openssl

History

Matt Caswell b3b1eb5735 Reject calls to X509_verify_cert that have not been reinitialised

The function X509_verify_cert checks the value of |ctx->chain| at the
beginning, and if it is NULL then it initialises it, along with the value
of ctx->untrusted. The normal way to use X509_verify_cert() is to first
call X509_STORE_CTX_init(); then set up various parameters etc; then call
X509_verify_cert(); then check the results; and finally call
X509_STORE_CTX_cleanup(). The initial call to X509_STORE_CTX_init() sets
|ctx->chain| to NULL. The only place in the OpenSSL codebase  where
|ctx->chain| is set to anything other than a non NULL value is in
X509_verify_cert itself. Therefore the only ways that |ctx->chain| could be
non NULL on entry to X509_verify_cert is if one of the following occurs:
1) An application calls X509_verify_cert() twice without re-initialising
in between.
2) An application reaches inside the X509_STORE_CTX structure and changes
the value of |ctx->chain| directly.

With regards to the second of these, we should discount this - it should
not be supported to allow this.

With regards to the first of these, the documentation is not exactly
crystal clear, but the implication is that you must call
X509_STORE_CTX_init() before each call to X509_verify_cert(). If you fail
to do this then, at best, the results would be undefined.

Calling X509_verify_cert() with |ctx->chain| set to a non NULL value is
likely to have unexpected results, and could be dangerous. This commit
changes the behaviour of X509_verify_cert() so that it causes an error if
|ctx->chain| is anything other than NULL (because this indicates that we
have not been initialised properly). It also clarifies the associated
documentation. This is a follow up commit to CVE-2015-1793.

Reviewed-by: Stephen Henson <steve@openssl.org>

2015-07-07 22:52:36 +01:00

ASN1_generate_nconf.pod

Merge branch 'rsalz-docfixes'

2014-07-03 12:53:36 -04:00

ASN1_OBJECT_new.pod

Add includes in synopsis.

2006-05-14 11:28:00 +00:00

ASN1_STRING_length.pod

Add includes in synopsis.

2006-05-14 11:28:00 +00:00

ASN1_STRING_new.pod

Add includes in synopsis.

2006-05-14 11:28:00 +00:00

ASN1_STRING_print_ex.pod

fix documentation

2007-02-03 10:28:08 +00:00

BIO_ctrl.pod

Clarify the BIO_seek() mess and related issues.

2000-09-18 23:05:33 +00:00

BIO_f_base64.pod

Merge branch 'rsalz-docfixes'

2014-07-03 12:53:36 -04:00

BIO_f_buffer.pod

PR: 2252

2010-05-03 15:29:51 +00:00

BIO_f_cipher.pod

Typo.

2003-02-27 13:02:46 +00:00

BIO_f_md.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

BIO_f_null.pod

Remove indentation in the NAME section. There's really no need to

2000-09-14 12:14:41 +00:00

BIO_f_ssl.pod

PR: 1748

2009-06-25 11:26:45 +00:00

BIO_find_type.pod

Remove indentation in the NAME section. There's really no need to

2000-09-14 12:14:41 +00:00

BIO_new_CMS.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

BIO_new.pod

ispell and some other nit-picking

2000-09-16 15:39:28 +00:00

BIO_push.pod

Typo.

2014-06-29 13:39:24 +01:00

BIO_read.pod

ispell and some other nit-picking

2000-09-16 15:39:28 +00:00

BIO_s_accept.pod

RT2379: Bug in BIO_set_accept_port.pod

2014-08-29 16:46:28 -04:00

BIO_s_bio.pod

Brackets are now allowed, after a small hack in the processing of the

2003-05-23 09:08:59 +00:00

BIO_s_connect.pod

give pseudo prototypes instead of macro definitions for better clarity

2000-10-19 22:02:21 +00:00

BIO_s_fd.pod

Restore the descriptions to conform with the rest of the

2000-09-17 19:20:17 +00:00

BIO_s_file.pod

bss_file.c: reserve for option to encode file name in UTF-8 on Windows

2010-04-28 20:04:37 +00:00

BIO_s_mem.pod

PR: 1894

2009-04-16 17:22:51 +00:00

BIO_s_null.pod

Remove indentation in the NAME section. There's really no need to

2000-09-14 12:14:41 +00:00

BIO_s_socket.pod

give pseudo prototypes instead of macro definitions for better clarity

2000-10-19 22:02:21 +00:00

BIO_set_callback.pod

fix documentation

2006-12-06 09:10:59 +00:00

BIO_should_retry.pod

PR: 2209

2010-04-06 14:45:31 +00:00

bio.pod

Missing link ("Greg Stark" <gstark@ethentica.com>)

