| e88dfd5 | erbsland-dev | 10 September 2024, 19:24:59 UTC | Add Missing Error Messages for AES-OCB Tag Length Validation Related to #8331 Addressing found issues by adding specific error messages to improve feedback when tag length checks fail for the `EVP_CTRL_AEAD_SET_TAG` parameter in the AES-OCB algorithm. - Added PROV_R_INVALID_TAG_LENGTH error to indicate when the current tag length exceeds the maximum tag length of the algorithm. - Added `PROV_R_INVALID_TAG_LENGTH` error to indicate when the current tag length in the context does not match a custom tag length provided as a parameter. - Added `ERR_R_PASSED_INVALID_ARGUMENT` error to handle cases where an invalid pointer is passed in encryption mode. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25425) (cherry picked from commit 645edf50f0274448174d9739543bf01b1708b2f5) | 13 September 2024, 08:13:32 UTC |
| 1727cbb | Michael Baentsch | 15 July 2024, 04:54:48 UTC | document provider dependency handling Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24884) (cherry picked from commit e8498dc6455fc36f70dc3a0ca1ef82b34c088a90) | 11 September 2024, 07:34:13 UTC |
| 1abcd40 | XZ-X | 22 July 2024, 05:38:00 UTC | rehash.c: handle possible null pointer returned by OPENSSL_strdup Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24980) (cherry picked from commit a5cd06f7fff3b4484946812191097b5e080b7610) | 09 September 2024, 07:21:09 UTC |
| cb503d5 | erbsland-dev | 28 August 2024, 19:54:12 UTC | Add note for non-interactive use of `s_client` Fixes #8018 Documented the potential issue of premature connection closure in non-interactive environments, such as cron jobs, when using `s_client`. Added guidance on using the `-ign_eof` option and input redirection to ensure proper handling of `stdin` and completion of TLS session data exchange. Highlight potential issues with the `-ign_eof` flag and provide solutions for graceful disconnection in SMTP and HTTP/1.1 scenarios to avoid indefinite hangs. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25311) (cherry picked from commit 26521fdcf4047d6b6c5a7cf14ac34323a6197266) | 09 September 2024, 07:16:07 UTC |
| b5ac0f0 | erbsland-dev | 01 September 2024, 20:55:12 UTC | Refactor Password Variables to Use `const char[]` Arrays - Converted password declaration from `char*` to `const char[]`. - Updated `memcpy` and `return` statements accordingly to use `sizeof` instead of predefined lengths. - Renamed `key_password` into `weak_password` to match test name. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25330) (cherry picked from commit d52e92f835d8f64e207747cefe12cd1fc0423326) | 09 September 2024, 07:05:46 UTC |
| d68911f | erbsland-dev | 30 August 2024, 14:35:38 UTC | Refactor Callback Tests for Improved Memory Management Refactor the callback test code to replace global variables with local structures, enhancing memory management and reducing reliance on redundant cleanup logic. Using a local struct containing a magic number and result flag to ensure the correct handling of user data and to verify that the callback function is invoked at least once during the test. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25330) (cherry picked from commit 9808ccc53f066f5aedcd6ea847f790ea64e72e76) | 09 September 2024, 07:05:46 UTC |
| 412ca38 | erbsland-dev | 30 August 2024, 08:56:58 UTC | Fix Edge Cases in Password Callback Handling Fixes #8441: Modify the password callback handling to reserve one byte in the buffer for a null terminator, ensuring compatibility with legacy behavior that puts a terminating null byte at the end. Additionally, validate the length returned by the callback to ensure it does not exceed the given buffer size. If the returned length is too large, the process now stops gracefully with an appropriate error, enhancing robustness by preventing crashes from out-of-bounds access. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25330) (cherry picked from commit 5387b71acb833f1f635ab4a20ced0863747ef5c1) | 09 September 2024, 07:05:45 UTC |
| 8753a73 | erbsland-dev | 29 August 2024, 21:08:46 UTC | Add test for BIO password callback functionality Related to #8441 This commit introduces a test suite for the password callback mechanism used when reading or writing encrypted and PEM or DER encoded keys via a BIO in OpenSSL. The test is designed to cover various edge cases, particularly focusing on scenarios where the password callback might return unexpected or malformed data from user code. By simulating different callback behaviors, including negative returns, zero-length passwords, passwords that exactly fill the buffer and wrongly reported lengths. Also testing for the correct behaviour of binary passwords that contain a null byte in the middle. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25330) (cherry picked from commit fa6ae88a47a37678e8f8567ec2622bef515ac286) | 09 September 2024, 07:05:43 UTC |
| 40226e9 | dependabot[bot] | 29 August 2024, 17:50:32 UTC | Dependabot update CLA: trivial (deps): Bump actions/setup-python Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.1 to 5.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.1.1...v5.2.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25328) (cherry picked from commit 8af4c02ea952ca387691c4a077c260ba045fe285) | 05 September 2024, 16:13:35 UTC |
| 1d0acd2 | Pablo Rodríguez | 30 August 2024, 14:56:03 UTC | blank line required to display code in `openssl-ts.pod.in` CLA:trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25338) (cherry picked from commit 6fd9bc65689cf62854797927121a580bed1565c4) | 05 September 2024, 15:27:39 UTC |
| 747ba0e | Alessandro Chitarrini | 29 August 2024, 10:59:54 UTC | Fix inaccurate comment about default nonce length in demos/cipher/aesccm.c Fixes #25270 CLA: trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25318) (cherry picked from commit f2b7a00fbb372b0ea32f2cfea865ab407641b1fa) | 05 September 2024, 15:25:21 UTC |
