lib.c index 227b797..e3d5da9 100644 --- a/crypto/openssl/crypto/store/str_lib.c +++ b/crypto/openssl/crypto/store/str_lib.c @@ -1,4 +1,4 @@ -/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/store/str_lib.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/store/str_locl.h b/crypto/openssl/crypto/store/str_locl.h index ac55784..c0b40f0 100644 --- a/crypto/openssl/crypto/store/str_locl.h +++ b/crypto/openssl/crypto/store/str_locl.h @@ -1,4 +1,4 @@ -/* crypto/store/str_locl.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/store/str_locl.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/store/str_mem.c b/crypto/openssl/crypto/store/str_mem.c index 8edd0eb..6eee5bb 100644 --- a/crypto/openssl/crypto/store/str_mem.c +++ b/crypto/openssl/crypto/store/str_mem.c @@ -1,4 +1,4 @@ -/* crypto/store/str_mem.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/store/str_mem.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/store/str_meth.c b/crypto/openssl/crypto/store/str_meth.c index d83a6de..c83fbc5 100644 --- a/crypto/openssl/crypto/store/str_meth.c +++ b/crypto/openssl/crypto/store/str_meth.c @@ -1,4 +1,4 @@ -/* crypto/store/str_meth.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/store/str_meth.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2003. diff --git a/crypto/openssl/crypto/ts/ts_rsp_verify.c b/crypto/openssl/crypto/ts/ts_rsp_verify.c index 1a3a7c5..e24b2d5 100644 --- a/crypto/openssl/crypto/ts/ts_rsp_verify.c +++ b/crypto/openssl/crypto/ts/ts_rsp_verify.c @@ -255,7 +255,8 @@ static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, /* chain is an out argument. */ *chain = NULL; - X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted); + if (!X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted)) + return 0; X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN); i = X509_verify_cert(&cert_ctx); if (i <= 0) { diff --git a/crypto/openssl/crypto/ui/ui.h b/crypto/openssl/crypto/ui/ui.h index b917eda..0dc1633 100644 --- a/crypto/openssl/crypto/ui/ui.h +++ b/crypto/openssl/crypto/ui/ui.h @@ -1,4 +1,4 @@ -/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/ui/ui_compat.c b/crypto/openssl/crypto/ui/ui_compat.c index 0ca5284..e79d54e 100644 --- a/crypto/openssl/crypto/ui/ui_compat.c +++ b/crypto/openssl/crypto/ui/ui_compat.c @@ -1,4 +1,4 @@ -/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui_compat.c */ /* ==================================================================== * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/ui/ui_compat.h b/crypto/openssl/crypto/ui/ui_compat.h index 42fb9ff..bf54154 100644 --- a/crypto/openssl/crypto/ui/ui_compat.h +++ b/crypto/openssl/crypto/ui/ui_compat.h @@ -1,4 +1,4 @@ -/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/ui/ui_lib.c b/crypto/openssl/crypto/ui/ui_lib.c index 5ddd731..2f58035 100644 --- a/crypto/openssl/crypto/ui/ui_lib.c +++ b/crypto/openssl/crypto/ui/ui_lib.c @@ -1,4 +1,4 @@ -/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui_lib.c */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/ui/ui_locl.h b/crypto/openssl/crypto/ui/ui_locl.h index 0d919cd..bebc13a 100644 --- a/crypto/openssl/crypto/ui/ui_locl.h +++ b/crypto/openssl/crypto/ui/ui_locl.h @@ -1,4 +1,4 @@ -/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui.h */ /* * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * 2001. diff --git a/crypto/openssl/crypto/ui/ui_openssl.c b/crypto/openssl/crypto/ui/ui_openssl.c index 829ea86..a8b3d0c 100644 --- a/crypto/openssl/crypto/ui/ui_openssl.c +++ b/crypto/openssl/crypto/ui/ui_openssl.c @@ -1,4 +1,4 @@ -/* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui_openssl.c */ /* * Written by Richard Levitte (richard@levitte.org) and others for the * OpenSSL project 2001. diff --git a/crypto/openssl/crypto/ui/ui_util.c b/crypto/openssl/crypto/ui/ui_util.c index f65f80d..0f29011 100644 --- a/crypto/openssl/crypto/ui/ui_util.c +++ b/crypto/openssl/crypto/ui/ui_util.c @@ -1,4 +1,4 @@ -/* crypto/ui/ui_util.c -*- mode:C; c-file-style: "eay" -*- */ +/* crypto/ui/ui_util.c */ /* ==================================================================== * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved. * diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c index 7009ae6..3bad523 100644 --- a/crypto/openssl/crypto/x509/x509_vfy.c +++ b/crypto/openssl/crypto/x509/x509_vfy.c @@ -2026,9 +2026,10 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, ctx->current_reasons = 0; ctx->tree = NULL; ctx->parent = NULL; + /* Zero ex_data to make sure we're cleanup-safe */ + memset(&ctx->ex_data, 0, sizeof(ctx->ex_data)); ctx->param = X509_VERIFY_PARAM_new(); - if (!ctx->param) { X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); return 0; @@ -2037,7 +2038,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, /* * Inherit callbacks and flags from X509_STORE if not set use defaults. */ - if (store) ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); else @@ -2045,6 +2045,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (store) { ctx->verify_cb = store->verify_cb; + /* Seems to always be 0 in OpenSSL, else must be idempotent */ ctx->cleanup = store->cleanup; } else ctx->cleanup = 0; @@ -2055,7 +2056,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (ret == 0) { X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); - return 0; + goto err; } if (store && store->check_issued) @@ -2110,19 +2111,18 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, ctx->check_policy = check_policy; + if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, + &ctx->ex_data)) + return 1; + X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); + + err: /* - * This memset() can't make any sense anyway, so it's removed. As - * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a - * corresponding "new" here and remove this bogus initialisation. + * On error clean up allocated storage, if the store context was not + * allocated with X509_STORE_CTX_new() this is our last chance to do so. */ - /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */ - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, - &(ctx->ex_data))) { - OPENSSL_free(ctx); - X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); - return 0; - } - return 1; + X509_STORE_CTX_cleanup(ctx); + return 0; } /* @@ -2138,8 +2138,17 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) { - if (ctx->cleanup) + /* + * We need to be idempotent because, unfortunately, free() also calls + * cleanup(), so the natural call sequence new(), init(), cleanup(), free() + * calls cleanup() for the same object twice! Thus we must zero the + * pointers below after they're freed! + */ + /* Seems to always be 0 in OpenSSL, do this at most once. */ + if (ctx->cleanup != NULL) { ctx->cleanup(ctx); + ctx->cleanup = NULL; + } if (ctx->param != NULL) { if (ctx->parent == NULL) X509_VERIFY_PARAM_free(ctx->param); diff --git a/crypto/openssl/crypto/x509/x509_vfy.h b/crypto/openssl/crypto/x509/x509_vfy.h index aacdf55..b7d8b24 100644 --- a/crypto/openssl/crypto/x509/x509_vfy.h +++ b/crypto/openssl/crypto/x509/x509_vfy.h @@ -310,7 +310,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) # define X509_V_OK 0 -/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ +# define X509_V_ERR_UNSPECIFIED 1 # define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 # define X509_V_ERR_UNABLE_TO_GET_CRL 3 diff --git a/crypto/openssl/crypto/x509v3/v3_pci.c b/crypto/openssl/crypto/x509v3/v3_pci.c index 48ac095..34cad53 100644 --- a/crypto/openssl/crypto/x509v3/v3_pci.c +++ b/crypto/openssl/crypto/x509v3/v3_pci.c @@ -1,4 +1,4 @@ -/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */ +/* v3_pci.c */ /* * Contributed to the OpenSSL Project 2004 by Richard Levitte * (richard@levitte.org) diff --git a/crypto/openssl/crypto/x509v3/v3_pcia.c b/crypto/openssl/crypto/x509v3/v3_pcia.c index 43fd362..e53c82e 100644 --- a/crypto/openssl/crypto/x509v3/v3_pcia.c +++ b/crypto/openssl/crypto/x509v3/v3_pcia.c @@ -1,4 +1,4 @@ -/* v3_pcia.c -*- mode:C; c-file-style: "eay" -*- */ +/* v3_pcia.c */ /* * Contributed to the OpenSSL Project 2004 by Richard Levitte * (richard@levitte.org) diff --git a/crypto/openssl/doc/apps/s_time.pod b/crypto/openssl/doc/apps/s_time.pod index 5a38aa2..9082d87 100644 --- a/crypto/openssl/doc/apps/s_time.pod +++ b/crypto/openssl/doc/apps/s_time.pod @@ -26,7 +26,7 @@ B B =head1 DESCRIPTION -The B command implements a generic SSL/TLS client which connects to a +The B command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It can request a page from the server and includes the time to transfer the payload data in its timing measurements. It measures the number of connections within a given timeframe, the amount of data @@ -127,7 +127,7 @@ and the link speed determine how many connections B can establish. =head1 NOTES -B can be used to measure the performance of an SSL connection. +B can be used to measure the