[openssl] master update
The branch master has been updated
via 3a23f01268ec47bf3423b849cc226be220745522 (commit)
from 09030ee73693411c19b596cb0e0f43eb512ac0e6 (commit)
- Log -
commit 3a23f01268ec47bf3423b849cc226be220745522
Author: Tom Cosgrove
Date: Mon Feb 7 14:44:56 2022 +
aarch64: fix branch target indications in arm64cpuid.pl and keccak1600
Add missing AARCH64_VALID_CALL_TARGET to armv8_rng_probe(). Also add
these to the functions defined by gen_random(), and note that this Perl
sub prints the assembler out directly, not going via the $code xlate
mechanism (and therefore coming before the include of arm_arch.h). So
fix this too.
In KeccakF1600_int, AARCH64_SIGN_LINK_REGISTER functions as
AARCH64_VALID_CALL_TARGET on BTI-only builds, so it needs to come before
the 'adr' line.
Change-Id: If241efe71591c88253a3e36647ced00300c3c1a3
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17653)
---
Summary of changes:
crypto/arm64cpuid.pl | 9 ++---
crypto/sha/asm/keccak1600-armv8.pl | 2 +-
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/crypto/arm64cpuid.pl b/crypto/arm64cpuid.pl
index ebea4be59c..3ba593a488 100755
--- a/crypto/arm64cpuid.pl
+++ b/crypto/arm64cpuid.pl
@@ -189,6 +189,7 @@ CRYPTO_memcmp:
.globl _armv8_rng_probe
.type _armv8_rng_probe,%function
_armv8_rng_probe:
+ AARCH64_VALID_CALL_TARGET
mrs x0, s3_3_c2_c4_0// rndr
mrs x0, s3_3_c2_c4_1// rndrrs
ret
@@ -199,7 +200,7 @@ sub gen_random {
my $rdop = shift;
my $rand_reg = $rdop eq "rndr" ? "s3_3_c2_c4_0" : "s3_3_c2_c4_1";
-print<<___;
+return <<___;
// Fill buffer with Randomly Generated Bytes
// inputs: char * in x0 - Pointer to buffer
// size_t in x1 - Number of bytes to write to buffer
@@ -208,6 +209,7 @@ print<<___;
.type OPENSSL_${rdop}_asm,%function
.align 4
OPENSSL_${rdop}_asm:
+ AARCH64_VALID_CALL_TARGET
mov x2,xzr
mov x3,xzr
@@ -244,8 +246,9 @@ OPENSSL_${rdop}_asm:
.size OPENSSL_${rdop}_asm,.-OPENSSL_${rdop}_asm
___
}
-gen_random("rndr");
-gen_random("rndrrs");
+
+$code .= gen_random("rndr");
+$code .= gen_random("rndrrs");
print $code;
close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/sha/asm/keccak1600-armv8.pl
b/crypto/sha/asm/keccak1600-armv8.pl
index cf54b62c63..40f7aa7a69 100755
--- a/crypto/sha/asm/keccak1600-armv8.pl
+++ b/crypto/sha/asm/keccak1600-armv8.pl
@@ -126,8 +126,8 @@ $code.=<<___;
.type KeccakF1600_int,%function
.align 5
KeccakF1600_int:
- adr $C[2],iotas
AARCH64_SIGN_LINK_REGISTER
+ adr $C[2],iotas
stp $C[2],x30,[sp,#16] // 32 bytes on top are mine
b .Loop
.align 4
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DSgLC_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHXjqd9CfnR3RQcM1RdMQM-2BJjYpLSjtHDm8VANGajqz5216GLARHiM2LzVggogZm4Aocj-2B-2BLAKoM4aFPY7Al2cwPNsRa0Yu0xaZZm7WmNJS2pMoGrTsFv3J4kiyJNDs2K3nL4AKU8Oj7VIcy-2B0unbqH0xdnuhvE4F4-2FjJb60xD7vYe3GdANJcMRz8Xci2z3hHc-3D Build ID: 435761 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated
via 828bbe3795c82fe060f823ff117a753e81fb48d3 (commit)
from ebdec62c38494739d9cb4cdd6b1c4a511d169a90 (commit)
- Log -
commit 828bbe3795c82fe060f823ff117a753e81fb48d3
Author: Jiasheng Jiang
Date: Sat Feb 5 19:31:11 2022 +0800
Add the check after calling OPENSSL_strdup
Since the potential failure of the memory allocation, the
OPENSSL_strdup() could return NULL pointer.