| 491b9d7 | erbsland-dev | 22 July 2024, 08:26:17 UTC | Clarify EVP_CipherUpdate() authenticated bytes behavior Fixes #8310: Document that the number of authenticated bytes returned by EVP_CipherUpdate() varies with the cipher used. Mention that stream ciphers like ChaCha20 can handle 1 byte at a time, while OCB mode requires processing data one block at a time. Ensure it's clear that passing unpadded data in one call is safe. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24961) (cherry picked from commit d15077d336e4b6144f8a5fdb0c1bb58ca9d3552f) | 05 September 2024, 15:15:12 UTC |
| 4d2d4b6 | Georgi Valkov | 03 September 2024, 07:13:34 UTC | threads_win: fix improper cast to long * instead of LONG * InterlockedExchangeAdd expects arguments of type LONG *, LONG but the int arguments were improperly cast to long *, long Note: - LONG is always 32 bit - long is 32 bit on Win32 VC x86/x64 and MingW-W64 - long is 64 bit on cygwin64 Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25360) (cherry picked from commit b0ed90cc30a573acb9b27186babc616be482afcb) | 05 September 2024, 15:12:32 UTC |
| e347162 | Daniel Gustafsson | 12 July 2024, 18:49:16 UTC | Fix memleak in rsa_cms_sign error path If the call to X509_ALGOR_set0 fails then the allocated ASN1_STRING variable passed as parameter leaks. Fix by explicitly freeing like how all other codepaths with X509_ALGOR_set0 do. Fixes #22680 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24868) (cherry picked from commit 5efc57caf229748fd4f85b05463f96b11679100d) | 05 September 2024, 15:05:42 UTC |
| 1441f2b | Tomas Mraz | 03 September 2024, 13:30:37 UTC | Prepare for 3.0.16 Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes | 03 September 2024, 13:30:37 UTC |
| c523121 | Tomas Mraz | 03 September 2024, 13:30:13 UTC | Prepare for release of 3.0.15 Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes | 03 September 2024, 13:30:13 UTC |
| b51d803 | Tomas Mraz | 03 September 2024, 13:30:11 UTC | make update Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes | 03 September 2024, 13:30:11 UTC |
| 7b05ea8 | Tomas Mraz | 03 September 2024, 13:28:11 UTC | Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes | 03 September 2024, 13:28:11 UTC |
| 2d25b80 | Tomas Mraz | 03 September 2024, 10:24:58 UTC | Add CVE-2024-5535 to CHANGES and NEWS Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0c3d66a46eda9353f80e1846642b9090a8eac999) | 03 September 2024, 12:32:39 UTC |
| c3f90ac | Viktor Dukhovni | 10 July 2024, 09:50:57 UTC | Updated CHANGES and NEWS for CVE-2024-6119 fix Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (cherry picked from commit cf384d35aa7142cc3b5de19f64d3972e77d3ff74) | 03 September 2024, 10:14:48 UTC |
| 06d1dc3 | Viktor Dukhovni | 19 June 2024, 11:04:11 UTC | Avoid type errors in EAI-related name check logic. The incorrectly typed data is read only, used in a compare operation, so neither remote code execution, nor memory content disclosure were possible. However, applications performing certificate name checks were vulnerable to denial of service. The GENERAL_TYPE data type is a union, and we must take care to access the correct member, based on `gen->type`, not all the member fields have the same structure, and a segfault is possible if the wrong member field is read. The code in question was lightly refactored with the intent to make it more obviously correct. Fixes CVE-2024-6119 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (cherry picked from commit 0890cd13d40fbc98f655f3974f466769caa83680) | 03 September 2024, 10:03:39 UTC |
| 9aae563 | Pauli | 30 August 2024, 01:43:29 UTC | endecode_test.c: Fix !fips v3.0.0 check The fips_provider_version_* functions return true if the FIPS provider isn't loaded. This is somewhat counterintuitive and the fix in #25327 neglected this nuance resulting in not running the SM2 tests when the FIPS provider wasn't being loaded. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25331) (cherry picked from commit c6c6af18ea5f8dd7aa2bd54b63fcb813ee6c2394) | 30 August 2024, 09:43:46 UTC |
| 507e9ad | Tomas Mraz | 29 August 2024, 16:42:14 UTC | endecode_test.c: Avoid running the SM2 tests with 3.0.0 FIPS provider Fixes #25326 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25327) (cherry picked from commit 0b97a5505efa8833bb7b8cabae45894ad6d910a2) | 29 August 2024, 17:46:22 UTC |
| 5b73541 | Viktor Dukhovni | 28 August 2024, 10:36:09 UTC | Check for excess data in CertificateVerify As reported by Alicja Kario, we ignored excess bytes after the signature payload in TLS CertificateVerify Messages. These should not be present. Fixes: #25298 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25302) (cherry picked from commit b4e4bf29ba3c67662c60ceed9afa2dd301e93273) | 29 August 2024, 17:32:40 UTC |
| e3c69bd | Jamie Cui | 22 August 2024, 03:41:50 UTC | Fix decoder error on SM2 private key Added sm2 testcases to endecode_test.c. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25266) (cherry picked from commit 25bd0c77bfa7e8127faafda2b082432ea58f9570) | 29 August 2024, 13:33:25 UTC |
| eb9790f | Alexandr Nedvedicky | 19 August 2024, 11:16:49 UTC | fix undefined behavior on 3.1 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71220) OpenSSL 3.2 and later are not affected, because they use a `safemath` to do integer arithmetics. This change is specific to 3.1 and 3.0. It changes just fixes ssl_session_calculate_timeout(). It avoids overflow by testing operands before executint the operation. It is implemented as follows: add(a, b) { overflow = MAX_INT - a; if (b > overflow) result = b - overflow else result = a + b } Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25239) (cherry picked from commit a85eb03a5ccaccd7b18f979d4dfb5cc76bb61cea) | 27 August 2024, 18:38:15 UTC |