performance of an SSL connection. To connect to an SSL HTTP server and get the default page the command openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3] diff --git a/crypto/openssl/doc/crypto/BIO_s_connect.pod b/crypto/openssl/doc/crypto/BIO_s_connect.pod index bcf7d8d..e238aee 100644 --- a/crypto/openssl/doc/crypto/BIO_s_connect.pod +++ b/crypto/openssl/doc/crypto/BIO_s_connect.pod @@ -21,8 +21,8 @@ BIO_set_nbio, BIO_do_connect - connect BIO long BIO_set_conn_int_port(BIO *b, char *port); char *BIO_get_conn_hostname(BIO *b); char *BIO_get_conn_port(BIO *b); - char *BIO_get_conn_ip(BIO *b, dummy); - long BIO_get_conn_int_port(BIO *b, int port); + char *BIO_get_conn_ip(BIO *b); + long BIO_get_conn_int_port(BIO *b); long BIO_set_nbio(BIO *b, long n); diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod new file mode 100644 index 0000000..b8147ba --- /dev/null +++ b/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod @@ -0,0 +1,73 @@ +=pod + +=head1 NAME + +SSL_CTX_set_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, +SSL_set_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, +SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions + +=head1 SYNOPSIS + + #include + + long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, + int (*callback)(SSL *, void *)); + long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg); + + long SSL_set_tlsext_status_type(SSL *s, int type); + + long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp); + long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len); + +=head1 DESCRIPTION + +A client application may request that a server send back an OCSP status response +(also known as OCSP stapling). To do so the client should call the +SSL_set_tlsext_status_type() function prior to the start of the handshake. +Currently the only supported type is B. This value +should be passed in the B argument. The client should additionally provide +a callback function to decide what to do with the returned OCSP response by +calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine +whether the returned OCSP response is acceptable or not. The callback will be +passed as an argument the value previously set via a call to +SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in +the event of a handshake where session resumption occurs (because there are no +Certificates exchanged in such a handshake). + +The response returned by the server can be obtained via a call to +SSL_get_tlsext_status_ocsp_resp(). The value B<*resp> will be updated to point +to the OCSP response data and the return value will be the length of that data. +Typically a callback would obtain an OCSP_RESPONSE object from this data via a +call to the d2i_OCSP_RESPONSE() function. If the server has not provided any +response data then B<*resp> will be NULL and the return value from +SSL_get_tlsext_status_ocsp_resp() will be -1. + +A server application must also call the SSL_CTX_set_tlsext_status_cb() function +if it wants to be able to provide clients with OCSP Certificate Status +responses. Typically the server callback would obtain the server certificate +that is being sent back to the client via a call to SSL_get_certificate(); +obtain the OCSP response to be sent back; and then set that response data by +calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should +be provided in the B argument, and the length of that data should be in +the B argument. + +=head1 RETURN VALUES + +The callback when used on the client side should return a negative value on +error; 0 if the response is not acceptable (in which case the handshake will +fail) or a positive value if it is acceptable. + +The callback when used on the server side should return with either +SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be +returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be +returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has +occurred). + +SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), +SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on +error or 1 on success. + +SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data +or -1 if there is no OCSP response data. + +=cut diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod index b754c16..234fbc8 100644 --- a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod +++ b/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod @@ -48,25 +48,8 @@ even if he gets hold of the normal (certified) key, as this key was only used for signing. In order to perform a DH key exchange the server must use a DH group -(DH parameters) and generate a DH key. -The server will always generate a new DH key during the negotiation -if either the DH parameters are supplied via callback or the -SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both). -It will immediately create a DH key if DH parameters are supplied via -SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. -In this case, -it may happen that a key is generated on initialization without later -being needed, while on the other hand the computer time during the -negotiation is being saved. - -If "strong" primes were used to generate the DH parameters, it is not strictly -necessary to generate a new key for each handshake but it does improve forward -secrecy. If it is not assured that "strong" primes were used, -SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup -attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the -computer time needed during negotiation, but it is not very large, so -application authors/users should consider always enabling this option. -The option is required to implement perfect forward secrecy (PFS). +(DH parameters) and generate a DH key. The server will always generate +a new DH key during the negotiation. As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly but supply the parameters. @@ -93,10 +76,9 @@ can supply the DH parameters via a callback function. Previous versions of the callback used B and B parameters to control parameter generation for export and non-export cipher suites. Modern servers that do not support export ciphersuites -are advised to either use SSL_CTX_set_tmp_dh() in combination with -SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore -B and B and simply supply at least 2048-bit -parameters in the callback. +are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use +the callback but ignore B and B and simply +supply at least 2048-bit parameters in the callback. =head1 EXAMPLES @@ -128,7 +110,6 @@ partly left out.) if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) { /* Error. */ } - SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); ... =head1 RETURN VALUES diff --git a/crypto/openssl/engines/e_chil.c b/crypto/openssl/engines/e_chil.c index 72d14fe..5dfab51 100644 --- a/crypto/openssl/engines/e_chil.c +++ b/crypto/openssl/engines/e_chil.c @@ -1,4 +1,4 @@ -/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */ +/* crypto/engine/e_chil.c */ /* * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for diff --git a/crypto/openssl/ssl/d1_both.c b/crypto/openssl/ssl/d1_both.c index d453c07..aaa1867 100644 --- a/crypto/openssl/ssl/d1_both.c +++ b/crypto/openssl/ssl/d1_both.c @@ -291,8 +291,44 @@ int dtls1_do_write(SSL *s, int type) blocksize = 0; frag_off = 0; + s->rwstate = SSL_NOTHING; + /* s->init_num shouldn't ever be < 0...but just in case */ while (s->init_num > 0) { + if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) { + /* We must be writing a fragment other than the first one */ + + if (frag_off > 0) { + /* This is the first attempt at writing out this fragment */ + + if (s->init_off <= DTLS1_HM_HEADER_LENGTH) { + /* + * Each fragment that was already sent must at least have + * contained the message header plus one other byte. + * Therefore |init_off| must have progressed by at least + * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went + * wrong. + */ + return -1; + } + + /* + * Adjust |init_off| and |init_num| to allow room for a new + * message header for this fragment. + */ + s->init_off -= DTLS1_HM_HEADER_LENGTH; + s->init_num += DTLS1_HM_HEADER_LENGTH; + } else { + /* + * We must have been called again after a retry so use the + * fragment offset from our last attempt. We do not need + * to adjust |init_off| and |init_num| as above, because + * that should already have been done before the retry. + */ + frag_off = s->d1->w_msg_hdr.frag_off; + } + } + used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len) @@ -305,8 +341,10 @@ int dtls1_do_write(SSL *s, int type) * grr.. we could get an error if MTU picked was wrong */ ret = BIO_flush(SSL_get_wbio(s)); - if (ret <= 0) + if (ret <= 0) { + s->rwstate = SSL_WRITING; return ret; + } used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) { curr_mtu = s->d1->mtu - used_len; @@ -332,25 +370,6 @@ int dtls1_do_write(SSL *s, int type) * XDTLS: this function