[openssl/openssl] 511c49: s_client: Support interactive reconnect command
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 511c49189ef600d41f44cd7c5d204e9ea27b5f48 https://github.com/openssl/openssl/commit/511c49189ef600d41f44cd7c5d204e9ea27b5f48 Author: Steven Collison Date: 2022-10-04 (Tue, 04 Oct 2022) Changed paths: M apps/s_client.c Log Message: --- s_client: Support interactive reconnect command This change adds the 'C' command character to allow a user to drop the current session and reconnect to the server. It has the same behavior as the `-reconnect` option except this allows reconnect to be triggered at an arbitrary point in the session. The primary use case for this change is to provide a way for the user to probe a server for TLS1.3 session resumption support. This is not currently reliably supported by the `-reconnect` option. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18683)
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3D1ZA__MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGuAji4r494-2B1gooF8caJJSq-2F-2Fs-2F6yxx9K-2BmeNoCcOXFxN0GN4vqu1nL6CPlN02WXAn3ENLKJEBfWRrYqGaAsdg9NdeONYRU-2B9kcdqUdp139hadDmybOE9tIB2v3OEw-2FOXjWcEHan1OZuUYH5VhFabIQPNYcx4dRUg9zVAUstA7NwV948MTTyw2mq-2Fuv-2B76P2s-3D Build ID: 484429 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl/openssl] 5485c5: Fix usage of custom EVP_CIPHER objects
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b https://github.com/openssl/openssl/commit/5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/digest.c M crypto/evp/evp_enc.c Log Message: --- Fix usage of custom EVP_CIPHER objects If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit 25d47cccf203c3b71171e78865e48ea061a039a8) Commit: a2893b62333d97c8dfaaf655eaea919d30fb9a7b https://github.com/openssl/openssl/commit/a2893b62333d97c8dfaaf655eaea919d30fb9a7b Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/evp_enc.c Log Message: --- Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTX In some circumstances we were not calling the cleanup() function to remove cipher specific data from an EVP_CIPHER_CTX. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit f817a7439eaa705429cf699dd0485e665b0ffc49) Commit: b2f68ebeb5eef96249a22591199d43f960789c41 https://github.com/openssl/openssl/commit/b2f68ebeb5eef96249a22591199d43f960789c41 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M test/evp_extra_test.c Log Message: --- Test usage of a custom EVP_CIPHER Test that a custom EVP_CIPHER gets used in EVP_CipherInit_ex() calls. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) (cherry picked from commit 8c7d847e2e6ac6bfded210c19fd8461254bb2be3) Compare: https://github.com/openssl/openssl/compare/9f0867da4cbf...b2f68ebeb5ee
[openssl/openssl] 25d47c: Fix usage of custom EVP_CIPHER objects
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 25d47cccf203c3b71171e78865e48ea061a039a8 https://github.com/openssl/openssl/commit/25d47cccf203c3b71171e78865e48ea061a039a8 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/digest.c M crypto/evp/evp_enc.c Log Message: --- Fix usage of custom EVP_CIPHER objects If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Commit: f817a7439eaa705429cf699dd0485e665b0ffc49 https://github.com/openssl/openssl/commit/f817a7439eaa705429cf699dd0485e665b0ffc49 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M crypto/evp/evp_enc.c Log Message: --- Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTX In some circumstances we were not calling the cleanup() function to remove cipher specific data from an EVP_CIPHER_CTX. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Commit: 8c7d847e2e6ac6bfded210c19fd8461254bb2be3 https://github.com/openssl/openssl/commit/8c7d847e2e6ac6bfded210c19fd8461254bb2be3 Author: Matt Caswell Date: 2022-10-03 (Mon, 03 Oct 2022) Changed paths: M test/evp_extra_test.c Log Message: --- Test usage of a custom EVP_CIPHER Test that a custom EVP_CIPHER gets used in EVP_CipherInit_ex() calls. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19300) Compare: https://github.com/openssl/openssl/compare/fcae2ae4f675...8c7d847e2e6a