| 86f6fdf | slontis | 21 August 2024, 23:09:14 UTC | FIPS: Change fips tests to use SHA2 for corruption test. Fixes cross testing with OpenSSL 3.4 with removed SHA1 from the self tests. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25262) (cherry picked from commit 06179b4be0e5617455924f02830a43b85d154c1a) | 23 August 2024, 08:29:17 UTC |
| cd4c9fd | FdaSilvaYY | 18 July 2024, 21:33:49 UTC | apps: add missing entry to tls extension label list noticed by @sftcd Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25111) (cherry picked from commit 4688f9b821525b255e0ff22f376fee93c2f9dc8e) | 21 August 2024, 13:44:30 UTC |
| 3001969 | FdaSilvaYY | 20 February 2021, 23:04:07 UTC | Fix '--strict-warnings' build breakage due to a missing const. Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25111) (cherry picked from commit ef4df981aecfc6c3cdc1585a1c07b199db711ec1) | 21 August 2024, 13:44:26 UTC |
| 19f3225 | Jiasheng Jiang | 06 August 2024, 19:18:34 UTC | test/provider_test.c: Add OSSL_PROVIDER_unload() to avoid memory leak Add OSSL_PROVIDER_unload() when OSSL_PROVIDER_add_builtin() fails to avoid memory leak. Fixes: 5442611dff ("Add a test for OSSL_LIB_CTX_new_child()") Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25109) (cherry picked from commit 55662b674543c9385600bc9b7c46277ef69b4dba) | 21 August 2024, 13:40:06 UTC |
| c45b70f | Jiasheng Jiang | 06 August 2024, 18:42:06 UTC | test/provider_fallback_test.c: Add OSSL_PROVIDER_unload() to avoid memory leak Add OSSL_PROVIDER_unload() when test_provider() fails to avoid memory leak. Fixes: f995e5bdcd ("TEST: Add provider_fallback_test, to test aspects of fallback providers") Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25108) (cherry picked from commit 6e8a1031ed11af9645769f9e019db9f032a220b8) | 21 August 2024, 13:38:11 UTC |
| a85072d | Tomas Mraz | 19 August 2024, 10:37:37 UTC | randfile.c: Fix the e_os.h include path e_os.h was moved to the internal subdirectory only in 3.1 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25230) | 19 August 2024, 10:37:42 UTC |
| 1e42aaa | Tomas Mraz | 19 August 2024, 09:34:27 UTC | Explicitly include e_os.h for close() Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25229) (cherry picked from commit 0c0c6954bf4fa7b56e21e1393c9e5e5d55c1b2d6) | 19 August 2024, 10:27:30 UTC |
| 02c87a3 | Pauli | 18 August 2024, 22:31:15 UTC | test: add a default greeting to avoid printing a null pointer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/25221) (cherry picked from commit 34877dbcd467efb4e2dbf45d2fcb44c5a4b4926a) | 19 August 2024, 09:22:05 UTC |
| 86e9f83 | shridhar kalavagunta | 04 August 2024, 21:04:53 UTC | RAND_write_file(): Avoid potential file descriptor leak If fdopen() call fails we need to close the fd. Also return early as this is most likely some fatal error. Fixes #25064 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25081) (cherry picked from commit d6048344398ec75996fee1f465abb61ab3aa377e) | 19 August 2024, 09:13:30 UTC |
| bfe80f1 | Bernd Edlinger | 12 March 2024, 19:04:56 UTC | Fix unpredictible refcount handling of d2i functions The passed in reference of a ref-counted object is free'd by d2i functions in the error handling. However if it is not the last reference, the in/out reference variable is not set to null here. This makes it impossible for the caller to handle the error correctly, because there are numerous cases where the passed in reference is free'd and set to null, while in other cases, where the passed in reference is not free'd, the reference is left untouched. Therefore the passed in reference must be set to NULL even when it was not the last reference. Fixes #23713 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22809) (cherry picked from commit d550d2aae531c6fa2e10b1a30d2acdf373663889) | 16 August 2024, 08:09:24 UTC |
| df31f46 | Bernd Edlinger | 24 November 2023, 06:02:35 UTC | Extend test case for reused PEM_ASN1_read_bio This is related to #22780, simply add test cases for the different failure modes of PEM_ASN1_read_bio. Depending on whether the PEM or the DER format is valid or not, the passed in CRL may be deleted ot not, therefore a statement like this: reused_crl = PEM_read_bio_X509_CRL(b, &reused_crl, NULL, NULL); must be avoided, because it can create memory leaks. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22809) (cherry picked from commit 83951a9979784ffa701e945b86f2f0bc2caead8e) | 16 August 2024, 08:09:22 UTC |
| 34c2482 | Andreas Treichel | 18 May 2024, 06:27:46 UTC | apps/cms.c, apps/smime.c: Fix -crlfeol help messages CLA: trivial Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24434) (cherry picked from commit 0813ffee2fe6d1a4fe4ec04b7b18fe91cc74a34c) | 15 August 2024, 17:46:36 UTC |
| 099a71b | Shih-Yi Chen | 07 August 2024, 21:33:53 UTC | Update krb5 to latest master to pick up CVE fixes CLA: trivial Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25131) | 14 August 2024, 15:49:19 UTC |
| 62d0f63 | slontis | 11 August 2024, 23:41:36 UTC | Fix 3.0 branch to skip tests if using 3.4 PR #25147 removes the POST being allowed to be skipped. This causes issue when testing 3.0 with the 3.4 provider. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25159) | 14 August 2024, 09:37:42 UTC |
| 90f9a1b | Pauli | 08 August 2024, 00:55:15 UTC | test: add FIPS provider version checks for 3.4 compatibility Tests that are changed by #25020 mandate updates to older test suite data to pass because the FIPS provider's behaviour changes in 3.4. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/25133) (cherry picked from commit 0793071efaa7f61828b555128587db48c5d24962) | 10 August 2024, 06:33:40 UTC |
