summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLukasz Pawelczyk <l.pawelczyk@samsung.com>2017-05-08 11:59:43 +0200
committerLukasz Pawelczyk <l.pawelczyk@samsung.com>2017-05-08 12:00:55 +0200
commitf87d0bbbb96f9df93f59ce9e309260439627c2c8 (patch)
treeaf4d1fb9bb46d5304af13a306b47d1a66bc7443b
parentb6399c3d71b9c3425646ea3ccfd96f4f1f259408 (diff)
parent42400a3c53dd8996817c46cb390e8320c800f6cf (diff)
downloadopenssl-f87d0bbbb96f9df93f59ce9e309260439627c2c8.tar.gz
openssl-f87d0bbbb96f9df93f59ce9e309260439627c2c8.tar.bz2
openssl-f87d0bbbb96f9df93f59ce9e309260439627c2c8.zip
Upstream version 1.0.2k Change-Id: Ibb94241d3263d8efc2c93a6f485049b24aea52f6 Signed-off-by: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
-rw-r--r--CHANGES61
-rw-r--r--CONTRIBUTING55
-rwxr-xr-xConfigure34
-rw-r--r--INSTALL69
-rw-r--r--Makefile5
-rw-r--r--Makefile.bak5
-rw-r--r--Makefile.org3
-rw-r--r--NEWS8
-rw-r--r--README36
-rw-r--r--apps/apps.c19
-rw-r--r--apps/apps.h4
-rw-r--r--apps/ca.c6
-rw-r--r--apps/cms.c5
-rw-r--r--apps/dgst.c1
-rw-r--r--apps/dh.c6
-rw-r--r--apps/dhparam.c8
-rw-r--r--apps/dsa.c7
-rw-r--r--apps/dsaparam.c8
-rw-r--r--apps/ec.c6
-rw-r--r--apps/ecparam.c10
-rw-r--r--apps/enc.c8
-rw-r--r--apps/gendh.c4
-rw-r--r--apps/gendsa.c8
-rw-r--r--apps/genpkey.c2
-rw-r--r--apps/genrsa.c7
-rw-r--r--apps/pkcs12.c7
-rw-r--r--apps/pkcs7.c8
-rw-r--r--apps/pkcs8.c5
-rw-r--r--apps/pkey.c5
-rw-r--r--apps/pkeyparam.c8
-rw-r--r--apps/pkeyutl.c1
-rw-r--r--apps/prime.c12
-rw-r--r--apps/rand.c8
-rw-r--r--apps/req.c5
-rw-r--r--apps/rsa.c5
-rw-r--r--apps/rsautl.c5
-rw-r--r--apps/s_cb.c4
-rw-r--r--apps/s_client.c7
-rw-r--r--apps/s_server.c7
-rw-r--r--apps/smime.c5
-rw-r--r--apps/speed.c14
-rw-r--r--apps/spkac.c5
-rw-r--r--apps/srp.c8
-rw-r--r--apps/verify.c5
-rw-r--r--apps/x509.c5
-rw-r--r--crypto/aes/asm/aes-s390x.pl8
-rw-r--r--crypto/asn1/p5_pbev2.c8
-rw-r--r--crypto/asn1/x_crl.c3
-rwxr-xr-xcrypto/bn/asm/x86_64-mont.pl5
-rwxr-xr-xcrypto/bn/asm/x86_64-mont5.pl16
-rw-r--r--crypto/bn/bn_exp.c5
-rw-r--r--crypto/bn/bn_mul.c5
-rw-r--r--crypto/bn/bn_prime.c3
-rw-r--r--crypto/bn/bn_sqr.c5
-rw-r--r--crypto/cms/cms_kari.c5
-rw-r--r--crypto/dh/dh_key.c2
-rw-r--r--crypto/dsa/dsa_pmeth.c2
-rw-r--r--crypto/ec/ec2_mult.c20
-rw-r--r--crypto/ecdh/ech_ossl.c4
-rw-r--r--crypto/err/err.c3
-rw-r--r--crypto/evp/e_aes.c4
-rw-r--r--crypto/evp/e_rc4_hmac_md5.c2
-rw-r--r--crypto/evp/evp.h6
-rw-r--r--crypto/evp/evp_err.c3
-rw-r--r--crypto/evp/pmeth_fn.c30
-rw-r--r--crypto/evp/pmeth_lib.c28
-rw-r--r--crypto/modes/ctr128.c2
-rw-r--r--crypto/opensslv.h6
-rwxr-xr-xcrypto/perlasm/x86_64-xlate.pl11
-rw-r--r--crypto/rsa/rsa_gen.c3
-rw-r--r--crypto/rsa/rsa_oaep.c8
-rw-r--r--crypto/rsa/rsa_pmeth.c4
-rw-r--r--crypto/s390xcap.c1
-rw-r--r--crypto/ui/ui_lib.c138
-rw-r--r--crypto/ui/ui_openssl.c59
-rw-r--r--demos/easy_tls/easy-tls.c1
-rw-r--r--doc/apps/ocsp.pod9
-rw-r--r--doc/crypto/EVP_DigestSignInit.pod2
-rw-r--r--doc/crypto/EVP_DigestVerifyInit.pod2
-rw-r--r--doc/crypto/RSA_generate_key.pod2
-rw-r--r--doc/crypto/X509_NAME_get_index_by_NID.pod3
-rw-r--r--doc/crypto/X509_NAME_print_ex.pod8
-rw-r--r--doc/ssl/SSL_CTX_set_session_cache_mode.pod2
-rw-r--r--doc/ssl/SSL_get_error.pod22
-rw-r--r--doc/ssl/SSL_read.pod32
-rw-r--r--doc/ssl/SSL_write.pod19
-rw-r--r--engines/ccgost/Makefile2
-rw-r--r--openssl.spec2
-rw-r--r--packaging/openssl.spec2
-rw-r--r--ssl/bad_dtls_test.c5
-rw-r--r--ssl/s23_pkt.c12
-rw-r--r--ssl/s2_lib.c2
-rw-r--r--ssl/s2_pkt.c10
-rw-r--r--ssl/s3_clnt.c44
-rw-r--r--ssl/s3_pkt.c23
-rw-r--r--ssl/s3_srvr.c33
-rw-r--r--ssl/ssl_cert.c4
-rw-r--r--ssl/ssl_err.c1
-rw-r--r--ssl/ssl_lib.c4
-rw-r--r--ssl/ssl_locl.h2
-rw-r--r--ssl/ssl_sess.c9
-rw-r--r--ssl/t1_lib.c291
-rwxr-xr-xutil/domd11
-rwxr-xr-xutil/mklink.pl8
104 files changed, 842 insertions, 638 deletions
diff --git a/CHANGES b/CHANGES
index 042afe3..95aabc6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,67 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
+
+ *) Truncated packet could crash via OOB read
+
+ If one side of an SSL/TLS path is running on a 32-bit host and a specific
+ cipher is being used, then a truncated packet can cause that host to
+ perform an out-of-bounds read, usually resulting in a crash.
+
+ This issue was reported to OpenSSL by Robert Święcki of Google.
+ (CVE-2017-3731)
+ [Andy Polyakov]
+
+ *) BN_mod_exp may produce incorrect results on x86_64
+
+ There is a carry propagating bug in the x86_64 Montgomery squaring
+ procedure. No EC algorithms are affected. Analysis suggests that attacks
+ against RSA and DSA as a result of this defect would be very difficult to
+ perform and are not believed likely. Attacks against DH are considered just
+ feasible (although very difficult) because most of the work necessary to
+ deduce information about a private key may be performed offline. The amount
+ of resources required for such an attack would be very significant and
+ likely only accessible to a limited number of attackers. An attacker would
+ additionally need online access to an unpatched system using the target
+ private key in a scenario with persistent DH parameters and a private
+ key that is shared between multiple clients. For example this can occur by
+ default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
+ similar to CVE-2015-3193 but must be treated as a separate problem.
+
+ This issue was reported to OpenSSL by the OSS-Fuzz project.
+ (CVE-2017-3732)
+ [Andy Polyakov]
+
+ *) Montgomery multiplication may produce incorrect results
+
+ There is a carry propagating bug in the Broadwell-specific Montgomery
+ multiplication procedure that handles input lengths divisible by, but
+ longer than 256 bits. Analysis suggests that attacks against RSA, DSA
+ and DH private keys are impossible. This is because the subroutine in
+ question is not used in operations with the private key itself and an input
+ of the attacker's direct choice. Otherwise the bug can manifest itself as
+ transient authentication and key negotiation failures or reproducible
+ erroneous outcome of public-key operations with specially crafted input.
+ Among EC algorithms only Brainpool P-512 curves are affected and one
+ presumably can attack ECDH key negotiation. Impact was not analyzed in
+ detail, because pre-requisites for attack are considered unlikely. Namely
+ multiple clients have to choose the curve in question and the server has to
+ share the private key among them, neither of which is default behaviour.
+ Even then only clients that chose the curve will be affected.
+
+ This issue was publicly reported as transient failures and was not
+ initially recognized as a security issue. Thanks to Richard Morgan for
+ providing reproducible case.
+ (CVE-2016-7055)
+ [Andy Polyakov]
+
+ *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
+ or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
+ prevent issues where no progress is being made and the peer continually
+ sends unrecognised record types, using up resources processing them.
+ [Matt Caswell]
+
Changes between 1.0.2i and 1.0.2j [26 Sep 2016]
*) Missing CRL sanity check
diff --git a/CONTRIBUTING b/CONTRIBUTING
index 07115e5..f734d77 100644
--- a/CONTRIBUTING
+++ b/CONTRIBUTING
@@ -1,4 +1,4 @@
-HOW TO CONTRIBUTE TO PATCHES OpenSSL
+HOW TO CONTRIBUTE PATCHES TO OpenSSL
------------------------------------
(Please visit https://www.openssl.org/community/getting-started.html for
@@ -11,34 +11,12 @@ OpenSSL community you might want to discuss it on the openssl-dev mailing
list first. Someone may be already working on the same thing or there
may be a good reason as to why that feature isn't implemented.
-The best way to submit a patch is to make a pull request on GitHub.
-(It is not necessary to send mail to rt@openssl.org to open a ticket!)
-If you think the patch could use feedback from the community, please
-start a thread on openssl-dev.
+To submit a patch, make a pull request on GitHub. If you think the patch
+could use feedback from the community, please start a thread on openssl-dev
+to discuss it.
-You can also submit patches by sending it as mail to rt@openssl.org.
-Please include the word "PATCH" and an explanation of what the patch
-does in the subject line. If you do this, our preferred format is "git
-format-patch" output. For example to provide a patch file containing the
-last commit in your local git repository use the following command:
-
- % git format-patch --stdout HEAD^ >mydiffs.patch
-
-Another method of creating an acceptable patch file without using git is as
-follows:
-
- % cd openssl-work
- ...make your changes...
- % ./Configure dist; make clean
- % cd ..
- % diff -ur openssl-orig openssl-work >mydiffs.patch
-
-Note that pull requests are generally easier for the team, and community, to
-work with. Pull requests benefit from all of the standard GitHub features,
-including code review tools, simpler integration, and CI build support.
-
-No matter how a patch is submitted, the following items will help make
-the acceptance and review process faster:
+Having addressed the following items before the PR will help make the
+acceptance and review process faster:
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
@@ -55,21 +33,22 @@ the acceptance and review process faster:
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
- 3. Patches should be as current as possible. When using GitHub, please
- expect to have to rebase and update often. Note that we do not accept merge
- commits. You will be asked to remove them before a patch is considered
- acceptable.
+ 3. Patches should be as current as possible; expect to have to rebase
+ often. We do not accept merge commits; You will be asked to remove
+ them before a patch is considered acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is availble you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
+ Clean builds via Travis and AppVeyor are expected, and done whenever
+ a PR is created or updated.
- 5. When at all possible, patches should include tests. These can either be
- added to an existing test, or completely new. Please see test/README
- for information on the test framework.
+ 5. When at all possible, patches should include tests. These can
+ either be added to an existing test, or completely new. Please see
+ test/README for information on the test framework.
- 6. New features or changed functionality must include documentation. Please
- look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
- our style.
+ 6. New features or changed functionality must include
+ documentation. Please look at the "pod" files in doc/apps, doc/crypto
+ and doc/ssl for examples of our style.
diff --git a/Configure b/Configure
index c39f71a..5da7cad 100755
--- a/Configure
+++ b/Configure
@@ -7,6 +7,7 @@ eval 'exec perl -S $0 ${1+"$@"}'
require 5.000;
use strict;
+use File::Compare;
# see INSTALL for instructions.
@@ -57,12 +58,13 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# sctp include SCTP support
-# 386 generate 80386 code
# enable-weak-ssl-ciphers
# Enable EXPORT and LOW SSLv3 ciphers that are disabled by
# default. Note, weak SSLv2 ciphers are unconditionally
# disabled.
-# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
+# 386 generate 80386 code in assembly modules
+# no-sse2 disables IA-32 SSE2 code in assembly modules, the above
+# mentioned '386' option implies this one
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
@@ -1792,8 +1794,16 @@ while (<IN>)
}
close(IN);
close(OUT);
-rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
-rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
+if ((compare($Makefile, "$Makefile.new"))
+ or file_newer('Configure', $Makefile)
+ or file_newer('config', $Makefile)
+ or file_newer('Makefile.org', $Makefile))
+ {
+ rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
+ rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
+ }
+else
+ { unlink("$Makefile.new"); }
print "CC =$cc\n";
print "CFLAG =$cflags\n";
@@ -1985,9 +1995,13 @@ print OUT "#ifdef __cplusplus\n";
print OUT "}\n";
print OUT "#endif\n";
close(OUT);
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
-
+if (compare("crypto/opensslconf.h.new","crypto/opensslconf.h"))
+ {
+ rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
+ rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
+ }
+else
+ { unlink("crypto/opensslconf.h.new"); }
# Fix the date
@@ -2289,3 +2303,9 @@ sub test_sanity
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
return $errorcnt;
}
+
+sub file_newer
+ {
+ my ($file1, $file2) = @_;
+ return (stat($file1))[9] > (stat($file2))[9]
+ }
diff --git a/INSTALL b/INSTALL
index 679b30d..aa7e35f 100644
--- a/INSTALL
+++ b/INSTALL
@@ -74,24 +74,26 @@
no-asm Do not use assembler code.