2001-04-12 21:11:31 +00:00

blowfish.pod

Fix typo on blowfish manual page

2005-02-19 10:26:18 +00:00

BN_add_word.pod

fix BN_mod_word and give a more reasonable return value if an error occurred

2005-07-25 22:57:54 +00:00

BN_add.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:11:12 +00:00

BN_BLINDING_new.pod

Fix various spelling errors

2014-02-14 22:35:39 +00:00

BN_bn2bin.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_cmp.pod

Update all links so they will be rendered better.

2000-01-27 01:25:31 +00:00

BN_copy.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_CTX_new.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_CTX_start.pod

Add an early reference to BN_CTX_new so that the usage of BN_CTX_start

2000-07-11 20:35:45 +00:00

BN_generate_prime.pod

Typo.

2003-01-13 13:18:22 +00:00

bn_internal.pod

PR: 2078

2009-10-28 13:51:56 +00:00

BN_mod_inverse.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_mod_mul_montgomery.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_mod_mul_reciprocal.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

BN_new.pod

typo

2004-03-06 08:43:36 +00:00

BN_num_bytes.pod

Explain a little better what BN_num_bits() and BN_num_bits_word() do.

2004-07-01 12:33:39 +00:00

BN_rand.pod

Fix off-by-one in BN_rand

2015-05-22 23:45:33 +01:00

BN_set_bit.pod

Reject negative shifts for BN_rshift and BN_lshift

2015-05-22 23:21:55 +01:00

BN_swap.pod

Add bn_mod.c (should have happend in the previous commit ...).

2000-11-26 16:46:57 +00:00

BN_zero.pod

Add history for documented new functions.

2002-07-18 18:54:46 +00:00

bn.pod

Revert my earlier CRYPTO_THREADID commit, I will commit a reworked

2008-07-03 19:59:25 +00:00

buffer.pod

Malloc() -> OPENSSL_malloc() etc.

2000-09-20 03:28:54 +00:00

CMS_add0_cert.pod

New function CMS_add1_crl().

2008-05-02 17:27:01 +00:00

CMS_add1_recipient_cert.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_add1_signer.pod

Use correct function name: CMS_add1_signer()

2014-09-25 00:06:59 +01:00

CMS_compress.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

CMS_decrypt.pod

Clarify CMS_decrypt behaviour.

2014-04-15 18:19:40 +01:00

CMS_encrypt.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

CMS_final.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_get0_RecipientInfos.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_get0_SignerInfos.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_get0_type.pod

Additional CMS documentation.

2015-03-08 16:19:38 +00:00

CMS_get1_ReceiptRequest.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_sign_receipt.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_sign.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

CMS_uncompress.pod

Revert argument swap change... oops CMS_uncompress() was consistent...

2008-04-11 23:23:18 +00:00

CMS_verify_receipt.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CMS_verify.pod

Reformat, fix typos and clarify CMS API docs.

2008-04-10 23:28:25 +00:00

CONF_modules_free.pod

Corrected POD syntax errors. PR#3353

2014-05-14 22:59:48 +01:00

CONF_modules_load_file.pod

additional configuration documentation

2015-03-12 13:45:52 +00:00

CRYPTO_set_ex_data.pod

Add includes in synopsis.

2006-05-14 11:28:00 +00:00

crypto.pod

Document "0" and "1" naming convention.

2002-10-06 12:59:25 +00:00

d2i_ASN1_OBJECT.pod

More man pages.

2002-10-09 12:06:12 +00:00

d2i_CMS_ContentInfo.pod

Additional CMS documentation.

2015-03-08 16:19:38 +00:00

d2i_DHparams.pod

Update DH parameter docs.

2002-10-06 12:24:09 +00:00

d2i_DSAPublicKey.pod

Document that you need to include x509.h (to get [i2d|d2i]_DSA_PUBKEY()).

