diff --git a/CHANGES b/CHANGES index b6329cde9..bc3df77b1 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,29 @@ Changes between 0.9.6c and 0.9.6d [XX xxx XXXX] + *) Fix DH_generate_parameters() so that it works for 'non-standard' + generators, i.e. generators other than 2 and 5. (Previously, the + code did not properly initialise the 'add' and 'rem' values to + BN_generate_prime().) + + In the new general case, we do not insist that 'generator' is + actually a primitive root: This requirement is rather pointless; + a generator of the order-q subgroup is just as good, if not + better. + [Bodo Moeller] + + *) Map new X509 verification errors to alerts. Discovered and submitted by + Tom Wu . + [Lutz Jaenicke] + + *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from + returning non-zero before the data has been completely received + when using non-blocking I/O. + [Bodo Moeller; problem pointed out by John Hughes] + + *) Some of the ciphers missed the strength entry (SSL_LOW etc). + [Ben Laurie, Lutz Jaenicke] + *) Fix bug in SSL_clear(): bad sessions were not removed (found by Yoram Zahavi ). [Lutz Jaenicke] diff --git a/Configure b/Configure index b14356c0a..09f3afa2c 100755 --- a/Configure +++ b/Configure @@ -406,7 +406,7 @@ my %table=( "aix43-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:", # -# Cray T90 (SDSC) +# Cray T90 and similar (SDSC) # It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT # defined. The T90 ints and longs are 8 bytes long, and apparently the # B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and @@ -416,7 +416,10 @@ my %table=( #'Taking the address of a bit field is not allowed. ' #'An expression with bit field exists as the operand of "sizeof" ' # (written by Wayne Schroeder ) -"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT:::", +# +# j90 is considered the base machine type for unicos machines, +# so this configuration is now called "cray-j90" ... +"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT:::", # # Cray T3E (Research Center Juelich, beckman@acl.lanl.gov) diff --git a/INSTALL b/INSTALL index e9cb572ed..619c474c1 100644 --- a/INSTALL +++ b/INSTALL @@ -272,6 +272,11 @@ Note on shared libraries ------------------------ + Shared library is currently an experimental feature. The only reason to + have them would be to conserve memory on systems where several program + are using OpenSSL. Binary backward compatibility can't be guaranteed + before OpenSSL version 1.0. + For some systems, the OpenSSL Configure script knows what is needed to build shared libraries for libcrypto and libssl. On these systems, the shared libraries are currently not created by default, but giving diff --git a/INSTALL.W32 b/INSTALL.W32 index fa5fcafba..966c1460f 100644 --- a/INSTALL.W32 +++ b/INSTALL.W32 @@ -81,7 +81,7 @@ There are various changes you can make to the Win32 compile environment. By default the library is not compiled with debugging symbols. If you add 'debug' - to the mk1mk.pl lines in the do_* batch file then debugging symbols will be + to the mk1mf.pl lines in the do_* batch file then debugging symbols will be compiled in. The default Win32 environment is to leave out any Windows NT specific diff --git a/LICENSE b/LICENSE index 3fd259ac3..7b93e0dbc 100644 --- a/LICENSE +++ b/LICENSE @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/TABLE b/TABLE index 626424cf8..d352ff7c5 100644 --- a/TABLE +++ b/TABLE @@ -1035,13 +1035,13 @@ $shared_ldflag = $shared_extension = $ranlib = -*** cray-t3e +*** cray-j90 $cc = cc $cflags = -DBIT_FIELD_LIMITS -DTERMIOS $unistd = $thread_cflag = (unknown) $lflags = -$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT +$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT $bn_obj = $des_obj = $bf_obj = @@ -1058,13 +1058,13 @@ $shared_ldflag = $shared_extension = $ranlib = -*** cray-t90-cc +*** cray-t3e $cc = cc $cflags = -DBIT_FIELD_LIMITS -DTERMIOS $unistd = $thread_cflag = (unknown) $lflags = -$bn_ops = SIXTY_FOUR_BIT_LONG DES_INT +$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT $bn_obj = $des_obj = $bf_obj = diff --git a/config b/config index 8d61cfac5..64291aadd 100755 --- a/config +++ b/config @@ -310,6 +310,13 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in exit 0 ;; + *"CRAY T3E") + echo "t3e-cray-unicosmk"; exit 