summaryrefslogtreecommitdiff
path: root/deps
diff options
context:
space:
mode:
authorRichard Lau <rlau@redhat.com>2021-08-24 11:05:16 -0400
committerJames M Snell <jasnell@gmail.com>2021-08-26 13:11:11 -0700
commit1e4444047eef71d9efb0e6285338b2568a12554e (patch)
treeb659f3bd81b5c718a39e70b48b4626a6bbca7adb /deps
parent340161b9ff949f1b2be271548b9cab1581cb1e1e (diff)
downloadnode-new-1e4444047eef71d9efb0e6285338b2568a12554e.tar.gz
deps: upgrade openssl sources to OpenSSL_1_1_1l+quic
This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1l+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: https://github.com/nodejs/node/pull/39867 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Diffstat (limited to 'deps')
-rw-r--r--deps/openssl/openssl/CHANGES65
-rw-r--r--deps/openssl/openssl/Configurations/10-main.conf7
-rw-r--r--deps/openssl/openssl/Configurations/15-android.conf84
-rw-r--r--deps/openssl/openssl/Configurations/unix-Makefile.tmpl1
-rw-r--r--deps/openssl/openssl/Configurations/windows-makefile.tmpl26
-rw-r--r--deps/openssl/openssl/NEWS5
-rw-r--r--deps/openssl/openssl/README-OpenSSL.md2
-rw-r--r--deps/openssl/openssl/apps/crl2p7.c18
-rw-r--r--deps/openssl/openssl/apps/enc.c4
-rw-r--r--deps/openssl/openssl/apps/s_server.c13
-rw-r--r--deps/openssl/openssl/apps/s_socket.c12
-rw-r--r--deps/openssl/openssl/crypto/armcap.c15
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_object.c15
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_strex.c4
-rw-r--r--deps/openssl/openssl/crypto/asn1/asn1_lib.c14
-rw-r--r--deps/openssl/openssl/crypto/asn1/bio_asn1.c7
-rw-r--r--deps/openssl/openssl/crypto/asn1/bio_ndef.c3
-rw-r--r--deps/openssl/openssl/crypto/asn1/d2i_pr.c73
-rw-r--r--deps/openssl/openssl/crypto/asn1/t_spki.c4
-rw-r--r--deps/openssl/openssl/crypto/bio/b_addr.c4
-rw-r--r--deps/openssl/openssl/crypto/bio/b_sock2.c5
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_div.c9
-rwxr-xr-xdeps/openssl/openssl/crypto/chacha/asm/chacha-x86_64.pl54
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_prn.c14
-rw-r--r--deps/openssl/openssl/crypto/ec/ec2_oct.c43
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_asn1.c7
-rw-r--r--deps/openssl/openssl/crypto/err/openssl.txt5
-rw-r--r--deps/openssl/openssl/crypto/evp/e_aes.c192
-rw-r--r--deps/openssl/openssl/crypto/evp/e_camellia.c10
-rw-r--r--deps/openssl/openssl/crypto/hmac/hm_ameth.c5
-rw-r--r--deps/openssl/openssl/crypto/pkcs12/p12_key.c4
-rw-r--r--deps/openssl/openssl/crypto/poly1305/poly1305_ameth.c4
-rw-r--r--deps/openssl/openssl/crypto/ppccap.c6
-rw-r--r--deps/openssl/openssl/crypto/rand/rand_unix.c10
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_prn.c8
-rw-r--r--deps/openssl/openssl/crypto/siphash/siphash_ameth.c4
-rw-r--r--deps/openssl/openssl/crypto/sm2/sm2_crypt.c29
-rw-r--r--deps/openssl/openssl/crypto/sm2/sm2_pmeth.c4
-rw-r--r--deps/openssl/openssl/crypto/sparcv9cap.c3
-rw-r--r--deps/openssl/openssl/crypto/srp/srp_vfy.c13
-rw-r--r--deps/openssl/openssl/crypto/store/loader_file.c3
-rw-r--r--deps/openssl/openssl/crypto/ts/ts_rsp_verify.c3
-rw-r--r--deps/openssl/openssl/crypto/ts/ts_verify_ctx.c4
-rw-r--r--deps/openssl/openssl/crypto/uid.c8
-rw-r--r--deps/openssl/openssl/crypto/x509/t_x509.c6
-rw-r--r--deps/openssl/openssl/crypto/x509/x509_vpm.c6
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_akey.c40
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_alt.c12
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_cpols.c11
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_ncons.c79
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_pci.c5
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_utl.c60
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3err.c6
-rw-r--r--deps/openssl/openssl/demos/bio/client-arg.c8
-rw-r--r--deps/openssl/openssl/demos/bio/client-conf.c8
-rw-r--r--deps/openssl/openssl/doc/man1/enc.pod4
-rw-r--r--deps/openssl/openssl/doc/man1/s_client.pod2
-rw-r--r--deps/openssl/openssl/doc/man1/s_server.pod2
-rw-r--r--deps/openssl/openssl/doc/man3/BIO_f_ssl.pod7
-rw-r--r--deps/openssl/openssl/doc/man3/BIO_push.pod6
-rw-r--r--deps/openssl/openssl/doc/man3/BN_cmp.pod41
-rw-r--r--deps/openssl/openssl/doc/man3/SSL_CTX_set_num_tickets.pod32
-rw-r--r--deps/openssl/openssl/doc/man3/d2i_PrivateKey.pod6
-rw-r--r--deps/openssl/openssl/doc/man7/x509.pod6
-rw-r--r--deps/openssl/openssl/include/crypto/bn_conf.h1
-rw-r--r--deps/openssl/openssl/include/crypto/dso_conf.h1
-rw-r--r--deps/openssl/openssl/include/crypto/sm2.h5
-rw-r--r--deps/openssl/openssl/include/crypto/x509.h7
-rw-r--r--deps/openssl/openssl/include/openssl/e_os2.h5
-rw-r--r--deps/openssl/openssl/include/openssl/opensslconf.h1
-rw-r--r--deps/openssl/openssl/include/openssl/opensslv.h4
-rw-r--r--deps/openssl/openssl/include/openssl/ssl.h1
-rw-r--r--deps/openssl/openssl/include/openssl/sslerr.h5
-rw-r--r--deps/openssl/openssl/include/openssl/x509v3err.h4
-rw-r--r--deps/openssl/openssl/ssl/bio_ssl.c3
-rw-r--r--deps/openssl/openssl/ssl/d1_lib.c3
-rw-r--r--deps/openssl/openssl/ssl/record/rec_layer_s3.c16
-rw-r--r--deps/openssl/openssl/ssl/record/ssl3_buffer.c3
-rw-r--r--deps/openssl/openssl/ssl/record/ssl3_record.c36
-rw-r--r--deps/openssl/openssl/ssl/s3_msg.c4
-rw-r--r--deps/openssl/openssl/ssl/ssl_cert.c35
-rw-r--r--deps/openssl/openssl/ssl/ssl_err.c7
-rw-r--r--deps/openssl/openssl/ssl/ssl_lib.c72
-rw-r--r--deps/openssl/openssl/ssl/ssl_local.h4
-rw-r--r--deps/openssl/openssl/ssl/statem/extensions.c31
-rw-r--r--deps/openssl/openssl/ssl/statem/extensions_srvr.c9
-rw-r--r--deps/openssl/openssl/ssl/statem/statem_clnt.c5
-rw-r--r--deps/openssl/openssl/ssl/statem/statem_local.h4
-rw-r--r--deps/openssl/openssl/ssl/statem/statem_srvr.c25
-rw-r--r--deps/openssl/openssl/ssl/t1_lib.c11
-rw-r--r--deps/openssl/openssl/test/asn1_decode_test.c28
-rw-r--r--deps/openssl/openssl/test/bio_memleak_test.c78
-rw-r--r--deps/openssl/openssl/test/bntest.c79
-rw-r--r--deps/openssl/openssl/test/certs/ee-self-signed.pem33
-rw-r--r--deps/openssl/openssl/test/clienthellotest.c14
-rw-r--r--deps/openssl/openssl/test/ectest.c54
-rw-r--r--deps/openssl/openssl/test/evp_extra_test.c596
-rw-r--r--deps/openssl/openssl/test/recipes/25-test_req.t29
-rw-r--r--deps/openssl/openssl/test/recipes/25-test_verify.t3
-rw-r--r--deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt12
-rw-r--r--deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t14
-rw-r--r--deps/openssl/openssl/test/recipes/80-test_ssl_old.t14
-rw-r--r--deps/openssl/openssl/test/rsa_test.c9
-rw-r--r--deps/openssl/openssl/test/sm2_internal_test.c4
-rw-r--r--deps/openssl/openssl/test/sslapitest.c284
-rw-r--r--deps/openssl/openssl/test/testrsa_withattrs.derbin0 -> 1277 bytes
-rw-r--r--deps/openssl/openssl/test/testrsa_withattrs.pem29
-rw-r--r--deps/openssl/openssl/test/x509_time_test.c12
-rw-r--r--deps/openssl/openssl/util/libssl.num1
-rwxr-xr-xdeps/openssl/openssl/util/mkdir-p.pl5
110 files changed, 2235 insertions, 535 deletions
diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES
index 5f67b2be02..7401b52d3a 100644
--- a/deps/openssl/openssl/CHANGES
+++ b/deps/openssl/openssl/CHANGES
@@ -7,6 +7,71 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
+
+ *) Fixed an SM2 Decryption Buffer Overflow.
+
+ In order to decrypt SM2 encrypted data an application is expected to call the
+ API function EVP_PKEY_decrypt(). Typically an application will call this
+ function twice. The first time, on entry, the "out" parameter can be NULL and,
+ on exit, the "outlen" parameter is populated with the buffer size required to
+ hold the decrypted plaintext. The application can then allocate a sufficiently
+ sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
+ value for the "out" parameter.
+
+ A bug in the implementation of the SM2 decryption code means that the
+ calculation of the buffer size required to hold the plaintext returned by the
+ first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
+ the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
+ called by the application a second time with a buffer that is too small.
+
+ A malicious attacker who is able present SM2 content for decryption to an
+ application could cause attacker chosen data to overflow the buffer by up to a
+ maximum of 62 bytes altering the contents of other data held after the
+ buffer, possibly changing application behaviour or causing the application to
+ crash. The location of the buffer is application dependent but is typically
+ heap allocated.
