[openssl-dev] [openssl.org #4140] GITHUB PULL REQUEST: do not load engines twice
Hi, https://github.com/openssl/openssl/pull/466 If you try to run OPENSSL_config twice, it will fail on loading engines. (We encountered this case with ruby and libzypp both running OPENSSL_config in the same process.) Ciao, Marcus -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4132] test/dsatest.c wrong argument to BIO_printf
Hi, apply this patch ... commit c01f7e9e233e5e5dabd1ec01eb17198b0798e092 Author: Marcus MeissnerDate: Tue Nov 10 16:24:51 2015 +0100 fixed wrong argument to BIO_printf diff --git a/test/dsatest.c b/test/dsatest.c index 1f4b837..fe25352 100644 --- a/test/dsatest.c +++ b/test/dsatest.c @@ -247,7 +247,7 @@ static int dsa_cb(int p, int n, BN_GENCB *arg) (void)BIO_flush(BN_GENCB_get_arg(arg)); if (!ok && (p == 0) && (num > 1)) { -BIO_printf((BIO *)arg, "error in dsatest\n"); +BIO_printf(BN_GENCB_get_arg(arg), "error in dsatest\n"); return 0; } return 1; ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4121] avoid configuring openssl twice
Hi, In a mix of various libraries using openssl it can happen that OPENSSL_config is called multiple times. Usually this works, but e.g. if you have engines configured, the second load of engines will not work. OPENSSL_config checks openssl_configured on begin, but does not set it when done. (only in OPENSSL_no_config). So lets set it at the end of OPENSSL_config. Sent as https://github.com/openssl/openssl/pull/466 Ciao, Marcus -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3927] regression in 1.0.2c spotted by Net-SSLeay
Hi, I am debugging a testsuite error in the perl Net-SSLeay module, which got introduced between 1.0.2a and 1.0.2c. The test code looks like this: ... private key in $pk ... ok(my $alg2 = Net::SSLeay::EVP_get_cipherbyname(DES-EDE3-OFB), EVP_get_cipherbyname); like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,password,$alg2), qr/-BEGIN (ENCRYPTED|RSA) PRIVATE KEY-/, PEM_get_string_PrivateKey+passwd+enc_alg); Previously it returned a encrypted key, now it does not. The error stack has: 0:error:0D0A706C:asn1 encoding routines:PKCS5_pbe2_set_iv:cipher has no object identifier:p5_pbev2.c:104: 0:error:2307D00D:PKCS12 routines:PKCS8_encrypt:ASN1 lib:p12_p8e.c:86: Which I _think_ is caused by this change between 1.0.2a and 1.0.2c: diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 5cd755d..aca382a 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -400,6 +400,8 @@ static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp) j = (a-length - b-length); if (j) return (j); +if (a-length == 0) +return 0; return (memcmp(a-data, b-data, a-length)); } @@ -415,6 +417,9 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) if (a-nid != 0) return (a-nid); +if (a-length == 0) +return NID_undef; + if (added != NULL) { ad.type = ADDED_DATA; ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */ which comes from the objects entry: obj_dat.h:{DES-EDE3-CBC,des-ede3-cbc,NID_des_ede3_cbc,8,(lvalues[235]),0}, obj_dat.h:{DES-EDE3-OFB,des-ede3-ofb,NID_des_ede3_ofb64,0,NULL,0}, I was not able to find out why des-ede3-cbc does have length 8, but ofb does not? How to fix this? Should it have length 8 too? Ciao, Marcus ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl.org #3402] spurios change in perl NET_SSLeay module
On Thu, Jun 12, 2014 at 07:11:24PM +0200, Stephen Henson via RT wrote: On Thu Jun 12 18:16:55 2014, meiss...@suse.de wrote: Hi, The Net-SSLeay perl module failed its testsuite after 1.0.1g - 1.0.1h update. The code looks like this: ... create more X509 certificate stuff ... is(Net::SSLeay::X509_NAME_print_ex($name), O=Company Name,C=UK,CN=Common name text X509, X509_NAME_print_ex); is(unpack(H*,Net::SSLeay::X509_NAME_digest($name, $sha1_digest)), 044d7ea7fddced7b9b63799600b9989a63b36819, X509_NAME_digest); The sha1 sum of the ASN.1 encoding changed. The reason for this is commit git show 3009244da47b989c4cc59ba commit 3009244da47b989c4cc59ba02cf81a4e9d8f8431 Author: Dr. Stephen Henson st...