| 2009647 | Neil Horman | 26 July 2024, 15:01:05 UTC | limit bignums to 128 bytes Keep us from spinning forever doing huge amounts of math in the fuzzer Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25013) (cherry picked from commit f0768376e1639d12a328745ef69c90d584138074) | 09 August 2024, 12:28:15 UTC |
| 2ac0e7f | JulieDzeze1 | 19 April 2024, 21:50:19 UTC | Update BN_add.pod documentation so it is consistent with header declarations CLA: trivial Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24215) (cherry picked from commit e77eb1dc0be75c98c53c932c861dd52e8896cc13) | 07 August 2024, 17:57:14 UTC |
| 571d87d | Bernd Edlinger | 22 December 2023, 18:28:38 UTC | Fix error handling in ASN1_mbstring_ncopy Sometimes the error handling returns an ASN1_STRING object in *out although that was not passed in by the caller, and sometimes the error handling deletes the ASN1_STRING but forgets to clear the *out parameter. Therefore the caller has no chance to know, if the leaked object in *out shall be deleted or not. This may cause a use-after-free error e.g. in asn1_str2type: ==63312==ERROR: AddressSanitizer: heap-use-after-free on address 0x603000073280 at pc 0x7f2652e93b08 bp 0x7ffe0e1951c0 sp 0x7ffe0e1951b0 READ of size 8 at 0x603000073280 thread T0 #0 0x7f2652e93b07 in asn1_string_embed_free crypto/asn1/asn1_lib.c:354 #1 0x7f2652eb521a in asn1_primitive_free crypto/asn1/tasn_fre.c:204 #2 0x7f2652eb50a9 in asn1_primitive_free crypto/asn1/tasn_fre.c:199 #3 0x7f2652eb5b67 in ASN1_item_free crypto/asn1/tasn_fre.c:20 #4 0x7f2652e8e13b in asn1_str2type crypto/asn1/asn1_gen.c:740 #5 0x7f2652e8e13b in generate_v3 crypto/asn1/asn1_gen.c:137 #6 0x7f2652e9166c in ASN1_generate_v3 crypto/asn1/asn1_gen.c:92 #7 0x7f2653307b9b in do_othername crypto/x509v3/v3_alt.c:577 #8 0x7f2653307b9b in a2i_GENERAL_NAME crypto/x509v3/v3_alt.c:492 #9 0x7f26533087c2 in v2i_subject_alt crypto/x509v3/v3_alt.c:327 #10 0x7f26533107fc in do_ext_nconf crypto/x509v3/v3_conf.c:100 #11 0x7f2653310f33 in X509V3_EXT_nconf crypto/x509v3/v3_conf.c:45 #12 0x7f2653311426 in X509V3_EXT_add_nconf_sk crypto/x509v3/v3_conf.c:312 #13 0x7f265331170c in X509V3_EXT_REQ_add_nconf crypto/x509v3/v3_conf.c:360 #14 0x564ed19d5f25 in req_main apps/req.c:806 #15 0x564ed19b8de0 in do_cmd apps/openssl.c:564 #16 0x564ed1985165 in main apps/openssl.c:183 #17 0x7f2651c4a082 in __libc_start_main ../csu/libc-start.c:308 #18 0x564ed1985acd in _start (/home/ed/OPCToolboxV5/Source/Core/OpenSSL/openssl/apps/openssl+0x139acd) 0x603000073280 is located 16 bytes inside of 24-byte region [0x603000073270,0x603000073288) freed by thread T0 here: #0 0x7f265413440f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:122 #1 0x7f265315a429 in CRYPTO_free crypto/mem.c:311 #2 0x7f265315a429 in CRYPTO_free crypto/mem.c:300 #3 0x7f2652e757b9 in ASN1_mbstring_ncopy crypto/asn1/a_mbstr.c:191 #4 0x7f2652e75ec5 in ASN1_mbstring_copy crypto/asn1/a_mbstr.c:38 #5 0x7f2652e8e227 in asn1_str2type crypto/asn1/asn1_gen.c:681 #6 0x7f2652e8e227 in generate_v3 crypto/asn1/asn1_gen.c:137 #7 0x7f2652e9166c in ASN1_generate_v3 crypto/asn1/asn1_gen.c:92 #8 0x7f2653307b9b in do_othername crypto/x509v3/v3_alt.c:577 #9 0x7f2653307b9b in a2i_GENERAL_NAME crypto/x509v3/v3_alt.c:492 #10 0x7f26533087c2 in v2i_subject_alt crypto/x509v3/v3_alt.c:327 #11 0x7f26533107fc in do_ext_nconf crypto/x509v3/v3_conf.c:100 #12 0x7f2653310f33 in X509V3_EXT_nconf crypto/x509v3/v3_conf.c:45 #13 0x7f2653311426 in X509V3_EXT_add_nconf_sk crypto/x509v3/v3_conf.c:312 #14 0x7f265331170c in X509V3_EXT_REQ_add_nconf crypto/x509v3/v3_conf.c:360 #15 0x564ed19d5f25 in req_main apps/req.c:806 #16 0x564ed19b8de0 in do_cmd apps/openssl.c:564 #17 0x564ed1985165 in main apps/openssl.c:183 #18 0x7f2651c4a082 in __libc_start_main ../csu/libc-start.c:308 previously allocated by thread T0 here: #0 0x7f2654134808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144 #1 0x7f265315a4fd in CRYPTO_malloc crypto/mem.c:221 #2 0x7f265315a4fd in CRYPTO_malloc crypto/mem.c:198 #3 0x7f265315a945 in CRYPTO_zalloc crypto/mem.c:236 #4 0x7f2652e939a4 in ASN1_STRING_type_new crypto/asn1/asn1_lib.c:341 #5 0x7f2652e74e51 in ASN1_mbstring_ncopy crypto/asn1/a_mbstr.c:150 #6 0x7f2652e75ec5 in ASN1_mbstring_copy crypto/asn1/a_mbstr.c:38 #7 0x7f2652e8e227 in asn1_str2type crypto/asn1/asn1_gen.c:681 #8 0x7f2652e8e227 in generate_v3 crypto/asn1/asn1_gen.c:137 #9 0x7f2652e9166c in ASN1_generate_v3 crypto/asn1/asn1_gen.c:92 #10 0x7f2653307b9b in do_othername crypto/x509v3/v3_alt.c:577 #11 0x7f2653307b9b in a2i_GENERAL_NAME crypto/x509v3/v3_alt.c:492 #12 0x7f26533087c2 in v2i_subject_alt crypto/x509v3/v3_alt.c:327 #13 0x7f26533107fc in do_ext_nconf crypto/x509v3/v3_conf.c:100 #14 0x7f2653310f33 in X509V3_EXT_nconf crypto/x509v3/v3_conf.c:45 #15 0x7f2653311426 in X509V3_EXT_add_nconf_sk crypto/x509v3/v3_conf.c:312 #16 0x7f265331170c in X509V3_EXT_REQ_add_nconf crypto/x509v3/v3_conf.c:360 #17 0x564ed19d5f25 in req_main apps/req.c:806 #18 0x564ed19b8de0 in do_cmd apps/openssl.c:564 #19 0x564ed1985165 in main apps/openssl.c:183 #20 0x7f2651c4a082 in __libc_start_main ../csu/libc-start.c:308 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23165) (cherry picked from commit dfa1e491f3a03b35e2e2f623abef630188428101) | 07 August 2024, 17:50:35 UTC |
| e032985 | Tomas Mraz | 05 August 2024, 12:49:52 UTC | do_print_ex(): Avoid possible integer overflow Fixes Coverity 1604657 Fixes openssl/project#780 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25084) (cherry picked from commit e3e15e77f14cc4026fd456cc8a2b5190b2d79610) | 07 August 2024, 17:40:00 UTC |
| 3c1efe4 | Dimitri Papadopoulos | 21 July 2024, 09:37:03 UTC | Fix typos found by codespell in openssl-3.3 doc Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/24950) (cherry picked from commit 4b86dbb596c179b519dfb7ceb7e1d223556442c5) | 07 August 2024, 17:09:06 UTC |