- 386 Use the 80386 instruction set only (the default x86 code is
- more efficient, but requires at least a 486). Note: Use
- compiler flags for any other CPU specific configuration,
- e.g. "-m32" to build x86 code on an x64 system.
-
- no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
- detected at run-time, but the decision whether or not the
- machine code will be executed is taken solely on CPU
- capability vector. This means that if you happen to run OS
- kernel which does not support SSE2 extension on Intel P4
- processor, then your application might be exposed to
- "illegal instruction" exception. There might be a way
- to enable support in kernel, e.g. FreeBSD kernel can be
- compiled with CPU_ENABLE_SSE, and there is a way to
- disengage SSE2 code pathes upon application start-up,
- but if you aim for wider "audience" running such kernel,
- consider no-sse2. Both 386 and no-asm options above imply
- no-sse2.
+ 386 In 32-bit x86 builds, when generating assembly modules,
+ use the 80386 instruction set only (the default x86 code
+ is more efficient, but requires at least a 486). Note:
+ This doesn't affect code generated by compiler, you're
+ likely to complement configuration command line with
+ suitable compiler-specific option.
+
+ no-sse2 Exclude SSE2 code paths from 32-bit x86 assembly modules.
+ Normally SSE2 extension is detected at run-time, but the
+ decision whether or not the machine code will be executed
+ is taken solely on CPU capability vector. This means that
+ if you happen to run OS kernel which does not support SSE2
+ extension on Intel P4 processor, then your application
+ might be exposed to "illegal instruction" exception.
+ There might be a way to enable support in kernel, e.g.
+ FreeBSD kernel can be compiled with CPU_ENABLE_SSE, and
+ there is a way to disengage SSE2 code paths upon application
+ start-up, but if you aim for wider "audience" running
+ such kernel, consider no-sse2. Both the 386 and
+ no-asm options imply no-sse2.
no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
@@ -101,7 +103,12 @@
-Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
be passed through to the compiler to allow you to
define preprocessor symbols, specify additional libraries,
- library directories or other compiler options.
+ library directories or other compiler options. It might be
+ worth noting that some compilers generate code specifically
+ for processor the compiler currently executes on. This is
+ not necessarily what you might have in mind, since it might
+ be unsuitable for execution on other, typically older,
+ processor. Consult your compiler documentation.
-DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
BSD. Useful if you are running ocf-linux or something
@@ -159,18 +166,18 @@
OpenSSL binary ("openssl"). The libraries will be built in the top-level
directory, and the binary will be in the "apps" directory.
- If "make" fails, look at the output. There may be reasons for
- the failure that aren't problems in OpenSSL itself (like missing
- standard headers). If it is a problem with OpenSSL itself, please
- report the problem to <openssl-bugs@openssl.org> (note that your
- message will be recorded in the request tracker publicly readable
- at https://www.openssl.org/community/index.html#bugs and will be
- forwarded to a public mailing list). Include the output of "make
- report" in your message. Please check out the request tracker. Maybe
- the bug was already reported or has already been fixed.
-
- [If you encounter assembler error messages, try the "no-asm"
- configuration option as an immediate fix.]
+ If the build fails, look at the output. There may be reasons
+ for the failure that aren't problems in OpenSSL itself (like
+ missing standard headers). If you are having problems you can
+ get help by sending an email to the openssl-users email list (see
+ https://www.openssl.org/community/mailinglists.html for details). If
+ it is a bug with OpenSSL itself, please open an issue on GitHub, at
+ https://github.com/openssl/openssl/issues. Please review the existing
+ ones first; maybe the bug was already reported or has already been
+ fixed.
+
+ (If you encounter assembler error messages, try the "no-asm"
+ configuration option as an immediate fix.)
Compiling parts of OpenSSL with gcc and others with the system
compiler will result in unresolved symbols on some systems.
diff --git a/Makefile b/Makefile
index 04bfb11..0b894ff 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2j
+VERSION=1.0.2k
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
@@ -203,7 +203,8 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} \
+ $${APPS+APPS}
# LC_ALL=C ensures that error [and other] messages are delivered in
# same language for uniform treatment.
diff --git a/Makefile.bak b/Makefile.bak
index 7b97fb0..402333e 100644
--- a/Makefile.bak
+++ b/Makefile.bak
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2j
+VERSION=1.0.2k
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
@@ -203,7 +203,8 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} \
+ $${APPS+APPS}
# LC_ALL=C ensures that error [and other] messages are delivered in
# same language for uniform treatment.
diff --git a/Makefile.org b/Makefile.org
index 2377f50..61a329b 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -201,7 +201,8 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} \
+ $${APPS+APPS}
# LC_ALL=C ensures that error [and other] messages are delivered in
# same language for uniform treatment.
diff --git a/NEWS b/NEWS
index c057963..be4a266 100644
--- a/NEWS
+++ b/NEWS
@@ -5,9 +5,15 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
+
+ o Truncated packet could crash via OOB read (CVE-2017-3731)
+ o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+ o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+
Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]
- o Fix Use After Free for large message sizes (CVE-2016-6309)
+ o Missing CRL sanity check (CVE-2016-7052)
Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]
diff --git a/README b/README
index 6dedfc0..615d0c6 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
- OpenSSL 1.0.2j 26 Sep 2016
+ OpenSSL 1.0.2k 26 Jan 2017
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -66,13 +66,13 @@
If you have any problems with OpenSSL then please take the following steps
first:
- - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
+ - Download the latest version from the repository
to see if the problem has already been addressed
- - Remove ASM versions of libraries
+ - Configure with no-asm
- Remove compiler optimisation flags
- If you wish to report a bug then please include the following information in
- any bug report:
+ If you wish to report a bug then please include the following information
+ and create an issue on GitHub:
- On Unix systems:
Self-test report generated by 'make report'
@@ -84,27 +84,9 @@
- Problem Description (steps that will reproduce the problem, if known)
- Stack Traceback (if the application dumps core)
- Email the report to:
-
- rt@openssl.org
-
- In order to avoid spam, this is a moderated mailing list, and it might
- take a day for the ticket to show up. (We also scan posts to make sure
- that security disclosures aren't publically posted by mistake.) Mail
- to this address is recorded in the public RT (request tracker) database
- (see https://www.openssl.org/community/index.html#bugs for details) and
- also forwarded the public openssl-dev mailing list. Confidential mail
- may be sent to openssl-security@openssl.org (PGP key available from the
- key servers).
-
- Please do NOT use this for general assistance or support queries.
Just because something doesn't work the way you expect does not mean it
is necessarily a bug in OpenSSL.
- You can also make GitHub pull requests. If you do this, please also send
- mail to rt@openssl.org with a link to the PR so that we can more easily
- keep track of it.
-
HOW TO CONTRIBUTE TO OpenSSL
----------------------------
@@ -113,7 +95,7 @@
LEGALITIES
----------
- A number of nations, in particular the U.S., restrict the use or export
- of cryptography. If you are potentially subject to such restrictions
- you should seek competent professional legal advice before attempting to
- develop or distribute cryptographic code.
+ A number of nations restrict the use or export of cryptography. If you
+ are potentially subject to such restrictions you should seek competent
+ professional legal advice before attempting to develop or distribute
+ cryptographic code.
diff --git a/apps/apps.c b/apps/apps.c
index 9fdc3e0..c487bd9 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -972,7 +972,10 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
if (!e)
BIO_printf(err, "no engine specified\n");
else {
- pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+ if (ENGINE_init(e)) {
+ pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+ ENGINE_finish(e);
+ }
if (!pkey) {
BIO_printf(err, "cannot load %s from engine\n", key_descrip);
ERR_print_errors(err);
@@ -1532,11 +1535,13 @@ static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
}
return e;
}
+#endif
ENGINE *setup_engine(BIO *err, const char *engine, int debug)
{
ENGINE *e = NULL;
+#ifndef OPENSSL_NO_ENGINE
if (engine) {
if (strcmp(engine, "auto") == 0) {
BIO_printf(err, "enabling auto ENGINE support\n");
@@ -1561,13 +1566,19 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug)
}
BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
-
- /* Free our "structural" reference. */
- ENGINE_free(e);
}
+#endif
return e;
}
+
+void release_engine(ENGINE *e)
+{
+#ifndef OPENSSL_NO_ENGINE
+ if (e != NULL)
+ /* Free our "structural" reference. */
+ ENGINE_free(e);
#endif
+}
int load_config(BIO *err, CONF *cnf)
{
diff --git a/apps/apps.h b/apps/apps.h
index c6c3881..268863c 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -259,9 +259,9 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
const char *pass, ENGINE *e,
const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
-# ifndef OPENSSL_NO_ENGINE
+
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
-# endif
+void release_engine(ENGINE *e);
# ifndef OPENSSL_NO_OCSP
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
diff --git a/apps/ca.c b/apps/ca.c
index a0ec583..4cea3cb 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -319,9 +319,7 @@ int MAIN(int argc, char **argv)
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
char *tofree = NULL;
DB_ATTR db_attr;
@@ -595,9 +593,7 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, conf))
goto err;
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
/* Lets get the config section we are using */
if (section == NULL) {
@@ -1485,6 +1481,7 @@ int MAIN(int argc, char **argv)
X509_CRL_free(crl);
NCONF_free(conf);
NCONF_free(extconf);
+ release_engine(e);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
@@ -2227,7 +2224,6 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
sk = CONF_get_section(parms, "default");
if (sk_CONF_VALUE_num(sk) == 0) {
BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
- CONF_free(parms);
goto err;
}
diff --git a/apps/cms.c b/apps/cms.c
index 6047937..f9a63bc 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -143,9 +143,7 @@ int MAIN(int argc, char **argv)
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
unsigned char *secret_key = NULL, *secret_keyid = NULL;
unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0;
@@ -665,9 +663,7 @@ int MAIN(int argc, char **argv)
"cert.pem recipient certificate(s) for encryption\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
@@ -1170,6 +1166,7 @@ int MAIN(int argc, char **argv)
EVP_PKEY_free(key);
CMS_ContentInfo_free(cms);
CMS_ContentInfo_free(rcms);
+ release_engine(e);
BIO_free(rctin);
BIO_free(in);
BIO_free(indata);
diff --git a/apps/dgst.c b/apps/dgst.c
index 26afcd7..bc2601e 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -537,6 +537,7 @@ int MAIN(int argc, char **argv)
OPENSSL_free(sigbuf);
if (bmd != NULL)
BIO_free(bmd);
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(err);
}
diff --git a/apps/dh.c b/apps/dh.c
index 48fecc9..bb13fef 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -94,9 +94,7 @@ int MAIN(int argc, char **argv)
BIO *in = NULL, *out = NULL;
int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog;
-# ifndef OPENSSL_NO_ENGINE
char *engine;
-# endif
apps_startup();
@@ -107,9 +105,7 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
-# ifndef OPENSSL_NO_ENGINE
engine = NULL;
-# endif
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
@@ -183,9 +179,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
-# endif
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 57199a8..1210adb 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -159,9 +159,8 @@ int MAIN(int argc, char **argv)
int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog;
char *inrand = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
+ ENGINE *e = NULL;
int num = 0, g = 0;
apps_startup();
@@ -270,9 +269,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (g && !num)
num = DEFBITS;
@@ -512,6 +509,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if (dh != NULL)
DH_free(dh);
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(ret);
}
diff --git a/apps/dsa.c b/apps/dsa.c
index dedf8e1..4ed21d8 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -106,9 +106,7 @@ int MAIN(int argc, char **argv)
int informat, outformat, text = 0, noout = 0;
int pubin = 0, pubout = 0;
char *infile, *outfile, *prog;
-# ifndef OPENSSL_NO_ENGINE
char *engine;
-# endif
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
int modulus = 0;
@@ -124,9 +122,7 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
-# ifndef OPENSSL_NO_ENGINE
engine = NULL;
-# endif
infile = NULL;
outfile = NULL;
informat = FORMAT_PEM;
@@ -239,9 +235,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -358,6 +352,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
+ release_engine(e);
if (passin)
OPENSSL_free(passin);
if (passout)
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 824a595..f2cf553 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -121,9 +121,8 @@ int MAIN(int argc, char **argv)
char *infile, *outfile, *prog, *inrand = NULL;
int numbits = -1, num, genkey = 0;
int need_rand = 0;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
+ ENGINE *e = NULL;
# ifdef GENCB_TEST
int timebomb = 0;
# endif
@@ -263,9 +262,7 @@ int MAIN(int argc, char **argv)
}
}
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
@@ -433,6 +430,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(ret);
}
diff --git a/apps/ec.c b/apps/ec.c
index b04dada..d2263c8 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -95,6 +95,7 @@ int MAIN(int argc, char **argv)
int informat, outformat, text = 0, noout = 0;
int pubin = 0, pubout = 0, param_out = 0;
char *infile, *outfile, *prog, *engine;
+ ENGINE *e = NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
@@ -235,9 +236,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -349,6 +348,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if (eckey)
EC_KEY_free(eckey);
+ release_engine(e);
if (passin)
OPENSSL_free(passin);
if (passout)
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 71b67f4..a9bf489 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -131,6 +131,7 @@ int MAIN(int argc, char **argv)
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
char *engine = NULL;
+ ENGINE *e = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
*ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
@@ -311,9 +312,7 @@ int MAIN(int argc, char **argv)
}
}
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (list_curves) {
EC_builtin_curve *curves = NULL;
@@ -620,12 +619,13 @@ int MAIN(int argc, char **argv)
BN_free(ec_cofactor);
if (buffer)
OPENSSL_free(buffer);
+ if (group != NULL)
+ EC_GROUP_free(group);
+ release_engine(e);
if (in != NULL)
BIO_free(in);
if (out != NULL)
BIO_free_all(out);
- if (group != NULL)
- EC_GROUP_free(group);
apps_shutdown();
OPENSSL_EXIT(ret);
}
diff --git a/apps/enc.c b/apps/enc.c
index 8e2ef27..8c8f1ef 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -126,9 +126,8 @@ int MAIN(int argc, char **argv)
NULL, *wbio = NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE + 1];
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
+ ENGINE *e = NULL;
const EVP_MD *dgst = NULL;
int non_fips_allow = 0;
@@ -322,9 +321,7 @@ int MAIN(int argc, char **argv)
argv++;
}
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
+ e = setup_engine(bio_err, engine, 0);
if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
BIO_printf(bio_err,
@@ -674,6 +671,7 @@ int MAIN(int argc, char **argv)
if (bzl != NULL)
BIO_free(bzl);
#endif
+ release_engine(e);
if (pass)
OPENSSL_free(pass);
apps_shutdown();
diff --git a/apps/gendh.c b/apps/gendh.c
index fef6f1b..59484c2 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -96,9 +96,7 @@ int MAIN(int argc, char **argv)
int g = 2;
char *outfile = NULL;
char *inrand = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
BIO *out = NULL;
apps_startup();
@@ -162,9 +160,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, " the random number generator\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
-# endif
out = BIO_new(BIO_s_file());
if (out == NULL) {
diff --git a/apps/gendsa.c b/apps/gendsa.c
index fd1360a..31510e6 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -85,9 +85,8 @@ int MAIN(int argc, char **argv)
char *passargout = NULL, *passout = NULL;
BIO *out = NULL, *in = NULL;
const EVP_CIPHER *enc = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
+ ENGINE *e = NULL;
apps_startup();
@@ -206,9 +205,7 @@ int MAIN(int argc, char **argv)
" - a DSA parameter file as generated by the dsaparam command\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
@@ -273,6 +270,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if (dsa != NULL)
DSA_free(dsa);
+ release_engine(e);
if (passout)
OPENSSL_free(passout);
apps_shutdown();
diff --git a/apps/genpkey.c b/apps/genpkey.c
index fef21dc..39dcef9 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -275,9 +275,9 @@ int MAIN(int argc, char **argv)
if (out)
BIO_free_all(out);
BIO_free(in);
+ release_engine(e);
if (pass)
OPENSSL_free(pass);
-
return ret;
}
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 91e6550..51dcfca 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -91,9 +91,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
-# ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
-# endif
int ret = 1;
int i, num = DEFBITS;
long l;
@@ -101,9 +99,7 @@ int MAIN(int argc, char **argv)
unsigned long f4 = RSA_F4;
char *outfile = NULL;
char *passargout = NULL, *passout = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
char *inrand = NULL;
BIO *out = NULL;
BIGNUM *bn = BN_new();
@@ -240,9 +236,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Error getting password\n");
goto err;
}
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
@@ -314,6 +308,7 @@ int MAIN(int argc, char **argv)
RSA_free(rsa);
if (out)
BIO_free_all(out);
+ release_engine(e);
if (passout)
OPENSSL_free(passout);
if (ret != 0)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 82182c2..d0bd97a 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -129,9 +129,7 @@ int MAIN(int argc, char **argv)
char *inrand = NULL;
char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
apps_startup();
@@ -406,9 +404,7 @@ int MAIN(int argc, char **argv)
"-LMK Add local machine keyset attribute to private key\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (passarg) {
if (export_cert)
@@ -756,6 +752,7 @@ int MAIN(int argc, char **argv)
# ifdef CRYPTO_MDEBUG
CRYPTO_remove_all_info();
# endif
+ release_engine(e);
BIO_free(in);
BIO_free_all(out);
if (canames)
@@ -1110,4 +1107,6 @@ static int set_pbe(BIO *err, int *ppbe, const char *str)
return 1;
}
+#else
+static void *dummy = &dummy;
#endif
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index b677633..c5d51d2 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -90,9 +90,8 @@ int MAIN(int argc, char **argv)
char *infile, *outfile, *prog;
int print_certs = 0, text = 0, noout = 0, p7_print = 0;
int ret = 1;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
+ ENGINE *e = NULL;
apps_startup();
@@ -175,9 +174,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
+ e = setup_engine(bio_err, engine, 0);
in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
@@ -303,6 +300,7 @@ int MAIN(int argc, char **argv)
end:
if (p7 != NULL)
PKCS7_free(p7);
+ release_engine(e);
if (in != NULL)
BIO_free(in);
if (out != NULL)
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 5099e18..71e3168 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -87,9 +87,7 @@ int MAIN(int argc, char **argv)
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
int ret = 1;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@@ -223,9 +221,7 @@ int MAIN(int argc, char **argv)
#endif
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -391,6 +387,7 @@ int MAIN(int argc, char **argv)
X509_SIG_free(p8);
PKCS8_PRIV_KEY_INFO_free(p8inf);
EVP_PKEY_free(pkey);
+ release_engine(e);
BIO_free_all(out);
BIO_free(in);
if (passin)
diff --git a/apps/pkey.c b/apps/pkey.c
index e848049..63d878a 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -79,9 +79,7 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey = NULL;
char *passin = NULL, *passout = NULL;
int badarg = 0;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
int ret = 1;
if (bio_err == NULL)
@@ -178,9 +176,7 @@ int MAIN(int argc, char **argv)
#endif
return 1;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -240,6 +236,7 @@ int MAIN(int argc, char **argv)
end:
EVP_PKEY_free(pkey);
+ release_engine(e);
BIO_free_all(out);
BIO_free(in);
if (passin)
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index a148a66..1437f03 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -74,9 +74,8 @@ int MAIN(int argc, char **argv)
int text = 0, noout = 0;
EVP_PKEY *pkey = NULL;
int badarg = 0;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
+ ENGINE *e = NULL;
int ret = 1;
if (bio_err == NULL)
@@ -134,9 +133,7 @@ int MAIN(int argc, char **argv)
#endif
return 1;
}
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
+ e = setup_engine(bio_err, engine, 0);
if (infile) {
if (!(in = BIO_new_file(infile, "r"))) {
@@ -178,6 +175,7 @@ int MAIN(int argc, char **argv)
end:
EVP_PKEY_free(pkey);
+ release_engine(e);
BIO_free_all(out);
BIO_free(in);
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index e47206c..7c62d1c 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -357,6 +357,7 @@ int MAIN(int argc, char **argv)
end:
if (ctx)
EVP_PKEY_CTX_free(ctx);
+ release_engine(e);
BIO_free(in);
BIO_free_all(out);
if (buf_in != NULL)
diff --git a/apps/prime.c b/apps/prime.c
index 1fb1c8d..133167f 100644
--- a/apps/prime.c
+++ b/apps/prime.c
@@ -128,16 +128,24 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_out, "%s\n", s);
OPENSSL_free(s);
} else {
+ int r;
+
if (hex)
- BN_hex2bn(&bn, argv[0]);
+ r = BN_hex2bn(&bn, argv[0]);
else
- BN_dec2bn(&bn, argv[0]);
+ r = BN_dec2bn(&bn, argv[0]);
+
+ if(!r) {
+ BIO_printf(bio_err, "Failed to process value (%s)\n", argv[0]);
+ goto end;
+ }
BN_print(bio_out, bn);
BIO_printf(bio_out, " is %sprime\n",
BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
}
+ end:
BN_free(bn);
BIO_free_all(bio_out);
diff --git a/apps/rand.c b/apps/rand.c
index e159da3..96dcb72 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -86,9 +86,8 @@ int MAIN(int argc, char **argv)
int hex = 0;
BIO *out = NULL;
int num = -1;
-#ifndef OPENSSL_NO_ENGINE
+ ENGINE *e = NULL;
char *engine = NULL;
-#endif
apps_startup();
@@ -162,9 +161,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-hex - hex encode output\n");
goto err;
}
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-#endif
+ e = setup_engine(bio_err, engine, 0);
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
@@ -222,6 +219,7 @@ int MAIN(int argc, char **argv)
err:
ERR_print_errors(bio_err);
+ release_engine(e);
if (out)
BIO_free_all(out);
apps_shutdown();
diff --git a/apps/req.c b/apps/req.c
index d1411c9..cdea1f6 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -179,9 +179,7 @@ int MAIN(int argc, char **argv)
int nodes = 0, kludge = 0, newhdr = 0, subject = 0, pubkey = 0;
char *infile, *outfile, *prog, *keyfile = NULL, *template =
NULL, *keyout = NULL;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
char *extensions = NULL;
char *req_exts = NULL;
const EVP_CIPHER *cipher = NULL;
@@ -595,9 +593,7 @@ int MAIN(int argc, char **argv)
if ((in == NULL) || (out == NULL))
goto end;
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (keyfile != NULL) {
pkey = load_key(bio_err, keyfile, keyform, 0, passin, e,
@@ -1040,6 +1036,7 @@ int MAIN(int argc, char **argv)
X509_REQ_free(req);
X509_free(x509ss);
ASN1_INTEGER_free(serial);
+ release_engine(e);
if (passargin && passin)
OPENSSL_free(passin);
if (passargout && passout)
diff --git a/apps/rsa.c b/apps/rsa.c
index e13c14f..ad3af39 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -111,9 +111,7 @@ int MAIN(int argc, char **argv)
char *infile, *outfile, *prog;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
int modulus = 0;
int pvk_encr = 2;
@@ -254,9 +252,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -419,6 +415,7 @@ int MAIN(int argc, char **argv)
} else
ret = 0;
end:
+ release_engine(e);
if (out != NULL)
BIO_free_all(out);
if (rsa != NULL)
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 5b6f849..87d1806 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -88,9 +88,7 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
@@ -195,9 +193,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
@@ -327,6 +323,7 @@ int MAIN(int argc, char **argv)
BIO_write(out, rsa_out, rsa_outlen);
end:
RSA_free(rsa);
+ release_engine(e);
BIO_free(in);
BIO_free_all(out);
if (rsa_in)
diff --git a/apps/s_cb.c b/apps/s_cb.c