+ (CVE-2021-3711)
+ [Matt Caswell]
+
+ *) Fixed various read buffer overruns processing ASN.1 strings
+
+ ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
+ structure which contains a buffer holding the string data and a field holding
+ the buffer length. This contrasts with normal C strings which are repesented as
+ a buffer for the string data which is terminated with a NUL (0) byte.
+
+ Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
+ own "d2i" functions (and other similar parsing functions) as well as any string
+ whose value has been set with the ASN1_STRING_set() function will additionally
+ NUL terminate the byte array in the ASN1_STRING structure.
+
+ However, it is possible for applications to directly construct valid ASN1_STRING
+ structures which do not NUL terminate the byte array by directly setting the
+ "data" and "length" fields in the ASN1_STRING array. This can also happen by
+ using the ASN1_STRING_set0() function.
+
+ Numerous OpenSSL functions that print ASN.1 data have been found to assume that
+ the ASN1_STRING byte array will be NUL terminated, even though this is not
+ guaranteed for strings that have been directly constructed. Where an application
+ requests an ASN.1 structure to be printed, and where that ASN.1 structure
+ contains ASN1_STRINGs that have been directly constructed by the application
+ without NUL terminating the "data" field, then a read buffer overrun can occur.
+
+ The same thing can also occur during name constraints processing of certificates
+ (for example if a certificate has been directly constructed by the application
+ instead of loading it via the OpenSSL parsing functions, and the certificate
+ contains non NUL terminated ASN1_STRING structures). It can also occur in the
+ X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.
+
+ If a malicious actor can cause an application to directly construct an
+ ASN1_STRING and then process it through one of the affected OpenSSL functions
+ then this issue could be hit. This might result in a crash (causing a Denial of
+ Service attack). It could also result in the disclosure of private memory
+ contents (such as private keys, or sensitive plaintext).
+ (CVE-2021-3712)
+ [Matt Caswell]
+
Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
*) Fixed a problem with verifying a certificate chain when using the
diff --git a/deps/openssl/openssl/Configurations/10-main.conf b/deps/openssl/openssl/Configurations/10-main.conf
index 8dc3e858df..61c6689a0c 100644
--- a/deps/openssl/openssl/Configurations/10-main.conf
+++ b/deps/openssl/openssl/Configurations/10-main.conf
@@ -754,6 +754,13 @@ my %targets = (
multilib => "64",
},
+ # riscv64 below refers to contemporary RISCV Architecture
+ # specifications,
+ "linux64-riscv64" => {
+ inherit_from => [ "linux-generic64"],
+ perlasm_scheme => "linux64",
+ },
+
#### IA-32 targets...
#### These two targets are a bit aged and are to be used on older Linux
#### machines where gcc doesn't understand -m32 and -m64
diff --git a/deps/openssl/openssl/Configurations/15-android.conf b/deps/openssl/openssl/Configurations/15-android.conf
index 4616394f8c..fd5cd3f478 100644
--- a/deps/openssl/openssl/Configurations/15-android.conf
+++ b/deps/openssl/openssl/Configurations/15-android.conf
@@ -29,18 +29,18 @@
$ndk = $ENV{$ndk_var};
last if defined $ndk;
}
- die "\$ANDROID_NDK_HOME is not defined" if (!$ndk);
- if (!-d "$ndk/platforms" && !-f "$ndk/AndroidVersion.txt") {
- # $ndk/platforms is traditional "all-inclusive" NDK, while
- # $ndk/AndroidVersion.txt is so-called standalone toolchain
- # tailored for specific target down to API level.
+ die "\$ANDROID_NDK_HOME is not defined" if (!$ndk);
+ my $is_standalone_toolchain = -f "$ndk/AndroidVersion.txt";
+ my $ndk_src_props = "$ndk/source.properties";
+ my $is_ndk = -f $ndk_src_props;
+ if ($is_ndk == $is_standalone_toolchain) {
die "\$ANDROID_NDK_HOME=$ndk is invalid";
}
$ndk = canonpath($ndk);
my $ndkver = undef;
- if (open my $fh, "<$ndk/source.properties") {
+ if (open my $fh, "<$ndk_src_props") {
local $_;
while(<$fh>) {
if (m|Pkg\.Revision\s*=\s*([0-9]+)|) {
@@ -59,7 +59,7 @@
if ($sysroot = $ENV{CROSS_SYSROOT}) {
$sysroot =~ m|/android-([0-9]+)/arch-(\w+)/?$|;
($api, $arch) = ($1, $2);
- } elsif (-f "$ndk/AndroidVersion.txt") {
+ } elsif ($is_standalone_toolchain) {
$sysroot = "$ndk/sysroot";
} else {
$api = "*";
@@ -72,17 +72,31 @@
}
}
- # list available platforms (numerically)
- my @platforms = sort { $a =~ m/-([0-9]+)$/; my $aa = $1;
- $b =~ m/-([0-9]+)$/; $aa <=> $1;
- } glob("$ndk/platforms/android-$api");
- die "no $ndk/platforms/android-$api" if ($#platforms < 0);
+ if (-d "$ndk/platforms") {
+ # list available platforms (numerically)
+ my @platforms = sort { $a =~ m/-([0-9]+)$/; my $aa = $1;
+ $b =~ m/-([0-9]+)$/; $aa <=> $1;
+ } glob("$ndk/platforms/android-$api");
+ die "no $ndk/platforms/android-$api" if ($#platforms < 0);
- $sysroot = "@platforms[$#platforms]/arch-$arch";
- $sysroot =~ m|/android-([0-9]+)/arch-$arch|;
- $api = $1;
+ $sysroot = "@platforms[$#platforms]/arch-$arch";
+ $sysroot =~ m|/android-([0-9]+)/arch-$arch|;
+ $api = $1;
+ } elsif ($api eq "*") {
+ # r22 Removed platforms dir, use this JSON file
+ my $path = "$ndk/meta/platforms.json";
+ open my $fh, $path or die "Could not open '$path' $!";
+ while (<$fh>) {
+ if (/"max": (\d+),/) {
+ $api = $1;
+ last;
+ }
+ }
+ close $fh;
+ }
+ die "Could not get default API Level" if ($api eq "*");
}
- die "no sysroot=$sysroot" if (!-d $sysroot);
+ die "no sysroot=$sysroot" if (length $sysroot && !-d $sysroot);
my $triarch = $triplet{$arch};
my $cflags;
@@ -95,17 +109,21 @@
my $arm = $ndkver > 16 ? "armv7a" : "armv5te";
(my $tridefault = $triarch) =~ s/^arm-/$arm-/;
(my $tritools = $triarch) =~ s/(?:x|i6)86(_64)?-.*/x86$1/;
- $cflags .= " -target $tridefault "
- . "-gcc-toolchain \$($ndk_var)/toolchains"
- . "/$tritools-4.9/prebuilt/$host";
- $user{CC} = "clang" if ($user{CC} !~ m|clang|);
+ if (length $sysroot) {
+ $cflags .= " -target $tridefault "
+ . "-gcc-toolchain \$($ndk_var)/toolchains"
+ . "/$tritools-4.9/prebuilt/$host";
+ $user{CC} = "clang" if ($user{CC} !~ m|clang|);
+ } else {
+ $user{CC} = "$tridefault$api-clang";
+ }
$user{CROSS_COMPILE} = undef;
if (which("llvm-ar") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
$user{AR} = "llvm-ar";
$user{ARFLAGS} = [ "rs" ];
$user{RANLIB} = ":";
}
- } elsif (-f "$ndk/AndroidVersion.txt") { #"standalone toolchain"
+ } elsif ($is_standalone_toolchain) {
my $cc = $user{CC} // "clang";
# One can probably argue that both clang and gcc should be
# probed, but support for "standalone toolchain" was added
@@ -127,19 +145,21 @@
$user{CROSS_COMPILE} = "$triarch-";
}
- if (!-d "$sysroot/usr/include") {
- my $incroot = "$ndk/sysroot/usr/include";
- die "no $incroot" if (!-d $incroot);
- die "no $incroot/$triarch" if (!-d "$incroot/$triarch");
- $incroot =~ s|^$ndk/||;
- $cppflags = "-D__ANDROID_API__=$api";
- $cppflags .= " -isystem \$($ndk_var)/$incroot/$triarch";
- $cppflags .= " -isystem \$($ndk_var)/$incroot";
+ if (length $sysroot) {
+ if (!-d "$sysroot/usr/include") {
+ my $incroot = "$ndk/sysroot/usr/include";
+ die "no $incroot" if (!-d $incroot);
+ die "no $incroot/$triarch" if (!-d "$incroot/$triarch");
+ $incroot =~ s|^$ndk/||;
+ $cppflags = "-D__ANDROID_API__=$api";
+ $cppflags .= " -isystem \$($ndk_var)/$incroot/$triarch";
+ $cppflags .= " -isystem \$($ndk_var)/$incroot";
+ }
+ $sysroot =~ s|^$ndk/||;
+ $sysroot = " --sysroot=\$($ndk_var)/$sysroot";
}
-
- $sysroot =~ s|^$ndk/||;
$android_ndk = {
- cflags => "$cflags --sysroot=\$($ndk_var)/$sysroot",
+ cflags => $cflags . $sysroot,
cppflags => $cppflags,
bn_ops => $arch =~ m/64$/ ? "SIXTY_FOUR_BIT_LONG"
: "BN_LLONG",
diff --git a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
index 41648c9526..66617d6f4f 100644
--- a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
+++ b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
@@ -523,7 +523,6 @@ clean: libclean
$(RM) -r test/test-runs
$(RM) openssl.pc libcrypto.pc libssl.pc
-$(RM) `find . -type l \! -name '.*' -print`
- $(RM) $(TARFILE)
distclean: clean
$(RM) configdata.pm
diff --git a/deps/openssl/openssl/Configurations/windows-makefile.tmpl b/deps/openssl/openssl/Configurations/windows-makefile.tmpl
index 9351149fe8..13716e0644 100644
--- a/deps/openssl/openssl/Configurations/windows-makefile.tmpl
+++ b/deps/openssl/openssl/Configurations/windows-makefile.tmpl
@@ -324,15 +324,15 @@ build_apps build_tests: build_programs
# Convenience target to prebuild all generated files, not just the mandatory
# ones
build_all_generated: $(GENERATED_MANDATORY) $(GENERATED)
- @{- output_off() if $disabled{makedepend}; "" -}
+ @{- output_off() if $disabled{makedepend}; "\@rem" -}
@$(ECHO) "Warning: consider configuring with no-makedepend, because if"
@$(ECHO) " target system doesn't have $(PERL),"
@$(ECHO) " then make will fail..."