0; + ;; + + *CRAY*) + echo "j90-cray-unicos"; exit 0; + ;; esac # @@ -591,6 +598,8 @@ EOF mips-sony-newsos4) OUT="newsos4-gcc" ;; *-*-cygwin_pre1.3) OUT="Cygwin-pre1.3" ;; *-*-cygwin) OUT="Cygwin" ;; + t3e-cray-unicosmk) OUT="cray-t3e" ;; + j90-cray-unicos) OUT="cray-j90" ;; *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; esac diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index 30640bffc..ac3b27c18 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -6,7 +6,7 @@ DIR= crypto TOP= .. CC= cc INCLUDE= -I. -I../include -INCLUDES= -I.. -I../../include +INCLUDES= -I.. -I../.. -I../../include CFLAG= -g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 7dfcbab76..8fb0716e7 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -72,9 +72,9 @@ #endif #ifdef SO_MAXCONN -#define MAX_LISTEN SOMAXCONN -#elif defined(SO_MAXCONN) #define MAX_LISTEN SO_MAXCONN +#elif defined(SOMAXCONN) +#define MAX_LISTEN SOMAXCONN #else #define MAX_LISTEN 32 #endif diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl index e2b8e65e2..420530790 100644 --- a/crypto/conf/Makefile.ssl +++ b/crypto/conf/Makefile.ssl @@ -5,7 +5,7 @@ DIR= conf TOP= ../.. CC= cc -INCLUDES= -I.. -I../../include +INCLUDES= -I.. -I../.. -I../../include CFLAG=-g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index d05a778ff..a42c21970 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -67,6 +67,7 @@ #include #include #include +#include "e_os.h" static void value_free_hash(CONF_VALUE *a, LHASH *conf); static void value_free_stack(CONF_VALUE *a,LHASH *conf); diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index c7c74e040..122233f78 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -204,6 +204,7 @@ void ERR_load_DH_strings(void); #define DH_F_DH_NEW 105 /* Reason codes. */ +#define DH_R_BAD_GENERATOR 101 #define DH_R_NO_PRIVATE_VALUE 100 #ifdef __cplusplus diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index ff2d1684c..97c9584f5 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -1,6 +1,6 @@ /* crypto/dh/dh_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -77,6 +77,7 @@ static ERR_STRING_DATA DH_str_functs[]= static ERR_STRING_DATA DH_str_reasons[]= { +{DH_R_BAD_GENERATOR ,"bad generator"}, {DH_R_NO_PRIVATE_VALUE ,"no private value"}, {0,NULL} }; diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 7a6a38fbb..06f78b35a 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -82,7 +82,10 @@ * Since DH should be using a safe prime (both p and q are prime), * this generator function can take a very very long time to run. */ - +/* Actually there is no reason to insist that 'generator' be a generator. + * It's just as OK (and in some sense better) to use a generator of the + * order-q subgroup. + */ DH *DH_generate_parameters(int prime_len, int generator, void (*callback)(int,int,void *), void *cb_arg) { @@ -100,30 +103,43 @@ DH *DH_generate_parameters(int prime_len, int generator, t2 = BN_CTX_get(ctx); if (t1 == NULL || t2 == NULL) goto err; + if (generator <= 1) + { + DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); + goto err; + } if (generator == DH_GENERATOR_2) { - BN_set_word(t1,24); - BN_set_word(t2,11); + if (!BN_set_word(t1,24)) goto err; + if (!BN_set_word(t2,11)) goto err; g=2; } -#ifdef undef /* does not work for safe primes */ +#if 0 /* does not work for safe primes */ else if (generator == DH_GENERATOR_3) { - BN_set_word(t1,12); - BN_set_word(t2,5); + if (!BN_set_word(t1,12)) goto err; + if (!BN_set_word(t2,5)) goto err; g=3; } #endif else if (generator == DH_GENERATOR_5) { - BN_set_word(t1,10); - BN_set_word(t2,3); + if (!BN_set_word(t1,10)) goto err; + if (!BN_set_word(t2,3)) goto err; /* BN_set_word(t3,7); just have to miss * out on these ones :-( */ g=5; } else + { + /* in the general case, don't worry if 'generator' is a + * generator or not: since we are using safe primes, + * it will generate either an order-q or an order-2q group, + * which both is OK */ + if (!BN_set_word(t1,2)) goto err; + if (!BN_set_word(t2,1)) goto err; g=generator; + } p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); if (p == NULL) goto err; diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index f0151253d..a38465da1 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -66,6 +66,7 @@ #include #include #include +#include #ifdef NO_DH int main(int