[openssl-commits] [openssl] master update
The branch master has been updated via 8eb399fb25a6ef68b2a9e8d34b242b9767c46abe (commit) via 258689931ef9f25f282b550367f9c815b91069d7 (commit) via 74d38a8677ac10f7368c12079af9a27e959ee295 (commit) via dacd2a87b550923524e80554b3a4869ea0351f66 (commit) via 55bd169fd874f65fa15b20ce4feae2e8ed5e77f1 (commit) from c6d38183d6754b0a7b90527d085a500680e7d2ea (commit) - Log - commit 8eb399fb25a6ef68b2a9e8d34b242b9767c46abe Author: Patrick SteuerDate: Wed Mar 28 13:23:56 2018 +0100 crypto/e_aes.c: use S390X_AES_FC macro ... to compute s390x aes function code from keylength. Signed-off-by: Patrick Steuer Reviewed-by: Richard Levitte Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5250) commit 258689931ef9f25f282b550367f9c815b91069d7 Author: Patrick Steuer Date: Wed Mar 28 13:21:29 2018 +0100 crypto/evp/e_aes.c: add size_t casts to increase readability Signed-off-by: Patrick Steuer Reviewed-by: Richard Levitte Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5250) commit 74d38a8677ac10f7368c12079af9a27e959ee295 Author: Patrick Steuer Date: Wed Mar 28 13:09:24 2018 +0100 s390x assembly pack: add KMF code path for aes-cfb/cfb8 Signed-off-by: Patrick Steuer Reviewed-by: Richard Levitte Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5250) commit dacd2a87b550923524e80554b3a4869ea0351f66 Author: Patrick Steuer Date: Wed Mar 28 12:54:50 2018 +0100 s390x assembly pack: add KMO code path for aes-ofb Signed-off-by: Patrick Steuer Reviewed-by: Richard Levitte Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5250) commit 55bd169fd874f65fa15b20ce4feae2e8ed5e77f1 Author: Patrick Steuer Date: Wed Mar 28 12:43:15 2018 +0100 s390x assembly pack: add KM code path for aes-ecb Signed-off-by: Patrick Steuer Reviewed-by: Richard Levitte Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5250) --- Summary of changes: crypto/evp/e_aes.c | 316 --- crypto/s390x_arch.h | 4 + crypto/s390xcpuid.pl | 42 +++ 3 files changed, 319 insertions(+), 43 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 1d5007a..a914a6e 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -960,6 +960,57 @@ typedef struct { union { double align; /*- + * KM-AES parameter block - begin + * (see z/Architecture Principles of Operation >= SA22-7832-06) + */ +struct { +unsigned char k[32]; +} param; +/* KM-AES parameter block - end */ +} km; +unsigned int fc; +} S390X_AES_ECB_CTX; + +typedef struct { +union { +double align; +/*- + * KMO-AES parameter block - begin + * (see z/Architecture Principles of Operation >= SA22-7832-08) + */ +struct { +unsigned char cv[16]; +unsigned char k[32]; +} param; +/* KMO-AES parameter block - end */ +} kmo; +unsigned int fc; + +int res; +} S390X_AES_OFB_CTX; + +typedef struct { +union { +double align; +/*- + * KMF-AES parameter block - begin + * (see z/Architecture Principles of Operation >= SA22-7832-08) + */ +struct { +unsigned char cv[16]; +unsigned char k[32]; +} param; +/* KMF-AES parameter block - end */ +} kmf; +unsigned int fc; + +int res; +} S390X_AES_CFB_CTX; + +typedef struct { +union { +double align; +/*- * KMA-GCM-AES parameter block - begin * (see z/Architecture Principles of Operation >= SA22-7832-11) */ @@ -1056,18 +1107,16 @@ typedef struct { } aes; } S390X_AES_CCM_CTX; -# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P.km[0] &\ -