- @{- output_on() if $disabled{makedepend}; "" -}
+ @{- output_on() if $disabled{makedepend}; "\@rem" -}
test: tests
{- dependmagic('tests'); -}: build_programs_nodep build_engines_nodep
- @{- output_off() if $disabled{tests}; "" -}
+ @{- output_off() if $disabled{tests}; "\@rem" -}
-mkdir $(BLDDIR)\test\test-runs
set SRCTOP=$(SRCDIR)
set BLDTOP=$(BLDDIR)
@@ -341,17 +341,17 @@ test: tests
set OPENSSL_ENGINES=$(MAKEDIR)\engines
set OPENSSL_DEBUG_MEMORY=on
"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
- @{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
+ @{- if ($disabled{tests}) { output_on(); } else { output_off(); } "\@rem" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
- @{- output_on() if !$disabled{tests}; "" -}
+ @{- output_on() if !$disabled{tests}; "\@rem" -}
list-tests:
- @{- output_off() if $disabled{tests}; "" -}
+ @{- output_off() if $disabled{tests}; "\@rem" -}
@set SRCTOP=$(SRCDIR)
@"$(PERL)" "$(SRCDIR)\test\run_tests.pl" list
- @{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
+ @{- if ($disabled{tests}) { output_on(); } else { output_off(); } "\@rem" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
- @{- output_on() if !$disabled{tests}; "" -}
+ @{- output_on() if !$disabled{tests}; "\@rem" -}
install: install_sw install_ssldirs install_docs
@@ -362,7 +362,7 @@ libclean:
-del /Q /F $(LIBS) libcrypto.* libssl.* ossl_static.pdb
clean: libclean
- {- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) -}
+ {- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) || "\@rem" -}
-del /Q /F $(ENGINES)
-del /Q /F $(SCRIPTS)
-del /Q /F $(GENERATED_MANDATORY)
@@ -378,9 +378,9 @@ distclean: clean
-del /Q /F makefile
depend:
- @ {- output_off() if $disabled{makedepend}; "" -}
+ @ {- output_off() if $disabled{makedepend}; "\@rem" -}
@ "$(PERL)" "$(SRCDIR)\util\add-depends.pl" "VC"
- @ {- output_on() if $disabled{makedepend}; "" -}
+ @ {- output_on() if $disabled{makedepend}; "\@rem" -}
# Install helper targets #############################################
@@ -413,10 +413,10 @@ install_dev: install_runtime_libs
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
@$(ECHO) "*** Installing development files"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\include\openssl"
- @{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -}
+ @{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "\@rem" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\ms\applink.c" \
"$(INSTALLTOP)\include\openssl"
- @{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -}
+ @{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "\@rem" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "-exclude_re=/__DECC_" \
"$(SRCDIR)\include\openssl\*.h" \
"$(INSTALLTOP)\include\openssl"
diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS
index 05991a0c21..5a1207c66e 100644
--- a/deps/openssl/openssl/NEWS
+++ b/deps/openssl/openssl/NEWS
@@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]
+
+ o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)
+ o Fixed various read buffer overruns processing ASN.1 strings (CVE-2021-3712)
+
Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
o Fixed a problem with verifying a certificate chain when using the
diff --git a/deps/openssl/openssl/README-OpenSSL.md b/deps/openssl/openssl/README-OpenSSL.md
index b92a8bd3a4..7dc4e6790c 100644
--- a/deps/openssl/openssl/README-OpenSSL.md
+++ b/deps/openssl/openssl/README-OpenSSL.md
@@ -1,5 +1,5 @@
- OpenSSL 1.1.1k 25 Mar 2021
+ OpenSSL 1.1.1l 24 Aug 2021
Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/deps/openssl/openssl/apps/crl2p7.c b/deps/openssl/openssl/apps/crl2p7.c
index 88fabcb22c..3f619bf527 100644
--- a/deps/openssl/openssl/apps/crl2p7.c
+++ b/deps/openssl/openssl/apps/crl2p7.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -120,19 +120,20 @@ int crl2pkcs7_main(int argc, char **argv)
if (!ASN1_INTEGER_set(p7s->version, 1))
goto end;
- if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
- goto end;
- p7s->crl = crl_stack;
+
if (crl != NULL) {
+ if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
+ goto end;
+ p7s->crl = crl_stack;
sk_X509_CRL_push(crl_stack, crl);
crl = NULL; /* now part of p7 for OPENSSL_freeing */
}
- if ((cert_stack = sk_X509_new_null()) == NULL)
- goto end;
- p7s->cert = cert_stack;
+ if (certflst != NULL) {
+ if ((cert_stack = sk_X509_new_null()) == NULL)
+ goto end;
+ p7s->cert = cert_stack;
- if (certflst != NULL)
for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
certfile = sk_OPENSSL_STRING_value(certflst, i);
if (add_certs_from_file(cert_stack, certfile) < 0) {
@@ -141,6 +142,7 @@ int crl2pkcs7_main(int argc, char **argv)
goto end;
}
}
+ }
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
diff --git a/deps/openssl/openssl/apps/enc.c b/deps/openssl/openssl/apps/enc.c
index ddf51e0dba..65710771a0 100644
--- a/deps/openssl/openssl/apps/enc.c
+++ b/deps/openssl/openssl/apps/enc.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -81,7 +81,7 @@ const OPTIONS enc_options[] = {
{"", OPT_CIPHER, '-', "Any supported cipher"},
OPT_R_OPTIONS,
#ifdef ZLIB
- {"z", OPT_Z, '-', "Use zlib as the 'encryption'"},
+ {"z", OPT_Z, '-', "Compress or decompress encrypted data using zlib"},
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
diff --git a/deps/openssl/openssl/apps/s_server.c b/deps/openssl/openssl/apps/s_server.c
index 0ba75999fd..938e244222 100644
--- a/deps/openssl/openssl/apps/s_server.c
+++ b/deps/openssl/openssl/apps/s_server.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -133,6 +133,17 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
+
+ if (SSL_version(ssl) >= TLS1_3_VERSION) {
+ /*
+ * This callback is designed for use in TLSv1.2. It is possible to use
+ * a single callback for all protocol versions - but it is preferred to
+ * use a dedicated callback for TLSv1.3. For TLSv1.3 we have
+ * psk_find_session_cb.
+ */
+ return 0;
+ }
+
if (identity == NULL) {
BIO_printf(bio_err, "Error: client did not send PSK identity\n");
goto out_err;
diff --git a/deps/openssl/openssl/apps/s_socket.c b/deps/openssl/openssl/apps/s_socket.c
index 76f9289002..aee366d5f4 100644
--- a/deps/openssl/openssl/apps/s_socket.c
+++ b/deps/openssl/openssl/apps/s_socket.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -214,6 +214,8 @@ int do_server(int *accept_sock, const char *host, const char *port,
const BIO_ADDRINFO *next;
int sock_family, sock_type, sock_protocol, sock_port;
const BIO_ADDR *sock_address;
+ int sock_family_fallback = AF_UNSPEC;
+ const BIO_ADDR *sock_address_fallback = NULL;
int sock_options = BIO_SOCK_REUSEADDR;
int ret = 0;
@@ -244,6 +246,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
&& BIO_ADDRINFO_protocol(next) == sock_protocol) {
if (sock_family == AF_INET
&& BIO_ADDRINFO_family(next) == AF_INET6) {
+ /* In case AF_INET6 is returned but not supported by the
+ * kernel, retry with the first detected address family */
+ sock_family_fallback = sock_family;
+ sock_address_fallback = sock_address;
sock_family = AF_INET6;
sock_address = BIO_ADDRINFO_address(next);
} else if (sock_family == AF_INET6
@@ -253,6 +259,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
}
asock = BIO_socket(sock_family, sock_type, sock_protocol, 0);
+ if (asock == INVALID_SOCKET && sock_family_fallback != AF_UNSPEC) {
+ asock = BIO_socket(sock_family_fallback, sock_type, sock_protocol, 0);
+ sock_address = sock_address_fallback;
+ }
if (asock == INVALID_SOCKET
|| !BIO_listen(asock, sock_address, sock_options)) {
BIO_ADDRINFO_free(res);
diff --git a/deps/openssl/openssl/crypto/armcap.c b/deps/openssl/openssl/crypto/armcap.c
index 8bf96f1021..c5685bde58 100644
--- a/deps/openssl/openssl/crypto/armcap.c
+++ b/deps/openssl/openssl/crypto/armcap.c
@@ -68,6 +68,12 @@ void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
+# elif defined(__ANDROID_API__)
+/* see https://developer.android.google.cn/ndk/guides/cpu-features */
+# if __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
# endif
# if defined(__FreeBSD__)
# include <sys/param.h>
@@ -88,6 +94,15 @@ static unsigned long getauxval(unsigned long key)
# endif
/*
+ * Android: according to https://developer.android.com/ndk/guides/cpu-features,
