Age | Commit message (Collapse) | Author |
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4876)
|
|
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4880)
(cherry picked from commit 6aff543b9bf14bdac7f5385a9e56b8785b30f6d8)
|
|
Pointer 'o' is set inside a local buffer, so it can't be NULL.
Also fix coding style and add comments
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4754)
(cherry picked from commit cef115ff0ca4255d3decc1dda87c5418a961fd2c)
|
|
Otherwise, any command that relies on ssl modules may fail, because
SSL_add_ssl_module() will be called after the config file has already
been loaded.
Fixes #4788
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4792)
(cherry picked from commit 0488c0bbbe87eee3a800797b91350c653e9f1711)
|
|
IF OPENSSL_init_ssl() is called with the option flag
OPENSSL_INIT_LOAD_CONFIG, any SSL config will be handled wrongly
(i.e. there will be an attempt to load libssl_conf.so or whatever
corresponds to that on non-Unix platforms). Therefore, at least
SSL_add_ssl_module() MUST be called before OPENSSL_init_crypto() is
called. The base ssl init does that, plus adds all kinds of ciphers
and digests, which is harmless.
Fixes #4788
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4792)
(cherry picked from commit 0a90a6831e02e00d9043ada635421cfd3da5ffe2)
|
|
Some compilers react badly to non-ASCII characters
Fixes #4877
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4879)
(cherry picked from commit d68a0eaf45f12392065f3cf716a1a2682d55d3ce)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4868)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Test reading/writing to an SSL object after a fatal error has been
detected. This CVE only affected 1.0.2, but we should add it to other
branches for completeness.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Credit to OSS-Fuzz for finding this.
CVE-2017-3738
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
This line will allow use private keys, which created by Crypto Pro, to
sign with OpenSSL.
CLA: trivial
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4836)
(cherry picked from commit b35bb37a3d6ecf11b43ef8717600ab61718c3cc2)
|
|
CLA: trivial
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4835)
(cherry picked from commit 1e2804f25c80136c33f3508adb54b24106b6b6f6)
|
|
This small change in the Unix template and shared library build
scripts enables building "variant" shared libraries. A "variant"
shared library has a non-default SONAME, and non default symbol
versions. This makes it possible to build (say) an OpenSSL 1.1.0
library that can coexist without conflict in the same process address
space as the system's default OpenSSL library which may be OpenSSL
1.0.2.
Such "variant" shared libraries make it possible to link applications
against a custom OpenSSL library installed in /opt/openssl/1.1 or
similar location, and not risk conflict with an indirectly loaded
OpenSSL runtime that is required by some other dependency.
Variant shared libraries have been fully tested under Linux, and
build successfully on MacOS/X producing variant DYLD names. MacOS/X
Darwin has no symbol versioning, but has a non-flat library namespace.
Variant libraries may therefore support multiple OpenSSL libraries
in the same address space also with MacOS/X, despite lack of symbol
versions, but this has not been verified.
Variant shared libraries are optional and off by default.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Fixes #4775
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4815)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4805)
(cherry picked from commit 378db52bb0177ae03cac3c3ba194bb6dec34a2d7)
|
|
This avoids taking quadratic time to pretty-print certificates with
excessively large integer fields. Very large integers aren't any more
readable in decimal than hexadecimal anyway, and the i2s_* functions
will parse either form.
Found by libFuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4790)
(cherry picked from commit 10a3195fcf7d04ba519651cf12e945a8fe470a3c)
|
|
A name too many in the NAME section, and a copyright year update
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4789)
(cherry picked from commit 92793648945affdfe529fa711666d19528815789)
|
|
One had some lines copied from the other, and both were missing a
proper RETURN VALUES section.
Fixes #4781
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4787)
(cherry picked from commit 51e47d5f6a7944c3e3ddc5f6d376fc1320639277)
|
|
Fixes #4740
The MSYS2 run-time convert arguments that look like paths when
executing a program unless that application is linked with the MSYS
run-time. The exact conversion rules are listed here:
http://www.mingw.org/wiki/Posix_path_conversion
With the built-in configurations (all having names starting with
"mingw"), the openssl application is not linked with the MSYS2
run-time, and therefore, it will receive possibly converted arguments
from the process that executes it. This conversion is fine for normal
path arguments, but it happens that some arguments to the openssl
application get converted when they shouldn't. In one case, it's
arguments like '-passin file:something', and in another, it's a file:
URI (what typically happens is that URIs without an authority
component get converted, 'cause the conversion mechanism doesn't
recognise them as URIs).
To avoid conversion where we don't want it, we simply assign
MSYS2_ARG_CONV_EXCL a pattern to avoid specific conversions. As a
precaution, we only do this where we obviously need it.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4766)
|
|
Performance regression was reported for EC key generation between
1.0.2 and 1.1.x [in GH#2891]. It naturally depends on platform,
values between 6 and 9% were observed.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4743)
(cherry picked from commit a78324d95bd4568ce2c3b34bfa1d6f14cddf92ef)
|
|
|flags| argument to do_esc_char was apparently truncated by implicit
cast. [Caught by VC warning subsytem.]
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
(cherry picked from commit 372463103917fcc2b68bd2ba3db55b29ce325705)
|
|
* addressing", Proc. 6th Conference on Very Large Databases: 212–223
^
The EN DASH ('–') in this line is one UTF-8 character (hex: e2 80 93).
