From nobody Tue Dec 14 22:44:20 2021 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6BC9B18D2D63; Tue, 14 Dec 2021 22:44:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JDD2Y0pcnz4jF6; Tue, 14 Dec 2021 22:44:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF721111B3; Tue, 14 Dec 2021 22:44:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BEMiKo1077533; Tue, 14 Dec 2021 22:44:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BEMiKhw077532; Tue, 14 Dec 2021 22:44:20 GMT (envelope-from git) Date: Tue, 14 Dec 2021 22:44:20 GMT Message-Id: <202112142244.1BEMiKhw077532@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Jung-uk Kim Subject: git: 17037d24d8ed - stable/13 - OpenSSL: Merge OpenSSL 1.1.1m List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jkim X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 17037d24d8ed0bbe3826eff2e37d7b57c332d582 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1639521861; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=eYbhFnPV1AL7OJQGfMCcvf688wO6+IeAUVerYz7ETqY=; b=Lxhe22xkxkhxuu6/+n7+CalRtL6Db4uhQoGWddxCv7Q0D0uDiVOiQ+GPtaebdgiXtPVLG8 08UuNjeRvvapJ/4Q21oHOoysC7JXrP8BxCgvY3LwgfoWBf5+gcLAb42se165/Dnx+6qSos g7X9HXn1mI7a0RDl5ZLheI+Dgqfbwn+JcOy6pQqiB2g7PGtlokvbq6zNwtZXD5166jKqDl 0aE20mEjlHTfTYX/CBe0Kr2d6HdnepMi+sN4qyUtSCuACJQVoDoJVhXqipmYlj28x2zTSS KqhiUfVZJDLVNyi3pOk3aavUsTIGiliJfY7CcHmWvf9e4Y5ms0Kv32sLRVv3Qg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639521861; a=rsa-sha256; cv=none; b=pCjDNMbBBPhvUEhr2owMDGfLhA3oIIGbr18TNYpJh1u77Y/32CTpwquL0DOve3a4c9EKhU vOFhzak1Kn5WzaU/9Dqpr20j2kriUeKZsOOB5plfjUlihwKJwiDQkuD7AbWrVGaMl4fU3O Pfcggf2PuYHRwGJKtrWlitjiPubCVrDkSCF9/XIOCfRkFX1TaNnlfps6hIVQ0TKGC6JVC4 LFTBjt7RP7gZksPchhJivHsbRxdwZ25e3XoO/UBBZ+VdxjuP5CzNb4VeFQMLi/JCL6ZTLx fuk7zV+AO6K7++6VNqWuDvAJ8XgRh8ask64oS4jszdRUBuvc9mI9kU9LzpR23A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by jkim: URL: https://cgit.FreeBSD.org/src/commit/?id=17037d24d8ed0bbe3826eff2e37d7b57c332d582 commit 17037d24d8ed0bbe3826eff2e37d7b57c332d582 Author: Jung-uk Kim AuthorDate: 2021-12-14 19:04:30 +0000 Commit: Jung-uk Kim CommitDate: 2021-12-14 22:42:45 +0000 OpenSSL: Merge OpenSSL 1.1.1m (cherry picked from commit b2bf0c7e5f4037d63458def91a026592468afd2f) --- crypto/openssl/CHANGES | 20 +++++ crypto/openssl/Configure | 3 + crypto/openssl/NEWS | 4 + crypto/openssl/README | 2 +- crypto/openssl/apps/ciphers.c | 3 +- crypto/openssl/apps/dgst.c | 6 +- crypto/openssl/apps/s_cb.c | 4 +- crypto/openssl/apps/s_client.c | 4 +- crypto/openssl/apps/s_server.c | 10 +-- crypto/openssl/apps/speed.c | 10 ++- crypto/openssl/crypto/asn1/a_print.c | 9 ++- crypto/openssl/crypto/asn1/asn1_lib.c | 11 ++- crypto/openssl/crypto/bio/bss_dgram.c | 6 +- crypto/openssl/crypto/bio/bss_mem.c | 4 +- crypto/openssl/crypto/bn/asm/mips.pl | 6 +- crypto/openssl/crypto/cms/cms_env.c | 3 +- crypto/openssl/crypto/dh/dh_ameth.c | 13 ++-- crypto/openssl/crypto/ec/curve448/field.h | 4 +- crypto/openssl/crypto/ec/ec_asn1.c | 2 +- crypto/openssl/crypto/ec/ec_curve.c | 29 ++++++- crypto/openssl/crypto/engine/eng_dyn.c | 6 +- crypto/openssl/crypto/engine/eng_lib.c | 4 +- crypto/openssl/crypto/engine/eng_list.c | 89 +++++++++++++++++++++- crypto/openssl/crypto/engine/eng_local.h | 11 ++- crypto/openssl/crypto/err/err.c | 3 +- crypto/openssl/crypto/evp/evp_enc.c | 12 +-- crypto/openssl/crypto/evp/p_lib.c | 13 +++- crypto/openssl/crypto/objects/o_names.c | 16 ++-- crypto/openssl/crypto/pem/pem_lib.c | 25 +++--- crypto/openssl/crypto/rand/rand_unix.c | 2 +- crypto/openssl/crypto/ts/ts_verify_ctx.c | 1 + crypto/openssl/crypto/uid.c | 2 +- crypto/openssl/crypto/x509/x509_vfy.c | 62 ++++++++------- crypto/openssl/crypto/x509/x_name.c | 