Therefore, it should be better to check it in order to guarantee the
success of the configuration, same as the check for
SSL_CTX_set_srp_username().
Signed-off-by: Jiasheng Jiang
Reviewed-by: Matt Caswell
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17643)
(cherry picked from commit 09030ee73693411c19b596cb0e0f43eb512ac0e6)
---
Summary of changes:
test/helpers/handshake_srp.c | 16
1 file changed, 16 insertions(+)
diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
server_ctx_data->srp_password =
OPENSSL_strdup(extra->server.srp_password);
+if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password
== NULL) {
+OPENSSL_free(server_ctx_data->srp_user);
+OPENSSL_free(server_ctx_data->srp_password);
+server_ctx_data->srp_user = NULL;
+server_ctx_data->srp_password = NULL;
+return 0;
+}
SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
}
if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
server2_ctx_data->srp_password =
OPENSSL_strdup(extra->server2.srp_password);
+if (server2_ctx_data->srp_user == NULL ||
server2_ctx_data->srp_password == NULL) {
+OPENSSL_free(server2_ctx_data->srp_user);
+OPENSSL_free(server2_ctx_data->srp_password);
+server2_ctx_data->srp_user = NULL;
+server2_ctx_data->srp_password = NULL;
+return 0;
+}
SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
}
if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
return 0;
SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
client_ctx_data->srp_password =
OPENSSL_strdup(extra->client.srp_password);
+if (client_ctx_data->srp_password == NULL)
+return 0;
SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
}
return 1;
[openssl] master update
The branch master has been updated
via 09030ee73693411c19b596cb0e0f43eb512ac0e6 (commit)
from 29af9fba64fd3e4e086808f2360501b463627ea2 (commit)
- Log -
commit 09030ee73693411c19b596cb0e0f43eb512ac0e6
Author: Jiasheng Jiang
Date: Sat Feb 5 19:31:11 2022 +0800
Add the check after calling OPENSSL_strdup
Since the potential failure of the memory allocation, the
OPENSSL_strdup() could return NULL pointer.
Therefore, it should be better to check it in order to guarantee the
success of the configuration, same as the check for
SSL_CTX_set_srp_username().
Signed-off-by: Jiasheng Jiang
Reviewed-by: Matt Caswell
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17643)
---
Summary of changes:
test/helpers/handshake_srp.c | 16
1 file changed, 16 insertions(+)
diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
server_ctx_data->srp_password =
OPENSSL_strdup(extra->server.srp_password);
+if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password
== NULL) {
+OPENSSL_free(server_ctx_data->srp_user);
+OPENSSL_free(server_ctx_data->srp_password);
+server_ctx_data->srp_user = NULL;
+server_ctx_data->srp_password = NULL;
+return 0;
+}
SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
}
if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
server2_ctx_data->srp_password =
OPENSSL_strdup(extra->server2.srp_password);
+if (server2_ctx_data->srp_user == NULL ||
server2_ctx_data->srp_password == NULL) {
+OPENSSL_free(server2_ctx_data->srp_user);
+OPENSSL_free(server2_ctx_data->srp_password);
+server2_ctx_data->srp_user = NULL;
+server2_ctx_data->srp_password = NULL;
+return 0;
+}
SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
}
if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx,
SSL_CTX *server2_ctx,