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 6a285edd520f9508efb76f30aff9812ce7115fa8 (commit) from 46c815a97d21135561d2204574bbd7c184b1f0b5 (commit) - Log - commit 6a285edd520f9508efb76f30aff9812ce7115fa8 Author: Miroslav SukDate: Thu Mar 22 09:20:43 2018 +0100 o_time.c: use gmtime_s with MSVC Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5719) --- Summary of changes: crypto/o_time.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/o_time.c b/crypto/o_time.c index 6192743..a763b2c 100755 --- a/crypto/o_time.c +++ b/crypto/o_time.c @@ -109,6 +109,10 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) if (gmtime_r(timer, result) == NULL) return NULL; ts = result; +#elif defined (OPENSSL_SYS_WINDOWS) && defined(_MSC_VER) && _MSC_VER >= 1400 +if (gmtime_s(result, timer)) +return NULL; +ts = result; #elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK) ts = gmtime(timer); if (ts == NULL) _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via c6d38183d6754b0a7b90527d085a500680e7d2ea (commit) from 92565101ca7bc1587ff1d87f9efa8aa1cfbe62f7 (commit) - Log - commit c6d38183d6754b0a7b90527d085a500680e7d2ea Author: Rich SalzDate: Wed Mar 28 15:34:16 2018 -0400 Rewrite the X509->alert mapping code Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5780) --- Summary of changes: ssl/ssl_locl.h | 2 +- ssl/statem/statem_clnt.c | 2 +- ssl/statem/statem_lib.c | 124 ++- ssl/statem/statem_srvr.c | 2 +- 4 files changed, 62 insertions(+), 68 deletions(-) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 1c3ee35..a9ef6c3 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2262,7 +2262,7 @@ __owur int ssl_get_server_cert_serverinfo(SSL *s, size_t *serverinfo_length); void ssl_set_masks(SSL *s); __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); -__owur int ssl_verify_alarm_type(long type); +__owur int ssl_x509err2alert(int type); void ssl_sort_cipher_list(void); int ssl_load_ciphers(void); __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 29db4bc..91b986f 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1898,7 +1898,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) * set. The *documented* interface remains the same. */ if (s->verify_mode != SSL_VERIFY_NONE && i <= 0) { -SSLfatal(s, ssl_verify_alarm_type(s->verify_result), +SSLfatal(s, ssl_x509err2alert(s->verify_result), SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 190050c..44c9c2c 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -19,6 +19,14 @@ #include #include +/* + * Map error codes to TLS/SSL alart types. + */ +typedef struct x509err2alert_st { +int x509err; +int alert; +} X509ERR2ALERT; + /* Fixed value used in the ServerHello random field to identify an HRR */ const unsigned char hrrrandom[] = { 0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, @@ -1277,73 +1285,59 @@ int tls_get_message_body(SSL *s, size_t *len) return 1; } -int ssl_verify_alarm_type(long type) +static const X509ERR2ALERT x509table[] = { +{X509_V_ERR_APPLICATION_VERIFICATION, SSL_AD_HANDSHAKE_FAILURE}, +{X509_V_ERR_CA_KEY_TOO_SMALL, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CA_MD_TOO_WEAK, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CERT_CHAIN_TOO_LONG, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_CERT_HAS_EXPIRED, SSL_AD_CERTIFICATE_EXPIRED}, +{X509_V_ERR_CERT_NOT_YET_VALID, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CERT_REJECTED, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CERT_REVOKED, SSL_AD_CERTIFICATE_REVOKED}, +{X509_V_ERR_CERT_SIGNATURE_FAILURE, SSL_AD_DECRYPT_ERROR}, +{X509_V_ERR_CERT_UNTRUSTED, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CRL_HAS_EXPIRED, SSL_AD_CERTIFICATE_EXPIRED}, +{X509_V_ERR_CRL_NOT_YET_VALID, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_CRL_SIGNATURE_FAILURE, SSL_AD_DECRYPT_ERROR}, +{X509_V_ERR_DANE_NO_MATCH, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_EE_KEY_TOO_SMALL, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_EMAIL_MISMATCH, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_HOSTNAME_MISMATCH, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_INVALID_CA, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_INVALID_CALL, SSL_AD_INTERNAL_ERROR}, +{X509_V_ERR_INVALID_PURPOSE, SSL_AD_UNSUPPORTED_CERTIFICATE}, +{X509_V_ERR_IP_ADDRESS_MISMATCH, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_OUT_OF_MEM, SSL_AD_INTERNAL_ERROR}, +{X509_V_ERR_PATH_LENGTH_EXCEEDED, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_STORE_LOOKUP, SSL_AD_INTERNAL_ERROR}, +{X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE, SSL_AD_BAD_CERTIFICATE}, +{X509_V_ERR_UNABLE_TO_GET_CRL, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER, SSL_AD_UNKNOWN_CA}, +{X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
