Age | Commit message (Collapse) | Author |
|
The rationale is that the linux-x86 is the most likely config target
to evolve and should therefore be chosen when possible, while
linux-elf is mostly reserved for older Linux machines.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1924)
(cherry picked from commit 27a451e3739d8331b9c180b0373b88ab6c382409)
|
|
'linux-x86' is similar to 'linux-x86_64' but uses -m32 rather than -m64.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1924)
(cherry picked from commit 7fbc0bfdd7a3c46bc7e36b191d11ab3853555a25)
|
|
ssl_test_old was reaching inside the SSL structure and changing the internal
BIO values. This is completely unneccessary, and was causing an abort in the
test when enabling TLSv1.3.
I also removed the need for ssl_test_old to include ssl_locl.h. This
required the addition of some missing accessors for SSL_COMP name and id
fields.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e304d3e20f45243f9e643607edfe4db49c329596)
|
|
Factorise multiple bn_get_top(group->field) calls
Add missing checks on some conditional BN_copy return value
Add missing checks on some BN_copy return value
Add missing checks on a few bn_wexpand return value
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1626)
(cherry picked from commit 78e09b53a40729f5e99829ccc733b592bd22fea1)
|
|
Also fix version in libcrypto.num, from backporting new
functions.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit ebcb536858a271e8812fb9bbafbc0b825e5ece24)
|
|
Checks that the epoch_time_in_ms field of CT_POLICY_EVAL_CTX is initialized
to approximately the current time (as returned by time()) by default. This
prevents the addition of this field, and its verification during SCT
validation, from breaking existing code that calls SCT_validate directly.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit ebcb536858a271e8812fb9bbafbc0b825e5ece24)
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit 08e588b7d5cefbfd107c88416900165a28a5b59e)
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit 5e08606619c0b0e065f1ffa12ce6411f321ed174)
|
|
As requested in
https://github.com/openssl/openssl/pull/1554#issuecomment-246371575.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit c22aa33e29ce162c672c9b2f0df591db977d4e9b)
|
|
See https://github.com/openssl/openssl/pull/1554#issuecomment-246354677.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit f0f535e92b096db4a308ecc49ba7f0fd3f0f7945)
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit e25233d99c30885bdf97bfb6df657e13ca2bf1da)
|
|
Do not call the time "current", as a different time can be provided.
For example, a time slightly in the future, to provide tolerance for
CT logs with a clock that is running fast.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit 1871a5aa8a538c2b8ac3d302c1e9e72867f5ee0f)
|
|
ctlog_new_null() no longer exists.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit 333c2e43729a92cf37d4bd12d6a3531b4bd7e1da)
|
|
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1554)
(cherry picked from commit 1fa9ffd934429f140edcfbaf76d2f32cc21e449b)
|
|
engines/e_padlock.c assumes that for all x86 and x86_64 platforms, the
lower level routines will be present. However, that's not always
true, for example for solaris-x86-cc, and that leads to build errors.
The better solution is to have configure detect if the lower level
padlock routines are being built, and define the macro PADLOCK_ASM if
they are, and use that macro in our C code.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1510)
(cherry picked from commit 7b176a549ea374fc9b64c3fa7f0812239528b696)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1922)
(cherry picked from commit 8aa9cf7e655ae1e41f283fbf16dcc810970058a0)
|
|
Under certain circumstances, the libcrypto init code would loop,
causing a deadlock. This would typically happen if something in
ossl_init_base() caused an OpenSSL error, and the error stack routines
would recurse into the init code before the flag that ossl_init_base()
had been run was checked.
This change makes sure ossl_init_base isn't run once more of the base
is initiated.
Thanks to Dmitry Kostjuchenko for the idea.
Fixes Github issue #1899
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1922)
(cherry picked from commit b7a7f39afeb4748b4c25dbccb8951711b8b70eaf)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit fe9e5b9ccce175d296c904486a29218c879adb73)
|
|
prio openssl 1.1.0 seed_len < q was accepted and the seed argument was
then ignored. Now DSA_generate_parameters_ex() returns an error in such
a case but no error string.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1657)
(cherry picked from commit af5474126546b558b0e6f8be4bec4b70977e24b7)
|
|
This reverts commit edc18749bd5dfb7e12513d3978f78f9b56104fd6.