is too long. split out the CCS part */ if (type == SSL3_RT_HANDSHAKE) { - if (s->init_off != 0) { - OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH); - s->init_off -= DTLS1_HM_HEADER_LENGTH; - s->init_num += DTLS1_HM_HEADER_LENGTH; - - /* - * We just checked that s->init_num > 0 so this cast should - * be safe - */ - if (((unsigned int)s->init_num) > curr_mtu) - len = curr_mtu; - else - len = s->init_num; - } - - /* Shouldn't ever happen */ - if (len > INT_MAX) - len = INT_MAX; - if (len < DTLS1_HM_HEADER_LENGTH) { /* * len is so small that we really can't do anything sensible @@ -438,7 +457,16 @@ int dtls1_do_write(SSL *s, int type) } s->init_off += ret; s->init_num -= ret; - frag_off += (ret -= DTLS1_HM_HEADER_LENGTH); + ret -= DTLS1_HM_HEADER_LENGTH; + frag_off += ret; + + /* + * We save the fragment offset for the next fragment so we have it + * available in case of an IO retry. We don't know the length of the + * next fragment yet so just set that to 0 for now. It will be + * updated again later. + */ + dtls1_fix_message_header(s, frag_off, 0); } } return (0); diff --git a/crypto/openssl/ssl/kssl.c b/crypto/openssl/ssl/kssl.c index cf58567..f2839bd 100644 --- a/crypto/openssl/ssl/kssl.c +++ b/crypto/openssl/ssl/kssl.c @@ -1,4 +1,4 @@ -/* ssl/kssl.c -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.c */ /* * Written by Vern Staats for the OpenSSL project * 2000. diff --git a/crypto/openssl/ssl/kssl.h b/crypto/openssl/ssl/kssl.h index 9a57672..ae8a51f 100644 --- a/crypto/openssl/ssl/kssl.h +++ b/crypto/openssl/ssl/kssl.h @@ -1,4 +1,4 @@ -/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.h */ /* * Written by Vern Staats for the OpenSSL project * 2000. project 2000. diff --git a/crypto/openssl/ssl/kssl_lcl.h b/crypto/openssl/ssl/kssl_lcl.h index 46dcef2..8e6a6d6 100644 --- a/crypto/openssl/ssl/kssl_lcl.h +++ b/crypto/openssl/ssl/kssl_lcl.h @@ -1,4 +1,4 @@ -/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.h */ /* * Written by Vern Staats for the OpenSSL project * 2000. project 2000. diff --git a/crypto/openssl/ssl/s2_srvr.c b/crypto/openssl/ssl/s2_srvr.c index 4289272..07e9df8 100644 --- a/crypto/openssl/ssl/s2_srvr.c +++ b/crypto/openssl/ssl/s2_srvr.c @@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) } cp = ssl2_get_cipher_by_char(p); - if (cp == NULL) { + if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { ssl2_return_error(s, SSL2_PE_NO_CIPHER); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); return (-1); @@ -598,6 +598,11 @@ static int get_client_hello(SSL *s) s->s2->tmp.cipher_spec_length = i; n2s(p, i); s->s2->tmp.session_id_length = i; + if ((i < 0) || (i > SSL_MAX_SSL_SESSION_ID_LENGTH)) { + ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); + return -1; + } n2s(p, i); s->s2->challenge_length = i; if ((i < SSL2_MIN_CHALLENGE_LENGTH) || @@ -687,8 +692,12 @@ static int get_client_hello(SSL *s) prio = cs; allow = cl; } + + /* Generate list of SSLv2 ciphers shared between client and server */ for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { - if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { + const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); + if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || + sk_SSL_CIPHER_find(allow, cp) < 0) { (void)sk_SSL_CIPHER_delete(prio, z); z--; } @@ -697,6 +706,13 @@ static int get_client_hello(SSL *s) sk_SSL_CIPHER_free(s->session->ciphers); s->session->ciphers = prio; } + + /* Make sure we have at least one cipher in common */ + if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { + ssl2_return_error(s, SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); + return -1; + } /* * s->session->ciphers should now have a list of ciphers that are on * both the client and server. This list is ordered by the order the diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c index 0578a9c..cfa5080 100644 --- a/crypto/openssl/ssl/s3_clnt.c +++ b/crypto/openssl/ssl/s3_clnt.c @@ -2255,37 +2255,44 @@ int ssl3_get_cert_status(SSL *s) n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A, SSL3_ST_CR_CERT_STATUS_B, - SSL3_MT_CERTIFICATE_STATUS, 16384, &ok); + -1, 16384, &ok); if (!ok) return ((int)n); - if (n < 4) { - /* need at least status type + length */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); - goto f_err; - } - p = (unsigned char *)s->init_msg; - if (*p++ != TLSEXT_STATUSTYPE_ocsp) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE); - goto