[openssl-commits] Build completed: openssl master.16821
Build openssl master.16821 completed Commit 737be1d0b3 by Dr. Matthias St. Pierre on 3/28/2018 2:23 PM: RAND_DRBG_new.pod: fix doc-nits [fixup] Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.16820
Build openssl master.16820 failed Commit af3d76476a by Richard Levitte on 3/28/2018 2:19 PM: fixup! Faster fuzz test: teach the fuzz test programs to handle directories Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 92565101ca7bc1587ff1d87f9efa8aa1cfbe62f7 (commit) from dcf8b01f44c4dc5f76ea72093261b61d8a34601b (commit) - Log - commit 92565101ca7bc1587ff1d87f9efa8aa1cfbe62f7 Author: Matt CaswellDate: Tue Mar 27 17:31:56 2018 +0100 Remove some code This commit removes the contribution of a user that we cannot trace to gain their consent for the licence change. After this commit the various IS_*() macros in the auto-generated file conf_def.h may incorrectly return true if the supplied character has its most significant bit set. The IS_*() macros should be able to correctly handle 8-bit characters. Note that UTF-8 support is not a requirement. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5767) --- Summary of changes: crypto/conf/conf_def.h | 42 -- crypto/conf/keysets.pl | 19 +++ 2 files changed, 11 insertions(+), 50 deletions(-) diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h index f0734ec..aa14d4a 100644 --- a/crypto/conf/conf_def.h +++ b/crypto/conf/conf_def.h @@ -21,7 +21,6 @@ #define CONF_COMMENT 128 #define CONF_FCOMMENT 2048 #define CONF_EOF 8 -#define CONF_HIGHBIT 4096 #define CONF_ALPHA(CONF_UPPER|CONF_LOWER) #define CONF_ALNUM(CONF_ALPHA|CONF_NUMBER|CONF_UNDER) #define CONF_ALNUM_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER|CONF_PUNCT) @@ -29,9 +28,9 @@ #define KEYTYPES(c) ((const unsigned short *)((c)->meth_data)) #ifndef CHARSET_EBCDIC -# define CVT(a) ((a) & 0xFF) +# define CVT(a) ((a) & 0x7F) #else -# define CVT(a) os_toascci[(a) & 0FF] +# define CVT(a) os_toascci[(a) & 0x7F] #endif #define IS_COMMENT(c,a) (KEYTYPES(c)[CVT(a)] & CONF_COMMENT) @@ -44,9 +43,8 @@ #define IS_ALNUM_PUNCT(c,a) (KEYTYPES(c)[CVT(a)] & CONF_ALNUM_PUNCT) #define IS_QUOTE(c,a) (KEYTYPES(c)[CVT(a)] & CONF_QUOTE) #define IS_DQUOTE(c,a) (KEYTYPES(c)[CVT(a)] & CONF_DQUOTE) -#define IS_HIGHBIT(c,a) (KEYTYPES(c)[CVT(a)] & CONF_HIGHBIT) -static const unsigned short CONF_type_default[256] = { +static const unsigned short CONF_type_default[128] = { 0x0008, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x0010, 0x0010, 0x, 0x, 0x0010, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, @@ -63,25 +61,9 @@ static const unsigned short CONF_type_default[256] = { 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x, 0x0200, 0x, 0x0200, 0x, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, }; -static const unsigned short CONF_type_win32[256] = { +static const unsigned short CONF_type_win32[128] = { 0x0008, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x0010, 0x0010, 0x, 0x, 0x0010, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, 0x, @@ -98,20 +80,4 @@ static const unsigned short CONF_type_win32[256] = { 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x, 0x0200, 0x, 0x0200, 0x, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via e9d26dc85238c071117d911704f5f769e79b46a1 (commit) from