The proposed fix is incorrect. It marks the "run_once" code as having
finished before it has. The intended semantics of run_once is that no
threads should proceed until the code has run exactly once. With this
change the "second" thread will think the run_once code has already been
run and will continue, even though it is still in progress. This could
result in a crash or other incorrect behaviour.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Fixed deadlock in CRYPTO_THREAD_run_once() if call to init() is causing
a recursive call to CRYPTO_THREAD_run_once() again that is causing a hot
deadloop inside do { } while (result == ONCE_ININIT); section.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1913)
(cherry picked from commit 349d1cfddcfa33d352240582a3803f2eba39d9a0)
|
|
Avoid a memory alignment issue.
Signed-off-by: Matthias Kraft <Matthias.Kraft@softwareag.com>
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1650)
(cherry picked from commit af5883fec95eb8c79c379b09885440a0d88b2d38)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1837)
(cherry picked from commit a22f9c84b468eed83c651cb5f2c68c7ad4103ffd)
|
|
not being referenced from elsewhere
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1898)
(cherry picked from commit e330f55d008ab99ee6c99b383061337fc4e7359d)
|
|
CLA: trivial
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1909)
(cherry picked from commit 625b9d6b2a400e6b09f1e0278031f8417c363355)
|
|
llvm's ubsan reported:
runtime error: negation of -9223372036854775808 cannot be represented in
type 'int64_t' (aka 'long'); cast to an unsigned type to negate this
value to itself
Found using libfuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1908
(cherry picked from commit e80f3b6af295133107ac709329eee16ccf9af61c)
|
|
In order to minimize dependency on assembler version a number of
post-SSE2 instructions are encoded manually. But in order to simplify
the procedure only register operands are considered. Non-register
operands are passed down to assembler. Module in question uses pshufb
with memory operands, and old [GNU] assembler can't handle it.
Fortunately in this case it's possible skip just the problematic
segment without skipping SSSE3 support altogether.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d89773d659129368a341df746476da445d47ad31)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cebb186989067b39fca6ebc378e4957408f6e701)
|
|
When configured no-dso, there are no DSO_{whatever} macros defined.
Therefore, before checking those, you have to check if OPENSSL_NO_DSO
is defined.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1902)
(cherry picked from commit 6e290a25c2cbdc26119c0866c20d9292f9e64dd8)
|
|
Apparently, pod2html doesn't add ".html" at the end of links, making
them useless, so we need to fix that
With thanks for the report to Michel <michel.sales@free.fr>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1897)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
This is done by taking one vector, "corrupting" last bit of the
tag value and verifying that decrypt fails.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Don't set choice selector on parse failure: this can pass unexpected
values to the choice callback. Instead free up partial structure
directly.
CVE-2016-7053
Thanks to Tyler Nighswander of ForAllSecure for reporting this issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
The offset to the memory to clear was incorrect, causing a heap buffer
overflow.
CVE-2016-7054
Thanks to Robert Święcki for reporting this
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b8e4011fb26364e44230946b87ab38cc1c719aae)
|
|
Some of stone-age assembler can't cope with r0 in address. It's actually
sensible thing to do, because r0 is shunted to 0 in address arithmetic
and by refusing r0 assembler effectively makes you understand that.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a54aba531327285f64cf13a909bc129e9f9d5970)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 2fac86d9abeaa643677d1ffd0a139239fdf9406a)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit dca2e0ee1745ed2d9cba8c29f334f881a58f85dc)
|
|
Skip the test if the value after ":" is a disabled algorithm, rather
than failing it
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit dfbdf4abb7c62156f36925db95728142c4223225)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 586b79d8884b171eb3fae1ef230572921715ce1a)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1859)
(cherry picked from commit 7bb37cb5938a0cf76c12c8421950e72634d5f61c)
|
|
For consistency, it's better to use the perl that was specified to
Configure last time it was called.
Use case:
perl v5.8.8 was first along $PATH, perl v5.22.2 was available and
specified as: PERL=/opt/local/bin/perl ./config. When make wanted to
reconfigure and called './Configure reconf', configuration broke down,
complaining about a perl that's too old.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1884)
(cherry picked from commit 12ccb021be9e1c4c947e020ea2079e985b329a8a)
|
|
BN_RECP_CTX_new direclty use bn_init to avoid twice memset calls
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1879)
(cherry picked from commit 318447bceb3aa2c50ac0081bdb4e917f8704e7da)
|
|
Thanks to Falko Strenzke for bringing this to our attention.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1882)
(cherry picked from commit e5e71f2857275189577ab7b227608ab4ec985471)
|
|
libssl, not libddl.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1871)
(cherry picked from commit b77b6127e8de38726f37697bbbc736ced7b49771)
|