index d1a99a7..7d71954 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -548,12 +548,12 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
- (void *)bio, argp, (unsigned long)argi, ret, ret);
+ (void *)bio, (void *)argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
return (ret);
} else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
- (void *)bio, argp, (unsigned long)argi, ret, ret);
+ (void *)bio, (void *)argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
}
return (ret);
diff --git a/apps/s_client.c b/apps/s_client.c
index 41a326f..3cabfb5 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -694,12 +694,12 @@ int MAIN(int argc, char **argv)
char *inrand = NULL;
int mbuf_len = 0;
struct timeval timeout, *timeoutp;
-#ifndef OPENSSL_NO_ENGINE
char *engine_id = NULL;
+ ENGINE *e = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *ssl_client_engine_id = NULL;
ENGINE *ssl_client_engine = NULL;
#endif
- ENGINE *e = NULL;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
# if defined(OPENSSL_SYS_BEOS_R5)
@@ -1186,8 +1186,8 @@ int MAIN(int argc, char **argv)
next_proto.data = NULL;
#endif
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
+#ifndef OPENSSL_NO_ENGINE
if (ssl_client_engine_id) {
ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
if (!ssl_client_engine) {
@@ -2123,6 +2123,7 @@ int MAIN(int argc, char **argv)
OPENSSL_cleanse(mbuf, BUFSIZZ);
OPENSSL_free(mbuf);
}
+ release_engine(e);
if (bio_c_out != NULL) {
BIO_free(bio_c_out);
bio_c_out = NULL;
diff --git a/apps/s_server.c b/apps/s_server.c
index 857a70e..b561cf3 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -328,9 +328,7 @@ static char *keymatexportlabel = NULL;
static int keymatexportlen = 20;
static int hack = 0;
-#ifndef OPENSSL_NO_ENGINE
static char *engine_id = NULL;
-#endif
static const char *session_id_prefix = NULL;
static int enable_timeouts = 0;
@@ -484,9 +482,7 @@ static void s_server_init(void)
s_quiet = 0;
s_brief = 0;
hack = 0;
-# ifndef OPENSSL_NO_ENGINE
engine_id = NULL;
-# endif
}
#endif
@@ -1603,9 +1599,7 @@ int MAIN(int argc, char *argv[])
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
-#endif
if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
BIO_printf(bio_err, "Error getting password\n");
@@ -2129,6 +2123,7 @@ int MAIN(int argc, char *argv[])
if (jpake_secret && psk_key)
OPENSSL_free(psk_key);
#endif
+ release_engine(e);
if (bio_s_out != NULL) {
BIO_free(bio_s_out);
bio_s_out = NULL;
diff --git a/apps/smime.c b/apps/smime.c
index 6044ccf..1758330 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -114,9 +114,7 @@ int MAIN(int argc, char **argv)
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
X509_VERIFY_PARAM *vpm = NULL;
@@ -461,9 +459,7 @@ int MAIN(int argc, char **argv)
"cert.pem recipient certificate(s) for encryption\n");
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
@@ -736,6 +732,7 @@ int MAIN(int argc, char **argv)
X509_free(signer);
EVP_PKEY_free(key);
PKCS7_free(p7);
+ release_engine(e);
BIO_free(in);
BIO_free(indata);
BIO_free_all(out);
diff --git a/apps/speed.c b/apps/speed.c
index b862868..6cd1021 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -372,6 +372,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
+ ENGINE *e = NULL;
unsigned char *buf = NULL, *buf2 = NULL;
int mret = 1;
long count = 0, save_count = 0;
@@ -669,6 +670,10 @@ int MAIN(int argc, char **argv)
ecdh_b[i] = NULL;
}
# endif
+# ifndef OPENSSL_NO_RSA
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_key[i] = NULL;
+# endif
if (bio_err == NULL)
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
@@ -677,12 +682,6 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
-# ifndef OPENSSL_NO_RSA
- memset(rsa_key, 0, sizeof(rsa_key));
- for (i = 0; i < RSA_NUM; i++)
- rsa_key[i] = NULL;
-# endif
-
if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;
@@ -749,7 +748,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "no engine given\n");
goto end;
}
- setup_engine(bio_err, *argv, 0);
+ e = setup_engine(bio_err, *argv, 0);
/*
* j will be increased again further down. We just don't want
* speed to confuse an engine with an algorithm, especially when
@@ -2526,6 +2525,7 @@ int MAIN(int argc, char **argv)
}
# endif
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(mret);
}
diff --git a/apps/spkac.c b/apps/spkac.c
index 8b06ec4..7f5333f 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -94,9 +94,7 @@ int MAIN(int argc, char **argv)
CONF *conf = NULL;
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
apps_startup();
@@ -185,9 +183,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (keyfile) {
pkey = load_key(bio_err,
@@ -305,6 +301,7 @@ int MAIN(int argc, char **argv)
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
+ release_engine(e);
if (passin)
OPENSSL_free(passin);
apps_shutdown();
diff --git a/apps/srp.c b/apps/srp.c
index c75052f..37341a5 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -293,9 +293,8 @@ int MAIN(int argc, char **argv)
int i;
long errorline = -1;
char *randfile = NULL;
-# ifndef OPENSSL_NO_ENGINE
+ ENGINE *e = NULL;
char *engine = NULL;
-# endif
char *tofree = NULL;
DB_ATTR db_attr;
@@ -411,9 +410,7 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
-# endif
+ e = setup_engine(bio_err, engine, 0);
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -760,6 +757,7 @@ int MAIN(int argc, char **argv)
if (db)
free_index(db);
+ release_engine(e);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
diff --git a/apps/verify.c b/apps/verify.c
index b5ae6b3..c4bd197 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -89,9 +89,7 @@ int MAIN(int argc, char **argv)
X509_LOOKUP *lookup = NULL;
X509_VERIFY_PARAM *vpm = NULL;
int crl_download = 0;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
cert_ctx = X509_STORE_new();
if (cert_ctx == NULL)
@@ -160,9 +158,7 @@ int MAIN(int argc, char **argv)
break;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (vpm)
X509_STORE_set1_param(cert_ctx, vpm);
@@ -255,6 +251,7 @@ int MAIN(int argc, char **argv)
sk_X509_pop_free(untrusted, X509_free);
sk_X509_pop_free(trusted, X509_free);
sk_X509_CRL_pop_free(crls, X509_CRL_free);
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(ret < 0 ? 2 : ret);
}
diff --git a/apps/x509.c b/apps/x509.c
index 17cb62d..ad9fc98 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -218,9 +218,7 @@ int MAIN(int argc, char **argv)
char *checkhost = NULL;
char *checkemail = NULL;
char *checkip = NULL;
-#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-#endif
reqfile = 0;
@@ -501,9 +499,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "%s", *pp);
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-#endif
if (need_rand)
app_RAND_load_file(NULL, bio_err, 0);
@@ -1040,6 +1036,7 @@ int MAIN(int argc, char **argv)
ASN1_INTEGER_free(sno);
sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
+ release_engine(e);
if (passin)
OPENSSL_free(passin);
apps_shutdown();
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index 76ca8e5..a8f4d29 100644
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -1568,8 +1568,8 @@ ___
}
########################################################################
-# void AES_xts_encrypt(const char *inp,char *out,size_t len,
-# const AES_KEY *key1, const AES_KEY *key2,
+# void AES_xts_encrypt(const unsigned char *inp, unsigned char *out,
+# size_t len, const AES_KEY *key1, const AES_KEY *key2,
# const unsigned char iv[16]);
#
{
@@ -1937,8 +1937,8 @@ $code.=<<___;
br $ra
.size AES_xts_encrypt,.-AES_xts_encrypt
___
-# void AES_xts_decrypt(const char *inp,char *out,size_t len,
-# const AES_KEY *key1, const AES_KEY *key2,
+# void AES_xts_decrypt(const unsigned char *inp, unsigned char *out,
+# size_t len, const AES_KEY *key1, const AES_KEY *key2,
# const unsigned char iv[16]);
#
$code.=<<___;
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index 388053e..4c037d3 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -91,12 +91,11 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen,
unsigned char *aiv, int prf_nid)
{
- X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
+ X509_ALGOR *scheme = NULL, *ret = NULL;
int alg_nid, keylen;
EVP_CIPHER_CTX ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
PBE2PARAM *pbe2 = NULL;
- ASN1_OBJECT *obj;
alg_nid = EVP_CIPHER_type(cipher);
if (alg_nid == NID_undef) {
@@ -104,7 +103,6 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
goto err;
}
- obj = OBJ_nid2obj(alg_nid);
if (!(pbe2 = PBE2PARAM_new()))
goto merr;
@@ -112,7 +110,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
/* Setup the AlgorithmIdentifier for the encryption scheme */
scheme = pbe2->encryption;
- scheme->algorithm = obj;
+ scheme->algorithm = OBJ_nid2obj(alg_nid);
if (!(scheme->parameter = ASN1_TYPE_new()))
goto merr;
@@ -188,11 +186,9 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
err:
PBE2PARAM_free(pbe2);
/* Note 'scheme' is freed as part of pbe2 */
- X509_ALGOR_free(kalg);
X509_ALGOR_free(ret);
return NULL;
-
}
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index 0279503..c78ded8 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -254,6 +254,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
int nid;
+
ext = sk_X509_EXTENSION_value(exts, idx);
nid = OBJ_obj2nid(ext->object);
if (nid == NID_freshest_crl)
@@ -263,7 +264,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
if ((nid == NID_issuing_distribution_point)
|| (nid == NID_authority_key_identifier)
|| (nid == NID_delta_crl))
- break;;
+ continue;
crl->flags |= EXFLAG_CRITICAL;
break;
}
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index 044fd7e..80492d8 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -1148,18 +1148,17 @@ $code.=<<___;
mulx 2*8($aptr),%r15,%r13 # ...
adox -3*8($tptr),%r11
adcx %r15,%r12
- adox $zero,%r12
+ adox -2*8($tptr),%r12
adcx $zero,%r13
+ adox $zero,%r13
mov $bptr,8(%rsp) # off-load &b[i]
- .byte 0x67
mov $mi,%r15
imulq 24(%rsp),$mi # "t[0]"*n0
xor %ebp,%ebp # xor $zero,$zero # cf=0, of=0
mulx 3*8($aptr),%rax,%r14
mov $mi,%rdx
- adox -2*8($tptr),%r12
adcx %rax,%r13
adox -1*8($tptr),%r13
adcx $zero,%r14
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index f1fbb45..3bb0cdf 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -1925,6 +1925,7 @@ __bn_sqr8x_reduction:
.align 32
.L8x_tail_done:
+ xor %rax,%rax
add (%rdx),%r8 # can this overflow?
adc \$0,%r9
adc \$0,%r10
@@ -1932,10 +1933,8 @@ __bn_sqr8x_reduction:
adc \$0,%r12
adc \$0,%r13
adc \$0,%r14
- adc \$0,%r15 # can't overflow, because we
- # started with "overhung" part
- # of multiplication
- xor %rax,%rax
+ adc \$0,%r15
+ adc \$0,%rax
neg $carry
.L8x_no_tail:
@@ -3375,6 +3374,7 @@ __bn_sqrx8x_reduction:
.align 32
.Lsqrx8x_tail_done:
+ xor %rax,%rax
add 24+8(%rsp),%r8 # can this overflow?
adc \$0,%r9
adc \$0,%r10
@@ -3382,10 +3382,8 @@ __bn_sqrx8x_reduction:
adc \$0,%r12
adc \$0,%r13
adc \$0,%r14
- adc \$0,%r15 # can't overflow, because we
- # started with "overhung" part
- # of multiplication
- mov $carry,%rax # xor %rax,%rax
+ adc \$0,%r15
+ adc \$0,%rax
sub 16+8(%rsp),$carry # mov 16(%rsp),%cf
.Lsqrx8x_no_tail: # %cf is 0 if jumped here
@@ -3400,7 +3398,7 @@ __bn_sqrx8x_reduction:
adc 8*5($tptr),%r13
adc 8*6($tptr),%r14
adc 8*7($tptr),%r15
- adc %rax,%rax # top-most carry
+ adc \$0,%rax # top-most carry
mov 32+8(%rsp),%rbx # n0
mov 8*8($tptr,%rcx),%rdx # modulo-scheduled "%r8"
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 1670f01..195a786 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -180,8 +180,9 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto err;
}
}
- if (r != rr)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
BN_CTX_end(ctx);
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index b174850..3c618dc 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -1083,8 +1083,9 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
end:
#endif
bn_correct_top(rr);
- if (r != rr)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
bn_check_top(r);
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 1d25687..8177fd2 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -283,7 +283,8 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
BIGNUM *t;
if ((t = BN_CTX_get(ctx)) == NULL)
goto err;
- BN_copy(t, a);
+ if (BN_copy(t, a) == NULL)
+ goto err;
t->neg = 0;
A = t;
} else
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
index 3ca6987..256d26e 100644
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -143,8 +143,9 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
rr->top = max - 1;
else
rr->top = max;
- if (rr != r)
- BN_copy(r, rr);
+ if (r != rr && BN_copy(r, rr) == NULL)
+ goto err;
+
ret = 1;
err:
bn_check_top(rr);
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 2cfcdb2..ee28317 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -401,9 +401,12 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
* Pick a cipher based on content encryption cipher. If it is DES3 use
* DES3 wrap otherwise use AES wrap similar to key size.
