[openssl-dev] [openssl.org #3638] [PATCH] Fix build with -DOPENSSL_NO_SRTP
Hey guys, 1.0.2-stable and master are currently broken when building with -DOPENSSL_NO_SRTP. Attached patches fix that. Best regards, Piotr Sikora OpenSSL_1_0_2__Fix-build-with-DOPENSSL_NO_SRTP.patch Description: Binary data OpenSSL_master__Fix-build-with-DOPENSSL_NO_SRTP.patch Description: Binary data ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
[openssl.org #3597] [PATCH] Advance to the next state variant when reusing messages.
Advance to the next state variant when reusing messages. Previously, state variant was not advanced, which resulted in state being stuck in the st1 variant (usually _A). This broke certificate callback retry logic when accepting connections that were using SSLv2 ClientHello (hence reusing the message), because their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required for the retry code path. Reported by Yichun Zhang (agentzh). Signed-off-by: Piotr Sikora pi...@cloudflare.com --- ssl/s3_both.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ssl/s3_both.c b/ssl/s3_both.c index beef06f..10921a2 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -358,6 +358,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, goto f_err; } *ok=1; + s-state=stn; s-init_msg = s-init_buf-data + 4; s-init_num = (int)s-s3-tmp.message_size; return s-init_num; -- 2.1.2 OpenSSL__Advance-to-the-next-state-variant-when-reusing-messa.patch Description: Binary data
Re: [openssl.org #3191] [BUG] OpenSSL-1.0.2 segfaulting on sha1_block_data_order asm
Hey Andy, Some kind of deja vu here. I remember I was looking at this and drew some conclusion... I think it was addressed and commit b77b58a398c8b9b4113f3fb6b48e162a3b8d4527 actually mentions this ticket. Can you confirm? Yes, it's been fixed by this commit. Best regards, Piotr Sikora __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3191] [BUG] OpenSSL-1.0.2 segfaulting on sha1_block_data_order asm
Hello, after moving from OpenSSL-1.0.1e to OpenSSL-1.0.2-5ff68e8 our nginx instances started crashing (very rarely, but still...) with backtraces pointing to either sha1_block_data_order_avx or sha1_block_data_order_ssse3, depending on machine. This is happening when nginx is acting as a client, as well when it's acting as a server. The OS is Linux 3.9.x and we are using relatively recent OpenSSL-1.0.2 checkout (commit: 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f). Let me know if you need any more details. Best regards, Piotr Sikora --- sha1_block_data_order_avx --- (gdb) bt #0 sha1_block_data_order_avx () at sha1-x86_64.s:3338 #1 0xca62c1d6ca62c1d6 in ?? () #2 0xca62c1d6ca62c1d6 in ?? () #3 0xca62c1d6ca62c1d6 in ?? () #4 0xca62c1d6ca62c1d6 in ?? () #5 0xca62c1d6ca62c1d6 in ?? () #6 0xca62c1d6ca62c1d6 in ?? () #7 0xca62c1d6ca62c1d6 in ?? () #8 0xca62c1d6ca62c1d6 in ?? () #9 0x04533188 in ?? () #10 0x0020 in ?? () #11 0x0eabc170 in ?? () #12 0x0059903b in sha1_update (ctx=Unhandled dwarf expression opcode 0xf3) at e_aes_cbc_hmac_sha1.c:162 #13 aesni_cbc_hmac_sha1_cipher (ctx=Unhandled dwarf expression opcode 0xf3) at e_aes_cbc_hmac_sha1.c:223 #14 0x005010a9 in tls1_enc (s=0x10338110, send=1) at t1_enc.c:855 #15 0x0052ab87 in do_ssl3_write (s=0x10338110, type=21, buf=0xd1c9e88 \002F, len=2, create_empty_fragment=0) at s3_pkt.c:826 #16 