+ * getauxval is supported starting with API level 18
+ */
+# if defined(__ANDROID__) && defined(__ANDROID_API__) && __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
+
+/*
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
diff --git a/deps/openssl/openssl/crypto/asn1/a_object.c b/deps/openssl/openssl/crypto/asn1/a_object.c
index d67a723c96..8ade9e50a7 100644
--- a/deps/openssl/openssl/crypto/asn1/a_object.c
+++ b/deps/openssl/openssl/crypto/asn1/a_object.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -286,16 +286,13 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
}
}
- /*
- * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
- * ->ln
- */
if ((a == NULL) || ((*a) == NULL) ||
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
if ((ret = ASN1_OBJECT_new()) == NULL)
return NULL;
- } else
+ } else {
ret = (*a);
+ }
p = *pp;
/* detach data from object */
@@ -313,6 +310,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
memcpy(data, p, length);
+ /* If there are dynamic strings, free them here, and clear the flag */
+ if ((ret->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) != 0) {
+ OPENSSL_free((char *)ret->sn);
+ OPENSSL_free((char *)ret->ln);
+ ret->flags &= ~ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
+ }
/* reattach data to object, after which it remains const */
ret->data = data;
ret->length = length;
diff --git a/deps/openssl/openssl/crypto/asn1/a_strex.c b/deps/openssl/openssl/crypto/asn1/a_strex.c
index 4879b33785..284dde274c 100644
--- a/deps/openssl/openssl/crypto/asn1/a_strex.c
+++ b/deps/openssl/openssl/crypto/asn1/a_strex.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -280,6 +280,8 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
t.type = str->type;
t.value.ptr = (char *)str;
der_len = i2d_ASN1_TYPE(&t, NULL);
+ if (der_len <= 0)
+ return -1;
if ((der_buf = OPENSSL_malloc(der_len)) == NULL) {
ASN1err(ASN1_F_DO_DUMP, ERR_R_MALLOC_FAILURE);
return -1;
diff --git a/deps/openssl/openssl/crypto/asn1/asn1_lib.c b/deps/openssl/openssl/crypto/asn1/asn1_lib.c
index 366afc5f6c..3d99d1383d 100644
--- a/deps/openssl/openssl/crypto/asn1/asn1_lib.c
+++ b/deps/openssl/openssl/crypto/asn1/asn1_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -292,7 +292,12 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
}
if ((size_t)str->length <= len || str->data == NULL) {
c = str->data;
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ /* No NUL terminator in fuzzing builds */
+ str->data = OPENSSL_realloc(c, len);
+#else
str->data = OPENSSL_realloc(c, len + 1);
+#endif
if (str->data == NULL) {
ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
str->data = c;
@@ -302,8 +307,13 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
str->length = len;
if (data != NULL) {
memcpy(str->data, data, len);
- /* an allowance for strings :-) */
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ /*
+ * Add a NUL terminator. This should not be necessary - but we add it as
+ * a safety precaution
+ */
str->data[len] = '\0';
+#endif
}
return 1;
}
diff --git a/deps/openssl/openssl/crypto/asn1/bio_asn1.c b/deps/openssl/openssl/crypto/asn1/bio_asn1.c
index 86ee566323..914d77c866 100644
--- a/deps/openssl/openssl/crypto/asn1/bio_asn1.c
+++ b/deps/openssl/openssl/crypto/asn1/bio_asn1.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -138,6 +138,11 @@ static int asn1_bio_free(BIO *b)
if (ctx == NULL)
return 0;
+ if (ctx->prefix_free != NULL)
+ ctx->prefix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
+ if (ctx->suffix_free != NULL)
+ ctx->suffix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
+
OPENSSL_free(ctx->buf);
OPENSSL_free(ctx);
BIO_set_data(b, NULL);
diff --git a/deps/openssl/openssl/crypto/asn1/bio_ndef.c b/deps/openssl/openssl/crypto/asn1/bio_ndef.c
index d7d7d80eea..760e4846a4 100644
--- a/deps/openssl/openssl/crypto/asn1/bio_ndef.c
+++ b/deps/openssl/openssl/crypto/asn1/bio_ndef.c
@@ -142,6 +142,9 @@ static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
ndef_aux = *(NDEF_SUPPORT **)parg;
+ if (ndef_aux == NULL)
+ return 0;
+
OPENSSL_free(ndef_aux->derbuf);
ndef_aux->derbuf = NULL;
diff --git a/deps/openssl/openssl/crypto/asn1/d2i_pr.c b/deps/openssl/openssl/crypto/asn1/d2i_pr.c
index 7b127d2092..2094963036 100644
--- a/deps/openssl/openssl/crypto/asn1/d2i_pr.c
+++ b/deps/openssl/openssl/crypto/asn1/d2i_pr.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -78,13 +78,53 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
* type
*/
+static EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int *carry_on)
+{
+ const unsigned char *p = *pp;
+ PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
+ EVP_PKEY *ret;
+
+ if (p8 == NULL)
+ return NULL;
+
+ ret = EVP_PKCS82PKEY(p8);
+ if (ret == NULL)
+ *carry_on = 0;
+
+ PKCS8_PRIV_KEY_INFO_free(p8);
+
+ if (ret != NULL)
+ *pp = p;
+
+ return ret;
+}
+
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
long length)
{
STACK_OF(ASN1_TYPE) *inkey;
const unsigned char *p;
int keytype;
+ EVP_PKEY *ret = NULL;
+ int carry_on = 1;
+
+ ERR_set_mark();
+ ret = key_as_pkcs8(pp, length, &carry_on);
+ if (ret != NULL) {
+ ERR_clear_last_mark();
+ if (a != NULL)
+ *a = ret;
+ return ret;
+ }
+
+ if (carry_on == 0) {
+ ERR_clear_last_mark();
+ ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
+ ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return NULL;
+ }
p = *pp;
+
/*
* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
* analyzing it we can determine the passed structure: this assumes the
@@ -100,28 +140,15 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
keytype = EVP_PKEY_DSA;
else if (sk_ASN1_TYPE_num(inkey) == 4)
keytype = EVP_PKEY_EC;
- else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
- * traditional format */
- PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
- EVP_PKEY *ret;
-
- sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- if (!p8) {
- ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
- ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
- return NULL;
- }
- ret = EVP_PKCS82PKEY(p8);
- PKCS8_PRIV_KEY_INFO_free(p8);
- if (ret == NULL)
- return NULL;
- *pp = p;
- if (a) {
- *a = ret;
- }
- return ret;
- } else
+ else
keytype = EVP_PKEY_RSA;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- return d2i_PrivateKey(keytype, a, pp, length);
+
+ ret = d2i_PrivateKey(keytype, a, pp, length);
+ if (ret != NULL)
+ ERR_pop_to_mark();
+ else
+ ERR_clear_last_mark();
+
+ return ret;
}
diff --git a/deps/openssl/openssl/crypto/asn1/t_spki.c b/deps/openssl/openssl/crypto/asn1/t_spki.c
index 51b56d0aa9..3d4aea8ad9 100644
--- a/deps/openssl/openssl/crypto/asn1/t_spki.c
+++ b/deps/openssl/openssl/crypto/asn1/t_spki.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
}
chal = spki->spkac->challenge;
if (chal->length)
- BIO_printf(out, " Challenge String: %s\n", chal->data);
+ BIO_printf(out, " Challenge String: %.*s\n", chal->length, chal->data);
i = OBJ_obj2nid(spki->sig_algor.algorithm);
BIO_printf(out, " Signature Algorithm: %s",
(i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
diff --git a/deps/openssl/openssl/crypto/bio/b_addr.c b/deps/openssl/openssl/crypto/bio/b_addr.c
index b023bbda40..8ea32bce40 100644
--- a/deps/openssl/openssl/crypto/bio/b_addr.c
+++ b/deps/openssl/openssl/crypto/bio/b_addr.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -689,7 +689,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
hints.ai_protocol = protocol;
# ifdef AI_ADDRCONFIG
# ifdef AF_UNSPEC
- if (family == AF_UNSPEC)
+ if (host != NULL && family == AF_UNSPEC)
# endif
hints.ai_flags |= AI_ADDRCONFIG;
# endif
diff --git a/deps/openssl/openssl/crypto/bio/b_sock2.c b/deps/openssl/openssl/crypto/bio/b_sock2.c
index 335dfabc61..104ff31b0d 100644
--- a/deps/openssl/openssl/crypto/bio/b_sock2.c
+++ b/deps/openssl/openssl/crypto/bio/b_sock2.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -243,7 +243,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
}
}
-# ifdef IPV6_V6ONLY
+ /* On OpenBSD it is always ipv6 only with ipv6 sockets thus read-only */
+# if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
if (BIO_ADDR_family(addr) == AF_INET6) {
/*
* Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.