cdabf89acf65040560e0242cb70d945f3f3bdd5c (commit) - Log - commit e9d26dc85238c071117d911704f5f769e79b46a1 Author: Matt CaswellDate: Tue Mar 13 17:23:10 2018 + Tolerate a Certificate using a non-supported group on server side If a server has been configured to use an ECDSA certificate, we should allow it regardless of whether the server's own supported groups list includes the certificate's group. Fixes #2033 Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5607) --- Summary of changes: ssl/t1_lib.c | 30 +- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 7a5721a..dc4e652 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -490,13 +490,16 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, return 1; } +# define DONT_CHECK_OWN_GROUPS 0 +# define CHECK_OWN_GROUPS 1 /* Check an EC key is compatible with extensions */ -static int tls1_check_ec_key(SSL *s, - unsigned char *curve_id, unsigned char *comp_id) +static int tls1_check_ec_key(SSL *s, unsigned char *curve_id, + unsigned char *comp_id, int check_own_groups) { const unsigned char *pformats, *pcurves; size_t num_formats, num_curves, i; int j; + /* * If point formats extension present check it, otherwise everything is * supported (see RFC4492). @@ -513,8 +516,12 @@ static int tls1_check_ec_key(SSL *s, } if (!curve_id) return 1; + +if (!s->server && !check_own_groups) +return 1; + /* Check curve is consistent with client and server preferences */ -for (j = 0; j <= 1; j++) { +for (j = check_own_groups ? 0 : 1; j <= 1; j++) { if (!tls1_get_curvelist(s, j, , _curves)) return 0; if (j == 1 && num_curves == 0) { @@ -579,9 +586,12 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) return 0; /* * Can't check curve_id for client certs as we don't have a supported - * curves extension. + * curves extension. For server certs we will tolerate certificates that + * aren't in our own list of curves. If we've been configured to use an EC + * cert then we should use it - therefore we use DONT_CHECK_OWN_GROUPS here. */ -rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, _id); +rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, _id, + DONT_CHECK_OWN_GROUPS); if (!rv) return 0; /* @@ -644,7 +654,7 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid) return 0; curve_id[0] = 0; /* Check this curve is acceptable */ -if (!tls1_check_ec_key(s, curve_id, NULL)) +if (!tls1_check_ec_key(s, curve_id, NULL, CHECK_OWN_GROUPS)) return 0; return 1; } @@ -746,8 +756,9 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs) } /* - * Check signature algorithm is consistent with sent supported signature - * algorithms and if so return relevant digest. + * Check signature algorithm received from the peer with a signature is + * consistent with the sent supported signature algorithms and if so return + * relevant digest. */ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, const unsigned char *sig, EVP_PKEY *pkey) @@ -769,7 +780,8 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, /* Check compression and curve matches extensions */ if (!tls1_set_ec_id(curve_id, _id, EVP_PKEY_get0_EC_KEY(pkey))) return 0; -if (!s->server && !tls1_check_ec_key(s, curve_id, _id)) { +if (!s->server && !tls1_check_ec_key(s, curve_id, _id, + CHECK_OWN_GROUPS)) { SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE); return 0; } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.16815