*/
+#ifndef OPENSSL_NO_DES
if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
kekcipher = EVP_des_ede3_wrap();
- else if (keylen <= 16)
+ else
+#endif
+ if (keylen <= 16)
kekcipher = EVP_aes_128_wrap();
else if (keylen <= 24)
kekcipher = EVP_aes_192_wrap();
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 1d80fb2..387558f 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -223,6 +223,8 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
goto err;
BN_CTX_start(ctx);
tmp = BN_CTX_get(ctx);
+ if (tmp == NULL)
+ goto err;
if (dh->priv_key == NULL) {
DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 42b8bb0..7872483 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -180,7 +180,7 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
- dctx->md = p2;
+ dctx->pmd = p2;
return 1;
case EVP_PKEY_CTRL_MD:
diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
index 68cc877..1f9cc00 100644
--- a/crypto/ec/ec2_mult.c
+++ b/crypto/ec/ec2_mult.c
@@ -267,7 +267,7 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
BN_CTX *ctx)
{
BIGNUM *x1, *x2, *z1, *z2;
- int ret = 0, i;
+ int ret = 0, i, group_top;
BN_ULONG mask, word;
if (r == point) {
@@ -297,10 +297,12 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
x2 = &r->X;
z2 = &r->Y;
- bn_wexpand(x1, group->field.top);
- bn_wexpand(z1, group->field.top);
- bn_wexpand(x2, group->field.top);
- bn_wexpand(z2, group->field.top);
+ group_top = group->field.top;
+ if (bn_wexpand(x1, group_top) == NULL
+ || bn_wexpand(z1, group_top) == NULL
+ || bn_wexpand(x2, group_top) == NULL
+ || bn_wexpand(z2, group_top) == NULL)
+ goto err;
if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
goto err; /* x1 = x */
@@ -329,14 +331,14 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
for (; i >= 0; i--) {
word = scalar->d[i];
while (mask) {
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
goto err;
if (!gf2m_Mdouble(group, x1, z1, ctx))
goto err;
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
mask >>= 1;
}
mask = BN_TBIT;
diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index df115cc..d3b0524 100644
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -212,7 +212,9 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
BN_CTX_end(ctx);
if (ctx)
BN_CTX_free(ctx);
- if (buf)
+ if (buf) {
+ OPENSSL_cleanse(buf, buflen);
OPENSSL_free(buf);
+ }
return (ret);
}
diff --git a/crypto/err/err.c b/crypto/err/err.c
index e77d963..52dc9a5 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -868,6 +868,9 @@ void ERR_error_string_n(unsigned long e, char *buf, size_t len)
const char *ls, *fs, *rs;
unsigned long l, f, r;
+ if (len == 0)
+ return;
+
l = ERR_GET_LIB(e);
f = ERR_GET_FUNC(e);
r = ERR_GET_REASON(e);
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 1734a82..7c62d32 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -155,10 +155,10 @@ void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
const unsigned char ivec[AES_BLOCK_SIZE]);
# endif
# ifdef AES_XTS_ASM
-void AES_xts_encrypt(const char *inp, char *out, size_t len,
+void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
-void AES_xts_decrypt(const char *inp, char *out, size_t len,
+void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
# endif
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index 5e92855..93cfe3f 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -269,6 +269,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
len = p[arg - 2] << 8 | p[arg - 1];
if (!ctx->encrypt) {
+ if (len < MD5_DIGEST_LENGTH)
+ return -1;
len -= MD5_DIGEST_LENGTH;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 39ab793..d258ef8 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -1370,6 +1370,7 @@ void EVP_add_alg_module(void);
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
+
void ERR_load_EVP_strings(void);
/* Error codes for the EVP functions. */
@@ -1489,6 +1490,7 @@ void ERR_load_EVP_strings(void);
# define EVP_R_INPUT_NOT_INITIALIZED 111
# define EVP_R_INVALID_DIGEST 152
# define EVP_R_INVALID_FIPS_MODE 168
+# define EVP_R_INVALID_KEY 171
# define EVP_R_INVALID_KEY_LENGTH 130
# define EVP_R_INVALID_OPERATION 148
# define EVP_R_IV_TOO_LARGE 102
@@ -1528,7 +1530,7 @@ void ERR_load_EVP_strings(void);
# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
-#ifdef __cplusplus
+# ifdef __cplusplus
}
-#endif
+# endif
#endif
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 15cf553..bcd841e 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/* crypto/evp/evp_err.c */
/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -192,6 +192,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
{ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
{ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+ {ERR_REASON(EVP_R_INVALID_KEY), "invalid key"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
{ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index a8b7f2f..727869e 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -65,20 +65,22 @@
#include "evp_locl.h"
#define M_check_autoarg(ctx, arg, arglen, err) \
- if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
- { \
- size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
- if (!arg) \
- { \
- *arglen = pksize; \
- return 1; \
- } \
- else if (*arglen < pksize) \
- { \
- EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
- return 0; \
- } \
- }
+ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
+ size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+ \
+ if (pksize == 0) { \
+ EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ if (!arg) { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ if (*arglen < pksize) { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ }
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
{
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 9668b3a..d066862 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -199,6 +199,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
{
EVP_PKEY_METHOD *pmeth;
+
pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
if (!pmeth)
return NULL;
@@ -207,33 +208,6 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
pmeth->pkey_id = id;
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
-
- pmeth->init = 0;
- pmeth->copy = 0;
- pmeth->cleanup = 0;
- pmeth->paramgen_init = 0;
- pmeth->paramgen = 0;
- pmeth->keygen_init = 0;
- pmeth->keygen = 0;
- pmeth->sign_init = 0;
- pmeth->sign = 0;
- pmeth->verify_init = 0;
- pmeth->verify = 0;
- pmeth->verify_recover_init = 0;
- pmeth->verify_recover = 0;
- pmeth->signctx_init = 0;
- pmeth->signctx = 0;
- pmeth->verifyctx_init = 0;
- pmeth->verifyctx = 0;
- pmeth->encrypt_init = 0;
- pmeth->encrypt = 0;
- pmeth->decrypt_init = 0;
- pmeth->decrypt = 0;
- pmeth->derive_init = 0;
- pmeth->derive = 0;
- pmeth->ctrl = 0;
- pmeth->ctrl_str = 0;
-
return pmeth;
}
diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
index bcafd6b..d4b2272 100644
--- a/crypto/modes/ctr128.c
+++ b/crypto/modes/ctr128.c
@@ -100,7 +100,7 @@ static void ctr128_inc_aligned(unsigned char *counter)
--n;
d = data[n] += c;
/* did addition carry? */
- c = ((d - c) ^ d) >> (sizeof(size_t) * 8 - 1);
+ c = ((d - c) & ~d) >> (sizeof(size_t) * 8 - 1);
} while (n);
}
#endif
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 88faad6..645dd07 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x100020afL
+# define OPENSSL_VERSION_NUMBER 0x100020bfL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2j-fips 26 Sep 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2k-fips 26 Jan 2017"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2j 26 Sep 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2k 26 Jan 2017"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index 7a3dd04..b7ae40b 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -250,11 +250,18 @@ my %globals;
$self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
# Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{label}, new gas requires sign extension...
+ # in $self->{label}...
use integer;
$self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
$self->{label} =~ s/\b([0-9]+\s*[\*\/\%]\s*[0-9]+)\b/eval($1)/eg;
- $self->{label} =~ s/\b([0-9]+)\b/$1<<32>>32/eg;
+
+ # Some assemblers insist on signed presentation of 32-bit
+ # offsets, but sign extension is a tricky business in perl...
+ if ((1<<31)<<1) {
+ $self->{label} =~ s/\b([0-9]+)\b/$1<<32>>32/eg;
+ } else {
+ $self->{label} =~ s/\b([0-9]+)\b/$1>>0/eg;
+ }
if (!$self->{label} && $self->{index} && $self->{scale}==1 &&
$self->{base} =~ /(rbp|r13)/) {
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 7f7dca3..082c8da 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -142,7 +142,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
goto err;
- BN_copy(rsa->e, e_value);
+ if (BN_copy(rsa->e, e_value) == NULL)
+ goto err;
/* generate p and q */
for (;;) {
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 9c2a943..19d28c6 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -89,17 +89,21 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
}
if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < emlen - mdlen; i++)
db[i] ^= dbmask[i];
if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < mdlen; i++)
seed[i] ^= seedmask[i];
OPENSSL_free(dbmask);
return 1;
+
+ err:
+ OPENSSL_free(dbmask);
+ return 0;
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 94db87a..ac583bf 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -373,6 +373,10 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
if (rctx->pad_mode == RSA_PKCS1_PADDING)
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
sig, siglen, rsa);
+ if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+ RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+ return -1;
+ }
if (rctx->pad_mode == RSA_X931_PADDING) {
if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
return 0;
diff --git a/crypto/s390xcap.c b/crypto/s390xcap.c
index 47d6b6f..cf8c372 100644
--- a/crypto/s390xcap.c
+++ b/crypto/s390xcap.c
@@ -3,6 +3,7 @@
#include <string.h>
#include <setjmp.h>
#include <signal.h>
+#include "cryptlib.h"
extern unsigned long OPENSSL_s390xcap_P[];
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index d25b4f3..3cc067c 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -164,7 +164,7 @@ static int general_allocate_string(UI *ui, const char *prompt,
UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
type, input_flags, result_buf);
- if (s) {
+ if (s != NULL) {
if (allocate_string_stack(ui) >= 0) {
s->_.string_data.result_minsize = minsize;
s->_.string_data.result_maxsize = maxsize;
@@ -197,8 +197,8 @@ static int general_allocate_boolean(UI *ui,
} else if (cancel_chars == NULL) {
UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
} else {
- for (p = ok_chars; *p; p++) {
- if (strchr(cancel_chars, *p)) {
+ for (p = ok_chars; *p != '\0'; p++) {
+ if (strchr(cancel_chars, *p) != NULL) {
UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
}
@@ -207,7 +207,7 @@ static int general_allocate_boolean(UI *ui,
s = general_allocate_prompt(ui, prompt, prompt_freeable,
type, input_flags, result_buf);
- if (s) {
+ if (s != NULL) {
if (allocate_string_stack(ui) >= 0) {
s->_.boolean_data.action_desc = action_desc;
s->_.boolean_data.ok_chars = ok_chars;
@@ -243,7 +243,7 @@ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
{
char *prompt_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = BUF_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
@@ -271,7 +271,7 @@ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
{
char *prompt_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = BUF_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
@@ -302,7 +302,7 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
char *ok_chars_copy = NULL;
char *cancel_chars_copy = NULL;
- if (prompt) {
+ if (prompt != NULL) {
prompt_copy = BUF_strdup(prompt);
if (prompt_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -310,7 +310,7 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
}
}
- if (action_desc) {
+ if (action_desc != NULL) {
action_desc_copy = BUF_strdup(action_desc);
if (action_desc_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -318,7 +318,7 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
}
}
- if (ok_chars) {
+ if (ok_chars != NULL) {
ok_chars_copy = BUF_strdup(ok_chars);
if (ok_chars_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -326,7 +326,7 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
}
}
- if (cancel_chars) {
+ if (cancel_chars != NULL) {
cancel_chars_copy = BUF_strdup(cancel_chars);
if (cancel_chars_copy == NULL) {
UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
@@ -359,7 +359,7 @@ int UI_dup_info_string(UI *ui, const char *text)
{
char *text_copy = NULL;
- if (text) {
+ if (text != NULL) {
text_copy = BUF_strdup(text);
if (text_copy == NULL) {
UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
@@ -381,7 +381,7 @@ int UI_dup_error_string(UI *ui, const char *text)
{
char *text_copy = NULL;
- if (text) {
+ if (text != NULL) {
text_copy = BUF_strdup(text);
if (text_copy == NULL) {
UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
@@ -397,7 +397,7 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
{
char *prompt = NULL;
- if (ui->meth->ui_construct_prompt)
+ if (ui->meth->ui_construct_prompt != NULL)
prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
else {
char prompt1[] = "Enter ";
@@ -408,7 +408,7 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
if (object_desc == NULL)
return NULL;
len = sizeof(prompt1) - 1 + strlen(object_desc);
- if (object_name)
+ if (object_name != NULL)
len += sizeof(prompt2) - 1 + strlen(object_name);
len += sizeof(prompt3) - 1;
@@ -417,7 +417,7 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
return NULL;
BUF_strlcpy(prompt, prompt1, len + 1);
BUF_strlcat(prompt, object_desc, len + 1);
- if (object_name) {
+ if (object_name != NULL) {
BUF_strlcat(prompt, prompt2, len + 1);
BUF_strlcat(prompt, object_name, len + 1);
}
@@ -459,7 +459,8 @@ static int print_error(const char *str, size_t len, UI *ui)
uis.type = UIT_ERROR;
uis.out_string = str;
- if (ui->meth->ui_write_string && !ui->meth->ui_write_string(ui, &uis))
+ if (ui->meth->ui_write_string != NULL
+ && ui->meth->ui_write_string(ui, &uis) <= 0)
return -1;
return 0;
}
@@ -468,24 +469,28 @@ int UI_process(UI *ui)
{
int i, ok = 0;
- if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
- return -1;
+ if (ui->meth->ui_open_session != NULL
+ && ui->meth->ui_open_session(ui) <= 0) {
+ ok = -1;
+ goto err;
+ }
if (ui->flags & UI_FLAG_PRINT_ERRORS)
ERR_print_errors_cb((int (*)(const char *, size_t, void *))
print_error, (void *)ui);
for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_write_string
- && !ui->meth->ui_write_string(ui,
- sk_UI_STRING_value(ui->strings, i)))
+ if (ui->meth->ui_write_string != NULL
+ && (ui->meth->ui_write_string(ui,
+ sk_UI_STRING_value(ui->strings, i))
+ <= 0))
{
ok = -1;
goto err;
}
}
- if (ui->meth->ui_flush)
+ if (ui->meth->ui_flush != NULL)
switch (ui->meth->ui_flush(ui)) {
case -1: /* Interrupt/Cancel/something... */
ok = -2;
@@ -499,7 +504,7 @@ int UI_process(UI *ui)
}
for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
- if (ui->meth->ui_read_string) {
+ if (ui->meth->ui_read_string != NULL) {
switch (ui->meth->ui_read_string(ui,
sk_UI_STRING_value(ui->strings,
i))) {
@@ -516,7 +521,8 @@ int UI_process(UI *ui)
}
}
err:
- if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
+ if (ui->meth->ui_close_session != NULL
+ && ui->meth->ui_close_session(ui) <= 0)
return -1;
return ok;
}
@@ -612,49 +618,49 @@ void UI_destroy_method(UI_METHOD *ui_method)
int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_open_session = opener;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_writer(UI_METHOD *method,
int (*writer) (UI *ui, UI_STRING *uis))
{
- if (method) {
+ if (method != NULL) {
method->ui_write_string = writer;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_flush = flusher;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_reader(UI_METHOD *method,
int (*reader) (UI *ui, UI_STRING *uis))
{
- if (method) {
+ if (method != NULL) {
method->ui_read_string = reader;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
{
- if (method) {
+ if (method != NULL) {
method->ui_close_session = closer;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
int UI_method_set_prompt_constructor(UI_METHOD *method,
@@ -664,55 +670,55 @@ int UI_method_set_prompt_constructor(UI_METHOD *method,
const char
*object_name))
{
- if (method) {
+ if (method != NULL) {
method->ui_construct_prompt = prompt_constructor;
return 0;
- } else
- return -1;
+ }
+ return -1;
}
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_open_session;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *)
+{
+ if (method != NULL)
return method->ui_write_string;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_flush;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *) {
- if (method)
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *)
+{
+ if (method != NULL)
return method->ui_read_string;
- else
- return NULL;
+ return NULL;
}
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *) {
- if (method)
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *)
+{
+ if (method != NULL)
return method->ui_close_session;
- else
- return NULL;
+ return NULL;
}
char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
const char *,
- const char *) {
- if (method)
+ const char *)
+{
+ if (method != NULL)
return method->ui_construct_prompt;
- else
- return NULL;
+ return NULL;
}
enum UI_string_types UI_get_string_type(UI_STRING *uis)
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 9ab259b..17d14f5 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -440,7 +440,7 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
# else
p = fgets(result, maxsize, tty_in);
# endif
- if (!p)
+ if (p == NULL)
goto error;
if (feof(tty_in))
goto error;
@@ -509,18 +509,31 @@ static int open_console(UI *ui)
is_a_tty = 0;
else
# endif
+# ifdef ENODEV
+ /*
+ * MacOS X returns ENODEV (Operation not supported by device),
+ * which seems appropriate.