diff --git a/deps/openssl/openssl/crypto/bn/bn_div.c b/deps/openssl/openssl/crypto/bn/bn_div.c
index 286d69c895..0da9f39b31 100644
--- a/deps/openssl/openssl/crypto/bn/bn_div.c
+++ b/deps/openssl/openssl/crypto/bn/bn_div.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -268,7 +268,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
BIGNUM *tmp, *snum, *sdiv, *res;
BN_ULONG *resp, *wnum, *wnumtop;
BN_ULONG d0, d1;
- int num_n, div_n;
+ int num_n, div_n, num_neg;
assert(divisor->top > 0 && divisor->d[divisor->top - 1] != 0);
@@ -326,7 +326,8 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
/* Setup quotient */
if (!bn_wexpand(res, loop))
goto err;
- res->neg = (num->neg ^ divisor->neg);
+ num_neg = num->neg;
+ res->neg = (num_neg ^ divisor->neg);
res->top = loop;
res->flags |= BN_FLG_FIXED_TOP;
resp = &(res->d[loop]);
@@ -442,7 +443,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
*--resp = q;
}
/* snum holds remainder, it's as wide as divisor */
- snum->neg = num->neg;
+ snum->neg = num_neg;
snum->top = div_n;
snum->flags |= BN_FLG_FIXED_TOP;
if (rm != NULL)
diff --git a/deps/openssl/openssl/crypto/chacha/asm/chacha-x86_64.pl b/deps/openssl/openssl/crypto/chacha/asm/chacha-x86_64.pl
index 227ee59ff2..c0e5d863dc 100755
--- a/deps/openssl/openssl/crypto/chacha/asm/chacha-x86_64.pl
+++ b/deps/openssl/openssl/crypto/chacha/asm/chacha-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -471,7 +471,7 @@ sub SSSE3ROUND { # critical path is 20 "SIMD ticks" per round
&por ($b,$t);
}
-my $xframe = $win64 ? 32+8 : 8;
+my $xframe = $win64 ? 160+8 : 8;
$code.=<<___;
.type ChaCha20_ssse3,\@function,5
@@ -2499,7 +2499,7 @@ sub AVX512ROUND { # critical path is 14 "SIMD ticks" per round
&vprold ($b,$b,7);
}
-my $xframe = $win64 ? 32+8 : 8;
+my $xframe = $win64 ? 160+8 : 8;
$code.=<<___;
.type ChaCha20_avx512,\@function,5
@@ -2515,8 +2515,16 @@ ChaCha20_avx512:
sub \$64+$xframe,%rsp
___
$code.=<<___ if ($win64);
- movaps %xmm6,-0x28(%r9)
- movaps %xmm7,-0x18(%r9)
+ movaps %xmm6,-0xa8(%r9)
+ movaps %xmm7,-0x98(%r9)
+ movaps %xmm8,-0x88(%r9)
+ movaps %xmm9,-0x78(%r9)
+ movaps %xmm10,-0x68(%r9)
+ movaps %xmm11,-0x58(%r9)
+ movaps %xmm12,-0x48(%r9)
+ movaps %xmm13,-0x38(%r9)
+ movaps %xmm14,-0x28(%r9)
+ movaps %xmm15,-0x18(%r9)
.Lavx512_body:
___
$code.=<<___;
@@ -2683,8 +2691,16 @@ $code.=<<___;
vzeroall
___
$code.=<<___ if ($win64);
- movaps -0x28(%r9),%xmm6
- movaps -0x18(%r9),%xmm7
+ movaps -0xa8(%r9),%xmm6
+ movaps -0x98(%r9),%xmm7
+ movaps -0x88(%r9),%xmm8
+ movaps -0x78(%r9),%xmm9
+ movaps -0x68(%r9),%xmm10
+ movaps -0x58(%r9),%xmm11
+ movaps -0x48(%r9),%xmm12
+ movaps -0x38(%r9),%xmm13
+ movaps -0x28(%r9),%xmm14
+ movaps -0x18(%r9),%xmm15
___
$code.=<<___;
lea (%r9),%rsp
@@ -2711,8 +2727,16 @@ ChaCha20_avx512vl:
sub \$64+$xframe,%rsp
___
$code.=<<___ if ($win64);
- movaps %xmm6,-0x28(%r9)
- movaps %xmm7,-0x18(%r9)
+ movaps %xmm6,-0xa8(%r9)
+ movaps %xmm7,-0x98(%r9)
+ movaps %xmm8,-0x88(%r9)
+ movaps %xmm9,-0x78(%r9)
+ movaps %xmm10,-0x68(%r9)
+ movaps %xmm11,-0x58(%r9)
+ movaps %xmm12,-0x48(%r9)
+ movaps %xmm13,-0x38(%r9)
+ movaps %xmm14,-0x28(%r9)
+ movaps %xmm15,-0x18(%r9)
.Lavx512vl_body:
___
$code.=<<___;
@@ -2836,8 +2860,16 @@ $code.=<<___;
vzeroall
___
$code.=<<___ if ($win64);
- movaps -0x28(%r9),%xmm6
- movaps -0x18(%r9),%xmm7
+ movaps -0xa8(%r9),%xmm6
+ movaps -0x98(%r9),%xmm7
+ movaps -0x88(%r9),%xmm8
+ movaps -0x78(%r9),%xmm9
+ movaps -0x68(%r9),%xmm10
+ movaps -0x58(%r9),%xmm11
+ movaps -0x48(%r9),%xmm12
+ movaps -0x38(%r9),%xmm13
+ movaps -0x28(%r9),%xmm14
+ movaps -0x18(%r9),%xmm15
___
$code.=<<___;
lea (%r9),%rsp
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_prn.c b/deps/openssl/openssl/crypto/dsa/dsa_prn.c
index a4a1fd5650..070b881e1f 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_prn.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_prn.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -49,9 +49,11 @@ int DSA_print(BIO *bp, const DSA *x, int off)
EVP_PKEY *pk;
int ret;
pk = EVP_PKEY_new();
- if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+ if (pk == NULL)
return 0;
- ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
+ if (ret)
+ ret = EVP_PKEY_print_private(bp, pk, off, NULL);
EVP_PKEY_free(pk);
return ret;
}
@@ -61,9 +63,11 @@ int DSAparams_print(BIO *bp, const DSA *x)
EVP_PKEY *pk;
int ret;
pk = EVP_PKEY_new();
- if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+ if (pk == NULL)
return 0;
- ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+ ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
+ if (ret)
+ ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
EVP_PKEY_free(pk);
return ret;
}
diff --git a/deps/openssl/openssl/crypto/ec/ec2_oct.c b/deps/openssl/openssl/crypto/ec/ec2_oct.c
index 48543265ee..788e6501fb 100644
--- a/deps/openssl/openssl/crypto/ec/ec2_oct.c
+++ b/deps/openssl/openssl/crypto/ec/ec2_oct.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -247,9 +247,21 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
return 0;
}
- form = buf[0];
- y_bit = form & 1;
- form = form & ~1U;
+
+ /*
+ * The first octet is the point converison octet PC, see X9.62, page 4
+ * and section 4.4.2. It must be:
+ * 0x00 for the point at infinity
+ * 0x02 or 0x03 for compressed form
+ * 0x04 for uncompressed form
+ * 0x06 or 0x07 for hybrid form.
+ * For compressed or hybrid forms, we store the last bit of buf[0] as
+ * y_bit and clear it from buf[0] so as to obtain a POINT_CONVERSION_*.
+ * We error if buf[0] contains any but the above values.
+ */
+ y_bit = buf[0] & 1;
+ form = buf[0] & ~1U;
+
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
&& (form != POINT_CONVERSION_UNCOMPRESSED)
&& (form != POINT_CONVERSION_HYBRID)) {
@@ -261,6 +273,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
return 0;
}
+ /* The point at infinity is represented by a single zero octet. */
if (form == 0) {
if (len != 1) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
@@ -312,11 +325,23 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
goto err;
}
if (form == POINT_CONVERSION_HYBRID) {
- if (!group->meth->field_div(group, yxi, y, x, ctx))
- goto err;
- if (y_bit != BN_is_odd(yxi)) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
+ /*
+ * Check that the form in the encoding was set correctly
+ * according to X9.62 4.4.2.a, 4(c), see also first paragraph
+ * of X9.62, 4.4.1.b.
+ */
+ if (BN_is_zero(x)) {
+ if (y_bit != 0) {
+ ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+ } else {
+ if (!group->meth->field_div(group, yxi, y, x, ctx))
+ goto err;
+ if (y_bit != BN_is_odd(yxi)) {
+ ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+ goto err;
+ }
}
}
diff --git a/deps/openssl/openssl/crypto/ec/ec_asn1.c b/deps/openssl/openssl/crypto/ec/ec_asn1.c
index 7b7c75ce84..c8ee1e6f17 100644
--- a/deps/openssl/openssl/crypto/ec/ec_asn1.c
+++ b/deps/openssl/openssl/crypto/ec/ec_asn1.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -761,7 +761,10 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
ret->seed_len = params->curve->seed->length;
}
- if (!params->order || !params->base || !params->base->data) {
+ if (params->order == NULL
+ || params->base == NULL
+ || params->base->data == NULL
+ || params->base->length == 0) {
ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
goto err;
}
diff --git a/deps/openssl/openssl/crypto/err/openssl.txt b/deps/openssl/openssl/crypto/err/openssl.txt
index a1472fb23d..66cc25ab04 100644
--- a/deps/openssl/openssl/crypto/err/openssl.txt
+++ b/deps/openssl/openssl/crypto/err/openssl.txt
@@ -1160,6 +1160,7 @@ SSL_F_FINAL_EC_PT_FORMATS:485:final_ec_pt_formats
SSL_F_FINAL_EMS:486:final_ems
SSL_F_FINAL_KEY_SHARE:503:final_key_share
SSL_F_FINAL_MAXFRAGMENTLEN:557:final_maxfragmentlen
+SSL_F_FINAL_PSK:639:final_psk
SSL_F_FINAL_QUIC_TRANSPORT_PARAMS:3012:final_quic_transport_params
SSL_F_FINAL_RENEGOTIATE:483:final_renegotiate
SSL_F_FINAL_SERVER_NAME:558:final_server_name
@@ -1677,6 +1678,7 @@ X509V3_F_I2S_ASN1_ENUMERATED:121:i2s_ASN1_ENUMERATED
X509V3_F_I2S_ASN1_IA5STRING:149:i2s_ASN1_IA5STRING
X509V3_F_I2S_ASN1_INTEGER:120:i2s_ASN1_INTEGER
X509V3_F_I2V_AUTHORITY_INFO_ACCESS:138:i2v_AUTHORITY_INFO_ACCESS
+X509V3_F_I2V_AUTHORITY_KEYID:173:i2v_AUTHORITY_KEYID
X509V3_F_LEVEL_ADD_NODE:168:level_add_node
X509V3_F_NOTICE_SECTION:132:notice_section
X509V3_F_NREF_NOS:133:nref_nos
@@ -1717,6 +1719,7 @@ X509V3_F_V2I_SUBJECT_ALT:154:v2i_subject_alt
X509V3_F_V2I_TLS_FEATURE:165:v2i_TLS_FEATURE
X509V3_F_V3_GENERIC_EXTENSION:116:v3_generic_extension
X509V3_F_X509V3_ADD1_I2D:140:X509V3_add1_i2d
+X509V3_F_X509V3_ADD_LEN_VALUE:174:x509v3_add_len_value
X509V3_F_X509V3_ADD_VALUE:105:X509V3_add_value
X509V3_F_X509V3_EXT_ADD:104:X509V3_EXT_add
X509V3_F_X509V3_EXT_ADD_ALIAS:106:X509V3_EXT_add_alias
@@ -2766,6 +2769,7 @@ SSL_R_MISSING_DSA_SIGNING_CERT:165:missing dsa signing cert
SSL_R_MISSING_ECDSA_SIGNING_CERT:381:missing ecdsa signing cert
SSL_R_MISSING_FATAL:256:missing fatal
SSL_R_MISSING_PARAMETERS:290:missing parameters
+SSL_R_MISSING_PSK_KEX_MODES_EXTENSION:310:missing psk kex modes extension
SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION:801:\
missing quic transport parameters extension
SSL_R_MISSING_RSA_CERTIFICATE:168:missing rsa certificate
@@ -2811,6 +2815,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
SSL_R_NULL_SSL_CTX:195:null ssl ctx
SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
+SSL_R_OCSP_CALLBACK_FAILURE:294:ocsp callback failure
SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
old session compression algorithm not returned
diff --git a/deps/openssl/openssl/crypto/evp/e_aes.c b/deps/openssl/openssl/crypto/evp/e_aes.c
index 405ddbf9bf..a1d3ab90fa 100644
--- a/deps/openssl/openssl/crypto/evp/e_aes.c
+++ b/deps/openssl/openssl/crypto/evp/e_aes.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -611,22 +611,22 @@ void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
*/
void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
unsigned char *ivec);
@@ -1168,9 +1168,9 @@ typedef struct {
static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
-# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
-# define S390X_aes_192_cbc_CAPABLE 1
-# define S390X_aes_256_cbc_CAPABLE 1
+# define S390X_aes_128_cbc_CAPABLE 0 /* checked by callee */
+# define S390X_aes_192_cbc_CAPABLE 0
+# define S390X_aes_256_cbc_CAPABLE 0
# define S390X_AES_CBC_CTX EVP_AES_KEY
# define s390x_aes_cbc_init_key aes_init_key
@@ -1190,11 +1190,11 @@ static int s390x_aes_ecb_init_key(EVP_CIPHER_CTX *ctx,
S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
- cctx->fc = S390X_AES_FC(keylen);
- if (!enc)
- cctx->fc |= S390X_DECRYPT;
+ cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT);
+
+ if (key != NULL)
+ memcpy(cctx->km.param.k, key, keylen);
- memcpy(cctx->km.param.k, key, keylen);
return 1;
}
@@ -1222,14 +1222,17 @@ static int s390x_aes_ofb_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *ivec, int enc)
{
S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx);
- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
- memcpy(cctx->kmo.param.cv, iv, ivlen);
- memcpy(cctx->kmo.param.k, key, keylen);
cctx->fc = S390X_AES_FC(keylen);
+
+ if (key != NULL)
+ memcpy(cctx->kmo.param.k, key, keylen);
+
cctx->res = 0;
+ memcpy(cctx->kmo.param.cv, oiv, ivlen);
return 1;
}
@@ -1237,9 +1240,12 @@ static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx);
+ const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+ unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
int n = cctx->res;
int rem;
+ memcpy(cctx->kmo.param.cv, iv, ivlen);
while (n && len) {
*out = *in ^ cctx->kmo.param.cv[n];
n = (n + 1) & 0xf;
@@ -1268,6 +1274,7 @@ static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
}
}
+ memcpy(iv, cctx->kmo.param.cv, ivlen);
cctx->res = n;
return 1;
}
@@ -1287,18 +1294,18 @@ static int s390x_aes_cfb_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *ivec, int enc)
{
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
- cctx->fc = S390X_AES_FC(keylen);
- cctx->fc |= 16 << 24; /* 16 bytes cipher feedback */
- if (!enc)
- cctx->fc |= S390X_DECRYPT;
+ cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT)
+ | (16 << 24); /* 16 bytes cipher feedback */
+
+ if (key != NULL)
+ memcpy(cctx->kmf.param.k, key, keylen);
cctx->res = 0;
- memcpy(cctx->kmf.param.cv, iv, ivlen);
- memcpy(cctx->kmf.param.k, key, keylen);
+ memcpy(cctx->kmf.param.cv, oiv, ivlen);
return 1;
}
@@ -1308,10 +1315,13 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
+ const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+ unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
int n = cctx->res;
int rem;
unsigned char tmp;
+ memcpy(cctx->kmf.param.cv, iv, ivlen);
while (n && len) {
tmp = *in;
*out = cctx->kmf.param.cv[n] ^ tmp;
@@ -1344,6 +1354,7 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
}
}
+ memcpy(iv, cctx->kmf.param.cv, ivlen);
cctx->res = n;
return 1;
}
@@ -1360,17 +1371,18 @@ static int s390x_aes_cfb8_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *ivec, int enc)
{
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
- cctx->fc = S390X_AES_FC(keylen);
- cctx->fc |= 1 << 24; /* 1 byte cipher feedback */
- if (!enc)
- cctx->fc |= S390X_DECRYPT;
+ cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT)
+ | (1 << 24); /* 1 byte cipher feedback flag */
- memcpy(cctx->kmf.param.cv, iv, ivlen);
- memcpy(cctx->kmf.param.k, key, keylen);
+ if (key != NULL)
+ memcpy(cctx->kmf.param.k, key, keylen);
+
+ cctx->res = 0;
+ memcpy(cctx->kmf.param.cv, oiv, ivlen);
return 1;
}
@@ -1378,8 +1390,12 @@ static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
+ const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+ unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
+ memcpy(cctx->kmf.param.cv, iv, ivlen);
s390x_kmf(in, len, out, cctx->fc, &cctx->kmf.param);
+ memcpy(iv, cctx->kmf.param.cv, ivlen);
return 1;
}
@@ -1393,9 +1409,9 @@ static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len);
-# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
-# define S390X_aes_192_ctr_CAPABLE 1
-# define S390X_aes_256_ctr_CAPABLE 1
+# define S390X_aes_128_ctr_CAPABLE 0 /* checked by callee */
+# define S390X_aes_192_ctr_CAPABLE 0
+# define S390X_aes_256_ctr_CAPABLE 0
# define S390X_AES_CTR_CTX EVP_AES_KEY
# define s390x_aes_ctr_init_key aes_init_key
@@ -1563,8 +1579,7 @@ static int s390x_aes_gcm(S390X_AES_GCM_CTX *ctx, const unsigned char *in,
/*-
* Initialize context structure. Code is big-endian.
*/
-static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
- const unsigned char *iv)
+static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx)
{
ctx->kma.param.t.g[0] = 0;
ctx->kma.param.t.g[1] = 0;
@@ -1575,12 +1590,11 @@ static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
ctx->kreslen = 0;
if (ctx->ivlen == 12) {
- memcpy(&ctx->kma.param.j0, iv, ctx->ivlen);
+ memcpy(&ctx->kma.param.j0, ctx->iv, ctx->ivlen);
ctx->kma.param.j0.w[3] = 1;
ctx->kma.param.cv.w = 1;
} else {
/* ctx->iv has the right size and is already padded. */
- memcpy(ctx->iv, iv, ctx->ivlen);
s390x_kma(ctx->iv, S390X_gcm_ivpadlen(ctx->ivlen), NULL, 0, NULL,
ctx->fc, &ctx->kma.param);
ctx->fc |= S390X_KMA_HS;
@@ -1694,7 +1708,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
if (gctx->iv_gen == 0 || gctx->key_set == 0)
return 0;
- s390x_aes_gcm_setiv(gctx, gctx->iv);
+ s390x_aes_gcm_setiv(gctx);
if (arg <= 0 || arg > gctx->ivlen)
arg = gctx->ivlen;
@@ -1714,7 +1728,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
return 0;
memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
- s390x_aes_gcm_setiv(gctx, gctx->iv);
+ s390x_aes_gcm_setiv(gctx);
gctx->iv_set = 1;
return 1;
@@ -1770,43 +1784,36 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
}
/*-
- * Set key and/or iv. Returns 1 on success. Otherwise 0 is returned.
+ * Set key or iv or enc/dec. Returns 1 on success. Otherwise 0 is returned.
*/
static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
const unsigned char *iv, int enc)
{
S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, ctx);
- int keylen;
+ const int keylen = EVP_CIPHER_CTX_key_length(ctx);
- if (iv == NULL && key == NULL)
- return 1;
+ gctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT);
if (key != NULL) {
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ gctx->fc &= ~S390X_KMA_HS;
memcpy(&gctx->kma.param.k, key, keylen);
-
- gctx->fc = S390X_AES_FC(keylen);
- if (!enc)
- gctx->fc |= S390X_DECRYPT;
-
- if (iv == NULL && gctx->iv_set)
- iv = gctx->iv;
-
- if (iv != NULL) {
- s390x_aes_gcm_setiv(gctx, iv);
- gctx->iv_set = 1;
- }
gctx->key_set = 1;
- } else {
- if (gctx->key_set)
- s390x_aes_gcm_setiv(gctx, iv);
- else
- memcpy(gctx->iv, iv, gctx->ivlen);
+ }
- gctx->iv_set = 1;
+ if (iv != NULL) {
+ memcpy(gctx->iv, iv, gctx->ivlen);
gctx->iv_gen = 0;
+ gctx->iv_set = 1;
}
+
+ if (gctx->key_set && gctx->iv_set)
+ s390x_aes_gcm_setiv(gctx);
+
+ gctx->fc &= ~(S390X_KMA_LPC | S390X_KMA_LAAD);
+ gctx->areslen = 0;
+ gctx->mreslen = 0;
+ gctx->kreslen = 0;
return 1;
}
@@ -1895,7 +1902,6 @@ static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
/* recall that we already did en-/decrypt gctx->mres
* and returned it to caller... */
OPENSSL_cleanse(tmp, gctx->mreslen);
- gctx->iv_set = 0;
enc = EVP_CIPHER_CTX_encrypting(ctx);
if (enc) {
@@ -1929,8 +1935,8 @@ static int s390x_aes_gcm_cleanup(EVP_CIPHER_CTX *c)
}
# define S390X_AES_XTS_CTX EVP_AES_XTS_CTX
-# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
-# define S390X_aes_256_xts_CAPABLE 1
+# define S390X_aes_128_xts_CAPABLE 0 /* checked by callee */
+# define S390X_aes_256_xts_CAPABLE 0
# define s390x_aes_xts_init_key aes_xts_init_key
static int s390x_aes_xts_init_key(EVP_CIPHER_CTX *ctx,
@@ -2134,9 +2140,10 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
- unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+ const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx);
unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
+ unsigned char iv[EVP_MAX_IV_LENGTH];
if (out != in
|| len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->aes.ccm.m))
@@ -2152,8 +2159,9 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
* Get explicit iv (sequence number). We already have fixed iv
* (server/client_write_iv) here.
*/
- memcpy(ivec + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
- s390x_aes_ccm_setiv(cctx, ivec, len);
+ memcpy(iv, ivec, sizeof(iv));
+ memcpy(iv + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
+ s390x_aes_ccm_setiv(cctx, iv, len);
/* Process aad (sequence number|type|version|length) */
s390x_aes_ccm_aad(cctx, buf, cctx->aes.ccm.tls_aad_len);
@@ -2180,42 +2188,35 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
}
/*-
- * Set key and flag field and/or iv. Returns 1 if successful. Otherwise 0 is
- * returned.
+ * Set key or iv or enc/dec. Returns 1 if successful.