| 0cc068d | Andrew Dinh | 02 August 2024, 14:01:12 UTC | Use parent directory instead of index.html Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25073) (cherry picked from commit 5854b764a762598b662a5166be8d0030af06c1c0) | 07 August 2024, 09:13:55 UTC |
| 4c3d5cc | Andrew Dinh | 02 August 2024, 13:58:13 UTC | Update links in CONTRIBUTING.md Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25073) (cherry picked from commit ad3d57d27141c09fe07ef39c49af5afe69c59383) | 07 August 2024, 09:13:53 UTC |
| 37c24f7 | Andrew Dinh | 02 August 2024, 13:54:13 UTC | Fix some small typos Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25073) (cherry picked from commit d0a49eea4a8bb50f7d2269bac390a0ce2cddeb1f) | 07 August 2024, 09:13:51 UTC |
| 5d804e6 | Marc Brooks | 30 July 2024, 20:29:34 UTC | Free fetched digest in show_digests Fixes #24892 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25046) (cherry picked from commit 871c534d39efecc2087da0fd24ff72e2712031a4) | 01 August 2024, 09:38:26 UTC |
| 1dc48db | Tomas Mraz | 19 July 2024, 10:24:47 UTC | evp_get_digest/cipherbyname_ex(): Try to fetch if not found If the name is not found in namemap, we need to try to fetch the algorithm and query the namemap again. Fixes #19338 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24940) (cherry picked from commit 454ca902c7d5337249172b38efc5e4fd63f483f4) | 31 July 2024, 09:26:33 UTC |
| cd12a8c | jasper-smit-servicenow | 18 July 2024, 07:45:22 UTC | Update X509V3_get_d2i.pod returned pointer needs to be freed CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/24927) (cherry picked from commit a4fd94851261c55f9ad020bf22d4f29bda0b58be) (cherry picked from commit 12c38af865a0a60c98f6b63de5be4b8ce2d1ace5) (cherry picked from commit 607e186d070df2bc8c5abafbc949e8ef568614bd) (cherry picked from commit 4910b0bc2999f9911a2f1454d221a3d3d0d65ebd) | 21 July 2024, 16:46:16 UTC |
| fcf44f3 | Tomas Mraz | 18 July 2024, 08:48:58 UTC | i2d_name_canon(): Check overflow in len accumulation Fixes Coverity 1604638 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/24930) (cherry picked from commit b2deefb9d262f0f9eae6964006df98c2fa24daac) (cherry picked from commit dd744cd19b3ff2bdc320c8a77b5c32ff543eaeb3) (cherry picked from commit a3bfc4fd5b5641b05d6611073146627cf9114436) (cherry picked from commit 5d44130278a693e332bdc09936c79e1e7cbce2c7) | 21 July 2024, 16:34:31 UTC |
| dd4de3c | Georgi Valkov | 19 July 2024, 10:24:27 UTC | gitignore: add .DS_Store macOS creates .DS_Store files all over the place while browsing directories. Add it to the list of ignored files. Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/24942) (cherry picked from commit 10c36d2f8d81a6f2b9a75f914fe094300835ba01) (cherry picked from commit 97b2aa49e504e49a8862b89c65eb54e143395f1d) (cherry picked from commit 1a869a65719f14f702dff492a6f90b135b9d0646) (cherry picked from commit a2bc3dfdd728feda1af09a56a95961bb0e90dca7) | 21 July 2024, 16:18:57 UTC |
| 5ef09d0 | Tomas Mraz | 24 October 2023, 07:27:23 UTC | Allow short reads in asn1_d2i_read_bio() Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22486) (cherry picked from commit 202ef97edc8e5561a6f4db28919d5ed73d411cc7) | 18 July 2024, 17:06:44 UTC |
| a7baffc | erbsland-dev | 14 July 2024, 17:14:49 UTC | Improve clarity and readability of password input documentation Fixed #7310: Enhanced existing documentation for password input methods - Refined descriptions for password input methods: `file:`, `fd:`, and `stdin` - Enhanced readability and consistency in the instructions - Clarified handling of multiple lines in read files. - Clarified that `fd:` is not supported on Windows. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24878) (cherry picked from commit 0d4663ca6a91eb5eeb7bbe24a3b5a7cbee9e0fad) | 18 July 2024, 17:03:57 UTC |
| d0fdc11 | Tomas Mraz | 09 July 2024, 15:58:47 UTC | EVP_PKEY-DH.pod: Clarify the manpage in regards to DH and DHX types Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/24819) (cherry picked from commit cf3d65b8664f11904ad34f21fe78a6694f23ae62) | 17 July 2024, 14:39:39 UTC |
| 7b869b2 | Tomas Mraz | 09 July 2024, 07:17:05 UTC | Document that DH and DHX key types cannot be used together in KEX Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/24819) (cherry picked from commit 45611a8a8962c06e1d7ba0e5c00974da17e9c37a) | 17 July 2024, 14:39:38 UTC |
| b9ba50c | Neil Horman | 15 July 2024, 18:30:16 UTC | Fix coverity-1604666 Coverity recently flaged an error in which the return value for EVP_MD_get_size wasn't checked for negative values prior to use, which can cause underflow later in the function. Just add the check and error out if get_size returns an error. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24896) (cherry picked from commit 22e08c7cdc596d4f16749811d1022fb8b07a8e41) | 17 July 2024, 14:31:47 UTC |
| 03d0fab | Neil Horman | 15 July 2024, 19:59:14 UTC | Fix coverity-1604665 Coverity issued an error in the opt_uintmax code, detecting a potential overflow on a cast to ossl_intmax_t Looks like it was just a typo, casting m from uintmax_t to ossl_intmax_t Fix it by correcting the cast to be ossl_uintmax_t, as would be expected Theres also some conditionals that seem like they should be removed, but I'll save that for later, as there may be some corner cases in which ossl_uintmax_t isn't equal in size to uintmax_t..maybe. Fixes openssl/private#567 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24897) (cherry picked from commit a753547eefc9739f341824a0cb0642afe7a06fcc) | 17 July 2024, 07:51:16 UTC |
| f1d9256 | erbsland-dev | 15 July 2024, 15:07:52 UTC | Add tests for long configuration lines with backslashes Introduce new test files to verify behavior with config lines longer than 512 characters containing backslashes. Updated test plan to include these new test scenarios. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24890) (cherry picked from commit 2dd74d3acb9425251a2028504f07623bd97bfe87) | 16 July 2024, 19:33:51 UTC |