+ */
+ if (errno == ENODEV)
+ is_a_tty = 0;
+ else
+# endif
return 0;
}
#endif
#ifdef OPENSSL_SYS_VMS
status = sys$assign(&terminal, &channel, 0, 0);
+
+ /* if there isn't a TT device, something is very wrong */
if (status != SS$_NORMAL)
return 0;
- status =
- sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
- 0, 0);
+
+ status = sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12,
+ 0, 0, 0, 0);
+
+ /* If IO$_SENSEMODE doesn't work, this is not a terminal device */
if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ is_a_tty = 0;
#endif
return 1;
}
@@ -537,14 +550,15 @@ static int noecho_console(UI *ui)
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] | TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ if (is_a_tty) {
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
+ 0, 0, 0, 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return 0;
+ }
#endif
return 1;
}
@@ -561,14 +575,15 @@ static int echo_console(UI *ui)
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
- tty_new[0] = tty_orig[0];
- tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
- tty_new[2] = tty_orig[2];
- status =
- sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
- 0);
- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
- return 0;
+ if (is_a_tty) {
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
+ 0, 0, 0, 0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return 0;
+ }
#endif
return 1;
}
@@ -581,6 +596,8 @@ static int close_console(UI *ui)
fclose(tty_out);
#ifdef OPENSSL_SYS_VMS
status = sys$dassgn(channel);
+ if (status != SS$_NORMAL)
+ return 0;
#endif
CRYPTO_w_unlock(CRYPTO_LOCK_UI);
diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c
index ebcadaf..45063a4 100644
--- a/demos/easy_tls/easy-tls.c
+++ b/demos/easy_tls/easy-tls.c
@@ -322,6 +322,7 @@ static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
va_start(args, fmt);
n = (sizeof errbuf) - errbuf_i;
r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
+ va_end(args);
if (r >= n)
r = n - 1;
if (r >= 0) {
diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 9833f08..1bb7958 100644
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -26,6 +26,7 @@ B<openssl> B<ocsp>
[B<-no_nonce>]
[B<-url URL>]
[B<-host host:n>]
+[B<-header name value>]
[B<-path>]
[B<-CApath dir>]
[B<-CAfile file>]
@@ -135,6 +136,14 @@ if the B<host> option is present then the OCSP request is sent to the host
B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
or "/" by default.
+=item B<-header name value>
+
+If sending a request to an OCSP server, then the specified header name and
+value are added to the HTTP request. Note that the B<name> and B<value> must
+be specified as two separate parameters, not as a single quoted string, and
+that the header name does not have the trailing colon.
+Some OCSP responders require a Host header; use this flag to provide it.
+
=item B<-timeout seconds>
connection timeout to the OCSP responder in seconds
diff --git a/doc/crypto/EVP_DigestSignInit.pod b/doc/crypto/EVP_DigestSignInit.pod
index 37d960e..83e6589 100644
--- a/doc/crypto/EVP_DigestSignInit.pod
+++ b/doc/crypto/EVP_DigestSignInit.pod
@@ -10,7 +10,7 @@ EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing func
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
- int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
=head1 DESCRIPTION
diff --git a/doc/crypto/EVP_DigestVerifyInit.pod b/doc/crypto/EVP_DigestVerifyInit.pod
index 0ead2d2..347c511 100644
--- a/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -10,7 +10,7 @@ EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signat
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
- int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen);
=head1 DESCRIPTION
diff --git a/doc/crypto/RSA_generate_key.pod b/doc/crypto/RSA_generate_key.pod
index 881391a..0882a1a 100644
--- a/doc/crypto/RSA_generate_key.pod
+++ b/doc/crypto/RSA_generate_key.pod
@@ -52,7 +52,7 @@ it is called as B<BN_GENCB_call(cb, 3, 0)>.
The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
RSA_generate_key is deprecated (new applications should use
-RSA_generate_key_ex instead). RSA_generate_key works in the same was as
+RSA_generate_key_ex instead). RSA_generate_key works in the same way as
RSA_generate_key_ex except it uses "old style" call backs. See
L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
diff --git a/doc/crypto/X509_NAME_get_index_by_NID.pod b/doc/crypto/X509_NAME_get_index_by_NID.pod
index 109f561..cdec4b1 100644
--- a/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ b/doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -83,10 +83,9 @@ Process all entries:
Process all commonName entries:
- int loc;
+ int lastpos = -1;
X509_NAME_ENTRY *e;
- loc = -1;
for (;;)
{
lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
diff --git a/doc/crypto/X509_NAME_print_ex.pod b/doc/crypto/X509_NAME_print_ex.pod
index 2579a5d..d73520f 100644
--- a/doc/crypto/X509_NAME_print_ex.pod
+++ b/doc/crypto/X509_NAME_print_ex.pod
@@ -23,9 +23,11 @@ can be extensively customised by use of the B<flags> parameter.
X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is
written to FILE pointer B<fp>.
-X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
-bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
-and returned, otherwise B<buf> is returned.
+X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>.
+If B<buf> is B<NULL> then a buffer is dynamically allocated and returned, and
+B<size> is ignored.
+Otherwise, at most B<size> bytes will be written, including the ending '\0',
+and B<buf> is returned.
X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
characters. Multiple lines are used if the output (including indent) exceeds
diff --git a/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
index c5d2f43..4d71f85 100644
--- a/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+++ b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
@@ -30,7 +30,7 @@ server. It can only send exactly one id. The server then either
agrees to reuse the session or it starts a full handshake (to create a new
session).
-A server will lookup up the session in its internal session storage. If the
+A server will look up the session in its internal session storage. If the
session is not found in internal storage or lookups for the internal storage
have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try
the external storage if available.
diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
index 48c6b15..2a93894 100644
--- a/doc/ssl/SSL_get_error.pod
+++ b/doc/ssl/SSL_get_error.pod
@@ -38,12 +38,13 @@ if and only if B<ret E<gt> 0>.
=item SSL_ERROR_ZERO_RETURN
-The TLS/SSL connection has been closed. If the protocol version is SSL 3.0
-or TLS 1.0, this result code is returned only if a closure
-alert has occurred in the protocol, i.e. if the connection has been
-closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
-does not necessarily indicate that the underlying transport
-has been closed.
+The TLS/SSL connection has been closed.
+If the protocol version is SSL 3.0 or higher, this result code is returned only
+if a closure alert has occurred in the protocol, i.e. if the connection has been
+closed cleanly.
+Note that in this case B<SSL_ERROR_ZERO_RETURN> does not necessarily
+indicate that the underlying transport has been closed.
+
=item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
@@ -89,12 +90,9 @@ Details depend on the application.
=item SSL_ERROR_SYSCALL
-Some I/O error occurred. The OpenSSL error queue may contain more
-information on the error. If the error queue is empty
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
-about the error: If B<ret == 0>, an EOF was observed that violates
-the protocol. If B<ret == -1>, the underlying B<BIO> reported an
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
+Some non-recoverable I/O error occurred.
+The OpenSSL error queue may contain more information on the error.
+For socket I/O on Unix systems, consult B<errno> for details.
=item SSL_ERROR_SSL
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
index 8ca0ce5..ef983c9 100644
--- a/doc/ssl/SSL_read.pod
+++ b/doc/ssl/SSL_read.pod
@@ -81,33 +81,29 @@ The following return values can occur:
=over 4
-=item E<gt>0
+=item E<gt> 0
-The read operation was successful; the return value is the number of
-bytes actually read from the TLS/SSL connection.
+The read operation was successful.
+The return value is the number of bytes actually read from the TLS/SSL
+connection.
-=item Z<>0
+=item Z<><= 0
-The read operation was not successful. The reason may either be a clean
-shutdown due to a "close notify" alert sent by the peer (in which case
-the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
-(see L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>). It is also possible, that
-the peer simply shut down the underlying transport and the shutdown is
-incomplete. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
+
+=item E<lt>0
+
+The read operation was not successful, because either the connection was closed,
+an error occurred or action must be taken by the calling process.
+Call L<SSL_get_error(3)> with the return value B<ret> to find out the reason.
SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
only be detected, whether the underlying connection was closed. It cannot
be checked, whether the closure was initiated by the peer or by something
else.
-=item E<lt>0
-
-The read operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
+Old documentation indicated a difference between 0 and -1, and that -1 was
+retryable.
+You should instead call SSL_get_error() to find out if it's retryable.
=back
diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
index a57617f..4c1a7ee 100644
--- a/doc/ssl/SSL_write.pod
+++ b/doc/ssl/SSL_write.pod
@@ -74,27 +74,24 @@ The following return values can occur:
=over 4
-=item E<gt>0
+=item E<gt> 0
The write operation was successful, the return value is the number of
bytes actually written to the TLS/SSL connection.
-=item Z<>0
+=item Z<><= 0
-The write operation was not successful. Probably the underlying connection
-was closed. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
+The write operation was not successful, because either the connection was
+closed, an error occurred or action must be taken by the calling process.
+Call SSL_get_error() with the return value B<ret> to find out the reason.
SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
only be detected, whether the underlying connection was closed. It cannot
be checked, why the closure happened.
-=item E<lt>0
-
-The write operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
+Old documentation indicated a difference between 0 and -1, and that -1 was
+retryable.
+You should instead call SSL_get_error() to find out if it's retryable.