return 0;
SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
client_ctx_data->srp_password =
OPENSSL_strdup(extra->client.srp_password);
+if (client_ctx_data->srp_password == NULL)
+return 0;
SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
}
return 1;
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated
via ebdec62c38494739d9cb4cdd6b1c4a511d169a90 (commit)
from e44b212bdce225fd2d7e2349a7f787e7c9ade4fd (commit)
- Log -
commit ebdec62c38494739d9cb4cdd6b1c4a511d169a90
Author: Matt Caswell
Date: Mon Feb 7 10:32:08 2022 +
Fix an enginetest failure when compiled with no-deprecated --api=1.1.1
Fixes #17649
Reviewed-by: Tomas Mraz
Reviewed-by: Richard Levitte
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17652)
(cherry picked from commit 29af9fba64fd3e4e086808f2360501b463627ea2)
---
Summary of changes:
test/enginetest.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/enginetest.c b/test/enginetest.c
index 04e61743a1..c00e1f82c4 100644
--- a/test/enginetest.c
+++ b/test/enginetest.c
@@ -24,6 +24,7 @@
# include
# include
# include
+# include
static void display_engine_list(void)
{
[openssl] master update
The branch master has been updated
via 29af9fba64fd3e4e086808f2360501b463627ea2 (commit)
from 2a6994cfa08368a710d66caaae4fc07ad35631bf (commit)
- Log -
commit 29af9fba64fd3e4e086808f2360501b463627ea2
Author: Matt Caswell
Date: Mon Feb 7 10:32:08 2022 +
Fix an enginetest failure when compiled with no-deprecated --api=1.1.1
Fixes #17649
Reviewed-by: Tomas Mraz
Reviewed-by: Richard Levitte
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17652)
---
Summary of changes:
test/enginetest.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/enginetest.c b/test/enginetest.c
index 04e61743a1..c00e1f82c4 100644
--- a/test/enginetest.c
+++ b/test/enginetest.c
@@ -24,6 +24,7 @@
# include
# include
# include
+# include
static void display_engine_list(void)
{
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated
via e44b212bdce225fd2d7e2349a7f787e7c9ade4fd (commit)
from 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 (commit)
- Log -
commit e44b212bdce225fd2d7e2349a7f787e7c9ade4fd
Author: Daniel
Date: Sun Feb 6 15:01:14 2022 +0100
Send auxiliary messages to bio_err.
Fixes openssl#17613.
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17650)
(cherry picked from commit 2a6994cfa08368a710d66caaae4fc07ad35631bf)
---
Summary of changes:
apps/x509.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/apps/x509.c b/apps/x509.c
index 2880ae792a..c9c10c260e 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -706,9 +706,9 @@ int x509_main(int argc, char **argv)
: "Certificate request self-signature did not match the
contents\n");
goto end;
}
-BIO_printf(out, "Certificate request self-signature ok\n");
+BIO_printf(bio_err, "Certificate request self-signature ok\n");
-print_name(out, "subject=", X509_REQ_get_subject_name(req));
+print_name(bio_err, "subject=", X509_REQ_get_subject_name(req));
} else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither
-x509toreq nor -req is given\n");
}
[openssl] master update
The branch master has been updated
via 2a6994cfa08368a710d66caaae4fc07ad35631bf (commit)
from aefbcde29166caf851cf388361d70fd0dcf17d87 (commit)
- Log -
commit 2a6994cfa08368a710d66caaae4fc07ad35631bf
Author: Daniel
Date: Sun Feb 6 15:01:14 2022 +0100
Send auxiliary messages to bio_err.
Fixes openssl#17613.