| 115d091 | erbsland-dev | 15 July 2024, 10:16:09 UTC | Fix line continuation check in config parser Fixes #8038: Previously, line continuation logic did not account for the 'again' flag, which could cause incorrect removal of a backslash character in the middle of a line. This fix ensures that line continuation is correctly handled only when 'again' is false, thus improving the reliability of the configuration parser. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24890) (cherry picked from commit f54e4bc51b78c10dc99a61c087861ee2c11d7a41) | 16 July 2024, 19:33:50 UTC |
| 7d02253 | erbsland-dev | 15 July 2024, 08:50:37 UTC | Clarify in-place encryption behavior in documentation Fixes #7941: Update the `EVP_EncryptUpdate` documentation to specify that in-place encryption is guaranteed only if the context does not contain incomplete data from previous operations. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24887) (cherry picked from commit f692ceeedcd104407b7672c67d62d6f86f8ac182) | 16 July 2024, 17:42:52 UTC |
| ceaba9f | Neil Horman | 12 July 2024, 13:38:52 UTC | Set down_load factor on hash table when culling items in doall oss-fuzz noted this issue: https://oss-fuzz.com/testcase-detail/5363002606419968 Which reports a heap buffer overflow during ossl_method_cache_flush_some Its occuring because we delete items from the hash table while inside its doall iterator The iterator in lhash.c does a reverse traversal of all buckets in the hash table, and at some point a removal during an iteration leads to the hash table shrinking, by calling contract. When that happens, the bucket index becomes no longer valid, and if the index we are on is large, it exceeds the length of the list, leading to an out of band reference, and the heap buffer overflow report. Fix it by preventing contractions from happening during the iteration, but setting the down_load factor to 0, and restoring it to its initial value after the iteration is done Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24867) (cherry picked from commit 01753c09bbfdffcefd555b4c21e50e68af346129) | 16 July 2024, 11:32:48 UTC |
| 11d11ba | Matt Caswell | 12 July 2024, 08:16:36 UTC | Fix a copy & paste error in the EVP_RAND docs The "max_request" string is defined via the OSSL_RAND_PARAM_MAX_REQUEST macro. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24863) (cherry picked from commit 5c6975bd44dce4bb342b7bc130de5aaefbe2c35b) | 15 July 2024, 20:50:13 UTC |
| 841b041 | Daniel Gustafsson | 12 July 2024, 10:08:04 UTC | Rearrange code examples in docs for clarity The introduction of a deprecation notice between the header include line and the function prototypes left the inclusion in the previous block. Move the #include to after the deprecation notice to ensure that the headers is included together with the corresponding MDX_y* functions. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24864) (cherry picked from commit b33f2697d953ac5dbadbe99d4110fe907b215ad8) | 15 July 2024, 16:31:58 UTC |
| 3e2287e | Matt Caswell | 11 July 2024, 14:49:21 UTC | Fix a minor typo in the documentation of RAND_set_seed_source_type() Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24858) (cherry picked from commit e8c7febc8f1b0ef9e5b62b0944748d2830b1a0b4) | 12 July 2024, 16:09:22 UTC |
| cf198e9 | erbsland-dev | 11 July 2024, 12:02:53 UTC | Document Internal EVP_MD_CTX_ Flags Add documentation for the internal flags `EVP_MD_CTX_FLAG_CLEANED` and `EVP_MD_CTX_FLAG_REUSE`, explicitly stating that these flags are for internal use only and must not be used in user code. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24829) (cherry picked from commit b74646b627ade4ff801914d45a7733af2ebf4b5f) | 12 July 2024, 13:59:30 UTC |
| fbb280d | Dmitry Misharov | 10 July 2024, 12:51:04 UTC | deploy docs.openssl.org on doc changes Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24839) (cherry picked from commit 8b591dceeff52965dbde14a0e455c5d3548a2609) | 12 July 2024, 08:59:55 UTC |
| afbe301 | sashan | 27 June 2024, 14:31:41 UTC | EVP_DigestUpdate(): Check if ctx->update is set The issue has been discovered by libFuzzer running on provider target. There are currently three distinct reports which are addressed by code change here. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1 the issue has been introduced with openssl 3.0. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24753) (cherry picked from commit ad33d62396b7e9db04fdf060481ced394d391688) | 11 July 2024, 19:49:41 UTC |
| 21df6a6 | dependabot[bot] | 10 July 2024, 17:07:01 UTC | Dependabot update CLA: trivial (deps): Bump actions/setup-python Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24843) (cherry picked from commit 00163371fa502df62465163185a9a434574d6746) | 11 July 2024, 07:54:59 UTC |
| e04a00f | Neil Horman | 08 July 2024, 12:32:29 UTC | Add a style-check workflow Add a CI job that evaluates style issues, restricted only to lines changed for the affected files in a given commit Also provide a mechanism to waive those style issues. by applying the style:exempted label to a PR, the checks are still run (its nice to see what they are regardless), but the test will pass CI regardless of weather any issues are found. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24806) (cherry picked from commit fc22d74c53720d14f99fd880b767d8a3e4986ae2) | 10 July 2024, 12:32:31 UTC |
| 548469f | Neil Horman | 08 July 2024, 12:30:49 UTC | Add a check-format-commit.sh script Add a wrapper script to check-format.pl, which is capable of analyzing commits rather than just a file. for a provided commit this script: 1) runs check-format.pl on the files changed in the provided commit 2) filters the output of check-format.pl, only producing lines that match ranges of changed lines in those files Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24806) (cherry picked from commit acae12eb781658479b4fb3fee6334fd14a3c2739) | 10 July 2024, 12:32:20 UTC |