=back
diff --git a/engines/ccgost/Makefile b/engines/ccgost/Makefile
index 17e1efb..f378530 100644
--- a/engines/ccgost/Makefile
+++ b/engines/ccgost/Makefile
@@ -32,7 +32,7 @@ lib: $(LIBOBJ)
$(MAKE) -f $(TOP)/Makefile.shared -e \
LIBNAME=$(LIBNAME) \
LIBEXTRAS='$(LIBOBJ)' \
- LIBDEPS='-L$(TOP) -lcrypto' \
+ LIBDEPS='-L$(TOP) -lcrypto $(EX_LIBS)' \
link_o.$(SHLIB_TARGET); \
else \
$(AR) $(LIB) $(LIBOBJ); \
diff --git a/openssl.spec b/openssl.spec
index 2bce1c6..1e4ab78 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -6,7 +6,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 1.0.2j
+Version: 1.0.2k
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
diff --git a/packaging/openssl.spec b/packaging/openssl.spec
index bcc2e27..d3fa9a8 100644
--- a/packaging/openssl.spec
+++ b/packaging/openssl.spec
@@ -5,7 +5,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 1.0.2j
+Version: 1.0.2k
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL and Apache-2.0 and BSD-3-Clause
Group: Security/Crypto Libraries
diff --git a/ssl/bad_dtls_test.c b/ssl/bad_dtls_test.c
index d42817f..70d8578 100644
--- a/ssl/bad_dtls_test.c
+++ b/ssl/bad_dtls_test.c
@@ -756,6 +756,7 @@ int main(int argc, char *argv[])
BIO *rbio;
BIO *wbio;
BIO *err;
+ time_t now = 0;
int testresult = 0;
int ret;
int i;
@@ -773,7 +774,9 @@ int main(int argc, char *argv[])
RAND_bytes(master_secret, sizeof(master_secret));
RAND_bytes(cookie, sizeof(cookie));
RAND_bytes(server_random + 4, sizeof(server_random) - 4);
- time((void *)server_random);
+
+ now = time(NULL);
+ memcpy(server_random, &now, sizeof(now));
sess = client_session();
if (sess == NULL) {
diff --git a/ssl/s23_pkt.c b/ssl/s23_pkt.c
index efc8647..6544180 100644
--- a/ssl/s23_pkt.c
+++ b/ssl/s23_pkt.c
@@ -63,6 +63,9 @@
#include <openssl/evp.h>
#include <openssl/buffer.h>
+/*
+ * Return values are as per SSL_write()
+ */
int ssl23_write_bytes(SSL *s)
{
int i, num, tot;
@@ -77,7 +80,7 @@ int ssl23_write_bytes(SSL *s)
if (i <= 0) {
s->init_off = tot;
s->init_num = num;
- return (i);
+ return i;
}
s->rwstate = SSL_NOTHING;
if (i == num)
@@ -88,7 +91,10 @@ int ssl23_write_bytes(SSL *s)
}
}
-/* return regularly only when we have read (at least) 'n' bytes */
+/* return regularly only when we have read (at least) 'n' bytes
+ *
+ * Return values are as per SSL_read()
+ */
int ssl23_read_bytes(SSL *s, int n)
{
unsigned char *p;
@@ -102,7 +108,7 @@ int ssl23_read_bytes(SSL *s, int n)
j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
n - s->packet_length);
if (j <= 0)
- return (j);
+ return j;
s->rwstate = SSL_NOTHING;
s->packet_length += j;
if (s->packet_length >= (unsigned int)n)
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 88e67f0..cc13603 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_3DES,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
112,
168,
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 7a61888..e44bc03 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -307,6 +307,9 @@ int ssl2_peek(SSL *s, void *buf, int len)
return ssl2_read_internal(s, buf, len, 1);
}
+/*
+ * Return values are as per SSL_read()
+ */
static int read_n(SSL *s, unsigned int n, unsigned int max,
unsigned int extend)
{
@@ -374,7 +377,7 @@ static int read_n(SSL *s, unsigned int n, unsigned int max,
# endif
if (i <= 0) {
s->s2->rbuf_left += newb;
- return (i);
+ return i;
}
newb += i;
}
@@ -441,6 +444,9 @@ int ssl2_write(SSL *s, const void *_buf, int len)
}
}
+/*
+ * Return values are as per SSL_write()
+ */
static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
{
int i;
@@ -477,7 +483,7 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
s->rwstate = SSL_NOTHING;
return (s->s2->wpend_ret);
} else if (i <= 0)
- return (i);
+ return i;
s->s2->wpend_off += i;
s->s2->wpend_len -= i;
}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 2185347..32f2f1a 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1710,12 +1710,6 @@ int ssl3_get_key_exchange(SSL *s)
}
p += i;
- if (BN_is_zero(dh->p)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
- goto f_err;
- }
-
-
if (2 > n - param_len) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
@@ -1736,11 +1730,6 @@ int ssl3_get_key_exchange(SSL *s)
}
p += i;
- if (BN_is_zero(dh->g)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
- goto f_err;
- }
-
if (2 > n - param_len) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
@@ -1767,6 +1756,39 @@ int ssl3_get_key_exchange(SSL *s)
goto f_err;
}
+ /*-
+ * Check that p and g are suitable enough
+ *
+ * p is odd
+ * 1 < g < p - 1
+ */
+ {
+ BIGNUM *tmp = NULL;
+
+ if (!BN_is_odd(dh->p)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
+ goto f_err;
+ }
+ if (BN_is_negative(dh->g) || BN_is_zero(dh->g)
+ || BN_is_one(dh->g)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
+ goto f_err;
+ }
+ if ((tmp = BN_new()) == NULL
+ || BN_copy(tmp, dh->p) == NULL
+ || !BN_sub_word(tmp, 1)) {
+ BN_free(tmp);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (BN_cmp(dh->g, tmp) >= 0) {
+ BN_free(tmp);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
+ goto f_err;
+ }
+ BN_free(tmp);
+ }
+
# ifndef OPENSSL_NO_RSA
if (alg_a & SSL_aRSA)
pkey =
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index be37ef0..6ece87d 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -136,6 +136,9 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
unsigned int len, int create_empty_fragment);
static int ssl3_get_record(SSL *s);
+/*
+ * Return values are as per SSL_read()
+ */
int ssl3_read_n(SSL *s, int n, int max, int extend)
{
/*
@@ -1082,7 +1085,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
return -1;
}
-/* if s->s3->wbuf.left != 0, we need to call this */
+/* if s->s3->wbuf.left != 0, we need to call this
+ *
+ * Return values are as per SSL_write(), i.e.
+ */
int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
unsigned int len)
{
@@ -1122,7 +1128,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
*/
wb->left = 0;
}
- return (i);
+ return i;
}
wb->offset += i;
wb->left -= i;
@@ -1593,16 +1599,13 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
switch (rr->type) {
default:
-#ifndef OPENSSL_NO_TLS
/*
- * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
- * an unexpected message alert.
+ * TLS 1.0 and 1.1 say you SHOULD ignore unrecognised record types, but
+ * TLS 1.2 says you MUST send an unexpected message alert. We use the
+ * TLS 1.2 behaviour for all protocol versions to prevent issues where
+ * no progress is being made and the peer continually sends unrecognised
+ * record types, using up resources processing them.
*/
- if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION) {
- rr->length = 0;
- goto start;
- }
-#endif
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
goto f_err;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 01ccd5d..ea56f9c 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -506,7 +506,7 @@ int ssl3_accept(SSL *s)
* if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
* during re-negotiation:
*/
- ((s->session->peer != NULL) &&
+ (s->s3->tmp.finish_md_len != 0 &&
(s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
/*
* never request cert in anonymous ciphersuites (see
@@ -1465,9 +1465,9 @@ int ssl3_get_client_hello(SSL *s)
/* Handles TLS extensions that we couldn't check earlier */
if (s->version >= SSL3_VERSION) {
- if (ssl_check_clienthello_tlsext_late(s) <= 0) {
+ if (!ssl_check_clienthello_tlsext_late(s, &al)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
+ goto f_err;
}
}
@@ -1601,6 +1601,9 @@ int ssl3_send_server_key_exchange(SSL *s)
unsigned int u;
#endif
#ifndef OPENSSL_NO_DH
+# ifdef OPENSSL_NO_RSA
+ int j;
+# endif
DH *dh = NULL, *dhp;
#endif
#ifndef OPENSSL_NO_ECDH
@@ -1862,6 +1865,16 @@ int ssl3_send_server_key_exchange(SSL *s)
n += 1 + nr[i];
else
#endif
+#ifndef OPENSSL_NO_DH
+ /*
+ * for interoperability with some versions of the Microsoft TLS
+ * stack, we need to zero pad the DHE pub key to the same length
+ * as the prime, so use the length of the prime here
+ */
+ if ((i == 2) && (type & (SSL_kEDH)))
+ n += 2 + nr[0];
+ else
+#endif
n += 2 + nr[i];
}
@@ -1896,6 +1909,20 @@ int ssl3_send_server_key_exchange(SSL *s)
p++;
} else
#endif
+#ifndef OPENSSL_NO_DH
+ /*
+ * for interoperability with some versions of the Microsoft TLS
+ * stack, we need to zero pad the DHE pub key to the same length
+ * as the prime
+ */
+ if ((i == 2) && (type & (SSL_kEDH))) {
+ s2n(nr[0], p);
+ for (j = 0; j < (nr[0] - nr[2]); ++j) {
+ *p = 0;
+ ++p;
+ }
+ } else
+#endif
s2n(nr[i], p);
BN_bn2bin(r[i], p);
p += nr[i];
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index f48ebae..1be6fb0 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -315,7 +315,7 @@ CERT *ssl_cert_dup(CERT *cert)
OPENSSL_malloc(cert->pkeys[i].serverinfo_length);
if (ret->pkeys[i].serverinfo == NULL) {
SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
ret->pkeys[i].serverinfo_length =
cert->pkeys[i].serverinfo_length;
@@ -392,9 +392,7 @@ CERT *ssl_cert_dup(CERT *cert)
return (ret);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
err:
-#endif
#ifndef OPENSSL_NO_RSA
if (ret->rsa_tmp != NULL)
RSA_free(ret->rsa_tmp);
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 79aaf1a..a4c17a6 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -753,6 +753,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
"tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
"tls invalid ecpointformat list"},
+ {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
"tls peer did not respond with certificate list"},
{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 42b980a..f8054da 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2030,10 +2030,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->rbuf_freelist->len = 0;
ret->rbuf_freelist->head = NULL;
ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
- if (!ret->wbuf_freelist) {
- OPENSSL_free(ret->rbuf_freelist);
+ if (!ret->wbuf_freelist)
goto err;
- }
ret->wbuf_freelist->chunklen = 0;
ret->wbuf_freelist->len = 0;
ret->wbuf_freelist->head = NULL;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 6df725f..d50edd1 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1384,7 +1384,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
unsigned char *limit);
int tls1_set_server_sigalgs(SSL *s);
-int ssl_check_clienthello_tlsext_late(SSL *s);
+int ssl_check_clienthello_tlsext_late(SSL *s, int *al);
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
unsigned char *d, int n);
int ssl_prepare_clienthello_tlsext(SSL *s);
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index ed9855f..c3369a4 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -769,6 +769,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
* obtain the same session from an external cache)
*/
s = NULL;
+ } else if (s == NULL &&
+ lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+ /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+ /*
+ * ... so take back the extra reference and also don't add
+ * the session to the SSL_SESSION_list at this time
+ */
+ s = c;
}
/* Put at the head of the queue unless it is already in the cache */
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 7831046..e60c88b 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -132,6 +132,9 @@ static int ssl_check_clienthello_tlsext_early(SSL *s);
int ssl_check_serverhello_tlsext(SSL *s);
#endif
+#define CHECKLEN(curr, val, limit) \
+ (((curr) >= (limit)) || (size_t)((limit) - (curr)) < (size_t)(val))
+
SSL3_ENC_METHOD TLSv1_enc_data = {
tls1_enc,
tls1_mac,
@@ -1263,8 +1266,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
if (s->tlsext_hostname != NULL) {
/* Add TLS extension servername to the Client Hello message */
- unsigned long size_str;
- long lenmax;
+ size_t size_str;
/*-
* check for enough space.
@@ -1274,10 +1276,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
* 2 for hostname length
* + hostname length
*/
-
- if ((lenmax = limit - ret - 9) < 0
- || (size_str =
- strlen(s->tlsext_hostname)) > (unsigned long)lenmax)
+ size_str = strlen(s->tlsext_hostname);
+ if (CHECKLEN(ret, 9 + size_str, limit))
return NULL;
/* extension type and length */
@@ -1321,7 +1321,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
* Client Hello message */
- int login_len = strlen(s->srp_ctx.login);
+ size_t login_len = strlen(s->srp_ctx.login);
if (login_len > 255 || login_len == 0) {
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
@@ -1333,7 +1333,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
* 1 for the srp user identity
* + srp user identity length
*/
- if ((limit - ret - 5 - login_len) < 0)
+ if (CHECKLEN(ret, 5 + login_len, limit))
return NULL;
/* fill in the extension */
@@ -1350,20 +1350,23 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
/*
* Add TLS extension ECPointFormats to the ClientHello message
*/
- long lenmax;
const unsigned char *pcurves, *pformats;
size_t num_curves, num_formats, curves_list_len;
tls1_get_formatlist(s, &pformats, &num_formats);
- if ((lenmax = limit - ret - 5) < 0)
- return NULL;
- if (num_formats > (size_t)lenmax)
- return NULL;
if (num_formats > 255) {
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
+ /*-
+ * check for enough space.
+ * 4 bytes for the ec point formats type and extension length
+ * 1 byte for the length of the formats
+ * + formats length
+ */
+ if (CHECKLEN(ret, 5 + num_formats, limit))
+ return NULL;
s2n(TLSEXT_TYPE_ec_point_formats, ret);
/* The point format list has 1-byte length. */
@@ -1379,15 +1382,20 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves))
return NULL;
- if ((lenmax = limit - ret - 6) < 0)
- return NULL;
- if (num_curves > (size_t)lenmax / 2)
- return NULL;
if (num_curves > 65532 / 2) {
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
curves_list_len = 2 * num_curves;
+ /*-
+ * check for enough space.
+ * 4 bytes for the ec curves type and extension length
+ * 2 bytes for the curve list length
+ * + curve list length
+ */
+ if (CHECKLEN(ret, 6 + curves_list_len, limit))
+ return NULL;
+
s2n(TLSEXT_TYPE_elliptic_curves, ret);
s2n(curves_list_len + 2, ret);
s2n(curves_list_len, ret);
@@ -1397,7 +1405,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
# endif /* OPENSSL_NO_EC */
if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
- int ticklen;
+ size_t ticklen;
if (!s->new_session && s->session && s->session->tlsext_tick)
ticklen = s->session->tlsext_ticklen;
else if (s->session && s->tlsext_session_ticket &&
@@ -1418,11 +1426,11 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
* Check for enough room 2 for extension type, 2 for len rest for
* ticket
*/
- if ((long)(limit - ret - 4 - ticklen) < 0)
+ if (CHECKLEN(ret, 4 + ticklen, limit))
return NULL;
s2n(TLSEXT_TYPE_session_ticket, ret);
s2n(ticklen, ret);
- if (ticklen) {
+ if (ticklen > 0) {
memcpy(ret, s->session->tlsext_tick, ticklen);
ret += ticklen;
}
@@ -1433,7 +1441,14 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
size_t salglen;
const unsigned char *salg;
salglen = tls12_get_psigalgs(s, &salg);
- if ((size_t)(limit - ret) < salglen + 6)
+
+ /*-
+ * check for enough space.