f_err; - } - n2l3(p, resplen); - if (resplen + 4 != n) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); - goto f_err; - } - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = BUF_memdup(p, resplen); - if (!s->tlsext_ocsp_resp) { - al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE); - goto f_err; + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_STATUS) { + /* + * The CertificateStatus message is optional even if + * tlsext_status_expected is set + */ + s->s3->tmp.reuse_message = 1; + } else { + if (n < 4) { + /* need at least status type + length */ + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + p = (unsigned char *)s->init_msg; + if (*p++ != TLSEXT_STATUSTYPE_ocsp) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE); + goto f_err; + } + n2l3(p, resplen); + if (resplen + 4 != n) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + s->tlsext_ocsp_resp = BUF_memdup(p, resplen); + if (s->tlsext_ocsp_resp == NULL) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE); + goto f_err; + } + s->tlsext_ocsp_resplen = resplen; } - s->tlsext_ocsp_resplen = resplen; if (s->ctx->tlsext_status_cb) { int ret; ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); @@ -3410,7 +3417,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) /* Check DHE only: static DH not implemented. */ if (alg_k & SSL_kEDH) { int dh_size = BN_num_bits(dh->p); - if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768) + if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024) || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL); goto f_err; diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c index f716d77..167e3cc 100644 --- a/crypto/openssl/ssl/s3_lib.c +++ b/crypto/openssl/ssl/s3_lib.c @@ -3164,13 +3164,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); return (ret); } - if (!(s->options & SSL_OP_SINGLE_DH_USE)) { - if (!DH_generate_key(dh)) { - DH_free(dh); - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return (ret); - } - } if (s->cert->dh_tmp != NULL) DH_free(s->cert->dh_tmp); s->cert->dh_tmp = dh; @@ -3221,6 +3214,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_TLSEXT case SSL_CTRL_SET_TLSEXT_HOSTNAME: if (larg == TLSEXT_NAMETYPE_host_name) { + size_t len; + if (s->tlsext_hostname != NULL) OPENSSL_free(s->tlsext_hostname); s->tlsext_hostname = NULL; @@ -3228,7 +3223,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ret = 1; if (parg == NULL) break; - if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { + len = strlen((char *)parg); + if (len == 0 || len > TLSEXT_MAXLEN_host_name) { SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; } @@ -3479,13 +3475,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); return 0; } - if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { - if (!DH_generate_key(new)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); - DH_free(new); - return 0; - } - } if (cert->dh_tmp != NULL) DH_free(cert->dh_tmp); cert->dh_tmp = new; diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c index fcfc2fb..04cf93a 100644 --- a/crypto/openssl/ssl/s3_srvr.c +++ b/crypto/openssl/ssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */ +/* ssl/s3_srvr.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1064,6 +1064,12 @@ int ssl3_get_client_hello(SSL *s) goto f_err; } + if ((j < 0) || (j > SSL_MAX_SSL_SESSION_ID_LENGTH)) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + s->hit = 0; /* * Versions before 0.9.7 always allow clients to resume sessions in @@ -1723,20 +1729,9 @@ int ssl3_send_server_key_exchange(SSL *s) } s->s3->tmp.dh = dh; - if ((dhp->pub_key == NULL || - dhp->priv_key == NULL || - (s->options & SSL_OP_SINGLE_DH_USE))) { - if (!DH_generate_key(dh)) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } - } else { - dh->pub_key = BN_dup(dhp->pub_key); - dh->priv_key = BN_dup(dhp->priv_key); - if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } + if (!DH_generate_key(dh)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); + goto err; } r[0] = dh->p; r[1] = dh->g; diff --git a/crypto/openssl/ssl/ssl.h b/crypto/openssl/ssl/ssl.h index b8456c6..105047e 100644 --- a/crypto/openssl/ssl/ssl.h +++ b/crypto/openssl/ssl/ssl.h @@ -602,7 +602,7 @@ struct ssl_session_st { # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ # define SSL_OP_SINGLE_ECDH_USE 0x00080000L -/* If set, always create a new key when using tmp_dh parameters */ +/* Does nothing: retained for compatibility */ # define