| 8f45140 | erbsland-dev | 08 July 2024, 10:35:55 UTC | Enhance documentation for `BN_mask_bits()` Fixes #5537 Added a note that the error check for `BN_mask_bits()` depends on the internal representation that depends on the platform's word size. Included a reference to the `BN_num_bits()` function for precise bit checking. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24812) (cherry picked from commit 2a45839778955ffcab01918f10544d46e42f9a5b) | 10 July 2024, 09:50:50 UTC |
| 08de6a3 | olszomal | 08 July 2024, 09:50:35 UTC | Clarify supported curves in the s_client/s_server documentation Mention that supported curves (aka groups) include named EC parameters as well as X25519 and X448 or FFDHE groups. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24774) (cherry picked from commit 775188702574dcd6cc53b7a9d3501a639c146121) | 10 July 2024, 07:37:23 UTC |
| 6c99ea7 | Neil Horman | 02 July 2024, 18:27:42 UTC | read lock store on ossl_method_store_do_all Theres a data race between ossl_method_store_insert and ossl_method_store_do_all, as the latter doesn't take the property lock before iterating. However, we can't lock in do_all, as the call stack in several cases later attempts to take the write lock. The choices to fix it are I think: 1) add an argument to indicate to ossl_method_store_do_all weather to take the read or write lock when doing iterations, and add an is_locked api to the ossl_property_[read|write] lock family so that subsequent callers can determine if they need to take a lock or not 2) Clone the algs sparse array in ossl_method_store_do_all and use the clone to iterate with no lock held, ensuring that updates to the parent copy of the sparse array are left untoucheTheres a data race between ossl_method_store_insert and ossl_method_store_do_all, as the latter doesn't take the property lock before iterating. I think method (2), while being a bit more expensive, is probably the far less invasive way to go here Fixes #24672 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24782) (cherry picked from commit d8def79838cd0d5e7c21d217aa26edb5229f0ab4) | 09 July 2024, 09:28:41 UTC |
| b548466 | Radek Krejci | 21 March 2024, 12:19:23 UTC | Avoid NULL pointer dereference Function readbuffer_gets() misses some of the initial checks of its arguments. Not checking them can lead to a later NULL pointer dereferences. The checks are now unified with the checks in readbuffer_read() function. CLA: trivial Fixes #23915 Signed-off-by: Radek Krejci <radek.krejci@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23918) (cherry picked from commit c215d75f94fcaa598817e739221f33b71b53fb39) | 08 July 2024, 19:56:27 UTC |
| a384744 | Dr. David von Oheimb | 06 July 2024, 15:55:25 UTC | check_format.pl: fix detection of 'if' with single stmt in braces without 'else' Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24805) (cherry picked from commit f35c0894130e34ff46a429f4373c14ca98437405) | 08 July 2024, 16:45:55 UTC |
| 6560ca8 | Bernd Edlinger | 14 November 2023, 01:55:36 UTC | Fix possible double-free in pkcs7 add_attribute function The problem is the ownership of the input parameter value is transfered to the X509_ATTRIBUTE object attr, as soon as X509_ATTRIBUTE_create succeeds, but when an error happens after that point there is no way to get the ownership back to the caller, which is necessary to fullfill the API contract. Fixed that by moving the call to X509_ATTRIBUTE_create to the end of the function, and make sure that no errors are possible after that point. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22721) (cherry picked from commit 82a13a1f5053462f826bfb90061f0f77e3cc98a5) | 08 July 2024, 10:26:34 UTC |
| 35b3c2d | Daniel Gustafsson | 03 July 2024, 13:12:01 UTC | Fix incorrect sentence Remove superfluous "the" from sentence. CLA: trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24790) (cherry picked from commit 59c415a45f47cb34147427e46c78d945919b1da2) | 04 July 2024, 17:17:35 UTC |
| 89db597 | Frederik Wedel-Heinen | 14 June 2024, 12:57:28 UTC | Allow shared iOS builds Fixes #24545 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24649) (cherry picked from commit 070b6a965485e91b02453919e0a47c0659420d9a) | 04 July 2024, 07:29:53 UTC |
| bce6a81 | cchinchole | 02 July 2024, 01:16:03 UTC | Unlock only when lock was successful Addressing issue (#24517): Updated the example in CRYPTO_THREAD_run_once.pod to reflect that an unlock call should not be made if a write_lock failed. Updated BIO_lookup_ex in bio_addr.c and ossl_engine_table_select in eng_table.c to not call unlock if the lock failed. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/24779) (cherry picked from commit 3f4da93678497fe64d262d03c388932f7ecfe74e) | 03 July 2024, 19:42:02 UTC |
| f0ab3d1 | Tomas Mraz | 28 June 2024, 08:34:23 UTC | Configure: Remove -Wswitch-default from strict warnings Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24758) (cherry picked from commit 3d9c6b16d8b8e75b73e2fd34849e930e2792f3a4) | 03 July 2024, 09:29:03 UTC |
| 375f142 | Dr. David von Oheimb | 11 July 2022, 17:55:10 UTC | BIO_f_base64.pod and openssl-enc.pod.in: improve description on newline handling Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18783) (cherry picked from commit b1e7bc5bdfc73ef841afa30ac321975b0d63219a) | 02 July 2024, 18:25:28 UTC |
| 9ca919f | Tomas Mraz | 01 July 2024, 07:30:56 UTC | OPENSSL_hexstr2buf_ex(): Handle zero-length input correctly In case of zero-length input the code wrote one byte before the start of the output buffer. The length of the output was also reported incorrectly in this case. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24770) (cherry picked from commit 3f7b355733407cf777bfad5ce5b79610588bacc5) | 02 July 2024, 18:14:42 UTC |
| e56f195 | Tomas Mraz | 28 June 2024, 14:08:39 UTC | To reliably trigger HRR we must use P-384 group Otherwise with newer FIPS providers P-256 is the first group supported. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24763) (cherry picked from commit 0da6d328d5f6d0fe0aca47a94bb55a9f2ed0628b) | 01 July 2024, 08:06:12 UTC |
| 24750fe | JohnnySavages | 27 June 2024, 01:59:52 UTC | Check EC_GROUP_get0_order result before dereference CLA: trivial Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24755) (cherry picked from commit 16311dbf53c464726d73b76d77ecf6275c9f9d08) | 01 July 2024, 08:04:36 UTC |
| 7c44461 | Richard Levitte | 27 June 2024, 06:30:28 UTC | OpenSSL::Test: Avoid running IPv6 related tests if IPv6 was explicitly disabled It's possible to disable IPv6 explicitly when configuring OpenSSL. In that case, IPv6 related tests should be skipped. This is solved by having OpenSSL::Test::Utils::have_IPv6() check configuration first, before trying to determine if the machine supports IPv6. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24748) (cherry picked from commit 5a9c90b1e59b2c368876229862fbff29f2bcf006) | 29 June 2024, 06:41:29 UTC |
| 5258715 | Pauli | 27 June 2024, 00:08:05 UTC | Clarify DRBG seeding. There is a legacy code path that OpenSSL won't use anymore but applications could. Add a comment indicating this to avoid confusion for people not intimately conversant with the nuances in the RNG code. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24745) (cherry picked from commit 1eb122aa0ca152dc564e61674caf3f11acd85b57) | 29 June 2024, 04:13:12 UTC |
| 89f27ae | sanumesh | 11 June 2024, 14:47:07 UTC | Add aix-clang and aix64-clang configuration Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24609) (cherry picked from commit 7afa7731e924d5ac10fc992d8cd777f407d33af9) | 28 June 2024, 13:21:29 UTC |
| e65482e | sgzmd | 25 June 2024, 14:53:32 UTC | Free appname if it was set after initializing crypto. Fixes #24729 CLA: trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24730) (cherry picked from commit fbd6609bb21b125c9454d07c484d166a33b4815b) | 27 June 2024, 17:51:08 UTC |
| 644f869 | Vita Batrla | 25 June 2024, 09:58:49 UTC | docs: document that *_free(NULL) does nothing Explicitly documents that *_free(NULL) does nothing. Fixes two cases where that wasn't true. Fixes #24675. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24735) (cherry picked from commit 981d129a5609ee2e031367c34c67a9f61a5bfd66) | 27 June 2024, 16:34:13 UTC |
| 99c2b6b | Matt Caswell | 21 June 2024, 13:29:26 UTC | Add a test for an empty NextProto message It is valid according to the spec for a NextProto message to have no protocols listed in it. The OpenSSL implementation however does not allow us to create such a message. In order to check that we work as expected when communicating with a client that does generate such messages we have to use a TLSProxy test. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit a201030901de9f9a48b34c38f6922fb0b272f26f) | 27 June 2024, 09:39:47 UTC |
| ca176d7 | Matt Caswell | 21 June 2024, 09:09:41 UTC | Add explicit testing of ALN and NPN in sslapitest We already had some tests elsewhere - but this extends that testing with additional tests. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit 0453bf5a7ac60ab01c8bb713d8cc2a94324aa88c) | 27 June 2024, 09:39:47 UTC |
| 4b375b9 | Matt Caswell | 21 June 2024, 10:51:54 UTC | Add ALPN validation in the client The ALPN protocol selected by the server must be one that we originally advertised. We should verify that it is. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit 017e54183b95617825fb9316d618c154a34c634e) | 27 June 2024, 09:39:47 UTC |
| 189a7ed | Matt Caswell | 21 June 2024, 09:41:55 UTC | Correct return values for tls_construct_stoc_next_proto_neg Return EXT_RETURN_NOT_SENT in the event that we don't send the extension, rather than EXT_RETURN_SENT. This actually makes no difference at all to the current control flow since this return value is ignored in this case anyway. But lets make it correct anyway. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit 087501b4f572825e27ca8cc2c5874fcf6fd47cf7) | 27 June 2024, 09:39:47 UTC |
| 72394c9 | Matt Caswell | 04 June 2024, 14:47:32 UTC | Allow an empty NPN/ALPN protocol list in the tests Allow ourselves to configure an empty NPN/ALPN protocol list and test what happens if we do. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit c54e56fc8ab19e9d07c284d6c7c6bf293f7520d2) | 27 June 2024, 09:39:47 UTC |
| 707c71a | Matt Caswell | 31 May 2024, 15:35:16 UTC | Add a test for SSL_select_next_proto Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit ad1318efa2cfdf43ed49d23c4a815f4754604b97) | 27 June 2024, 09:39:47 UTC |
| 7a9f521 | Matt Caswell | 31 May 2024, 10:46:38 UTC | Clarify the SSL_select_next_proto() documentation We clarify the input preconditions and the expected behaviour in the event of no overlap. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit 889ed19ba25abebd2690997acd6d4791cbe5c493) | 27 June 2024, 09:39:47 UTC |
| 1599211 | Matt Caswell | 31 May 2024, 10:18:27 UTC | More correctly handle a selected_len of 0 when processing NPN In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but the selected_len is 0 we should fail. Previously this would fail with an internal_error alert because calling OPENSSL_malloc(selected_len) will return NULL when selected_len is 0. We make this error detection more explicit and return a handshake failure alert. Follow on from CVE-2024-5535 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24718) (cherry picked from commit 4279c89a726025c758db3dafb263b17e52211304) | 27 June 2024, 09:39:47 UTC |