+ * 4 bytes for the sigalgs type and extension length
+ * 2 bytes for the sigalg list length
+ * + sigalg list length
+ */
+ if (CHECKLEN(ret, salglen + 6, limit))
return NULL;
s2n(TLSEXT_TYPE_signature_algorithms, ret);
s2n(salglen + 2, ret);
@@ -1460,30 +1475,42 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
int i;
- long extlen, idlen, itmp;
+ size_t extlen, idlen;
+ int lentmp;
OCSP_RESPID *id;
idlen = 0;
for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
- itmp = i2d_OCSP_RESPID(id, NULL);
- if (itmp <= 0)
+ lentmp = i2d_OCSP_RESPID(id, NULL);
+ if (lentmp <= 0)
return NULL;
- idlen += itmp + 2;
+ idlen += (size_t)lentmp + 2;
}
if (s->tlsext_ocsp_exts) {
- extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
- if (extlen < 0)
+ lentmp = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
+ if (lentmp < 0)
return NULL;
+ extlen = (size_t)lentmp;
} else
extlen = 0;
- if ((long)(limit - ret - 7 - extlen - idlen) < 0)
- return NULL;
- s2n(TLSEXT_TYPE_status_request, ret);
if (extlen + idlen > 0xFFF0)
return NULL;
+ /*
+ * 2 bytes for status request type
+ * 2 bytes for status request len
+ * 1 byte for OCSP request type
+ * 2 bytes for length of ids
+ * 2 bytes for length of extensions
+ * + length of ids
+ * + length of extensions
+ */
+ if (CHECKLEN(ret, 9 + idlen + extlen, limit))
+ return NULL;
+
+ s2n(TLSEXT_TYPE_status_request, ret);
s2n(extlen + idlen + 5, ret);
*(ret++) = TLSEXT_STATUSTYPE_ocsp;
s2n(idlen, ret);
@@ -1493,9 +1520,9 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
/* skip over id len */
ret += 2;
- itmp = i2d_OCSP_RESPID(id, &ret);
+ lentmp = i2d_OCSP_RESPID(id, &ret);
/* write id len */
- s2n(itmp, q);
+ s2n(lentmp, q);
}
s2n(extlen, ret);
if (extlen > 0)
@@ -1503,8 +1530,15 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
}
# ifndef OPENSSL_NO_HEARTBEATS
/* Add Heartbeat extension */
- if ((limit - ret - 4 - 1) < 0)
+
+ /*-
+ * check for enough space.
+ * 4 bytes for the heartbeat ext type and extension length
+ * 1 byte for the mode
+ */
+ if (CHECKLEN(ret, 5, limit))
return NULL;
+
s2n(TLSEXT_TYPE_heartbeat, ret);
s2n(1, ret);
/*-
@@ -1524,7 +1558,12 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
* The client advertises an emtpy extension to indicate its support
* for Next Protocol Negotiation
*/
- if (limit - ret - 4 < 0)
+
+ /*-
+ * check for enough space.
+ * 4 bytes for the NPN ext type and extension length
+ */
+ if (CHECKLEN(ret, 4, limit))
return NULL;
s2n(TLSEXT_TYPE_next_proto_neg, ret);
s2n(0, ret);
@@ -1532,7 +1571,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
# endif
if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) {
- if ((size_t)(limit - ret) < 6 + s->alpn_client_proto_list_len)
+ /*-
+ * check for enough space.
+ * 4 bytes for the ALPN type and extension length
+ * 2 bytes for the ALPN protocol list length
+ * + ALPN protocol list length
+ */
+ if (CHECKLEN(ret, 6 + s->alpn_client_proto_list_len, limit))
return NULL;
s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
s2n(2 + s->alpn_client_proto_list_len, ret);
@@ -1547,7 +1592,12 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
- if ((limit - ret - 4 - el) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the SRTP type and extension length
+ * + SRTP profiles length
+ */
+ if (CHECKLEN(ret, 4 + el, limit))
return NULL;
s2n(TLSEXT_TYPE_use_srtp, ret);
@@ -1587,6 +1637,17 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
else
hlen = 0;
+ /*-
+ * check for enough space. Strictly speaking we know we've already
+ * got enough space because to get here the message size is < 0x200,
+ * but we know that we've allocated far more than that in the buffer
+ * - but for consistency and robustness we're going to check anyway.
+ *
+ * 4 bytes for the padding type and extension length
+ * + padding length
+ */
+ if (CHECKLEN(ret, 4 + hlen, limit))
+ return NULL;
s2n(TLSEXT_TYPE_padding, ret);
s2n(hlen, ret);
memset(ret, 0, hlen);
@@ -1644,7 +1705,12 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
return NULL;
}
- if ((limit - ret - 4 - el) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the reneg type and extension length
+ * + reneg data length
+ */
+ if (CHECKLEN(ret, 4 + el, limit))
return NULL;
s2n(TLSEXT_TYPE_renegotiate, ret);
@@ -1664,19 +1730,23 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
/*
* Add TLS extension ECPointFormats to the ServerHello message
*/
- long lenmax;
tls1_get_formatlist(s, &plist, &plistlen);
- if ((lenmax = limit - ret - 5) < 0)
- return NULL;
- if (plistlen > (size_t)lenmax)
- return NULL;
if (plistlen > 255) {
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
+ /*-
+ * check for enough space.
+ * 4 bytes for the ec points format type and extension length
+ * 1 byte for the points format list length
+ * + length of points format list
+ */
+ if (CHECKLEN(ret, 5 + plistlen, limit))
+ return NULL;
+
s2n(TLSEXT_TYPE_ec_point_formats, ret);
s2n(plistlen + 1, ret);
*(ret++) = (unsigned char)plistlen;
@@ -1691,14 +1761,22 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
# endif /* OPENSSL_NO_EC */
if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
- if ((long)(limit - ret - 4) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the Ticket type and extension length
+ */
+ if (CHECKLEN(ret, 4, limit))
return NULL;
s2n(TLSEXT_TYPE_session_ticket, ret);
s2n(0, ret);
}
if (s->tlsext_status_expected) {
- if ((long)(limit - ret - 4) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the Status request type and extension length
+ */
+ if (CHECKLEN(ret, 4, limit))
return NULL;
s2n(TLSEXT_TYPE_status_request, ret);
s2n(0, ret);
@@ -1726,7 +1804,12 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
- if ((limit - ret - 4 - el) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the SRTP profiles type and extension length
+ * + length of the SRTP profiles list
+ */
+ if (CHECKLEN(ret, 4 + el, limit))
return NULL;
s2n(TLSEXT_TYPE_use_srtp, ret);
@@ -1751,16 +1834,23 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
};
- if (limit - ret < 36)
+
+ /* check for enough space. */
+ if (CHECKLEN(ret, sizeof(cryptopro_ext), limit))
return NULL;
- memcpy(ret, cryptopro_ext, 36);
- ret += 36;
+ memcpy(ret, cryptopro_ext, sizeof(cryptopro_ext));
+ ret += sizeof(cryptopro_ext);
}
# ifndef OPENSSL_NO_HEARTBEATS
/* Add Heartbeat extension if we've received one */
if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
- if ((limit - ret - 4 - 1) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the Heartbeat type and extension length
+ * 1 byte for the mode
+ */
+ if (CHECKLEN(ret, 5, limit))
return NULL;
s2n(TLSEXT_TYPE_heartbeat, ret);
s2n(1, ret);
@@ -1789,7 +1879,12 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
s->
ctx->next_protos_advertised_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
- if ((long)(limit - ret - 4 - npalen) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the NPN type and extension length
+ * + length of protocols list
+ */
+ if (CHECKLEN(ret, 4 + npalen, limit))
return NULL;
s2n(TLSEXT_TYPE_next_proto_neg, ret);
s2n(npalen, ret);
@@ -1804,9 +1899,16 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
if (s->s3->alpn_selected) {
const unsigned char *selected = s->s3->alpn_selected;
- unsigned len = s->s3->alpn_selected_len;
+ size_t len = s->s3->alpn_selected_len;
- if ((long)(limit - ret - 4 - 2 - 1 - len) < 0)
+ /*-
+ * check for enough space.
+ * 4 bytes for the ALPN type and extension length
+ * 2 bytes for ALPN data length
+ * 1 byte for selected protocol length
+ * + length of the selected protocol
+ */
+ if (CHECKLEN(ret, 7 + len, limit))
return NULL;
s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
s2n(3 + len, ret);
@@ -1966,11 +2068,10 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
/*
* Process the ALPN extension in a ClientHello.
- * ret: a pointer to the TLSEXT return value: SSL_TLSEXT_ERR_*
* al: a pointer to the alert value to send in the event of a failure.
- * returns 1 on success, 0 on failure: al/ret set only on failure
+ * returns 1 on success, 0 on failure: al set only on failure
*/
-static int tls1_alpn_handle_client_hello_late(SSL *s, int *ret, int *al)
+static int tls1_alpn_handle_client_hello_late(SSL *s, int *al)
{
const unsigned char *selected = NULL;
unsigned char selected_len = 0;
@@ -1986,7 +2087,6 @@ static int tls1_alpn_handle_client_hello_late(SSL *s, int *ret, int *al)
s->s3->alpn_selected = OPENSSL_malloc(selected_len);
if (s->s3->alpn_selected == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
- *ret = SSL_TLSEXT_ERR_ALERT_FATAL;
return 0;
}
memcpy(s->s3->alpn_selected, selected, selected_len);
@@ -3064,10 +3164,12 @@ int tls1_set_server_sigalgs(SSL *s)
return 0;
}
-int ssl_check_clienthello_tlsext_late(SSL *s)
+/*
+ * Upon success, returns 1.
+ * Upon failure, returns 0 and sets |al| to the appropriate fatal alert.
+ */
+int ssl_check_clienthello_tlsext_late(SSL *s, int *al)
{
- int ret = SSL_TLSEXT_ERR_OK;
- int al;
/*
* If status request then ask callback what to do. Note: this must be
@@ -3076,58 +3178,41 @@ int ssl_check_clienthello_tlsext_late(SSL *s)
* influence which certificate is sent
*/
if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
- int r;
+ int ret;
CERT_PKEY *certpkey;
certpkey = ssl_get_server_send_pkey(s);
/* If no certificate can't return certificate status */
- if (certpkey == NULL) {
- s->tlsext_status_expected = 0;
- return 1;
- }
- /*
- * Set current certificate to one we will use so SSL_get_certificate
- * et al can pick it up.
- */
- s->cert->key = certpkey;
- r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
- switch (r) {
- /* We don't want to send a status request response */
- case SSL_TLSEXT_ERR_NOACK:
- s->tlsext_status_expected = 0;
- break;
- /* status request response should be sent */
- case SSL_TLSEXT_ERR_OK:
- if (s->tlsext_ocsp_resp)
- s->tlsext_status_expected = 1;
- else
+ if (certpkey != NULL) {
+ /*
+ * Set current certificate to one we will use so SSL_get_certificate
+ * et al can pick it up.
+ */
+ s->cert->key = certpkey;
+ ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ switch (ret) {
+ /* We don't want to send a status request response */
+ case SSL_TLSEXT_ERR_NOACK:
s->tlsext_status_expected = 0;
- break;
- /* something bad happened */
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
+ break;
+ /* status request response should be sent */
+ case SSL_TLSEXT_ERR_OK:
+ if (s->tlsext_ocsp_resp)
+ s->tlsext_status_expected = 1;
+ break;
+ /* something bad happened */
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ default:
+ *al = SSL_AD_INTERNAL_ERROR;
+ return 0;
+ }
}
- } else
- s->tlsext_status_expected = 0;
-
- if (!tls1_alpn_handle_client_hello_late(s, &ret, &al)) {
- goto err;
}
- err:
- switch (ret) {
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ssl3_send_alert(s, SSL3_AL_FATAL, al);
- return -1;
-
- case SSL_TLSEXT_ERR_ALERT_WARNING:
- ssl3_send_alert(s, SSL3_AL_WARNING, al);
- return 1;
-
- default:
- return 1;
+ if (!tls1_alpn_handle_client_hello_late(s, al)) {
+ return 0;
}
+
+ return 1;
}
int ssl_check_serverhello_tlsext(SSL *s)
diff --git a/util/domd b/util/domd
index 95bb1b0..bc2a85f 100755
--- a/util/domd
+++ b/util/domd
@@ -11,7 +11,9 @@ if [ "$1" = "-MD" ]; then
fi
if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi
-cp Makefile Makefile.save
+# Preserve Makefile timestamp by moving instead of copying (cp -p is GNU only)
+mv Makefile Makefile.save
+cp Makefile.save Makefile
# fake the presence of Kerberos
touch $TOP/krb5.h
if ${MAKEDEPEND} --version 2>&1 | grep "clang" > /dev/null ||
@@ -32,7 +34,12 @@ else
${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
RC=$?
fi
-mv Makefile.new Makefile
+if ! cmp -s Makefile.save Makefile.new; then
+ mv Makefile.new Makefile
+else
+ mv Makefile.save Makefile
+ rm -f Makefile.new
+fi
# unfake the presence of Kerberos
rm $TOP/krb5.h
diff --git a/util/mklink.pl b/util/mklink.pl
index 61db12c..a937606 100755
--- a/util/mklink.pl
+++ b/util/mklink.pl
@@ -55,9 +55,11 @@ if ($^O eq "msys") { $symlink_exists=0 };
foreach $file (@files) {
my $err = "";
if ($symlink_exists) {
- unlink "$from/$file";
- symlink("$to/$file", "$from/$file") or $err = " [$!]";
- } else {
+ if (!-l "$from/$file") {
+ unlink "$from/$file";
+ symlink("$to/$file", "$from/$file") or $err = " [$!]";
+ }
+ } elsif (-d "$from" && (!-f "$from/$file" || ((stat("$file"))[9] > (stat("$from/$file"))[9]))) {
unlink "$from/$file";
open (OLD, "<$file") or die "Can't open $file: $!";
open (NEW, ">$from/$file") or die "Can't open $from/$file: $!";