@openssl.org Date: Sun Jun 1 15:03:00 2014 +0100 Set default global mask to UTF8 only. diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index dedc488..8993264 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, * certain software (e.g. Netscape) has problems with them. */ -static unsigned long global_mask = 0xL; +static unsigned long global_mask = B_ASN1_UTF8STRING; void ASN1_STRING_set_default_mask(unsigned long mask) { Should this change the above behaviour? Yes it would change that behaviour. When OpenSSL is asked to construct a DN it uses various criteria to determine what string types to use. for DirectoryString. Before that change it was using some ancient rules which would use long obsolete type. After that change it is brought up to date. Because the string types change that means the encoding and hence the hash will change. Sounds sensible. The ticket could be closed again ;) Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3336] 1.0.1g breaks IronPORT SMTP appliance (padding extension)
Hi, SUSE has received a bugreport from a user, that the padding extension change breaks IronPort SMTP appliances. There might a RT on this already, not sure. https://bugzilla.novell.com/show_bug.cgi?id=875639 http://postfix.1071664.n5.nabble.com/OpenSSL-1-0-1g-and-Ironport-SMTP-appliances-interop-issue-td66873.html Quoting from our openSUSE bugreport: Last upgrade to openssl-1.0.1g-11.36.1.x86_64 broke SSL connections to some services, e.g. Cisco Ironport SMTP appliances. 1.0.1g not only fixes the Heartbleed bug but also adds another change by adding: #define TLSEXT_TYPE_padding 21 This in turn breaks SSL connections to e.g. Ironports, probably others: SSL23_GET_SERVER_HELLO:tlsv1 alert decode error Workaround: Force protocol to SSLv3 or recompile without the define above. For details, please refer to: postfix.1071664.n5.nabble.com/OpenSSL-1-0-1g-and-Ironport-SMTP-appliances-interop-issue-td66873.html Reproducible: Always Steps to Reproduce: 1. openssl s_client -connect some.ironport.com:25 -starttls smtp Note: Send me an email for a hostname of an Ironport SMTP appliance to test with. I don't want to disclose it here. Actual Results: CONNECTED(0003) 139718758192784:error:1407741A:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert decode error:s23_clnt.c:762: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 129 bytes and written 552 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- Expected Results: CONNECTED(0003) --- Certificate chain [...cut...] New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 [...cut..-] 250 STARTTLS __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2526] bad sequence in OCSP_parse_url
OCSP_parse_url has a bad sequence of initializing the parameter returns and buf strdupping + error handling. If the first error handling triggers, it will access the 3 argument pointers uninitialized memory. (the goto mem_err; patch will free **pport et.al.) found by Coverity scanner. Ciao, Marcus --- crypto/ocsp/ocsp_lib.c.xx 2011-05-18 14:17:25.0 +0200 +++ crypto/ocsp/ocsp_lib.c 2011-05-18 14:17:34.0 +0200 @@ -170,14 +170,14 @@ char *host, *port; - /* dup the buffer since we are going to mess with it */ - buf = BUF_strdup(url); - if (!buf) goto mem_err; - *phost = NULL; *pport = NULL; *ppath = NULL; + /* dup the buffer since we are going to mess with it */ + buf = BUF_strdup(url); + if (!buf) goto mem_err; + /* Check for initial colon */ p = strchr(buf, ':'); __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2527] doublefree in apps/asn1parse.c
Hi, NCONF_free(cnf) is again called later when errors are handled, which would lead to double free of cnf. Spotted by Coverity checker. Ciao, Marcus --- apps/asn1pars.c.xx 2011-05-18 14:40:29.0 +0200 +++ apps/asn1pars.c 2011-05-18 14:40:43.0 +0200 @@ -408,6 +408,7 @@ atyp = ASN1_generate_nconf(genstr, cnf); NCONF_free(cnf); + cnf = NULL; if (!atyp) return -1; __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2528] setup_engine curious return value