argc, char *argv[]) @@ -112,6 +113,16 @@ int main(int argc, char *argv[]) a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); if (a == NULL) goto err; + if (!DH_check(a, &i)) goto err; + if (i & DH_CHECK_P_NOT_PRIME) + BIO_puts(out, "p value is not prime\n"); + if (i & DH_CHECK_P_NOT_SAFE_PRIME) + BIO_puts(out, "p value is not a safe prime\n"); + if (i & DH_UNABLE_TO_CHECK_GENERATOR) + BIO_puts(out, "unable to check the generator value\n"); + if (i & DH_NOT_SUITABLE_GENERATOR) + BIO_puts(out, "the g value is not a generator\n"); + BIO_puts(out,"\np ="); BN_print(out,a->p); BIO_puts(out,"\ng ="); @@ -170,6 +181,8 @@ int main(int argc, char *argv[]) else ret=0; err: + ERR_print_errors_fp(stderr); + if (abuf != NULL) OPENSSL_free(abuf); if (bbuf != NULL) OPENSSL_free(bbuf); if(b != NULL) DH_free(b); diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c index 6008781e5..85700c859 100644 --- a/crypto/lhash/lh_test.c +++ b/crypto/lhash/lh_test.c @@ -75,7 +75,6 @@ main() buf[0]='\0'; fgets(buf,256,stdin); if (buf[0] == '\0') break; - buf[256]='\0'; i=strlen(buf); p=OPENSSL_malloc(i+1); memcpy(p,buf,i+1); diff --git a/demos/maurice/example1.c b/demos/maurice/example1.c index 0e70523a3..521527049 100644 --- a/demos/maurice/example1.c +++ b/demos/maurice/example1.c @@ -72,7 +72,7 @@ void main_encrypt(void) pubKey[0] = ReadPublicKey(PUBFILE); - if(!pubKey) + if(!pubKey[0]) { fprintf(stderr,"Error: can't load public key"); exit(1); diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 3f09b8bc1..49b159d29 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -528,6 +528,8 @@ int ssl_verify_alarm_type(long type) case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: case X509_V_ERR_CERT_NOT_YET_VALID: case X509_V_ERR_CRL_NOT_YET_VALID: + case X509_V_ERR_CERT_UNTRUSTED: + case X509_V_ERR_CERT_REJECTED: al=SSL_AD_BAD_CERTIFICATE; break; case X509_V_ERR_CERT_SIGNATURE_FAILURE: @@ -549,11 +551,16 @@ int ssl_verify_alarm_type(long type) case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: case X509_V_ERR_CERT_CHAIN_TOO_LONG: + case X509_V_ERR_PATH_LENGTH_EXCEEDED: + case X509_V_ERR_INVALID_CA: al=SSL_AD_UNKNOWN_CA; break; case X509_V_ERR_APPLICATION_VERIFICATION: al=SSL_AD_HANDSHAKE_FAILURE; break; + case X509_V_ERR_INVALID_PURPOSE: + al=SSL_AD_UNSUPPORTED_CERTIFICATE; + break; default: al=SSL_AD_CERTIFICATE_UNKNOWN; break; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index c32c06de3..597343232 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -170,7 +170,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_ADH_RC4_128_MD5, SSL3_CK_ADH_RC4_128_MD5, SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, @@ -196,7 +196,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_ADH_DES_64_CBC_SHA, SSL3_CK_ADH_DES_64_CBC_SHA, SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_LOW, 0, 56, 56, @@ -209,7 +209,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_ADH_DES_192_CBC_SHA, SSL3_CK_ADH_DES_192_CBC_SHA, SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_HIGH, 0, 168, 168, @@ -518,7 +518,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_FZA_DMS_RC4_SHA, SSL3_CK_FZA_DMS_RC4_SHA, SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, @@ -612,7 +612,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, @@ -693,6 +693,9 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u) int ssl3_pending(SSL *s) { + if (s->rstate == SSL_ST_READ_BODY) + return 0; + return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; } diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 2ef8a5078..ebd3b527d 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -848,10 +848,10 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (num > 1) --num; /* test restartability even more thoroughly */ - r = BIO_nwrite(io1, &dataptr, (int)num); + r = BIO_nwrite0(io1, &dataptr); assert(r > 0); - assert(r <= (int)num); - num = r; + if (r < num) + num = r; r = BIO_read(io2, dataptr, (int)num); if (r != (int)num) /* can't happen */ { @@ -860,6 +860,13 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, goto err; } progress = 1; + r = BIO_nwrite(io1, &dataptr, (int)num); + if (r != (int)num) /* can't happen */ + { + fprintf(stderr, "ERROR: BIO_nwrite() did not accept " + "BIO_nwrite0() bytes"); + goto err; + } if (debug) printf((io2 == client_io) ?