SSL_OP_SINGLE_DH_USE 0x00100000L /* Does nothing: retained for compatibiity */ # define SSL_OP_EPHEMERAL_RSA 0x0 diff --git a/crypto/openssl/ssl/ssl_sess.c b/crypto/openssl/ssl/ssl_sess.c index de4c59e..48fc451 100644 --- a/crypto/openssl/ssl/ssl_sess.c +++ b/crypto/openssl/ssl/ssl_sess.c @@ -602,9 +602,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, int r; #endif - if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH) - goto err; - if (session_id + len > limit) { fatal = 1; goto err; diff --git a/crypto/openssl/ssl/t1_enc.c b/crypto/openssl/ssl/t1_enc.c index 985356d..9786b26 100644 --- a/crypto/openssl/ssl/t1_enc.c +++ b/crypto/openssl/ssl/t1_enc.c @@ -1137,7 +1137,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, so = s->s3->server_opaque_prf_input; /* * must be same as col (see - * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1) + * draft-rescorla-tls-opaque-prf-input-00.txt, section 3.1) */ sol = s->s3->client_opaque_prf_input_len; } diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c index 27f1216..2e9b65b 100644 --- a/crypto/openssl/ssl/t1_lib.c +++ b/crypto/openssl/ssl/t1_lib.c @@ -2081,22 +2081,20 @@ int ssl_check_serverhello_tlsext(SSL *s) } # endif + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = NULL; + s->tlsext_ocsp_resplen = -1; /* * If we've requested certificate status and we wont get one tell the * callback */ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) - && s->ctx && s->ctx->tlsext_status_cb) { + && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) { int r; /* - * Set resp to NULL, resplen to -1 so callback knows there is no - * response. + * Call callback with resp == NULL and resplen == -1 so callback + * knows there is no response */ - if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = NULL; - } - s->tlsext_ocsp_resplen = -1; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); if (r == 0) { al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; diff --git a/crypto/openssl/util/pl/VC-32.pl b/crypto/openssl/util/pl/VC-32.pl index e5abb97..88f0f7a 100644 --- a/crypto/openssl/util/pl/VC-32.pl +++ b/crypto/openssl/util/pl/VC-32.pl @@ -345,9 +345,13 @@ sub do_link_rule $ret.="$target: $files $dep_libs"; if ($standalone == 1) { - $ret.=" \$(OBJ_D)${o}applink.obj\n"; + $ret.=" \$(OBJ_D)${o}applink.obj" if $shlib; + $ret.="\n"; $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; - $ret.= "\$(EX_LIBS) \$(OBJ_D)${o}applink.obj " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild); + if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild) { + $ret.= "\$(EX_LIBS) "; + $ret.= "\$(OBJ_D)${o}applink.obj " if $shlib; + } $ret.="$files $libs\n<<\n"; } elsif ($standalone == 2) diff --git a/crypto/openssl/util/pod2mantest b/crypto/openssl/util/pod2mantest new file mode 100755 index 0000000..384e683 --- /dev/null +++ b/crypto/openssl/util/pod2mantest @@ -0,0 +1,58 @@ +#!/bin/sh + +# This script is used by test/Makefile to check whether a sane 'pod2man' +# is installed. +# ('make install' should not try to run 'pod2man' if it does not exist or if +# it is a broken 'pod2man' version that is known to cause trouble. if we find +# the system 'pod2man' to be broken, we use our own copy instead) +# +# In any case, output an appropriate command line for running (or not +# running) pod2man. + + +IFS=: +if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi + +try_without_dir=true +# First we try "pod2man", then "$dir/pod2man" for each item in $PATH. +for dir in dummy${IFS}$PATH; do + if [ "$try_without_dir" = true ]; then + # first iteration + pod2man=pod2man + try_without_dir=false + else + # second and later iterations + pod2man="$dir/pod2man" + if [ ! -f "$pod2man" ]; then # '-x' is not available on Ultrix + pod2man='' + fi + fi + + if [ ! "$pod2man" = '' ]; then + failure=none + + if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | fgrep OpenSSL >/dev/null; then + : + else + failure=BasicTest + fi + + if [ "$failure" = none ]; then + if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | grep '^MARKER - ' >/dev/null; then + failure=MultilineTest + fi + fi + + + if [ "$failure" = none ]; then + echo "$pod2man" + exit 0 + fi + + echo "$pod2man does not work properly ('$failure' failed). Looking for another pod2man ..." >&2 + fi +done + +echo "No working pod2man found. Consider installing a new version." >&2 +echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2 +echo "$1 ../../util/pod2man.pl" -- cgit v1.1