6 +- crypto/openssl/crypto/x509v3/v3_ncons.c | 3 + crypto/openssl/doc/man1/passwd.pod | 4 +- crypto/openssl/doc/man1/pkeyutl.pod | 10 +++ crypto/openssl/doc/man3/BIO_f_ssl.pod | 17 ++--- crypto/openssl/doc/man3/BIO_push.pod | 53 +++++++------ crypto/openssl/doc/man3/BN_rand.pod | 4 +- crypto/openssl/doc/man3/ENGINE_add.pod | 7 +- crypto/openssl/doc/man3/ERR_load_strings.pod | 6 +- crypto/openssl/doc/man3/EVP_EncryptInit.pod | 16 ++-- crypto/openssl/doc/man3/OBJ_nid2obj.pod | 30 ++++---- .../openssl/doc/man3/SSL_CTX_set_num_tickets.pod | 10 +-- .../doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod | 4 +- crypto/openssl/doc/man3/SSL_get_session.pod | 9 ++- crypto/openssl/doc/man3/SSL_set_fd.pod | 13 +++- crypto/openssl/doc/man3/d2i_X509.pod | 6 +- crypto/openssl/doc/man7/ossl_store.pod | 4 +- crypto/openssl/engines/e_afalg.c | 9 +-- crypto/openssl/engines/e_dasync.c | 30 +++++++- crypto/openssl/include/crypto/rand.h | 12 ++- crypto/openssl/include/openssl/ec.h | 17 +++-- crypto/openssl/include/openssl/opensslv.h | 4 +- crypto/openssl/ssl/bio_ssl.c | 7 +- crypto/openssl/ssl/record/ssl3_record.c | 2 +- crypto/openssl/ssl/s3_cbc.c | 4 +- crypto/openssl/ssl/ssl_asn1.c | 4 +- crypto/openssl/ssl/ssl_ciph.c | 3 +- crypto/openssl/ssl/ssl_lib.c | 2 + crypto/openssl/ssl/ssl_local.h | 2 +- crypto/openssl/ssl/statem/README | 2 +- crypto/openssl/ssl/statem/extensions_clnt.c | 5 +- crypto/openssl/ssl/statem/extensions_cust.c | 13 ++-- crypto/openssl/ssl/statem/statem_lib.c | 4 +- 66 files changed, 502 insertions(+), 219 deletions(-) diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index fae493da34cf..6484e7ea52bf 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -7,6 +7,26 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1l and 1.1.1m [14 Dec 2021] + + *) Avoid loading of a dynamic engine twice. + + [Bernd Edlinger] + + *) Fixed building on Debian with kfreebsd kernels + + [Mattias Ellert] + + *) Prioritise DANE TLSA issuer certs over peer certs + + [Viktor Dukhovni] + + *) Fixed random API for MacOS prior to 10.12 + + These MacOS versions don't support the CommonCrypto APIs + + [Lenny Primak] + Changes between 1.1.1k and 1.1.1l [24 Aug 2021] *) Fixed an SM2 Decryption Buffer Overflow. diff --git a/crypto/openssl/Configure b/crypto/openssl/Configure index 8e7ee1a599cc..c1e2591b660a 100755 --- a/crypto/openssl/Configure +++ b/crypto/openssl/Configure @@ -1306,16 +1306,19 @@ if ($disabled{"dynamic-engine"}) { unless ($disabled{asan}) { push @{$config{cflags}}, "-fsanitize=address"; + push @{$config{cxxflags}}, "-fsanitize=address" if $config{CXX}; } unless ($disabled{ubsan}) { # -DPEDANTIC or -fnosanitize=alignment may also be required on some # platforms. push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all"; + push @{$config{cxxflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all" if $config{CXX}; } unless ($disabled{msan}) { push @{$config{cflags}}, "-fsanitize=memory"; + push @{$config{cxxflags}}, "-fsanitize=memory" if $config{CXX}; } unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"} diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS index 5a1207c66ed4..0769464fefa2 100644 --- a/crypto/openssl/NEWS +++ b/crypto/openssl/NEWS @@ -5,6 +5,10 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021] + + o None + Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021] o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711) diff --git a/crypto/openssl/README b/crypto/openssl/README index 7dc4e6790c34..50345c3c28eb 100644 --- a/crypto/openssl/README +++ b/crypto/openssl/README @@ -1,5 +1,5 @@ - OpenSSL 1.1.1l 24 Aug 2021 + OpenSSL 1.1.1m 14 Dec 2021 Copyright (c) 1998-2021 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/openssl/apps/ciphers.c b/crypto/openssl/apps/ciphers.c index 0bb33a4aca4b..aade3fbf5671 100644 --- a/crypto/openssl/apps/ciphers.c +++ b/crypto/openssl/apps/ciphers.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -172,6 +172,7 @@ int ciphers_main(int argc, char **argv) if (convert != NULL) { BIO_printf(bio_out, "OpenSSL cipher name: %s\n", OPENSSL_cipher_name(convert)); + ret = 0; goto end; } diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c index e595f7d8186f..f9b184be4cc1 100644 --- a/crypto/openssl/apps/dgst.c +++ b/crypto/openssl/apps/dgst.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -316,7 +316,7 @@ int dgst_main(int argc, char **argv) EVP_MD_CTX *mctx = NULL; EVP_PKEY_CTX *pctx = NULL; int r; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); ERR_print_errors(bio_err); goto end; @@ -345,7 +345,7 @@ int dgst_main(int argc, char **argv) /* we use md as a filter, reading from 'in' */ else { EVP_MD_CTX *mctx = NULL; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); ERR_print_errors(bio_err); goto end; diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c index dee1b2e5b4f6..d066a423dee8 100644 --- a/crypto/openssl/apps/s_cb.c +++ b/crypto/openssl/apps/s_cb.c @@ -819,7 +819,9 @@ int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie, { unsigned int temp; int res = generate_cookie_callback(ssl, cookie, &temp); - *cookie_len = temp; + + if (res != 0) + *cookie_len = temp; return res; } diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index 68bd9ced015f..aa5841cd08e2 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005 Nokia. All rights reserved. * * Licensed under the OpenSSL license (the "License"). You may not use @@ -3151,6 +3151,8 @@ int s_client_main(int argc, char **argv) #endif OPENSSL_free(connectstr); OPENSSL_free(bindstr); + OPENSSL_free(bindhost); + OPENSSL_free(bindport); OPENSSL_free(host); OPENSSL_free(port); X509_VERIFY_PARAM_free(vpm); diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index c11aeee440a2..9fcb8d7a7bc6 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -134,12 +134,12 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, if (s_debug) BIO_printf(bio_s_out, "psk_server_cb\n"); - if (SSL_version(ssl) >= TLS1_3_VERSION) { + if (!SSL_is_dtls(ssl) && SSL_version(ssl) >= TLS1_3_VERSION) { /* - * This callback is designed for use in TLSv1.2. It is possible to use - * a single callback for all protocol versions - but it is preferred to - * use a dedicated callback for TLSv1.3. For TLSv1.3 we have - * psk_find_session_cb. + * This callback is designed for use in (D)TLSv1.2 (or below). It is + * possible to use a single callback for all protocol versions - but it + * is preferred to use a dedicated callback for TLSv1.3. For TLSv1.3 we + * have psk_find_session_cb. */ return 0; } diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c index d4ae7ab7bfde..89bf18480fa1 100644 --- a/crypto/openssl/apps/speed.c +++ b/crypto/openssl/apps/speed.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use @@ -1590,6 +1590,10 @@ int speed_main(int argc, char **argv) case OPT_MULTI: #ifndef NO_FORK multi = atoi(opt_arg()); + if (multi >= INT_MAX / (int)sizeof(int)) { + BIO_printf(bio_err, "%s: multi argument too large\n", prog); + return 0; + } #endif break; case OPT_ASYNCJOBS: @@ -3490,7 +3494,7 @@ static int do_multi(int multi, int size_num) close(fd[1]); mr = 1; usertime = 0; - free(fds); + OPENSSL_free(fds); return 0; } printf("Forked child %d\n", n); @@ -3603,7 +3607,7 @@ static int do_multi(int multi, int size_num) fclose(f); } - free(fds); + OPENSSL_free(fds); return 1; } #endif diff --git a/crypto/openssl/crypto/asn1/a_print.c b/crypto/openssl/crypto/asn1/a_print.c index 85a631a27aa7..3790e82bb13a 100644 --- a/crypto/openssl/crypto/asn1/a_print.c +++ b/crypto/openssl/crypto/asn1/a_print.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,12 +18,13 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len) int ia5 = 0; int t61 = 0; - if (len <= 0) - len = -1; if (s == NULL) return V_ASN1_PRINTABLESTRING; - while ((*s) && (len-- != 0)) { + if (len < 0) + len = strlen((const char *)s); + + while (len-- > 0) { c = *(s++); if (!ossl_isasn1print(c)) ia5 = 1; diff --git a/crypto/openssl/crypto/asn1/asn1_lib.c b/crypto/openssl/crypto/asn1/asn1_lib.c index 3d99d1383d42..b9b7ad8e9e02 100644 --- a/crypto/openssl/crypto/asn1/asn1_lib.c +++ b/crypto/openssl/crypto/asn1/asn1_lib.c @@ -294,7 +294,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in) c = str->data; #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION /* No NUL terminator in fuzzing builds */ - str->data = OPENSSL_realloc(c, len); + str->data = OPENSSL_realloc(c, len != 0 ? len : 1); #else str->data = OPENSSL_realloc(c, len + 1); #endif @@ -307,7 +307,11 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in) str->length = len; if (data != NULL) { memcpy(str->data, data, len); -#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION +#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION + /* Set the unused byte to something non NUL and printable. */ + if (len == 0) + str->data[len] = '~'; +#else /* * Add a NUL terminator. This should not be necessary - but we add it as * a safety precaution @@ -375,7 +379,8 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) i = (a->length - b->length); if (i == 0) { - i = memcmp(a->data, b->data, a->length); + if (a->length != 0) + i = memcmp(a->data, b->data, a->length); if (i == 0) return a->type - b->type; else diff --git a/crypto/openssl/crypto/bio/bss_dgram.c b/crypto/openssl/crypto/bio/bss_dgram.c index 942fd8b514be..c87ba4d26508 100644 --- a/crypto/openssl/crypto/bio/bss_dgram.c +++ b/crypto/openssl/crypto/bio/bss_dgram.c @@ -1,5 +1,5 @@ /* - * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,6 +7,10 @@ * https://www.openssl.org/source/license.html */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE +#endif + #include #include diff --git a/crypto/openssl/crypto/bio/bss_mem.c b/crypto/openssl/crypto/bio/bss_mem.c index 7cb4a57813fd..2420b26553e0 100644 --- a/crypto/openssl/crypto/bio/bss_mem.c +++ b/crypto/openssl/crypto/bio/bss_mem.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -280,7 +280,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) ret = (long)bm->length; if (ptr != NULL) { pptr = (char **)ptr; - *pptr = (char *)&(bm->data[0]); + *pptr = (char *)bm->data; } break; case BIO_C_SET_BUF_MEM: diff --git a/crypto/openssl/crypto/bn/asm/mips.pl b/crypto/openssl/crypto/bn/asm/mips.pl index 8ad715bda4d4..76fe82334f88 100755 --- a/crypto/openssl/crypto/bn/asm/mips.pl +++ b/crypto/openssl/crypto/bn/asm/mips.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2010-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -1984,6 +1984,8 @@ $code.=<<___; sltu $at,$c_2,$t_1 $ADDU $c_3,$t_2,$at $ST $c_2,$BNSZ($a0) + sltu $at,$c_3,$t_2 + $ADDU $c_1,$at mflo ($t_1,$a_2,$a_0) mfhi ($t_2,$a_2,$a_0) ___ @@ -2194,6 +2196,8 @@ $code.=<<___; sltu $at,$c_2,$t_1 $ADDU $c_3,$t_2,$at $ST $c_2,$BNSZ($a0) + sltu $at,$c_3,$t_2 + $ADDU $c_1,$at mflo ($t_1,$a_2,$a_0) mfhi ($t_2,$a_2,$a_0) ___ diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 04940146fd25..962a0137542a 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -737,6 +737,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, goto err; } + OPENSSL_clear_free(ec->key, ec->keylen); ec->key = ukey; ec->keylen = ukeylen; diff --git a/crypto/openssl/crypto/dh/dh_ameth.c b/crypto/openssl/crypto/dh/dh_ameth.c index d53004080d5e..576409ccb51b 100644 --- a/crypto/openssl/crypto/dh/dh_ameth.c +++ b/crypto/openssl/crypto/dh/dh_ameth.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -629,16 +629,18 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, goto err; pk = EVP_PKEY_CTX_get0_pkey(pctx); - if (!pk) - goto err; - if (pk->type != EVP_PKEY_DHX) + if (pk == NULL || pk->type != EVP_PKEY_DHX) goto err; + /* Get parameters from parent key */ dhpeer = DHparams_dup(pk->pkey.dh); + if (dhpeer == NULL) + goto err; + /* We have parameters now set public key */ plen = ASN1_STRING_length(pubkey); p = ASN1_STRING_get0_data(pubkey); - if (!p || !plen) + if (p == NULL || plen == 0) goto err; if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL) { @@ -655,6 +657,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, pkpeer = EVP_PKEY_new(); if (pkpeer == NULL) goto err; + EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer); dhpeer = NULL; if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) diff --git a/crypto/openssl/crypto/ec/curve448/field.h b/crypto/openssl/crypto/ec/curve448/field.h index ccd04482d205..4e4eda664f78 100644 --- a/crypto/openssl/crypto/ec/curve448/field.h +++ b/crypto/openssl/crypto/ec/curve448/field.h @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2014 Cryptography Research, Inc. * * Licensed under the OpenSSL license (the "License"). You may not use @@ -62,7 +62,7 @@ mask_t gf_eq(const gf x, const gf y); mask_t gf_lobit(const gf x); mask_t gf_hibit(const gf x); -void gf_serialize(uint8_t *serial, const gf x, int with_highbit); +void gf_serialize(uint8_t serial[SER_BYTES], const gf x, int with_highbit); mask_t gf_deserialize(gf x, const uint8_t serial[SER_BYTES], int with_hibit, uint8_t hi_nmask); diff --git a/crypto/openssl/crypto/ec/ec_asn1.c b/crypto/openssl/crypto/ec/ec_asn1.c index c8ee1e6f1762..4335b3da1a54 100644 --- a/crypto/openssl/crypto/ec/ec_asn1.c +++ b/crypto/openssl/crypto/ec/ec_asn1.c @@ -548,7 +548,7 @@ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPARAMETERS_free(ret->value.parameters); } - if (EC_GROUP_get_asn1_flag(group)) { + if (EC_GROUP_get_asn1_flag(group) == OPENSSL_EC_NAMED_CURVE) { /* * use the asn1 OID to describe the elliptic curve parameters */ diff --git a/crypto/openssl/crypto/ec/ec_curve.c b/crypto/openssl/crypto/ec/ec_curve.c index 8de486cbd763..b4c14e91e175 100644 --- a/crypto/openssl/crypto/ec/ec_curve.c +++ b/crypto/openssl/crypto/ec/ec_curve.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use @@ -12,6 +12,7 @@ #include "ec_local.h" #include #include +#include #include #include "internal/nelem.h" @@ -3097,6 +3098,32 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) goto err; } } + + if (EC_GROUP_get_asn1_flag(group) == OPENSSL_EC_NAMED_CURVE) { + /* + * Some curves don't have an associated OID: for those we should not + * default to `OPENSSL_EC_NAMED_CURVE` encoding of parameters and + * instead set the ASN1 flag to `OPENSSL_EC_EXPLICIT_CURVE`. + * + * Note that `OPENSSL_EC_NAMED_CURVE` is set as the default ASN1 flag on + * `EC_GROUP_new()`, when we don't have enough elements to determine if + * an OID for the curve name actually exists. + * We could implement this check on `EC_GROUP_set_curve_name()` but + * overloading the simple setter with this lookup could have a negative + * performance impact and unexpected consequences. + */ + ASN1_OBJECT *asn1obj = OBJ_nid2obj(curve.nid); + + if (asn1obj == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_OBJ_LIB); + goto err; + } + if (OBJ_length(asn1obj) == 0) + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); + + ASN1_OBJECT_free(asn1obj); + } + ok = 1; err: if (!ok) { diff --git a/crypto/openssl/crypto/engine/eng_dyn.c b/crypto/openssl/crypto/engine/eng_dyn.c index 06e677290a70..87c762edb8a0 100644 --- a/crypto/openssl/crypto/engine/eng_dyn.c +++ b/crypto/openssl/crypto/engine/eng_dyn.