+ * Otherwise 0 is returned.
*/
static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
const unsigned char *iv, int enc)
{
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
- unsigned char *ivec;
- int keylen;
+ const int keylen = EVP_CIPHER_CTX_key_length(ctx);
+ unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
- if (iv == NULL && key == NULL)
- return 1;
+ cctx->aes.ccm.fc = S390X_AES_FC(keylen);
if (key != NULL) {
- keylen = EVP_CIPHER_CTX_key_length(ctx);
- cctx->aes.ccm.fc = S390X_AES_FC(keylen);
memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
-
- /* Store encoded m and l. */
- cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7)
- | (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3;
- memset(cctx->aes.ccm.nonce.b + 1, 0,
- sizeof(cctx->aes.ccm.nonce.b));
- cctx->aes.ccm.blocks = 0;
-
cctx->aes.ccm.key_set = 1;
}
-
if (iv != NULL) {
- ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
memcpy(ivec, iv, 15 - cctx->aes.ccm.l);
-
cctx->aes.ccm.iv_set = 1;
}
+ /* Store encoded m and l. */
+ cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7)
+ | (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3;
+ memset(cctx->aes.ccm.nonce.b + 1, 0, sizeof(cctx->aes.ccm.nonce.b) - 1);
+
+ cctx->aes.ccm.blocks = 0;
+ cctx->aes.ccm.len_set = 0;
return 1;
}
@@ -2230,8 +2231,9 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
{
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
+ const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx);
+ unsigned char *buf;
int rv;
- unsigned char *buf, *ivec;
if (!cctx->aes.ccm.key_set)
return -1;
@@ -2253,7 +2255,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (out == NULL) {
/* Update(): Pass message length. */
if (in == NULL) {
- ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
s390x_aes_ccm_setiv(cctx, ivec, len);
cctx->aes.ccm.len_set = 1;
@@ -2279,7 +2280,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
* In case message length was not previously set explicitly via
* Update(), set it now.
*/
- ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
s390x_aes_ccm_setiv(cctx, ivec, len);
cctx->aes.ccm.len_set = 1;
@@ -2304,9 +2304,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (rv == -1)
OPENSSL_cleanse(out, len);
- cctx->aes.ccm.iv_set = 0;
- cctx->aes.ccm.tag_set = 0;
- cctx->aes.ccm.len_set = 0;
return rv;
}
}
@@ -2414,9 +2411,6 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
return 0;
memcpy(ptr, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
- cctx->aes.ccm.tag_set = 0;
- cctx->aes.ccm.iv_set = 0;
- cctx->aes.ccm.len_set = 0;
return 1;
case EVP_CTRL_COPY:
@@ -2453,7 +2447,7 @@ static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
nid##_##keylen##_##nmode,blocksize, \
keylen / 8, \
ivlen, \
- flags | EVP_CIPH_##MODE##_MODE, \
+ flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \
s390x_aes_##mode##_init_key, \
s390x_aes_##mode##_cipher, \
NULL, \
@@ -2490,7 +2484,7 @@ static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
blocksize, \
(EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * keylen / 8, \
ivlen, \
- flags | EVP_CIPH_##MODE##_MODE, \
+ flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \
s390x_aes_##mode##_init_key, \
s390x_aes_##mode##_cipher, \
s390x_aes_##mode##_cleanup, \
diff --git a/deps/openssl/openssl/crypto/evp/e_camellia.c b/deps/openssl/openssl/crypto/evp/e_camellia.c
index 502d6936cc..f8c0198012 100644
--- a/deps/openssl/openssl/crypto/evp/e_camellia.c
+++ b/deps/openssl/openssl/crypto/evp/e_camellia.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -55,16 +55,16 @@ void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
- unsigned char *ivec);
+ unsigned char *ivec, int /*unused*/);
void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const CAMELLIA_KEY *key,
unsigned char *ivec);
diff --git a/deps/openssl/openssl/crypto/hmac/hm_ameth.c b/deps/openssl/openssl/crypto/hmac/hm_ameth.c
index 638f61b586..f871e4fe71 100644
--- a/deps/openssl/openssl/crypto/hmac/hm_ameth.c
+++ b/deps/openssl/openssl/crypto/hmac/hm_ameth.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -47,7 +47,8 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
static int hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
- return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+ /* the ameth pub_cmp must return 1 on match, 0 on mismatch */
+ return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
}
static int hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_key.c b/deps/openssl/openssl/crypto/pkcs12/p12_key.c
index ab31a61295..03eda26642 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_key.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_key.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -101,7 +101,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
#endif
v = EVP_MD_block_size(md_type);
u = EVP_MD_size(md_type);
- if (u < 0 || v <= 0)
+ if (u <= 0 || v <= 0)
goto err;
D = OPENSSL_malloc(v);
Ai = OPENSSL_malloc(u);
diff --git a/deps/openssl/openssl/crypto/poly1305/poly1305_ameth.c b/deps/openssl/openssl/crypto/poly1305/poly1305_ameth.c
index 0c8a91dc79..0dddf79626 100644
--- a/deps/openssl/openssl/crypto/poly1305/poly1305_ameth.c
+++ b/deps/openssl/openssl/crypto/poly1305/poly1305_ameth.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -43,7 +43,7 @@ static int poly1305_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
static int poly1305_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
- return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+ return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
}
static int poly1305_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
diff --git a/deps/openssl/openssl/crypto/ppccap.c b/deps/openssl/openssl/crypto/ppccap.c
index e51156468a..eeaa47cc6b 100644
--- a/deps/openssl/openssl/crypto/ppccap.c
+++ b/deps/openssl/openssl/crypto/ppccap.c
@@ -211,6 +211,12 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
# if __GLIBC_PREREQ(2, 16)
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
+# elif defined(__ANDROID_API__)
+/* see https://developer.android.google.cn/ndk/guides/cpu-features */
+# if __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
# endif
#endif
diff --git a/deps/openssl/openssl/crypto/rand/rand_unix.c b/deps/openssl/openssl/crypto/rand/rand_unix.c
index ec6be791b3..43f1069d15 100644
--- a/deps/openssl/openssl/crypto/rand/rand_unix.c
+++ b/deps/openssl/openssl/crypto/rand/rand_unix.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -34,6 +34,9 @@
#if defined(__OpenBSD__)
# include <sys/param.h>
#endif
+#if defined(__APPLE__)
+# include <CommonCrypto/CommonRandom.h>
+#endif
#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
# include <sys/types.h>
@@ -378,6 +381,11 @@ static ssize_t syscall_random(void *buf, size_t buflen)
if (errno != ENOSYS)
return -1;
}
+# elif defined(__APPLE__)
+ if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess)
+ return (ssize_t)buflen;
+
+ return -1;
# else
union {
void *p;
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_prn.c b/deps/openssl/openssl/crypto/rsa/rsa_prn.c
index b5f4bce2a3..23df448a52 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_prn.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_prn.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -34,9 +34,11 @@ int RSA_print(BIO *bp, const RSA *x, int off)
EVP_PKEY *pk;
int ret;
pk = EVP_PKEY_new();
- if (pk == NULL || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
+ if (pk == NULL)
return 0;
- ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ ret = EVP_PKEY_set1_RSA(pk, (RSA *)x);
+ if (ret)
+ ret = EVP_PKEY_print_private(bp, pk, off, NULL);
EVP_PKEY_free(pk);
return ret;
}
diff --git a/deps/openssl/openssl/crypto/siphash/siphash_ameth.c b/deps/openssl/openssl/crypto/siphash/siphash_ameth.c
index 2da6dfec80..7fce76390e 100644
--- a/deps/openssl/openssl/crypto/siphash/siphash_ameth.c
+++ b/deps/openssl/openssl/crypto/siphash/siphash_ameth.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -44,7 +44,7 @@ static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
- return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+ return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
}
static int siphash_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
diff --git a/deps/openssl/openssl/crypto/sm2/sm2_crypt.c b/deps/openssl/openssl/crypto/sm2/sm2_crypt.c
index ef505f6441..83b97f4edc 100644
--- a/deps/openssl/openssl/crypto/sm2/sm2_crypt.c
+++ b/deps/openssl/openssl/crypto/sm2/sm2_crypt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
@@ -61,29 +61,20 @@ static size_t ec_field_size(const EC_GROUP *group)
return field_size;
}
-int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
- size_t *pt_size)
+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size)
{
- const size_t field_size = ec_field_size(EC_KEY_get0_group(key));
- const int md_size = EVP_MD_size(digest);
- size_t overhead;
+ struct SM2_Ciphertext_st *sm2_ctext = NULL;
- if (md_size < 0) {
- SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST);
- return 0;
- }
- if (field_size == 0) {
- SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD);
- return 0;
- }
+ sm2_ctext = d2i_SM2_Ciphertext(NULL, &ct, ct_size);
- overhead = 10 + 2 * field_size + (size_t)md_size;
- if (msg_len <= overhead) {
+ if (sm2_ctext == NULL) {
SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING);
return 0;
}
- *pt_size = msg_len - overhead;
+ *pt_size = sm2_ctext->C2->length;
+ SM2_Ciphertext_free(sm2_ctext);
+
return 1;
}
@@ -303,6 +294,10 @@ int sm2_decrypt(const EC_KEY *key,
C2 = sm2_ctext->C2->data;
C3 = sm2_ctext->C3->data;
msg_len = sm2_ctext->C2->length;
+ if (*ptext_len < (size_t)msg_len) {
+ SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+ goto done;
+ }
ctx = BN_CTX_new();
if (ctx == NULL) {
diff --git a/deps/openssl/openssl/crypto/sm2/sm2_pmeth.c b/deps/openssl/openssl/crypto/sm2/sm2_pmeth.c
index b42a14c32f..0e722b910b 100644
--- a/deps/openssl/openssl/crypto/sm2/sm2_pmeth.c
+++ b/deps/openssl/openssl/crypto/sm2/sm2_pmeth.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -151,7 +151,7 @@ static int pkey_sm2_decrypt(EVP_PKEY_CTX *ctx,
const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md;
if (out == NULL) {
- if (!sm2_plaintext_size(ec, md, inlen, outlen))