0x0052c540 in ssl3_dispatch_alert (s=0x10338110) at s3_pkt.c:1500 #17 0x0052b54c in ssl3_send_alert (s=0x10338110, type=22, buf=0x549af40 \024, len=4, peek=0) at s3_pkt.c:1488 #18 ssl3_get_record (s=0x10338110, type=22, buf=0x549af40 \024, len=4, peek=0) at s3_pkt.c:536 #19 ssl3_read_bytes (s=0x10338110, type=22, buf=0x549af40 \024, len=4, peek=0) at s3_pkt.c:1010 #20 0x0052cea0 in ssl3_get_message (s=0x10338110, st1=Unhandled dwarf expression opcode 0xf3) at s3_both.c:370 #21 0x0052c8bb in ssl3_get_finished (s=0x10338110, a=Unhandled dwarf expression opcode 0xf3) at s3_both.c:233 #22 0x0051f27a in ssl3_accept (s=0x10338110) at s3_srvr.c:725 #23 0x00468a5b in ngx_ssl_handshake (c=0x7f457adca6d0) at src/event/ngx_event_openssl.c:1114 (gdb) info reg rax0x753851ae 1966625198 rbx0x21be16be 566105790 rcx0x1bc8df34 466149172 rdx0x6f8554d1 1871008977 rsi0xfe447b08 4265900808 rdi0xec908aab 3968895659 rbp0xee05b36e 0xee05b36e rsp0x763dd800 0x763dd800 r8 0xeabc324246137636 r9 0x15364fcb 355880907 r100x453314b72560971 r110x543300 5518080 r120x453318872561032 r130x0 0 r140x453318872561032 r150x45331cb72561099 rip0x5416c0 0x5416c0 sha1_block_data_order_avx+2736 eflags 0x202[ IF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 fctrl 0x37f895 fstat 0x0 0 ftag 0x 65535 fiseg 0x0 0 fioff 0x0 0 foseg 0x0 0 fooff 0x0 0 fop0x0 0 mxcsr 0x1f80 [ IM DM ZM OM UM PM ] --- sha1_block_data_order_ssse3 --- (gdb) bt #0 sha1_block_data_order_ssse3 () at sha1-x86_64.s:2226 #1 0xca62c1d6ca62c1d6 in ?? () #2 0xca62c1d6ca62c1d6 in ?? () #3 0xca62c1d6ca62c1d6 in ?? () #4 0xca62c1d6ca62c1d6 in ?? () #5 0xca62c1d6ca62c1d6 in ?? () #6 0xca62c1d6ca62c1d6 in ?? () #7 0xca62c1d6ca62c1d6 in ?? () #8 0xca62c1d6ca62c1d6 in ?? () #9 0x01d17528 in ?? () #10 0x0020 in ?? () #11 0x01eb35c0 in ?? () #12 0x005c627b in sha1_update (ctx=Unhandled dwarf expression opcode 0xf3) at e_aes_cbc_hmac_sha1.c:162 #13 aesni_cbc_hmac_sha1_cipher (ctx=Unhandled dwarf expression opcode 0xf3) at e_aes_cbc_hmac_sha1.c:223 #14 0x0052e2e9 in tls1_enc (s=0x1f01200, send=1) at t1_enc.c:855 #15 0x00557dc7 in do_ssl3_write (s=0x1f01200, type=21, buf=0x1e55208 \002F, len=2, create_empty_fragment=0) at s3_pkt.c:826 #16 0x00559780 in ssl3_dispatch_alert (s=0x1f01200) at s3_pkt.c:1500 #17 0x0055878c in ssl3_send_alert (s=0x1f01200, type=23, buf=0x2204b50 ..., len=8192, peek=0) at s3_pkt.c:1488 #18 ssl3_get_record (s=0x1f01200, type=23, buf=0x2204b50 ..., len=8192, peek=0) at s3_pkt.c:536 #19 ssl3_read_bytes (s=0x1f01200, type=23, buf=0x2204b50 ..., len=8192, peek=0) at s3_pkt.c:1010 #20 0x005550dc in ssl3_read_internal (s=0x1f01200, buf=0x2204b50, len=8192) at s3_lib.c:4426 #21 ssl3_read (s=0x1f01200, buf=0x2204b50, len=8192) at s3_lib.c:4446 #22 0x0046d204 in ngx_ssl_recv (c=0x7f57161d6a10, buf=0x2204b50 ..., size=8192) at src/event/ngx_event_openssl.c:1356
Re: [openssl.org #3106] [PATCH] Fix build with OPENSSL_NO_NEXTPROTONEG.
Hey guys, could you please look into it? Right now, this is show-stopper for adding ALPN support for nginx. Attached patches against current master and OpenSSL_1_0_2-stable branch. Best regards, Piotr Sikora Fix-compilation-with-no-nextprotoneg-master.patch Description: Binary data Fix-compilation-with-no-nextprotoneg-OpenSSL_1_0_2-stable.patch Description: Binary data
[openssl.org #3106] [PATCH] Fix build with OPENSSL_NO_NEXTPROTONEG.