Under some code page setting (e.g. 936), Visual Studio may report C4819
warning: The file contains a character that cannot be represented in the
current code page.
Replace this character with the ASCII char '-' (Hex Code: 2D).
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4691)
(cherry picked from commit b4d0fa49d9d1a43792e58b0c8066bb23b9e53ef4)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4677)
(cherry picked from commit 1687aa760cdd164b12c5b70e65cadcbce1e7ccfa)
|
|
In earlier 5.1x Perl versions quoting globs works only if there is
white space. If there is none, it's looking for names starting with ".
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4695)
(cherry picked from commit 1097d2a39e3f85d4dac2c4d1c238792d6e1d959f)
|
|
HP-UX make doesn't recognize $< in explict target rules, only in
inference ones such as .c.o.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4697)
(cherry picked from commit b6705d4893d1566c3a5427e387ce99344497758d)
|
|
HP-UX make doesn't recognize $< in explict target rules, only in
inference ones such as .c.o.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4694)
|
|
'rsa', 'sha' and 'tlsext' can't be disabled, not even as a consequence
of other conditions, so having cascading disables that depend on them
is futile. Clean up!
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4693)
(cherry picked from commit 89635075d84353fc0c3d44a82fd0903ccd4ab24a)
|
|
If SSL_read() is called with a zero length buffer, and we read a zero length
record then we should mark that record as read.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4686)
|
|
Normally TLSProxy waits for the s_server process to finish before
continuing. However in cases where serverconnects > 1 we need to keep the
s_server process around for a later test so we continue immediately. This
means that TAP test output can end up being printed to stdout at the same
time as s_server is printing stuff. This confuses the test runner and can
cause spurious test failures. This commit introduces a small delay in cases
where serverconnects > 1 in order to give s_server enough time to finish
what it was doing before we continue to the next test.
Fixes #4129
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4661)
|
|
There were 4 macros in ocsp.h that have not worked since 1.1.0 because
they attempt to access the internals of an opaque structure.
For OCSP_REQUEST_sign() applications should use OCSP_request_sign() instead.
For OCSP_BASICRESP_sign() applications should use OCSP_basic_sign() instead.
For OCSP_REQUEST_verify() applications should use OCSP_request_verify()
instead.
For OCSP_BASICRESP_verify() applications should use OCSP_basic_verify()
instead.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4635)
(cherry picked from commit 9f5671c7e9f30dfa53b1a2b553f234c2761ceb66)
|
|
Instead of having perl modules under test/testlib and util,
consolidate them all to be inside util/perl.
(this is an adaptation of the part of #4069 that wasn't included in #4666)
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4667)
|
|
File::Glob::glob is deprecated, it's use generates this kind of
message:
File::Glob::glob() will disappear in perl 5.30. Use File::Glob::bsd_glob() instead. at ../master/Configure line 277.
The first idea was to use a construction that makes the caller glob()
use File::Glob::bsd_glob(). That turned out not to work well
everywhere, so instead, we make our own wrapper, OpenSSL::Glob and use
that.
Fixes #4636
(this is an adaptation of #4040 and part of #4069, for 1.1.0)
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4666)
|
|
It's not clear if it's a feature or bug, but binutils-2.29[.1]
interprets 'adr' instruction with Thumb2 code reference differently,
in a way that affects calculation of addresses of constants' tables.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4669)
(cherry picked from commit b82acc3c1a7f304c9df31841753a0fa76b5b3cda)
|
|
Duplicated tests descriptions
Backport of #3580 to 1.1.0
plus a few other typo fixes found at fligth.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4645)
|
|
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4600)
(cherry picked from commit a6f622bc99ffdc7b34199babb9d200b24a7a6431)
|
|
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4600)
(cherry picked from commit 7760384b403a61824c43cc767a11cd22abfa9e49)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4652)
(cherry picked from commit d7948767556e68378b75196841b3d32dd70d169a)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Credit to OSS-Fuzz for finding this.
CVE-2017-3736
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
In OpenSSL pre 1.1.0, 'openssl x509 -CAkeyformat engine' was possible
and supported. In 1.1.0, a small typo ('F' instead of 'f') removed
that possibility. This restores the pre 1.1.0 behavior.
Fixes #4366
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4643)
(cherry picked from commit bd6eba79d70677f891f1bb55b6f5bc5602c47cbc)
|
|
information about the length of the scalar used in ECDSA operations
from a large number (2^32) of signatures.
This doesn't rate as a CVE because:
* For the non-constant time code, there are easier ways to extract
more information.
* For the constant time code, it requires a significant number of signatures
to leak a small amount of information.
Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)
(cherry picked from commit 4a089bbdf11f9e231cc68f42bba934c954d81a49)
|
|
information about the length of a value used in DSA operations from
a large number of signatures.
This doesn't rate as a CVE because:
* For the non-constant time code, there are easier ways to extract
more information.
* For the constant time code, it requires a significant number of signatures
to leak a small amount of information.
Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)
(cherry picked from commit c0caa945f6ef30363e0d01d75155f20248403df4)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4631)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4633)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4633)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4633)
|
|
This version was a direct port from 1.1.1-dev, which has a different
source structure for the docs. Adjustment done.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4633)
|
|
Missing names slipped through
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4630)
|