Build openssl master.16815 completed Commit 13b9dfcc19 by Richard Levitte on 3/28/2018 12:46 PM: Revert "util/dofile.pl: only quote stuff that actually needs quoting" Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via dcf8b01f44c4dc5f76ea72093261b61d8a34601b (commit) from 7814cdf3ebc0bae649cc46f279ac4e4369d309de (commit) - Log - commit dcf8b01f44c4dc5f76ea72093261b61d8a34601b Author: Matt CaswellDate: Mon Mar 12 17:15:25 2018 + Tolerate a Certificate using a non-supported group on server side If a server has been configured to use an ECDSA certificate, we should allow it regardless of whether the server's own supported groups list includes the certificate's group. Fixes #2033 Reviewed-by: Rich Salz Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/5601) --- Summary of changes: ssl/ssl_locl.h| 2 +- ssl/statem/statem_clnt.c | 3 +- ssl/t1_lib.c | 24 +- test/ssl-tests/20-cert-select.conf| 859 ++ test/ssl-tests/20-cert-select.conf.in | 44 ++ 5 files changed, 524 insertions(+), 408 deletions(-) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index eae5788..1c3ee35 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2453,7 +2453,7 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); # ifndef OPENSSL_NO_EC __owur const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t curve_id); -__owur int tls1_check_group_id(SSL *s, uint16_t group_id); +__owur int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_curves); __owur uint16_t tls1_shared_group(SSL *s, int nmatch); __owur int tls1_set_groups(uint16_t **pext, size_t *pextlen, int *curves, size_t ncurves); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index e940fc8..29db4bc 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2192,7 +2192,8 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey) * Check curve is named curve type and one of our preferences, if not * server has sent an invalid curve. */ -if (curve_type != NAMED_CURVE_TYPE || !tls1_check_group_id(s, curve_id)) { +if (curve_type != NAMED_CURVE_TYPE +|| !tls1_check_group_id(s, curve_id, 1)) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_SKE_ECDHE, SSL_R_WRONG_CURVE); return 0; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 174d7de..cf5f783 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -467,7 +467,7 @@ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey) } /* Check a group id matches preferences */ -int tls1_check_group_id(SSL *s, uint16_t group_id) +int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_groups) { const uint16_t *groups; size_t groups_len; @@ -491,10 +491,12 @@ int tls1_check_group_id(SSL *s, uint16_t group_id) } } -/* Check group is one of our preferences */ -tls1_get_supported_groups(s, , _len); -if (!tls1_in_list(group_id, groups, groups_len)) -return 0; +if (check_own_groups) { +/* Check group is one of our preferences */ +tls1_get_supported_groups(s, , _len); +if (!tls1_in_list(group_id, groups, groups_len)) +return 0; +} if (!tls_curve_allowed(s, group_id, SSL_SECOP_CURVE_CHECK)) return 0; @@ -554,7 +556,11 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int check_ee_md) if (!tls1_check_pkey_comp(s, pkey)) return 0; group_id = tls1_get_group_id(pkey); -if (!tls1_check_group_id(s, group_id)) +/* + * For a server we allow the certificate to not be in our list of supported + * groups. + */ +if (!tls1_check_group_id(s, group_id, !s->server)) return 0; /* * Special case for suite B. We *MUST* sign using SHA256+P-256 or @@ -601,9 +607,9 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid) * curves permitted. */ if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) -return tls1_check_group_id(s, TLSEXT_curve_P_256); +return tls1_check_group_id(s, TLSEXT_curve_P_256, 1); if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) -return tls1_check_group_id(s, TLSEXT_curve_P_384); +return tls1_check_group_id(s, TLSEXT_curve_P_384, 1); return 0; } @@ -979,7 +985,7 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey) } if (!SSL_IS_TLS13(s)) { /* Check curve matches extensions */ -if (!tls1_check_group_id(s, tls1_get_group_id(pkey))) { +if (!tls1_check_group_id(s, tls1_get_group_id(pkey), 1)) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE); return 0;
[openssl-commits] [openssl] master update