2003-12-10 13:57:51 +00:00

d2i_ECPrivateKey.pod

Fix some minor documentation issues

2015-02-25 17:46:20 +00:00

d2i_PKCS8PrivateKey.pod

More d2i/i2d manual pages.

2002-10-07 13:07:00 +00:00

d2i_RSAPublicKey.pod

PR: 1626

2009-04-06 15:16:41 +00:00

d2i_X509_ALGOR.pod

More man pages.

2002-10-09 12:06:12 +00:00

d2i_X509_CRL.pod

PR: 2023

2009-09-12 23:34:56 +00:00

d2i_X509_NAME.pod

More docs.

2002-10-09 17:19:59 +00:00

d2i_X509_REQ.pod

PR: 2023

2009-09-12 23:34:56 +00:00

d2i_X509_SIG.pod

More man pages.

2002-10-09 12:06:12 +00:00

d2i_X509.pod

Fix some minor documentation issues

2015-02-25 17:46:20 +00:00

des_modes.pod

small cosmetics: align title with the other similar manual page

2007-02-27 07:41:54 +00:00

des.pod

Minor documentation update removing "really" and a

2014-07-21 20:24:47 +10:00

DH_generate_key.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DH_generate_parameters.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DH_get_ex_new_index.pod

Typos in links between manual pages

2002-07-10 19:35:54 +00:00

DH_new.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DH_set_method.pod

Typos in man pages: dependant->dependent

2007-11-19 09:18:03 +00:00

DH_size.pod

nicer manpages

2000-02-24 11:55:57 +00:00

dh.pod

These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA

2002-08-05 16:27:01 +00:00

DSA_do_sign.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_dup_DH.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_generate_key.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_generate_parameters.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_get_ex_new_index.pod

Document additions for X509 chain verification from HEAD

2009-10-18 15:28:59 +00:00

DSA_new.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_set_method.pod

Typos in man pages: dependant->dependent

2007-11-19 09:18:03 +00:00

DSA_SIG_new.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_sign.pod

It makes more sense to refer to specific function manuals than the concept

2002-09-25 13:33:28 +00:00

DSA_size.pod

These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA

2002-08-05 16:27:01 +00:00

dsa.pod

These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA

2002-08-05 16:27:01 +00:00

ecdsa.pod

Correct ECDSA example.

2013-08-20 17:30:38 +01:00

engine.pod

Typos in man pages: dependant->dependent

2007-11-19 09:18:03 +00:00

ERR_clear_error.pod

Document ERR library.

2000-02-01 01:37:00 +00:00

ERR_error_string.pod

PR: 923

2004-11-14 15:11:37 +00:00

ERR_get_error.pod

Fix doc typo.

2014-07-02 03:45:07 +01:00

ERR_GET_LIB.pod

Document ERR library.

2000-02-01 01:37:00 +00:00

ERR_load_crypto_strings.pod

nicer manpages

2000-02-24 11:55:57 +00:00

ERR_load_strings.pod

nicer manpages

2000-02-24 11:55:57 +00:00

ERR_print_errors.pod

Document ERR library.

2000-02-01 01:37:00 +00:00

ERR_put_error.pod

nicer manpages

2000-02-24 11:55:57 +00:00

ERR_remove_state.pod

typo

2000-05-19 07:54:42 +00:00

ERR_set_mark.pod

Add documentation for ERR_set_mark() and ERR_pop_to_mark().

2003-06-11 20:51:49 +00:00

err.pod

Merge branch 'rsalz-docfixes'

2014-07-03 12:53:36 -04:00

EVP_BytesToKey.pod

Fix various spelling errors

2014-02-14 22:35:39 +00:00

EVP_DigestInit.pod

RT2210: Add missing EVP_cleanup to example

2014-08-27 13:27:06 -04:00

EVP_DigestSignInit.pod

Change version from 0.9.9 to 1.0.0 in docs

2009-09-30 23:40:52 +00:00

EVP_DigestVerifyInit.pod

Typo fixes to evp documentation.

2014-08-24 21:26:40 +01:00

EVP_EncryptInit.pod

Fixes a minor typo in the EVP docs.

2014-11-12 21:05:24 +00:00

EVP_OpenInit.pod