Hello, attached patch fixes build with OPENSSL_NO_NEXTPROTONEG. While it cannot be enabled via ./config options, compiling OpenSSL with this define turned out to be extremely useful while adding ALPN support to 3rd-party software (i.e. to make sure that nothing in the added ALPN support relies on NPN code). Also, I wanted to make sure that SSL_select_next_proto() is not part of NPN and that it will be available going forward. Best regards, Piotr Sikora Fix-build-with-OPENSSL_NO_NEXTPROTONEG.patch Description: Binary data
Re: [openssl.org #3106] [PATCH] Fix build with OPENSSL_NO_NEXTPROTONEG.
Hey Steve, While it cannot be enabled via ./config options, Why not? The standard way to include such options is via config or Configure and some platforms (e.g. Windows) require this. Actually, it turns out that I was wrong, so please ignore that part. For the reference: What I meant is that currently (i.e. git master, nothing to do with the patch) OPENSSL_NO_NEXTPROTONEG cannot be enabled via ./config options and I had to pass it via CFLAGS, but that turned out to be just a user error... I didn't know that no-XXX is automatically translated to OPENSSL_NO_XXX and I was trying to disable NPN with no-npn (as described in CHANGES), which obviously didn't do much good... no-nextprotoneg works fine, though :) Best regards, Piotr Sikora __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3103] [PATCH] Set TLS EC curve_id from EC group alone.
Hello, attached patch fixes the issue with dropped support for EC cipher suites in software that uses SSL_OP_SINGLE_ECDH_USE after upgrading to OpenSSL-1.0.2+. As far as I can tell, the public key isn't necessary to set TLS EC curve_id and removing this requirement is safe. Best regards, Piotr Sikora Set TLS EC curve_id from EC group alone. Strict EC parameter checking code runs before ephemeral EC key is generated and existing code didn't account for that. This resulted in dropped support for EC cipher suites in software that uses SSL_OP_SINGLE_ECDH_USE, i.e.: SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE); SSL_CTX_set_tmp_ecdh(ctx, ecdh); The solution is to use only EC group and don't require EC key to be already generated. Signed-off-by: Piotr Sikora pi...@cloudflare.com --- ssl/t1_lib.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index ee376de..e24627f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -578,14 +578,12 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, { int is_prime, id; const EC_GROUP *grp; - const EC_POINT *pt; const EC_METHOD *meth; if (!ec) return 0; /* Determine if it is a prime field */ grp = EC_KEY_get0_group(ec); -pt = EC_KEY_get0_public_key(ec); - if (!grp || !pt) + if (!grp) return 0; meth = EC_GROUP_method_of(grp); if (!meth) Set-TLS-EC-curve_id-from-EC-group-alone.patch Description: Binary data
[openssl.org #3104] [BUG] Build broken on OSX (RSAZ assembly)
Hello, it looks that the RSAZ assembly broke build on OSX. clang: /opt/local/bin/perl5 asm/rsaz-x86_64.pl macosx rsaz-x86_64.s clang -c -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DDSO_DLFCN -DHAVE_DLFCN_H -g -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPEN SSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o rsaz-x86_64.o rsaz-x86_64. s rsaz-x86_64.s:934:1: error: invalid symbol redefinition _rsaz_512_mul: ^ make[4]: *** [rsaz-x86_64.o] Error 1 gcc: /opt/local/bin/perl5 asm/rsaz-x86_64.pl macosx rsaz-x86_64.s gcc -c -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DDSO_DLFCN -DHAVE_DLFCN_H -g -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o rsaz-x86_64.o rsaz-x86_64.s rsaz-x86_64.s:394:Unknown pseudo-op: .global rsaz-x86_64.s:394:Rest of line ignored. 1st junk character valued 95 (_). rsaz-x86_64.s:451:Unknown pseudo-op: .global rsaz-x86_64.s:451:Rest of line ignored. 1st junk character valued 95 (_). rsaz-x86_64.s:654:Unknown pseudo-op: .global rsaz-x86_64.s:654:Rest of line ignored. 1st junk character valued 95 (_). rsaz-x86_64.s:934:FATAL:Symbol _rsaz_512_mul already defined. make[4]: *** [rsaz-x86_64.o] Error 1 $ git show | head -1 commit 006784378db1a8957fcf587ee1deaa5cf2ae76c7 $ clang -v clang version 3.3 (tags/RELEASE_33/final) $ gcc -v gcc version 4.8.1 (MacPorts gcc48 4.8.1_1) $ uname -mrs Darwin 12.4.0 x86_64 $ sw_vers ProductName:Mac OS X ProductVersion: 10.8.4 BuildVersion: 12E55 Best regards, Piotr Sikora __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org