The branch master has been updated via 7814cdf3ebc0bae649cc46f279ac4e4369d309de (commit) from e6e9170d6e28038768895e1af18e3aad8093bf4b (commit) - Log - commit 7814cdf3ebc0bae649cc46f279ac4e4369d309de Author: Matt CaswellDate: Tue Mar 27 22:37:19 2018 +0100 Revert "Temporarily disable some tests that hang" This reverts commit 37a385956461ab526ecea2739a8a40364a8db259. These tests should now be fixed by commit e6e9170d6. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/5765) --- Summary of changes: test/recipes/99-test_fuzz.t | 4 util/perl/TLSProxy/Proxy.pm | 5 - 2 files changed, 9 deletions(-) diff --git a/test/recipes/99-test_fuzz.t b/test/recipes/99-test_fuzz.t index 02fa140..9322ff7 100644 --- a/test/recipes/99-test_fuzz.t +++ b/test/recipes/99-test_fuzz.t @@ -15,10 +15,6 @@ use OpenSSL::Test::Utils; setup("test_fuzz"); -# TODO Remove this line -plan skip_all => "TLSProxy isn't usable on $^O"; -# TODO Remove this line - my @fuzzers = ('asn1', 'asn1parse', 'bignum', 'bndiv', 'client', 'conf', 'crl', 'server', 'x509'); if (!disabled("cms")) { push @fuzzers, 'cms'; diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm index 55d45a8..0b90159 100644 --- a/util/perl/TLSProxy/Proxy.pm +++ b/util/perl/TLSProxy/Proxy.pm @@ -68,11 +68,6 @@ sub new message_list => [], }; -### TODO REMOVE THIS AGAIN -warn "Proxy tests temporarily disabled!\n"; -$self->{proxy_sock} = 0; -return bless $self, $class; -### TODO REMOVE THIS AGAIN # IO::Socket::IP is on the core module list, IO::Socket::INET6 isn't. # However, IO::Socket::INET6 is older and is said to be more widely # deployed for the moment, and may have less bugs, so we try the latter _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.16814
Build openssl master.16814 failed Commit c2e2d6fa38 by Richard Levitte on 3/28/2018 8:38 AM: .travis.yml: with fast fuzz testing, there is no point avoiding it Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [tools] master update
The branch master has been updated via fbf4b00f0993c7922ceb639f281a501169464f75 (commit) from 3c38191688d11d556dee96ddf3c9edf87491d52b (commit) - Log - commit fbf4b00f0993c7922ceb639f281a501169464f75 Author: Matt CaswellDate: Wed Mar 28 10:39:04 2018 +0100 Add a reminder to include a link to the advisory in newflash.txt --- Summary of changes: release-tools/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/release-tools/README.md b/release-tools/README.md index 93888cf..c10cb75 100644 --- a/release-tools/README.md +++ b/release-tools/README.md @@ -94,7 +94,8 @@ The changes in this section should be made in your copy of the web repo. Update the news/newsflash.txt file. This normally is one or two lines. Just copy and paste existing announcements making minor changes for the date and -version number as necessary. +version number as necessary. If there is an advisory then ensure you include a +link to it. Update the news/vulnerabilities.xml file if appropriate. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 4ac275863a6dc09118532264420face062534d74 (commit) from b142b6fc2b1787bac79b0823c7a1cc37c301c68c (commit) - Log - commit 4ac275863a6dc09118532264420face062534d74 Author: Matt CaswellDate: Wed Mar 28 10:37:47 2018 +0100 Add a link to the advisory --- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index f7fd9a1..c48a7e4 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,7 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +27-Mar-2018: Security Advisory: several security fixes 27-Mar-2018: OpenSSL 1.1.0h is now available, including bug and security fixes 27-Mar-2018: OpenSSL 1.0.2o is now available, including bug and security fixes 20-Mar-2018: OpenSSL 1.1.0h, 1.0.2o https://mta.openssl.org/pipermail/openssl-announce/2018-March/000116.html;>security release due on 27th March 2018 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits