From d67198654be1abb03eac043e760f3c5ba1ce7cc9 Mon Sep 17 00:00:00 2001 From: Dmitry Misharov Date: Thu, 23 Nov 2023 14:22:35 +0100 Subject: [PATCH 01/24] Add self-hosted runners Added self-hosted runners for freebsd-x86_64 and ubuntu-aarch64. Reviewed-by: Tom Cosgrove Reviewed-by: Anton Arapov Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22804) (cherry picked from commit 6b7a11d8aa7abe50e6ebdd09a238e0a0df8cd228) Signed-off-by: fly2x --- .github/workflows/ci.yml | 19 +++++++++++++++++++ .github/workflows/os-zoo.yml | 19 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c5643fbf5c..2ba14153c2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -107,6 +107,25 @@ jobs: - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + self-hosted: + strategy: + matrix: + os: [freebsd-13.2, ubuntu-arm64-22.04] + runs-on: ${{ matrix.os }}-self-hosted + continue-on-error: true + steps: + - uses: actions/checkout@v4 + - name: config + run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace + - name: config dump + run: ./configdata.pm --dump + - name: make + run: make -j4 + - name: get cpu info + run: ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + minimal: runs-on: ubuntu-latest steps: diff --git a/.github/workflows/os-zoo.yml b/.github/workflows/os-zoo.yml index 29137bd7c7..2775208328 100644 --- a/.github/workflows/os-zoo.yml +++ b/.github/workflows/os-zoo.yml @@ -167,3 +167,22 @@ jobs: - name: test working-directory: _build run: nmake test VERBOSE_FAILURE=yes HARNESS_JOBS=4 + + self-hosted: + strategy: + matrix: + os: [freebsd-13.2, ubuntu-arm64-22.04] + runs-on: ${{ matrix.os }}-self-hosted + continue-on-error: true + steps: + - uses: actions/checkout@v4 + - name: config + run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace + - name: config dump + run: ./configdata.pm --dump + - name: make + run: make -j4 + - name: get cpu info + run: ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} -- Gitee From 25a062a9c92109b45fc2cc2dd18aa45d3258a23e Mon Sep 17 00:00:00 2001 From: Jamie Cui Date: Wed, 29 Nov 2023 01:28:58 +0000 Subject: [PATCH 02/24] Fix EVP_RAND-SEED-SRC documentation example Fixes #22810 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22857) (cherry picked from commit 58d926213f00ba7046d0868de8b37929aa067a1f) Signed-off-by: fly2x --- doc/man7/EVP_RAND-SEED-SRC.pod | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/man7/EVP_RAND-SEED-SRC.pod b/doc/man7/EVP_RAND-SEED-SRC.pod index 8bbd579472..a00ed328d5 100644 --- a/doc/man7/EVP_RAND-SEED-SRC.pod +++ b/doc/man7/EVP_RAND-SEED-SRC.pod @@ -49,9 +49,10 @@ A context for the seed source can be obtained by calling: OSSL_PARAM params[2], *p = params; unsigned int strength = 128; - /* Create a seed source */ + /* Create and instantiate a seed source */ rand = EVP_RAND_fetch(NULL, "SEED-SRC", NULL); seed = EVP_RAND_CTX_new(rand, NULL); + EVP_RAND_instantiate(seed, strength, 0, NULL, 0, NULL); EVP_RAND_free(rand); /* Feed this into a DRBG */ -- Gitee From 23d1d05c7330eea666c3548288abb8171ecb94c8 Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Sat, 25 Nov 2023 16:14:35 +0800 Subject: [PATCH 03/24] bn_nist: Fix strict-aliasing violations in little-endian optimizations The little-endian optimization is doing some type-punning in a way violating the C standard aliasing rule by loading or storing through a lvalue with type "unsigned int" but the memory location has effective type "unsigned long" or "unsigned long long" (BN_ULONG). Convert these accesses to use memcpy instead, as memcpy is defined as-is "accessing through the lvalues with type char" and char is aliasing with all types. GCC does a good job to optimize away the temporary copies introduced with the change. Ideally copying to a temporary unsigned int array, doing the calculation, and then copying back to `r_d` will make the code look better, but unfortunately GCC would fail to optimize away this temporary array then. I've not touched the LE optimization in BN_nist_mod_224 because it's guarded by BN_BITS2!=64, then BN_BITS2 must be 32 and BN_ULONG must be unsigned int, thus there is no aliasing issue in BN_nist_mod_224. Fixes #12247. Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22816) (cherry picked from commit 990d9ff508070757912c000f0c4132dbb5a0bb0a) Signed-off-by: fly2x --- crypto/bn/bn_nist.c | 126 ++++++++++++++++++++++++++------------------ 1 file changed, 74 insertions(+), 52 deletions(-) diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index c1dbed0598..bc864346fb 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -319,6 +319,28 @@ static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top) # endif #endif /* BN_BITS2 != 64 */ +#ifdef NIST_INT64 +/* Helpers to load/store a 32-bit word (uint32_t) from/into a memory + * location and avoid potential aliasing issue. */ +static ossl_inline uint32_t load_u32(const void *ptr) +{ + uint32_t tmp; + + memcpy(&tmp, ptr, sizeof(tmp)); + return tmp; +} + +static ossl_inline void store_lo32(void *ptr, NIST_INT64 val) +{ + /* A cast is needed for big-endian system: on a 32-bit BE system + * NIST_INT64 may be defined as well if the compiler supports 64-bit + * long long. */ + uint32_t tmp = (uint32_t)val; + + memcpy(ptr, &tmp, sizeof(tmp)); +} +#endif /* NIST_INT64 */ + #define nist_set_192(to, from, a1, a2, a3) \ { \ bn_cp_64(to, 0, from, (a3) - 3) \ @@ -374,42 +396,42 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, unsigned int *rp = (unsigned int *)r_d; const unsigned int *bp = (const unsigned int *)buf.ui; - acc = rp[0]; + acc = load_u32(&rp[0]); acc += bp[3 * 2 - 6]; acc += bp[5 * 2 - 6]; - rp[0] = (unsigned int)acc; + store_lo32(&rp[0], acc); acc >>= 32; - acc += rp[1]; + acc += load_u32(&rp[1]); acc += bp[3 * 2 - 5]; acc += bp[5 * 2 - 5]; - rp[1] = (unsigned int)acc; + store_lo32(&rp[1], acc); acc >>= 32; - acc += rp[2]; + acc += load_u32(&rp[2]); acc += bp[3 * 2 - 6]; acc += bp[4 * 2 - 6]; acc += bp[5 * 2 - 6]; - rp[2] = (unsigned int)acc; + store_lo32(&rp[2], acc); acc >>= 32; - acc += rp[3]; + acc += load_u32(&rp[3]); acc += bp[3 * 2 - 5]; acc += bp[4 * 2 - 5]; acc += bp[5 * 2 - 5]; - rp[3] = (unsigned int)acc; + store_lo32(&rp[3], acc); acc >>= 32; - acc += rp[4]; + acc += load_u32(&rp[4]); acc += bp[4 * 2 - 6]; acc += bp[5 * 2 - 6]; - rp[4] = (unsigned int)acc; + store_lo32(&rp[4], acc); acc >>= 32; - acc += rp[5]; + acc += load_u32(&rp[5]); acc += bp[4 * 2 - 5]; acc += bp[5 * 2 - 5]; - rp[5] = (unsigned int)acc; + store_lo32(&rp[5], acc); carry = (int)(acc >> 32); } @@ -683,36 +705,36 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, unsigned int *rp = (unsigned int *)r_d; const unsigned int *bp = (const unsigned int *)buf.ui; - acc = rp[0]; + acc = load_u32(&rp[0]); acc += bp[8 - 8]; acc += bp[9 - 8]; acc -= bp[11 - 8]; acc -= bp[12 - 8]; acc -= bp[13 - 8]; acc -= bp[14 - 8]; - rp[0] = (unsigned int)acc; + store_lo32(&rp[0], acc); acc >>= 32; - acc += rp[1]; + acc += load_u32(&rp[1]); acc += bp[9 - 8]; acc += bp[10 - 8]; acc -= bp[12 - 8]; acc -= bp[13 - 8]; acc -= bp[14 - 8]; acc -= bp[15 - 8]; - rp[1] = (unsigned int)acc; + store_lo32(&rp[1], acc); acc >>= 32; - acc += rp[2]; + acc += load_u32(&rp[2]); acc += bp[10 - 8]; acc += bp[11 - 8]; acc -= bp[13 - 8]; acc -= bp[14 - 8]; acc -= bp[15 - 8]; - rp[2] = (unsigned int)acc; + store_lo32(&rp[2], acc); acc >>= 32; - acc += rp[3]; + acc += load_u32(&rp[3]); acc += bp[11 - 8]; acc += bp[11 - 8]; acc += bp[12 - 8]; @@ -721,10 +743,10 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc -= bp[15 - 8]; acc -= bp[8 - 8]; acc -= bp[9 - 8]; - rp[3] = (unsigned int)acc; + store_lo32(&rp[3], acc); acc >>= 32; - acc += rp[4]; + acc += load_u32(&rp[4]); acc += bp[12 - 8]; acc += bp[12 - 8]; acc += bp[13 - 8]; @@ -732,10 +754,10 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc += bp[14 - 8]; acc -= bp[9 - 8]; acc -= bp[10 - 8]; - rp[4] = (unsigned int)acc; + store_lo32(&rp[4], acc); acc >>= 32; - acc += rp[5]; + acc += load_u32(&rp[5]); acc += bp[13 - 8]; acc += bp[13 - 8]; acc += bp[14 - 8]; @@ -743,10 +765,10 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc += bp[15 - 8]; acc -= bp[10 - 8]; acc -= bp[11 - 8]; - rp[5] = (unsigned int)acc; + store_lo32(&rp[5], acc); acc >>= 32; - acc += rp[6]; + acc += load_u32(&rp[6]); acc += bp[14 - 8]; acc += bp[14 - 8]; acc += bp[15 - 8]; @@ -755,10 +777,10 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc += bp[13 - 8]; acc -= bp[8 - 8]; acc -= bp[9 - 8]; - rp[6] = (unsigned int)acc; + store_lo32(&rp[6], acc); acc >>= 32; - acc += rp[7]; + acc += load_u32(&rp[7]); acc += bp[15 - 8]; acc += bp[15 - 8]; acc += bp[15 - 8]; @@ -767,7 +789,7 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc -= bp[11 - 8]; acc -= bp[12 - 8]; acc -= bp[13 - 8]; - rp[7] = (unsigned int)acc; + store_lo32(&rp[7], acc); carry = (int)(acc >> 32); } @@ -920,32 +942,32 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, unsigned int *rp = (unsigned int *)r_d; const unsigned int *bp = (const unsigned int *)buf.ui; - acc = rp[0]; + acc = load_u32(&rp[0]); acc += bp[12 - 12]; acc += bp[21 - 12]; acc += bp[20 - 12]; acc -= bp[23 - 12]; - rp[0] = (unsigned int)acc; + store_lo32(&rp[0], acc); acc >>= 32; - acc += rp[1]; + acc += load_u32(&rp[1]); acc += bp[13 - 12]; acc += bp[22 - 12]; acc += bp[23 - 12]; acc -= bp[12 - 12]; acc -= bp[20 - 12]; - rp[1] = (unsigned int)acc; + store_lo32(&rp[1], acc); acc >>= 32; - acc += rp[2]; + acc += load_u32(&rp[2]); acc += bp[14 - 12]; acc += bp[23 - 12]; acc -= bp[13 - 12]; acc -= bp[21 - 12]; - rp[2] = (unsigned int)acc; + store_lo32(&rp[2], acc); acc >>= 32; - acc += rp[3]; + acc += load_u32(&rp[3]); acc += bp[15 - 12]; acc += bp[12 - 12]; acc += bp[20 - 12]; @@ -953,10 +975,10 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc -= bp[14 - 12]; acc -= bp[22 - 12]; acc -= bp[23 - 12]; - rp[3] = (unsigned int)acc; + store_lo32(&rp[3], acc); acc >>= 32; - acc += rp[4]; + acc += load_u32(&rp[4]); acc += bp[21 - 12]; acc += bp[21 - 12]; acc += bp[16 - 12]; @@ -967,10 +989,10 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc -= bp[15 - 12]; acc -= bp[23 - 12]; acc -= bp[23 - 12]; - rp[4] = (unsigned int)acc; + store_lo32(&rp[4], acc); acc >>= 32; - acc += rp[5]; + acc += load_u32(&rp[5]); acc += bp[22 - 12]; acc += bp[22 - 12]; acc += bp[17 - 12]; @@ -979,10 +1001,10 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc += bp[21 - 12]; acc += bp[23 - 12]; acc -= bp[16 - 12]; - rp[5] = (unsigned int)acc; + store_lo32(&rp[5], acc); acc >>= 32; - acc += rp[6]; + acc += load_u32(&rp[6]); acc += bp[23 - 12]; acc += bp[23 - 12]; acc += bp[18 - 12]; @@ -990,48 +1012,48 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, acc += bp[14 - 12]; acc += bp[22 - 12]; acc -= bp[17 - 12]; - rp[6] = (unsigned int)acc; + store_lo32(&rp[6], acc); acc >>= 32; - acc += rp[7]; + acc += load_u32(&rp[7]); acc += bp[19 - 12]; acc += bp[16 - 12]; acc += bp[15 - 12]; acc += bp[23 - 12]; acc -= bp[18 - 12]; - rp[7] = (unsigned int)acc; + store_lo32(&rp[7], acc); acc >>= 32; - acc += rp[8]; + acc += load_u32(&rp[8]); acc += bp[20 - 12]; acc += bp[17 - 12]; acc += bp[16 - 12]; acc -= bp[19 - 12]; - rp[8] = (unsigned int)acc; + store_lo32(&rp[8], acc); acc >>= 32; - acc += rp[9]; + acc += load_u32(&rp[9]); acc += bp[21 - 12]; acc += bp[18 - 12]; acc += bp[17 - 12]; acc -= bp[20 - 12]; - rp[9] = (unsigned int)acc; + store_lo32(&rp[9], acc); acc >>= 32; - acc += rp[10]; + acc += load_u32(&rp[10]); acc += bp[22 - 12]; acc += bp[19 - 12]; acc += bp[18 - 12]; acc -= bp[21 - 12]; - rp[10] = (unsigned int)acc; + store_lo32(&rp[10], acc); acc >>= 32; - acc += rp[11]; + acc += load_u32(&rp[11]); acc += bp[23 - 12]; acc += bp[20 - 12]; acc += bp[19 - 12]; acc -= bp[22 - 12]; - rp[11] = (unsigned int)acc; + store_lo32(&rp[11], acc); carry = (int)(acc >> 32); } -- Gitee From 70e6bf7705df793cc99d9199acd0d1c686bc3380 Mon Sep 17 00:00:00 2001 From: lan1120 Date: Wed, 22 Nov 2023 09:45:25 +0800 Subject: [PATCH 04/24] Initialize dstctx->mgf1_md to NULL in rsa_dupctx function Signed-off-by: lan1120 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22795) (cherry picked from commit f95e3a09173b13dcfae668be6103e64c02222f08) Signed-off-by: fly2x --- providers/implementations/signature/rsa_sig.c | 1 + 1 file changed, 1 insertion(+) diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c index b8648b54bf..76db37dd02 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c @@ -1006,6 +1006,7 @@ static void *rsa_dupctx(void *vprsactx) *dstctx = *srcctx; dstctx->rsa = NULL; dstctx->md = NULL; + dstctx->mgf1_md = NULL; dstctx->mdctx = NULL; dstctx->tbuf = NULL; dstctx->propq = NULL; -- Gitee From 4609009aa545bc9dd7d6478ce8621cee550423c6 Mon Sep 17 00:00:00 2001 From: Sean Bright Date: Mon, 20 Nov 2023 15:08:19 -0500 Subject: [PATCH 05/24] doc: Minor typo in SSL_CTX_set_tmp_dh_callback docs. well know -> well known CLA: trivial Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22778) (cherry picked from commit db04cf25f3e0dda77a3b054ae12ae1874b1ae977) Signed-off-by: fly2x --- doc/man3/SSL_CTX_set_tmp_dh_callback.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod index c0d69f6f6a..a14f334cfc 100644 --- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod +++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod @@ -55,7 +55,7 @@ As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly. DH parameters can be reused, as the actual key is newly generated during the negotiation. -Typically applications should use well know DH parameters that have built-in +Typically applications should use well known DH parameters that have built-in support in OpenSSL. The macros SSL_CTX_set_dh_auto() and SSL_set_dh_auto() configure OpenSSL to use the default built-in DH parameters for the B and B objects respectively. Passing a value of 1 in the I parameter -- Gitee From 2a818272b4e4d69b733a9eb27109d387f84a04d2 Mon Sep 17 00:00:00 2001 From: James Muir Date: Wed, 29 Nov 2023 12:37:44 -0500 Subject: [PATCH 06/24] rsa-doc: fix typo "d_i in RFC8017" -> "d_i" in RFC8017 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22868) (cherry picked from commit c89b553bdc2587b483f38aa1ab2b142cc078343d) Signed-off-by: fly2x --- doc/man7/EVP_PKEY-RSA.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man7/EVP_PKEY-RSA.pod b/doc/man7/EVP_PKEY-RSA.pod index 161e9d4d71..dcd38fcee8 100644 --- a/doc/man7/EVP_PKEY-RSA.pod +++ b/doc/man7/EVP_PKEY-RSA.pod @@ -80,7 +80,7 @@ Up to eight additional "r_i" prime factors are supported. =item "rsa-exponent10" (B) RSA CRT (Chinese Remainder Theorem) exponents. The exponents are known -as "dP", "dQ" and "d_i in RFC8017". +as "dP", "dQ" and "d_i" in RFC8017. Up to eight additional "d_i" exponents are supported. =item "rsa-coefficient1" (B) -- Gitee From 0b2943b1c346a4e92157327eb70b79cf881dc401 Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Wed, 15 Nov 2023 20:49:51 +0100 Subject: [PATCH 07/24] Fix a possible use after free in X509v3_asid_add_id_or_range And clean up partially created choice objects, which have still the default type = -1 from ASIdentifierChoice_new(). Fixes #22700 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22745) (cherry picked from commit 49e9436af3d85963fd6156b7d6f33e0734bf5ba9) Signed-off-by: fly2x --- crypto/x509/v3_asid.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/crypto/x509/v3_asid.c b/crypto/x509/v3_asid.c index d1c3dd5d9f..251243b723 100644 --- a/crypto/x509/v3_asid.c +++ b/crypto/x509/v3_asid.c @@ -169,8 +169,11 @@ int X509v3_asid_add_inherit(ASIdentifiers *asid, int which) if (*choice == NULL) { if ((*choice = ASIdentifierChoice_new()) == NULL) return 0; - if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL) + if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL) { + ASIdentifierChoice_free(*choice); + *choice = NULL; return 0; + } (*choice)->type = ASIdentifierChoice_inherit; } return (*choice)->type == ASIdentifierChoice_inherit; @@ -196,18 +199,23 @@ int X509v3_asid_add_id_or_range(ASIdentifiers *asid, default: return 0; } - if (*choice != NULL && (*choice)->type == ASIdentifierChoice_inherit) + if (*choice != NULL && (*choice)->type != ASIdentifierChoice_asIdsOrRanges) return 0; if (*choice == NULL) { if ((*choice = ASIdentifierChoice_new()) == NULL) return 0; (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp); - if ((*choice)->u.asIdsOrRanges == NULL) + if ((*choice)->u.asIdsOrRanges == NULL) { + ASIdentifierChoice_free(*choice); + *choice = NULL; return 0; + } (*choice)->type = ASIdentifierChoice_asIdsOrRanges; } if ((aor = ASIdOrRange_new()) == NULL) return 0; + if (!sk_ASIdOrRange_reserve((*choice)->u.asIdsOrRanges, 1)) + goto err; if (max == NULL) { aor->type = ASIdOrRange_id; aor->u.id = min; @@ -220,7 +228,8 @@ int X509v3_asid_add_id_or_range(ASIdentifiers *asid, ASN1_INTEGER_free(aor->u.range->max); aor->u.range->max = max; } - if (!(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor))) + /* Cannot fail due to the reservation above */ + if (!ossl_assert(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor))) goto err; return 1; -- Gitee From f8f4e5dab820f337164645978d0421d09d6d3af0 Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Wed, 15 Nov 2023 19:31:28 +0100 Subject: [PATCH 08/24] Fix a possible memory leak in make_receipt_request When the CMS_ReceiptRequest cannot be created, the rct_to and rct_from may be leaked. Reviewed-by: Neil Horman Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22742) (cherry picked from commit bed7a878107818c297301c6602013d364b266c67) Signed-off-by: fly2x --- apps/cms.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/apps/cms.c b/apps/cms.c index 9c4e4ee5e0..a16318f37c 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -1447,6 +1447,7 @@ static CMS_ReceiptRequest STACK_OF(OPENSSL_STRING) *rr_from) { STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL; + CMS_ReceiptRequest *rr; rct_to = make_names_stack(rr_to); if (rct_to == NULL) @@ -1458,10 +1459,14 @@ static CMS_ReceiptRequest } else { rct_from = NULL; } - return CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from, - rct_to, app_get0_libctx()); + rr = CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from, + rct_to, app_get0_libctx()); + if (rr == NULL) + goto err; + return rr; err: sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free); + sk_GENERAL_NAMES_pop_free(rct_from, GENERAL_NAMES_free); return NULL; } -- Gitee From 8fb018b36bd14f7e4daa57bf59f9cae6f810e1e8 Mon Sep 17 00:00:00 2001 From: James Muir Date: Tue, 28 Nov 2023 22:43:52 -0500 Subject: [PATCH 09/24] evp-cmac: do not seg-fault when getting mac-size before init Add null check to cmac_size(). This avoids a seg-fault encountered with cmac when EVP_MAC_CTX_get_mac_size() is called before init. Extend mac testing in evp_test.c to check that the sizes returned by EVP_MAC_CTX_get_mac_size() before and after init make sense (this also ensures that we no longer seg-fault). Fixes #22842 Reviewed-by: Matt Caswell Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22858) (cherry picked from commit ff181969e28c1503b077b47a9ded3683524b3fd8) Signed-off-by: fly2x --- providers/implementations/macs/cmac_prov.c | 6 +++++- test/evp_test.c | 23 +++++++++++++++++++++- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c index 1b3893598d..fa0b576b97 100644 --- a/providers/implementations/macs/cmac_prov.c +++ b/providers/implementations/macs/cmac_prov.c @@ -101,8 +101,12 @@ static void *cmac_dup(void *vsrc) static size_t cmac_size(void *vmacctx) { struct cmac_data_st *macctx = vmacctx; + const EVP_CIPHER_CTX *cipherctx = CMAC_CTX_get0_cipher_ctx(macctx->ctx); - return EVP_CIPHER_CTX_get_block_size(CMAC_CTX_get0_cipher_ctx(macctx->ctx)); + if (EVP_CIPHER_CTX_get0_cipher(cipherctx) == NULL) + return 0; + + return EVP_CIPHER_CTX_get_block_size(cipherctx); } static int cmac_setkey(struct cmac_data_st *macctx, diff --git a/test/evp_test.c b/test/evp_test.c index d74da09616..cef7b1b9e8 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1514,6 +1514,7 @@ static int mac_test_run_mac(EVP_TEST *t) EVP_MAC_CTX *ctx = NULL; unsigned char *got = NULL; size_t got_len = 0, size = 0; + size_t size_before_init, size_after_init, size_val = 0; int i, block_size = -1, output_size = -1; OSSL_PARAM params[21], sizes[3], *psizes = sizes; size_t params_n = 0; @@ -1610,6 +1611,9 @@ static int mac_test_run_mac(EVP_TEST *t) } params_n++; + if (strcmp(tmpkey, "size") == 0) + size_val = (size_t)strtoul(tmpval, NULL, 0); + OPENSSL_free(tmpkey); } params[params_n] = OSSL_PARAM_construct_end(); @@ -1618,11 +1622,28 @@ static int mac_test_run_mac(EVP_TEST *t) t->err = "MAC_CREATE_ERROR"; goto err; } - + size_before_init = EVP_MAC_CTX_get_mac_size(ctx); if (!EVP_MAC_init(ctx, expected->key, expected->key_len, params)) { t->err = "MAC_INIT_ERROR"; goto err; } + size_after_init = EVP_MAC_CTX_get_mac_size(ctx); + if (!TEST_false(size_before_init == 0 && size_after_init == 0)) { + t->err = "MAC SIZE not set"; + goto err; + } + if (size_before_init != 0) { + /* mac-size not modified by init params */ + if (size_val == 0 && !TEST_size_t_eq(size_before_init, size_after_init)) { + t->err = "MAC SIZE check failed"; + goto err; + } + /* mac-size modified by init params */ + if (size_val != 0 && !TEST_size_t_eq(size_val, size_after_init)) { + t->err = "MAC SIZE check failed"; + goto err; + } + } if (expected->output_size >= 0) *psizes++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_SIZE, &output_size); -- Gitee From c74d7acffe527bb0111561aedfc92405b1c065ac Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Wed, 22 Nov 2023 14:20:39 -0500 Subject: [PATCH 10/24] Add locking to CRYPTO_secure_used Coverity issue 1551719 noted CRYPTO_secure_used referenced a shared variable without taking the appropriate read lock. Add that. Reviewed-by: Tomas Mraz Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/22802) (cherry picked from commit 7eae6ee0e503b0961d4f2e75baac981f2766b892) Signed-off-by: fly2x --- crypto/mem_sec.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index 557c697c9a..269c7dcb6d 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -260,11 +260,17 @@ int CRYPTO_secure_allocated(const void *ptr) size_t CRYPTO_secure_used(void) { + size_t ret = 0; + #ifndef OPENSSL_NO_SECURE_MEMORY - return secure_mem_used; -#else - return 0; + if (!CRYPTO_THREAD_read_lock(sec_malloc_lock)) + return 0; + + ret = secure_mem_used; + + CRYPTO_THREAD_unlock(sec_malloc_lock); #endif /* OPENSSL_NO_SECURE_MEMORY */ + return ret; } size_t CRYPTO_secure_actual_size(void *ptr) -- Gitee From ed1f2df330f495c2b44c5e9682cf8c21de53b5b8 Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Wed, 22 Nov 2023 12:16:54 -0500 Subject: [PATCH 11/24] Don't free aliased pointers in ctx cmp_ctx tests Coverity recorded issues 1551739 and 1551737, a potential double free in the tests. It occurs when the DUP operation fails in such a way val3_read is returned as the same pointer as val2_read. Ideally it should never happen, but resetting val3_read to 0 should satisfy coverity that there is no issue here Reviewed-by: Tomas Mraz Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/22800) (cherry picked from commit c8ca810da9c47d8cb6988fd14e1cb4e20b0877e8) Signed-off-by: fly2x --- test/cmp_ctx_test.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c index 137f67331b..f38493b334 100644 --- a/test/cmp_ctx_test.c +++ b/test/cmp_ctx_test.c @@ -405,6 +405,7 @@ execute_CTX_##SETN##_##GETN##_##FIELD(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \ } else { \ if (DUP && val1_read == val1) { \ TEST_error("first set did not dup the value"); \ + val1_read = 0; \ res = 0; \ } \ if (DEFAULT(val1_read)) { \ @@ -433,6 +434,7 @@ execute_CTX_##SETN##_##GETN##_##FIELD(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \ } else { \ if (DUP && val2_read == val2) { \ TEST_error("second set did not dup the value"); \ + val2_read = 0; \ res = 0; \ } \ if (val2 == val1) { \ @@ -462,6 +464,7 @@ execute_CTX_##SETN##_##GETN##_##FIELD(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \ } else { \ if (DUP && val3_read == val2_read) { \ TEST_error("third get did not create a new dup"); \ + val3_read = 0; \ res = 0; \ } \ } \ -- Gitee From 35c1bff4de9b0b6352b599635365d3abb4387bb5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 30 Nov 2023 16:38:43 +0100 Subject: [PATCH 12/24] Remove the source directory .num targets $(SRCDIR)/util/libcrypto.num and $(SRCDIR)/util/libssl.num were made their own targets to have 'make ordinals' reproduce them (run mknum.pl) only if needed. Unfortunately, because the shared library linker scripts depend on these .num files, we suddenly have mknum.pl run at random times when building. Furthermore, this created a diamond dependency, which disturbs parallell building because multiple mknum.pl on the same file could run at the same time. This reverts commit 0e55c3ab8d702ffc897c9beb51d19b14b7896182. Fixes #21999 Partially fixes #22841 Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/22890) (cherry picked from commit c08b21a2c95c2925e9c7ab11eb667d95e7b1fe3a) Signed-off-by: fly2x --- Configurations/unix-Makefile.tmpl | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 8ddb1282af..6714699178 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -1363,18 +1363,16 @@ renumber: build_generated --renumber \ $(SSLHEADERS) -$(SRCDIR)/util/libcrypto.num: $(CRYPTOHEADERS) $(SRCDIR)/include/openssl/symhacks.h +.PHONY: ordinals +ordinals: build_generated $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libcrypto.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ $(CRYPTOHEADERS) -$(SRCDIR)/util/libssl.num: $(SSLHEADERS) $(SRCDIR)/include/openssl/symhacks.h $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libssl.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ $(SSLHEADERS) -.PHONY: ordinals -ordinals: build_generated $(SRCDIR)/util/libcrypto.num $(SRCDIR)/util/libssl.num test_ordinals: $(MAKE) run_tests TESTS=test_ordinals -- Gitee From ae7fadf60a69efc5c861f421cec0bfb0ecd2eb76 Mon Sep 17 00:00:00 2001 From: James Muir Date: Fri, 24 Nov 2023 12:37:36 -0500 Subject: [PATCH 13/24] doc: improve display of KECCAK-KMAC128, KECCAK-KMAC256 defs Do not allow mid-expression line breaks. Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22814) (cherry picked from commit 8da20b30da42fa8ceb070c6d293fe85e70e68428) Signed-off-by: fly2x --- doc/man7/EVP_MD-SHAKE.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man7/EVP_MD-SHAKE.pod b/doc/man7/EVP_MD-SHAKE.pod index 157d2bb283..6adf4b7beb 100644 --- a/doc/man7/EVP_MD-SHAKE.pod +++ b/doc/man7/EVP_MD-SHAKE.pod @@ -25,14 +25,14 @@ provider, and includes the following varieties: Known names are "KECCAK-KMAC-128" and "KECCAK-KMAC128". This is used by L. Using the notation from NIST FIPS 202 -(Section 6.2), we have KECCAK-KMAC-128(M, d) = KECCAK[256](M || 00, d) +(Section 6.2), we have S = S (see the description of KMAC128 in Appendix A of NIST SP 800-185). =item KECCAK-KMAC-256 Known names are "KECCAK-KMAC-256" and "KECCAK-KMAC256". This is used by L. Using the notation from NIST FIPS 202 -(Section 6.2), we have KECCAK-KMAC-256(M, d) = KECCAK[512](M || 00, d) +(Section 6.2), we have S = S (see the description of KMAC256 in Appendix A of NIST SP 800-185). =item SHAKE-128 -- Gitee From 68255fd13e766ac1b581e8263713e201911407b2 Mon Sep 17 00:00:00 2001 From: Michael Osipov Date: Thu, 30 Nov 2023 17:07:03 +0100 Subject: [PATCH 14/24] Fix detection on HP-UX (IA64) HPE has a weird preference to prefix letters and zero-padding. Properly trim them before processing. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22891) (cherry picked from commit 253c5667a92efbbd1498b2f5b883da23c11b8930) Signed-off-by: fly2x --- util/perl/OpenSSL/config.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm index 8125f48b14..047902cd1f 100755 --- a/util/perl/OpenSSL/config.pm +++ b/util/perl/OpenSSL/config.pm @@ -82,7 +82,7 @@ my $guess_patterns = [ [ 'HP-UX:.*', sub { my $HPUXVER = $RELEASE; - $HPUXVER = s/[^.]*.[0B]*//; + $HPUXVER =~ s/[^.]*.[0B]*//; # HPUX 10 and 11 targets are unified return "${MACHINE}-hp-hpux1x" if $HPUXVER =~ m@1[0-9]@; return "${MACHINE}-hp-hpux"; @@ -322,6 +322,7 @@ sub determine_compiler_settings { # If we got a version number, process it if ($v) { + $v =~ s/[^.]*.0*// if $SYSTEM eq 'HP-UX'; $CCVENDOR = $k; # The returned version is expected to be one of -- Gitee From 891bd05c7a26fc1d36f01c41e323a502e0fb48c5 Mon Sep 17 00:00:00 2001 From: olszomal Date: Thu, 30 Nov 2023 12:53:40 +0100 Subject: [PATCH 15/24] Fix loading more than one certificate in PEM format in X509_load_cert_file_ex() Fixes #22895 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22885) (cherry picked from commit 20c680de9c435534be48fa85b2a975067a4e7c9d) Signed-off-by: fly2x --- crypto/x509/by_file.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 450bbba053..5073c137a2 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -128,6 +128,17 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, count = 0; goto err; } + /* + * X509_STORE_add_cert() added a reference rather than a copy, + * so we need a fresh X509 object. + */ + X509_free(x); + x = X509_new_ex(libctx, propq); + if (x == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); + count = 0; + goto err; + } count++; } } else if (type == X509_FILETYPE_ASN1) { -- Gitee From 8edabcc61692ccf7444fb594a390aeac8fec0bd6 Mon Sep 17 00:00:00 2001 From: olszomal Date: Thu, 30 Nov 2023 17:57:45 +0100 Subject: [PATCH 16/24] Add a test for X509_load_cert_file() Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22885) (cherry picked from commit d6961af1acbdf29b684f3307578bd03890a26a9c) Signed-off-by: fly2x --- test/build.info | 7 ++- test/recipes/60-test_x509_load_cert_file.t | 15 +++++++ test/x509_load_cert_file_test.c | 50 ++++++++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 test/recipes/60-test_x509_load_cert_file.t create mode 100644 test/x509_load_cert_file_test.c diff --git a/test/build.info b/test/build.info index 1784a41d8d..c2bb7fc35e 100644 --- a/test/build.info +++ b/test/build.info @@ -62,7 +62,8 @@ IF[{- !$disabled{tests} -}] bio_readbuffer_test user_property_test pkcs7_test upcallstest \ provfetchtest prov_config_test rand_test ca_internals_test \ bio_tfo_test membio_test bio_dgram_test list_test fips_version_test \ - x509_test hpke_test pairwise_fail_test nodefltctxtest + x509_test hpke_test pairwise_fail_test nodefltctxtest \ + x509_load_cert_file_test IF[{- !$disabled{'rpk'} -}] PROGRAMS{noinst}=rpktest @@ -586,6 +587,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[x509_dup_cert_test]=../include ../apps/include DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a + SOURCE[x509_load_cert_file_test]=x509_load_cert_file_test.c + INCLUDE[x509_load_cert_file_test]=../include ../apps/include + DEPEND[x509_load_cert_file_test]=../libcrypto libtestutil.a + SOURCE[x509_check_cert_pkey_test]=x509_check_cert_pkey_test.c INCLUDE[x509_check_cert_pkey_test]=../include ../apps/include DEPEND[x509_check_cert_pkey_test]=../libcrypto libtestutil.a diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t new file mode 100644 index 0000000000..75aeac362c --- /dev/null +++ b/test/recipes/60-test_x509_load_cert_file.t @@ -0,0 +1,15 @@ +#! /usr/bin/env perl +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_load_cert_file"); + +plan tests => 1; + +ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")]))); diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c new file mode 100644 index 0000000000..4a736071ae --- /dev/null +++ b/test/x509_load_cert_file_test.c @@ -0,0 +1,50 @@ +/* + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include + +#include "testutil.h" + +static const char *chain; + +static int test_load_cert_file(void) +{ + int ret = 0; + X509_STORE *store = NULL; + X509_LOOKUP *lookup = NULL; + STACK_OF(X509) *certs = NULL; + + if (TEST_ptr(store = X509_STORE_new()) + && TEST_ptr(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())) + && TEST_true(X509_load_cert_file(lookup, chain, X509_FILETYPE_PEM)) + && TEST_ptr(certs = X509_STORE_get1_all_certs(store)) + && TEST_int_eq(sk_X509_num(certs), 4)) + ret = 1; + + OSSL_STACK_OF_X509_free(certs); + X509_STORE_free(store); + return ret; +} + +OPT_TEST_DECLARE_USAGE("cert.pem...\n") + +int setup_tests(void) +{ + if (!test_skip_common_options()) { + TEST_error("Error parsing test options\n"); + return 0; + } + + chain = test_get_argument(0); + if (chain == NULL) + return 0; + + ADD_TEST(test_load_cert_file); + return 1; +} -- Gitee From c6e15aeebb9acf8b4f947bebf5925358de4e1dac Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 30 Nov 2023 08:48:33 +0100 Subject: [PATCH 17/24] test/recipes/01-test_symbol_presence.t: Ignore symbols starting with '__' On some platforms, the compiler may add symbols that aren't ours and that we should ignore. They are generally expected to start with a double underscore, and thereby easy to detect. Fixes #22869 (partially) Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22880) (cherry picked from commit 6c63b7e861819db439551b52ea5594faec04b65c) Signed-off-by: fly2x --- test/recipes/01-test_symbol_presence.t | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 9efa9f8d2d..66e5669e19 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -124,7 +124,13 @@ foreach (sort keys %stlibname) { # Return the result $_ } - grep(m|.* [BCDST] .*|, @$_); + # Drop any symbol starting with a double underscore, they + # are reserved for the compiler / system ABI and are none + # of our business + grep !m|^__|, + # Only look at external definitions + grep m|.* [BCDST] .*|, + @$_ ), } # Massage the mkdef.pl output to only contain global symbols -- Gitee From a69322c3a151bc216b2921881c8689c4464e4972 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 30 Nov 2023 09:02:25 +0100 Subject: [PATCH 18/24] test/recipes/01-test_symbol_presence.t: Treat common symbols specially Common symbols (type 'C' in the 'nm' output) are allowed to be defined more than once. This makes test/recipes/01-test_symbol_presence.t reflect that. Fixes #22869 (partially) Fixes #22837 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22880) (cherry picked from commit 4ff5137ff5fb896e0273d274110517e3c7adb8cf) Signed-off-by: fly2x --- test/recipes/01-test_symbol_presence.t | 41 ++++++++++++++++---------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 66e5669e19..222b1886ae 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -114,23 +114,34 @@ foreach (sort keys %stlibname) { my @arrays = ( \@stlib_lines ); push @arrays, \@shlib_lines unless disabled('shared'); foreach (@arrays) { + my %commons; + foreach (@$_) { + if (m|^(.*) C .*|) { + $commons{$1}++; + } + } + foreach (sort keys %commons) { + note "Common symbol: $_"; + } + @$_ = sort - map { - # Drop the first space and everything following it - s| .*||; - # Drop OpenSSL dynamic version information if there is any - s|\@\@.+$||; - # Return the result - $_ - } - # Drop any symbol starting with a double underscore, they - # are reserved for the compiler / system ABI and are none - # of our business - grep !m|^__|, - # Only look at external definitions - grep m|.* [BCDST] .*|, - @$_ ), + ( map { + # Drop the first space and everything following it + s| .*||; + # Drop OpenSSL dynamic version information if there is any + s|\@\@.+$||; + # Return the result + $_ + } + # Drop any symbol starting with a double underscore, they + # are reserved for the compiler / system ABI and are none + # of our business + grep !m|^__|, + # Only look at external definitions + grep m|.* [BDST] .*|, + @$_ ), + keys %commons; } # Massage the mkdef.pl output to only contain global symbols -- Gitee From 38a3c7fa67227708e2004d7fc02f6aae38d83481 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 29 Nov 2023 14:06:51 +0100 Subject: [PATCH 19/24] After initializing a provider, check if its output dispatch table is NULL If the provider's output dispatch table is NULL, trying to parse it causes a crash. Let's not do that. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/22866) (cherry picked from commit 8fa65a6648554087a67102372e5e6c8b0fae0158) Signed-off-by: fly2x --- crypto/provider_core.c | 70 ++++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 34 deletions(-) diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 838bcd161c..57dacd76f7 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -970,44 +970,46 @@ static int provider_init(OSSL_PROVIDER *prov) prov->provctx = tmp_provctx; prov->dispatch = provider_dispatch; - for (; provider_dispatch->function_id != 0; provider_dispatch++) { - switch (provider_dispatch->function_id) { - case OSSL_FUNC_PROVIDER_TEARDOWN: - prov->teardown = - OSSL_FUNC_provider_teardown(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_GETTABLE_PARAMS: - prov->gettable_params = - OSSL_FUNC_provider_gettable_params(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_GET_PARAMS: - prov->get_params = - OSSL_FUNC_provider_get_params(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_SELF_TEST: - prov->self_test = - OSSL_FUNC_provider_self_test(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_GET_CAPABILITIES: - prov->get_capabilities = - OSSL_FUNC_provider_get_capabilities(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_QUERY_OPERATION: - prov->query_operation = - OSSL_FUNC_provider_query_operation(provider_dispatch); - break; - case OSSL_FUNC_PROVIDER_UNQUERY_OPERATION: - prov->unquery_operation = - OSSL_FUNC_provider_unquery_operation(provider_dispatch); - break; + if (provider_dispatch != NULL) { + for (; provider_dispatch->function_id != 0; provider_dispatch++) { + switch (provider_dispatch->function_id) { + case OSSL_FUNC_PROVIDER_TEARDOWN: + prov->teardown = + OSSL_FUNC_provider_teardown(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_GETTABLE_PARAMS: + prov->gettable_params = + OSSL_FUNC_provider_gettable_params(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_GET_PARAMS: + prov->get_params = + OSSL_FUNC_provider_get_params(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_SELF_TEST: + prov->self_test = + OSSL_FUNC_provider_self_test(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_GET_CAPABILITIES: + prov->get_capabilities = + OSSL_FUNC_provider_get_capabilities(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_QUERY_OPERATION: + prov->query_operation = + OSSL_FUNC_provider_query_operation(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_UNQUERY_OPERATION: + prov->unquery_operation = + OSSL_FUNC_provider_unquery_operation(provider_dispatch); + break; #ifndef OPENSSL_NO_ERR # ifndef FIPS_MODULE - case OSSL_FUNC_PROVIDER_GET_REASON_STRINGS: - p_get_reason_strings = - OSSL_FUNC_provider_get_reason_strings(provider_dispatch); - break; + case OSSL_FUNC_PROVIDER_GET_REASON_STRINGS: + p_get_reason_strings = + OSSL_FUNC_provider_get_reason_strings(provider_dispatch); + break; # endif #endif + } } } -- Gitee From 4b8e22cb8e8003d481c9c80a6e80797b87bcd962 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 29 Nov 2023 14:24:18 +0100 Subject: [PATCH 20/24] Add a minimal test provider We test its validity by trying to load it. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/22866) (cherry picked from commit 31c2c12f2dada75c334f6a9aa60c8424cf4fd040) Signed-off-by: fly2x --- test/build.info | 7 +++++++ test/p_minimal.c | 24 ++++++++++++++++++++++++ test/recipes/04-test_provider.t | 9 ++++++++- 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 test/p_minimal.c diff --git a/test/build.info b/test/build.info index c2bb7fc35e..1bacdcb827 100644 --- a/test/build.info +++ b/test/build.info @@ -1030,6 +1030,13 @@ IF[{- !$disabled{tests} -}] SOURCE[p_test]=p_test.ld GENERATE[p_test.ld]=../util/providers.num ENDIF + MODULES{noinst}=p_minimal + SOURCE[p_minimal]=p_minimal.c + INCLUDE[p_minimal]=../include .. + IF[{- defined $target{shared_defflag} -}] + SOURCE[p_minimal]=p_minimal.ld + GENERATE[p_minimal.ld]=../util/providers.num + ENDIF ENDIF IF[{- $disabled{module} || !$target{dso_scheme} -}] DEFINE[provider_test]=NO_PROVIDER_MODULE diff --git a/test/p_minimal.c b/test/p_minimal.c new file mode 100644 index 0000000000..0bff9823f8 --- /dev/null +++ b/test/p_minimal.c @@ -0,0 +1,24 @@ +/* + * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This is the most minimal provider imaginable. It can be loaded, and does + * absolutely nothing else. + */ + +#include + +OSSL_provider_init_fn OSSL_provider_init; /* Check the function signature */ +int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, + const OSSL_DISPATCH *oin, + const OSSL_DISPATCH **out, + void **provctx) +{ + return 1; +} diff --git a/test/recipes/04-test_provider.t b/test/recipes/04-test_provider.t index 312def7757..1233cc4f93 100644 --- a/test/recipes/04-test_provider.t +++ b/test/recipes/04-test_provider.t @@ -12,10 +12,17 @@ use OpenSSL::Test::Utils; setup("test_provider"); -plan tests => 2; +plan tests => 3; ok(run(test(['provider_test'])), "provider_test"); $ENV{"OPENSSL_MODULES"} = bldtop_dir("test"); ok(run(test(['provider_test', '-loaded'])), "provider_test -loaded"); + + SKIP: { + skip "no module support", 1 if disabled("module"); + + ok(run(app(['openssl', 'list', '-provider', 'p_minimal', + '-providers', '-verbose']))); +} -- Gitee From dc5f34408bd98a0e22e42cfce897ec54c6143abc Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 29 Nov 2023 14:32:10 +0100 Subject: [PATCH 21/24] Make 'openssl list' less sensitive for providers without params When a provider can't return parameters, make that a warning instead of an error, and continue to list further providers. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/22866) (cherry picked from commit 7ebaab7689f66ede1f960c42be3446922e3f5e21) Signed-off-by: fly2x --- apps/list.c | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/apps/list.c b/apps/list.c index 8649598df7..adcf6803b4 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1238,6 +1238,9 @@ static void list_provider_info(void) sk_OSSL_PROVIDER_sort(providers); for (i = 0; i < sk_OSSL_PROVIDER_num(providers); i++) { const OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(providers, i); + const char *provname = OSSL_PROVIDER_get0_name(prov); + + BIO_printf(bio_out, " %s\n", provname); /* Query the "known" information parameters, the order matches below */ params[0] = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_NAME, @@ -1250,23 +1253,23 @@ static void list_provider_info(void) params[4] = OSSL_PARAM_construct_end(); OSSL_PARAM_set_all_unmodified(params); if (!OSSL_PROVIDER_get_params(prov, params)) { - BIO_printf(bio_err, "ERROR: Unable to query provider parameters\n"); - return; - } - - /* Print out the provider information, the params order matches above */ - BIO_printf(bio_out, " %s\n", OSSL_PROVIDER_get0_name(prov)); - if (OSSL_PARAM_modified(params)) - BIO_printf(bio_out, " name: %s\n", name); - if (OSSL_PARAM_modified(params + 1)) - BIO_printf(bio_out, " version: %s\n", version); - if (OSSL_PARAM_modified(params + 2)) - BIO_printf(bio_out, " status: %sactive\n", status ? "" : "in"); - if (verbose) { - if (OSSL_PARAM_modified(params + 3)) - BIO_printf(bio_out, " build info: %s\n", buildinfo); - print_param_types("gettable provider parameters", - OSSL_PROVIDER_gettable_params(prov), 4); + BIO_printf(bio_err, + "WARNING: Unable to query provider parameters for %s\n", + provname); + } else { + /* Print out the provider information, the params order matches above */ + if (OSSL_PARAM_modified(params)) + BIO_printf(bio_out, " name: %s\n", name); + if (OSSL_PARAM_modified(params + 1)) + BIO_printf(bio_out, " version: %s\n", version); + if (OSSL_PARAM_modified(params + 2)) + BIO_printf(bio_out, " status: %sactive\n", status ? "" : "in"); + if (verbose) { + if (OSSL_PARAM_modified(params + 3)) + BIO_printf(bio_out, " build info: %s\n", buildinfo); + print_param_types("gettable provider parameters", + OSSL_PROVIDER_gettable_params(prov), 4); + } } } sk_OSSL_PROVIDER_free(providers); -- Gitee From ec584d10384fd794c6027380f686fc3baf909bae Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 30 Nov 2023 15:55:57 +0100 Subject: [PATCH 22/24] rehash.c: Do not use NAME_MAX limit On some systems it is too small although the system allows longer filenames. Fixes #22886 Reviewed-by: Matt Caswell Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/22889) (cherry picked from commit de8e0851a1c0d22533801f081781a9f0be56c2c2) Signed-off-by: fly2x --- apps/rehash.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/apps/rehash.c b/apps/rehash.c index 1e5cf38a7f..4fea16fa38 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -45,9 +45,6 @@ # ifndef PATH_MAX # define PATH_MAX 4096 # endif -# ifndef NAME_MAX -# define NAME_MAX 255 -# endif # define MAX_COLLISIONS 256 # if defined(OPENSSL_SYS_VXWORKS) @@ -356,10 +353,10 @@ static int do_dir(const char *dirname, enum Hash h) struct stat st; unsigned char idmask[MAX_COLLISIONS / 8]; int n, numfiles, nextid, dirlen, buflen, errs = 0; - size_t i; + size_t i, fname_max_len = 20; /* maximum length of "%08x.r%d" */ const char *pathsep = ""; const char *filename; - char *buf, *copy = NULL; + char *buf = NULL, *copy = NULL; STACK_OF(OPENSSL_STRING) *files = NULL; if (app_access(dirname, W_OK) < 0) { @@ -371,8 +368,6 @@ static int do_dir(const char *dirname, enum Hash h) pathsep = "/"; dirlen++; } - buflen = dirlen + NAME_MAX + 1; - buf = app_malloc(buflen, "filename buffer"); if (verbose) BIO_printf(bio_out, "Doing %s\n", dirname); @@ -383,6 +378,8 @@ static int do_dir(const char *dirname, enum Hash h) goto err; } while ((filename = OPENSSL_DIR_read(&d, dirname)) != NULL) { + size_t fname_len = strlen(filename); + if ((copy = OPENSSL_strdup(filename)) == NULL || sk_OPENSSL_STRING_push(files, copy) == 0) { OPENSSL_free(copy); @@ -390,10 +387,15 @@ static int do_dir(const char *dirname, enum Hash h) errs = 1; goto err; } + if (fname_len > fname_max_len) + fname_max_len = fname_len; } OPENSSL_DIR_end(&d); sk_OPENSSL_STRING_sort(files); + buflen = dirlen + fname_max_len + 1; + buf = app_malloc(buflen, "filename buffer"); + numfiles = sk_OPENSSL_STRING_num(files); for (n = 0; n < numfiles; ++n) { filename = sk_OPENSSL_STRING_value(files, n); -- Gitee From d7288cc86c21d20b731c1c7b0c3a1b1b00987123 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 4 Dec 2023 18:01:28 +0100 Subject: [PATCH 23/24] ossl_decoder_cache_flush(): Do not raise an error if there is no cache This function can be called during OPENSSL_cleanup() when the cache was already flushed and deallocated. Fixes #22939 Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/22941) (cherry picked from commit 0541fa7802cf0c3a9b28d126066c909736fc5ec8) Signed-off-by: fly2x --- crypto/encode_decode/decoder_pkey.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index 24f61fbf15..eb1be1c980 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -721,10 +721,9 @@ int ossl_decoder_cache_flush(OSSL_LIB_CTX *libctx) DECODER_CACHE *cache = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DECODER_CACHE_INDEX); - if (cache == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_OSSL_DECODER_LIB); + if (cache == NULL) return 0; - } + if (!CRYPTO_THREAD_write_lock(cache->lock)) { ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_OSSL_DECODER_LIB); -- Gitee From 082c06d05c686acb59eb270d4c12f369e36a6c3e Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Thu, 30 Nov 2023 11:20:34 -0500 Subject: [PATCH 24/24] Statically link legacy provider to evp_extra_test Like in #17345, evp_extra_test links libcrypto statically, but also has a dynamic/shared load via the legacy provider, which leads to ambiguous behavior in evp_extra_test on some platforms, usually a crash (SIGSEGV) on exit via the atexit handlers. Statically link the legacy provider to avoid this. Fixes #22819 Helped-by: Neil Horman Helped-by: Tomas Mraz Signed-off-by: Randall S. Becker Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22905) (cherry picked from commit f529a2eb75374946b60ed686ca6f90fdf244e787) Signed-off-by: fly2x --- test/build.info | 8 ++++++++ test/evp_extra_test.c | 13 +++++++++++++ 2 files changed, 21 insertions(+) diff --git a/test/build.info b/test/build.info index 1bacdcb827..d96edf7d44 100644 --- a/test/build.info +++ b/test/build.info @@ -191,6 +191,14 @@ IF[{- !$disabled{tests} -}] SOURCE[evp_extra_test]=evp_extra_test.c fake_rsaprov.c INCLUDE[evp_extra_test]=../include ../apps/include DEPEND[evp_extra_test]=../libcrypto.a libtestutil.a + IF[{- !$disabled{module} && !$disabled{legacy} -}] + DEFINE[evp_extra_test]=STATIC_LEGACY + SOURCE[evp_extra_test]=../providers/legacyprov.c + INCLUDE[evp_extra_test]=../providers/common/include \ + ../providers/implementations/include + DEPEND[evp_extra_test]=../providers/liblegacy.a \ + ../providers/libcommon.a + ENDIF SOURCE[hpke_test]=hpke_test.c INCLUDE[hpke_test]=../include ../apps/include diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 4250630327..f3680a0fb4 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -38,6 +38,10 @@ #include "crypto/evp.h" #include "fake_rsaprov.h" +#ifdef STATIC_LEGACY +OSSL_provider_init_fn ossl_legacy_provider_init; +#endif + static OSSL_LIB_CTX *testctx = NULL; static char *testpropq = NULL; @@ -5437,6 +5441,15 @@ int setup_tests(void) testctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(testctx)) return 0; +#ifdef STATIC_LEGACY + /* + * This test is always statically linked against libcrypto. We must not + * attempt to load legacy.so that might be dynamically linked against + * libcrypto. Instead we use a built-in version of the legacy provider. + */ + if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init)) + return 0; +#endif /* Swap the libctx to test non-default context only */ nullprov = OSSL_PROVIDER_load(NULL, "null"); deflprov = OSSL_PROVIDER_load(testctx, "default"); -- Gitee