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -477,7 +477,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) engine_set_all_null(e); /* Try to bind the ENGINE onto our own ENGINE structure */ - if (!ctx->bind_engine(e, ctx->engine_id, &fns)) { + if (!engine_add_dynamic_id(e, (ENGINE_DYNAMIC_ID)ctx->bind_engine, 1) + || !ctx->bind_engine(e, ctx->engine_id, &fns)) { + engine_remove_dynamic_id(e, 1); ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); diff --git a/crypto/openssl/crypto/engine/eng_lib.c b/crypto/openssl/crypto/engine/eng_lib.c index 5bd584c5999a..fb727b787747 100644 --- a/crypto/openssl/crypto/engine/eng_lib.c +++ b/crypto/openssl/crypto/engine/eng_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -67,6 +67,7 @@ void engine_set_all_null(ENGINE *e) e->load_pubkey = NULL; e->cmd_defns = NULL; e->flags = 0; + e->dynamic_id = NULL; } int engine_free_util(ENGINE *e, int not_locked) @@ -92,6 +93,7 @@ int engine_free_util(ENGINE *e, int not_locked) */ if (e->destroy) e->destroy(e); + engine_remove_dynamic_id(e, not_locked); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); OPENSSL_free(e); return 1; diff --git a/crypto/openssl/crypto/engine/eng_list.c b/crypto/openssl/crypto/engine/eng_list.c index 1352fb7c961d..e2e91d297bd6 100644 --- a/crypto/openssl/crypto/engine/eng_list.c +++ b/crypto/openssl/crypto/engine/eng_list.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use @@ -24,6 +24,12 @@ static ENGINE *engine_list_head = NULL; static ENGINE *engine_list_tail = NULL; +/* + * The linked list of currently loaded dynamic engines. + */ +static ENGINE *engine_dyn_list_head = NULL; +static ENGINE *engine_dyn_list_tail = NULL; + /* * This cleanup function is only needed internally. If it should be called, * we register it with the "engine_cleanup_int()" stack to be called during @@ -126,6 +132,85 @@ static int engine_list_remove(ENGINE *e) return 1; } +/* Add engine to dynamic engine list. */ +int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, + int not_locked) +{ + int result = 0; + ENGINE *iterator = NULL; + + if (e == NULL) + return 0; + + if (e->dynamic_id == NULL && dynamic_id == NULL) + return 0; + + if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) + return 0; + + if (dynamic_id != NULL) { + iterator = engine_dyn_list_head; + while (iterator != NULL) { + if (iterator->dynamic_id == dynamic_id) + goto err; + iterator = iterator->next; + } + if (e->dynamic_id != NULL) + goto err; + e->dynamic_id = dynamic_id; + } + + if (engine_dyn_list_head == NULL) { + /* We are adding to an empty list. */ + if (engine_dyn_list_tail != NULL) + goto err; + engine_dyn_list_head = e; + e->prev_dyn = NULL; + } else { + /* We are adding to the tail of an existing list. */ + if (engine_dyn_list_tail == NULL + || engine_dyn_list_tail->next_dyn != NULL) + goto err; + engine_dyn_list_tail->next_dyn = e; + e->prev_dyn = engine_dyn_list_tail; + } + + engine_dyn_list_tail = e; + e->next_dyn = NULL; + result = 1; + + err: + if (not_locked) + CRYPTO_THREAD_unlock(global_engine_lock); + return result; +} + +/* Remove engine from dynamic engine list. */ +void engine_remove_dynamic_id(ENGINE *e, int not_locked) +{ + if (e == NULL || e->dynamic_id == NULL) + return; + + if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) + return; + + e->dynamic_id = NULL; + + /* un-link e from the chain. */ + if (e->next_dyn != NULL) + e->next_dyn->prev_dyn = e->prev_dyn; + if (e->prev_dyn != NULL) + e->prev_dyn->next_dyn = e->next_dyn; + /* Correct our head/tail if necessary. */ + if (engine_dyn_list_head == e) + engine_dyn_list_head = e->next_dyn; + if (engine_dyn_list_tail == e) + engine_dyn_list_tail = e->prev_dyn; + + if (not_locked) + CRYPTO_THREAD_unlock(global_engine_lock); +} + /* Get the first/last "ENGINE" type available. */ ENGINE *ENGINE_get_first(void) { @@ -272,6 +357,8 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) dest->load_pubkey = src->load_pubkey; dest->cmd_defns = src->cmd_defns; dest->flags = src->flags; + dest->dynamic_id = src->dynamic_id; + engine_add_dynamic_id(dest, NULL, 0); } ENGINE *ENGINE_by_id(const char *id) diff --git a/crypto/openssl/crypto/engine/eng_local.h b/crypto/openssl/crypto/engine/eng_local.h index 8ef7172b9f45..e271222d76a8 100644 --- a/crypto/openssl/crypto/engine/eng_local.h +++ b/crypto/openssl/crypto/engine/eng_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use @@ -118,6 +118,11 @@ void engine_pkey_asn1_meths_free(ENGINE *e); extern CRYPTO_ONCE engine_lock_init; DECLARE_RUN_ONCE(do_engine_lock_init) +typedef void (*ENGINE_DYNAMIC_ID)(void); +int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, + int not_locked); +void engine_remove_dynamic_id(ENGINE *e, int not_locked); + /* * This is a structure for storing implementations of various crypto * algorithms and functions. @@ -162,6 +167,10 @@ struct engine_st { /* Used to maintain the linked-list of engines. */ struct engine_st *prev; struct engine_st *next; + /* Used to maintain the linked-list of dynamic engines. */ + struct engine_st *prev_dyn; + struct engine_st *next_dyn; + ENGINE_DYNAMIC_ID dynamic_id; }; typedef struct st_engine_pile ENGINE_PILE; diff --git a/crypto/openssl/crypto/err/err.c b/crypto/openssl/crypto/err/err.c index 1372d52f80ee..bd116e249acb 100644 --- a/crypto/openssl/crypto/err/err.c +++ b/crypto/openssl/crypto/err/err.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -129,6 +129,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = { {ERR_R_INTERNAL_ERROR, "internal error"}, {ERR_R_DISABLED, "called a function that was disabled at compile-time"}, {ERR_R_INIT_FAIL, "init fail"}, + {ERR_R_PASSED_INVALID_ARGUMENT, "passed invalid argument"}, {ERR_R_OPERATION_FAIL, "operation fail"}, {0, NULL}, diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c index e3c165d48e08..d835968f253c 100644 --- a/crypto/openssl/crypto/evp/evp_enc.c +++ b/crypto/openssl/crypto/evp/evp_enc.c @@ -85,7 +85,11 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, * previous check attempted to avoid this if the same ENGINE and * EVP_CIPHER could be used). */ - if (ctx->cipher) { + if (ctx->cipher +#ifndef OPENSSL_NO_ENGINE + || ctx->engine +#endif + || ctx->cipher_data) { unsigned long flags = ctx->flags; EVP_CIPHER_CTX_reset(ctx); /* Restore encrypt and flags */ @@ -105,11 +109,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, /* There's an ENGINE for this job ... (apparently) */ const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); if (!c) { - /* - * One positive side-effect of US's export control history, - * is that we should at least be able to avoid using US - * misspellings of "initialisation"? - */ + ENGINE_finish(impl); EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } diff --git a/crypto/openssl/crypto/evp/p_lib.c b/crypto/openssl/crypto/evp/p_lib.c index 9f1a485a5b83..1f36cb2164fc 100644 --- a/crypto/openssl/crypto/evp/p_lib.c +++ b/crypto/openssl/crypto/evp/p_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -212,10 +212,15 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, } if (pkey) { pkey->ameth = ameth; - pkey->engine = e; - pkey->type = pkey->ameth->pkey_id; pkey->save_type = type; +# ifndef OPENSSL_NO_ENGINE + if (eptr == NULL && e != NULL && !ENGINE_init(e)) { + EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_INITIALIZATION_ERROR); + return 0; + } +# endif + pkey->engine = e; } return 1; } @@ -520,7 +525,7 @@ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) { - if (pkey->type != EVP_PKEY_EC) { + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) { EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); return NULL; } diff --git a/crypto/openssl/crypto/objects/o_names.c b/crypto/openssl/crypto/objects/o_names.c index 979d83577c22..872676ba2277 100644 --- a/crypto/openssl/crypto/objects/o_names.c +++ b/crypto/openssl/crypto/objects/o_names.c @@ -1,5 +1,5 @@ /* - * Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -67,8 +67,14 @@ static CRYPTO_ONCE init = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(o_names_init) { CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); - names_lh = lh_OBJ_NAME_new(obj_name_hash, obj_name_cmp); + names_lh = NULL; obj_lock = CRYPTO_THREAD_lock_new(); + if (obj_lock != NULL) + names_lh = lh_OBJ_NAME_new(obj_name_hash, obj_name_cmp); + if (names_lh == NULL) { + CRYPTO_THREAD_lock_free(obj_lock); + obj_lock = NULL; + } CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); return names_lh != NULL && obj_lock != NULL; } @@ -217,10 +223,8 @@ int OBJ_NAME_add(const char *name, int type, const char *data) type &= ~OBJ_NAME_ALIAS; onp = OPENSSL_malloc(sizeof(*onp)); - if (onp == NULL) { - /* ERROR */ - goto unlock; - } + if (onp == NULL) + return 0; onp->name = name; onp->alias = alias; diff --git a/crypto/openssl/crypto/pem/pem_lib.c b/crypto/openssl/crypto/pem/pem_lib.c index a26322119aa7..2de093595d0d 100644 --- a/crypto/openssl/crypto/pem/pem_lib.c +++ b/crypto/openssl/crypto/pem/pem_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -899,18 +899,13 @@ err: int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, unsigned char **data, long *len_out, unsigned int flags) { - EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); + EVP_ENCODE_CTX *ctx = NULL; const BIO_METHOD *bmeth; BIO *headerB = NULL, *dataB = NULL; char *name = NULL; int len, taillen, headerlen, ret = 0; BUF_MEM * buf_mem; - if (ctx == NULL) { - PEMerr(PEM_F_PEM_READ_BIO_EX, ERR_R_MALLOC_FAILURE); - return 0; - } - *len_out = 0; *name_out = *header = NULL; *data = NULL; @@ -933,9 +928,20 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, if (!get_header_and_data(bp, &headerB, &dataB, name, flags)) goto end; - EVP_DecodeInit(ctx); BIO_get_mem_ptr(dataB, &buf_mem); len = buf_mem->length; + + /* There was no data in the PEM file */ + if (len == 0) + goto end; + + ctx = EVP_ENCODE_CTX_new(); + if (ctx == NULL) { + PEMerr(PEM_F_PEM_READ_BIO_EX, ERR_R_MALLOC_FAILURE); + goto end; + } + + EVP_DecodeInit(ctx); if (EVP_DecodeUpdate(ctx, (unsigned char*)buf_mem->data, &len, (unsigned char*)buf_mem->data, len) < 0 || EVP_DecodeFinal(ctx, (unsigned char*)&(buf_mem->data[len]), @@ -946,9 +952,6 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, len += taillen; buf_mem->length = len; - /* There was no data in the PEM file; avoid malloc(0). */ - if (len == 0) - goto end; headerlen = BIO_get_mem_data(headerB, NULL); *header = pem_malloc(headerlen + 1, flags); *data = pem_malloc(len, flags); diff --git a/crypto/openssl/crypto/rand/rand_unix.c b/crypto/openssl/crypto/rand/rand_unix.c index 43f1069d151d..71cedae62e02 100644 --- a/crypto/openssl/crypto/rand/rand_unix.c +++ b/crypto/openssl/crypto/rand/rand_unix.c @@ -381,7 +381,7 @@ static ssize_t syscall_random(void *buf, size_t buflen) if (errno != ENOSYS) *** 1107 LINES SKIPPED ***