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17650)
---
Summary of changes:
apps/x509.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/apps/x509.c b/apps/x509.c
index 29dc74ca9e..f62f809a9c 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -711,9 +711,9 @@ int x509_main(int argc, char **argv)
: "Certificate request self-signature did not match the
contents\n");
goto err;
}
-BIO_printf(out, "Certificate request self-signature ok\n");
+BIO_printf(bio_err, "Certificate request self-signature ok\n");
-print_name(out, "subject=", X509_REQ_get_subject_name(req));
+print_name(bio_err, "subject=", X509_REQ_get_subject_name(req));
} else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither
-x509toreq nor -req is given\n");
}
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 (commit) from db40ffab8dbf3ae0e932bb737ff787c6c1eb3ca2 (commit) - Log - commit 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 Author: Jiasheng Jiang Date: Sat Feb 5 18:00:51 2022 +0800 rsa: add check after calling BN_BLINDING_lock As the potential failure of getting lock, we need to check the return value of the BN_BLINDING_lock() in order to avoid the dirty data. Signed-off-by: Jiasheng Jiang Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17642) (cherry picked from commit aefbcde29166caf851cf388361d70fd0dcf17d87) --- Summary of changes: crypto/rsa/rsa_ossl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index c417a4b8f6..de4a580032 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -213,7 +213,9 @@ static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, */ int ret; -BN_BLINDING_lock(b); +if (!BN_BLINDING_lock(b)) +return 0; + ret = BN_BLINDING_convert_ex(f, unblind, b, ctx); BN_BLINDING_unlock(b);
[openssl] master update
The branch master has been updated via aefbcde29166caf851cf388361d70fd0dcf17d87 (commit) from 14db620282bea38dc44479e562cf9bb61a716444 (commit) - Log - commit aefbcde29166caf851cf388361d70fd0dcf17d87 Author: Jiasheng Jiang Date: Sat Feb 5 18:00:51 2022 +0800 rsa: add check after calling BN_BLINDING_lock As the potential failure of getting lock, we need to check the return value of the BN_BLINDING_lock() in order to avoid the dirty data. Signed-off-by: Jiasheng Jiang Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17642) --- Summary of changes: crypto/rsa/rsa_ossl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index c417a4b8f6..de4a580032 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -213,7 +213,9 @@ static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, */ int ret; -BN_BLINDING_lock(b); +if (!BN_BLINDING_lock(b)) +return 0; + ret = BN_BLINDING_convert_ex(f, unblind, b, ctx); BN_BLINDING_unlock(b);
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated
via db40ffab8dbf3ae0e932bb737ff787c6c1eb3ca2 (commit)
from 01d4f5cdd4125bd81878257ae357ff191bc31dd1 (commit)
- Log -
commit db40ffab8dbf3ae0e932bb737ff787c6c1eb3ca2
Author: Bernd Edlinger
Date: Sun Jan 16 17:59:17 2022 +0100
Check for presence of 1.1.x openssl runtime
if the newly loaded engine contains the symbol
EVP_PKEY_base_id, we know it is linked to 1.1.x openssl.
Abort loading this engine, as it will definitely crash.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17112)
(cherry picked from commit 14db620282bea38dc44479e562cf9bb61a716444)
---
Summary of changes:
crypto/engine/eng_dyn.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index c8a54f7d44..68b9ac311d 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -451,8 +451,17 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
* We fail if the version checker veto'd the load *or* if it is
* deferring to us (by returning its version) and we think it is too
* old.
+ * Unfortunately the version checker does not distinguish between
+ * engines built for openssl 1.1.x and openssl 3.x, but loading
+ * an engine that is built for openssl 1.1.x will cause a fatal
+ * error. Detect such engines, since EVP_PKEY_base_id is exported
+ * as a function in openssl 1.1.x, while it is a macro in openssl 3.x,
+ * and therefore only the symbol EVP_PKEY_get_base_id is available
+ * in openssl 3.x.
*/
-if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
+if (vcheck_res < OSSL_DYNAMIC_OLDEST
+|| DSO_bind_func(ctx->dynamic_dso,
+ "EVP_PKEY_base_id") != NULL) {
/* Fail */
ctx->bind_engine = NULL;
ctx->v_check = NULL;
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 01d4f5cdd4125bd81878257ae357ff191bc31dd1 (commit) from d7975674e5aaded44a6845d3d1beac08477a22ad (commit) - Log - commit 01d4f5cdd4125bd81878257ae357ff191bc31dd1 Author: Bernd Edlinger Date: Mon Nov 22 21:50:04 2021 +0100 Prevent crash with engine using different openssl runtime This problem happens usually because an application links libcrypto and/or libssl statically which installs an atexit handler, but later an engine using a shared instance of libcrypto is installed. The problem is in simple words that both instances of libcrypto have an atexit handler installed, but both are unable to coordinate with each other, which causes a crash, typically a use-after-free in the engine's destroy function. Work around that by preventing the engine's libcrypto to install the atexit handler. This may result in a small memory leak, but that memory is still reachable. Fixes #15898 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/17112) (cherry picked from commit 9362a1b32b7330e24d3bca230b412557caea095b) --- Summary of changes: include/openssl/engine.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 25c3cf7c19..70c856a9cd 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -801,6 +801,7 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id, CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \ fns->mem_fns.realloc_fn, \ fns->mem_fns.free_fn); \ +OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \ skip_cbs: \ if (!fn(e, id)) return 0; \ return 1; }
[openssl] master update
The branch master has been updated
via 14db620282bea38dc44479e562cf9bb61a716444 (commit)
via 9362a1b32b7330e24d3bca230b412557caea095b (commit)
from eafd3e9d07e99583a1439bb027e4d6af43e2df27 (commit)
- Log -
commit 14db620282bea38dc44479e562cf9bb61a716444
Author: Bernd Edlinger
Date: Sun Jan 16 17:59:17 2022 +0100
Check for presence of 1.1.x openssl runtime
if the newly loaded engine contains the symbol
EVP_PKEY_base_id, we know it is linked to 1.1.x openssl.
Abort loading this engine, as it will definitely crash.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17112)
commit 9362a1b32b7330e24d3bca230b412557caea095b
Author: Bernd Edlinger
Date: Mon Nov 22 21:50:04 2021 +0100
Prevent crash with engine using different openssl runtime
This problem happens usually because an application
links libcrypto and/or libssl statically which
installs an atexit handler, but later an engine using
a shared instance of libcrypto is installed.
The problem is in simple words that both instances
of libcrypto have an atexit handler installed,
but both are unable to coordinate with each other,
which causes a crash, typically a use-after-free
in the engine's destroy function.
Work around that by preventing the engine's
libcrypto to install the atexit handler.
This may result in a small memory leak, but that
memory is still reachable.
Fixes #15898
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17112)
---
Summary of changes:
crypto/engine/eng_dyn.c | 11 ++-
include/openssl/engine.h | 1 +
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index c8a54f7d44..68b9ac311d 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -451,8 +451,17 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
* We fail if the version checker veto'd the load *or* if it is
* deferring to us (by returning its version) and we think it is too
* old.
+ * Unfortunately the version checker does not distinguish between
+ * engines built for openssl 1.1.x and openssl 3.x, but loading
+ * an engine that is built for openssl 1.1.x will cause a fatal
+ * error. Detect such engines, since EVP_PKEY_base_id is exported
+ * as a function in openssl 1.1.x, while it is a macro in openssl 3.x,
+ * and therefore only the symbol EVP_PKEY_get_base_id is available
+ * in openssl 3.x.
*/
-if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
+if (vcheck_res < OSSL_DYNAMIC_OLDEST
+|| DSO_bind_func(ctx->dynamic_dso,
+ "EVP_PKEY_base_id") != NULL) {
/* Fail */
ctx->bind_engine = NULL;
ctx->v_check = NULL;
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 25c3cf7c19..70c856a9cd 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -801,6 +801,7 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char
*id,
CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
fns->mem_fns.realloc_fn, \
fns->mem_fns.free_fn); \
+OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \
skip_cbs: \
if (!fn(e, id)) return 0; \
return 1; }