HI, apps/engine.c, function setup_engine() It has return e; on success, but the code has: /* Free our structural reference. */ ENGINE_free(e); } return e; ENGINE_free(e) makes e invalid, so returning it is very dangerous. The return value mostly seems to be unused though, so perhaps get fully rid of it. Spotted also by Coverity. Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2529] potential bug in ssl/bio_ssl.c::ssl_ctrl BIO_C_SET_SSL
Hi, Coverity thinks that in this sequence b-ptr is used after free and I have to agree: case BIO_C_SET_SSL: if (ssl != NULL) ssl_free(b);// MARCUS: frees also b-ptr b-shutdown=(int)num; ssl=(SSL *)ptr; ((BIO_SSL *)b-ptr)-ssl=ssl; // MARCUS: Derferences freed b-ptr bio=SSL_get_rbio(ssl); if (bio != NULL) { if (b-next_bio != NULL) BIO_push(bio,b-next_bio); b-next_bio=bio; CRYPTO_add(bio-references,1,CRYPTO_LOCK_BIO); } b-init=1; break; Not sure what was really intended in the second commented line. Ciao, MArcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2530] crypto/dsa/dsa_gen.c::dsa_builtin_paramgen has potential uninitialized seed
Hi, (I am not fully sure I understand it right.) Coverity thinks dsa_builtin_paramgen() can use portions of seed uninitialized and I can agree. If seed_len is 0 but qsize, the memcpy(seed,seed_in,seed_len) does not trigger, but seed is used, being a uninitialized stack variable. This would probably means that the seeding is done with whatever is on the stack if a seed_len 0 qsize is passed in, and would be predictable. Usually the for () loop will detect this as bad state and redo it. But I am not sure if you can in some call sequence setup the stack so it gets a predictable content which would be a valid number (and so always get the same initial state). Also the comment above the check seems to be wrong, nothing is ever copied to seed_in in the function. I do think an invalid seed_len with the condition might not be happening in real life. I would _suggest_ this fix, but it needs to be reviewed. Ciao, Marcus --- crypto/dsa/dsa_gen.c.xx 2011-05-18 16:55:14.0 +0200 +++ crypto/dsa/dsa_gen.c2011-05-18 16:55:17.0 +0200 @@ -140,11 +140,12 @@ bits = (bits+63)/64*64; - /* NB: seed_len == 0 is special case: copy generated seed to -* seed_in if it is not NULL. + /* NB: seed_len == 0 is special case: use a random initial seed. */ - if (seed_len (seed_len (size_t)qsize)) + if (seed_len (seed_len (size_t)qsize)) { seed_in = NULL; /* seed buffer too small -- ignore */ + seed_len = 0; /* ... and use randomness by default */ + } if (seed_len (size_t)qsize) seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2531] small memory leak in t1_lib
Hi, probably not triggers in real life conditions. also spotted by Coverity, untested. --- ssl/t1_lib.c.xx 2011-05-18 15:50:08.0 + +++ ssl/t1_lib.c2011-05-18 15:50:22.0 + @@ -1714,8 +1714,10 @@ return -1; } EVP_DecryptUpdate(ctx, sdec, slen, p, eticklen); - if (EVP_DecryptFinal(ctx, sdec + slen, mlen) = 0) + if (EVP_DecryptFinal(ctx, sdec + slen, mlen) = 0) { + OPENSSL_free(sdec); goto tickerr; + } slen += mlen; EVP_CIPHER_CTX_cleanup(ctx); p = sdec; Ciao, Marcus __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2199] patch: mark assembler as non-exec-stack
Hi, Type: patch We use the following patch on openSUSE to make sure that openssl uses non-executable stack by marking the assembler code as not requiring x-stack. Ciao, Marcus --- crypto/perlasm/x86unix.pl +++ crypto/perlasm/x86unix.pl @@ -586,6 +586,7 @@ push(@out,$const); $const=; } + push(@out, .section .note.GNU-stack,\\,\...@progbits); } sub main'data_word
[openssl.org #2200] patch: fixed a crash with openssl req
Our QA found a scenario where openssl req is crashing, this is tracked in https://bugzilla.novell.com/show_bug.cgi?id=430141 It seems a non-asn1 converted string is passed into ASN1_TYPE_set1. We applied the patch attached. Ciao, Marcus Index: openssl-0.9.8h/crypto/x509/x509_att.c --- openssl-0.9.8h/crypto/x509/x509_att.c +++ openssl-0.9.8h/crypto/x509/x509_att.c @@ -305,7 +305,7 @@ if(!(ttmp = ASN1_TYPE_new())) goto err; if (len == -1) { - if (!ASN1_TYPE_set1(ttmp, attrtype, data)) + if (!ASN1_TYPE_set1(ttmp, attrtype, stmp)) goto err; } else