+ if (!sm2_plaintext_size(in, inlen, outlen))
return -1;
else
return 1;
diff --git a/deps/openssl/openssl/crypto/sparcv9cap.c b/deps/openssl/openssl/crypto/sparcv9cap.c
index ff1a983ac9..b3cb3d4be9 100644
--- a/deps/openssl/openssl/crypto/sparcv9cap.c
+++ b/deps/openssl/openssl/crypto/sparcv9cap.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -16,6 +16,7 @@
#include <unistd.h>
#include <openssl/bn.h>
#include "internal/cryptlib.h"
+#include "bn/bn_local.h" /* for definition of bn_mul_mont */
#include "sparc_arch.h"
diff --git a/deps/openssl/openssl/crypto/srp/srp_vfy.c b/deps/openssl/openssl/crypto/srp/srp_vfy.c
index 3dd2ab0507..394e1180df 100644
--- a/deps/openssl/openssl/crypto/srp/srp_vfy.c
+++ b/deps/openssl/openssl/crypto/srp/srp_vfy.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2004, EdelKey Project. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -684,7 +684,7 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
BIGNUM *x = NULL;
BN_CTX *bn_ctx = BN_CTX_new();
unsigned char tmp2[MAX_LEN];
- BIGNUM *salttmp = NULL;
+ BIGNUM *salttmp = NULL, *verif;
if ((user == NULL) ||
(pass == NULL) ||
@@ -707,17 +707,18 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
if (x == NULL)
goto err;
- *verifier = BN_new();
- if (*verifier == NULL)
+ verif = BN_new();
+ if (verif == NULL)
goto err;
- if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
- BN_clear_free(*verifier);
+ if (!BN_mod_exp(verif, g, x, N, bn_ctx)) {
+ BN_clear_free(verif);
goto err;
}
result = 1;
*salt = salttmp;
+ *verifier = verif;
err:
if (salt != NULL && *salt != salttmp)
diff --git a/deps/openssl/openssl/crypto/store/loader_file.c b/deps/openssl/openssl/crypto/store/loader_file.c
index 9c9e3bd085..32e7b9f65a 100644
--- a/deps/openssl/openssl/crypto/store/loader_file.c
+++ b/deps/openssl/openssl/crypto/store/loader_file.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -370,6 +370,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
mem->data = (char *)new_data;
mem->max = mem->length = (size_t)new_data_len;
X509_SIG_free(p8);
+ p8 = NULL;
store_info = ossl_store_info_new_EMBEDDED(PEM_STRING_PKCS8INF, mem);
if (store_info == NULL) {
diff --git a/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c b/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
index c2e7abd67f..7fe3d27e74 100644
--- a/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
+++ b/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -612,6 +612,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
err:
EVP_MD_CTX_free(md_ctx);
X509_ALGOR_free(*md_alg);
+ *md_alg = NULL;
OPENSSL_free(*imprint);
*imprint_len = 0;
*imprint = 0;
diff --git a/deps/openssl/openssl/crypto/ts/ts_verify_ctx.c b/deps/openssl/openssl/crypto/ts/ts_verify_ctx.c
index 1e80e0d370..32cd2f542b 100644
--- a/deps/openssl/openssl/crypto/ts/ts_verify_ctx.c
+++ b/deps/openssl/openssl/crypto/ts/ts_verify_ctx.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -126,6 +126,8 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
goto err;
msg = imprint->hashed_msg;
ret->imprint_len = ASN1_STRING_length(msg);
+ if (ret->imprint_len <= 0)
+ goto err;
if ((ret->imprint = OPENSSL_malloc(ret->imprint_len)) == NULL)
goto err;
memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
diff --git a/deps/openssl/openssl/crypto/uid.c b/deps/openssl/openssl/crypto/uid.c
index 65b1171039..5e3315eeb2 100644
--- a/deps/openssl/openssl/crypto/uid.c
+++ b/deps/openssl/openssl/crypto/uid.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -36,6 +36,12 @@ int OPENSSL_issetugid(void)
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
+# elif defined(__ANDROID_API__)
+/* see https://developer.android.google.cn/ndk/guides/cpu-features */
+# if __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
# endif
int OPENSSL_issetugid(void)
diff --git a/deps/openssl/openssl/crypto/x509/t_x509.c b/deps/openssl/openssl/crypto/x509/t_x509.c
index 12d807f705..ece987a6bd 100644
--- a/deps/openssl/openssl/crypto/x509/t_x509.c
+++ b/deps/openssl/openssl/crypto/x509/t_x509.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -365,9 +365,9 @@ int X509_aux_print(BIO *out, X509 *x, int indent)
BIO_puts(out, "\n");
} else
BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
- alias = X509_alias_get0(x, NULL);
+ alias = X509_alias_get0(x, &i);
if (alias)
- BIO_printf(out, "%*sAlias: %s\n", indent, "", alias);
+ BIO_printf(out, "%*sAlias: %.*s\n", indent, "", i, alias);
keyid = X509_keyid_get0(x, &keyidlen);
if (keyid) {
BIO_printf(out, "%*sKey Id: ", indent, "");
diff --git a/deps/openssl/openssl/crypto/x509/x509_vpm.c b/deps/openssl/openssl/crypto/x509/x509_vpm.c
index 68b681d5ee..535f169a29 100644
--- a/deps/openssl/openssl/crypto/x509/x509_vpm.c
+++ b/deps/openssl/openssl/crypto/x509/x509_vpm.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -199,7 +199,8 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
return 0;
}
- /* Copy the host flags if and only if we're copying the host list */
+ x509_verify_param_copy(hostflags, 0);
+
if (test_x509_verify_param_copy(hosts, NULL)) {
sk_OPENSSL_STRING_pop_free(dest->hosts, str_free);
dest->hosts = NULL;
@@ -208,7 +209,6 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
sk_OPENSSL_STRING_deep_copy(src->hosts, str_copy, str_free);
if (dest->hosts == NULL)
return 0;
- dest->hostflags = src->hostflags;
}
}
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_akey.c b/deps/openssl/openssl/crypto/x509v3/v3_akey.c
index d9f770433c..33b1933d72 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_akey.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_akey.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -39,20 +39,48 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
STACK_OF(CONF_VALUE)
*extlist)
{
- char *tmp;
+ char *tmp = NULL;
+ STACK_OF(CONF_VALUE) *origextlist = extlist, *tmpextlist;
+
if (akeyid->keyid) {
tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
- X509V3_add_value("keyid", tmp, &extlist);
+ if (tmp == NULL) {
+ X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ if (!X509V3_add_value("keyid", tmp, &extlist)) {
+ OPENSSL_free(tmp);
+ X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
+ goto err;
+ }
OPENSSL_free(tmp);
}
- if (akeyid->issuer)
- extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+ if (akeyid->issuer) {
+ tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+ if (tmpextlist == NULL) {
+ X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
+ goto err;
+ }
+ extlist = tmpextlist;
+ }
if (akeyid->serial) {
tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
- X509V3_add_value("serial", tmp, &extlist);
+ if (tmp == NULL) {
+ X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!X509V3_add_value("serial", tmp, &extlist)) {
+ OPENSSL_free(tmp);
+ X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
+ goto err;
+ }
OPENSSL_free(tmp);
}
return extlist;
+ err:
+ if (origextlist == NULL)
+ sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
+ return NULL;
}
/*-
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_alt.c b/deps/openssl/openssl/crypto/x509v3/v3_alt.c
index 4dce004101..7c32d4031d 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_alt.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_alt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
+#include "crypto/x509.h"
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#include "ext_dat.h"
@@ -99,17 +100,20 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
break;
case GEN_EMAIL:
- if (!X509V3_add_value_uchar("email", gen->d.ia5->data, &ret))
+ if (!x509v3_add_len_value_uchar("email", gen->d.ia5->data,
+ gen->d.ia5->length, &ret))
return NULL;
break;
case GEN_DNS:
- if (!X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret))
+ if (!x509v3_add_len_value_uchar("DNS", gen->d.ia5->data,
+ gen->d.ia5->length, &ret))
return NULL;
break;
case GEN_URI:
- if (!X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret))
+ if (!x509v3_add_len_value_uchar("URI", gen->d.ia5->data,
+ gen->d.ia5->length, &ret))
return NULL;
break;
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_cpols.c b/deps/openssl/openssl/crypto/x509v3/v3_cpols.c
index 1d12c89912..09804b5848 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_cpols.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_cpols.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -422,7 +422,8 @@ static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
qualinfo = sk_POLICYQUALINFO_value(quals, i);
switch (OBJ_obj2nid(qualinfo->pqualid)) {
case NID_id_qt_cps:
- BIO_printf(out, "%*sCPS: %s\n", indent, "",
+ BIO_printf(out, "%*sCPS: %.*s\n", indent, "",
+ qualinfo->d.cpsuri->length,
qualinfo->d.cpsuri->data);
break;
@@ -447,7 +448,8 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent)
if (notice->noticeref) {
NOTICEREF *ref;
ref = notice->noticeref;
- BIO_printf(out, "%*sOrganization: %s\n", indent, "",
+ BIO_printf(out, "%*sOrganization: %.*s\n", indent, "",
+ ref->organization->length,
ref->organization->data);
BIO_printf(out, "%*sNumber%s: ", indent, "",
sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
@@ -470,7 +472,8 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent)
BIO_puts(out, "\n");
}
if (notice->exptext)
- BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
+ BIO_printf(out, "%*sExplicit Text: %.*s\n", indent, "",
+ notice->exptext->length,
notice->exptext->data);
}
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_ncons.c b/deps/openssl/openssl/crypto/x509v3/v3_ncons.c
index 2a7b4f0992..d985aa91da 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_ncons.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_ncons.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -63,8 +63,31 @@ ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+#define IA5_OFFSET_LEN(ia5base, offset) \
+ ((ia5base)->length - ((unsigned char *)(offset) - (ia5base)->data))
+
+/* Like memchr but for ASN1_IA5STRING. Additionally you can specify the
+ * starting point to search from
+ */
+# define ia5memchr(str, start, c) memchr(start, c, IA5_OFFSET_LEN(str, start))
+
+/* Like memrrchr but for ASN1_IA5STRING */
+static char *ia5memrchr(ASN1_IA5STRING *str, int c)
+{
+ int i;
+
+ for (i = str->length; i > 0 && str->data[i - 1] != c; i--);
+
+ if (i == 0)
+ return NULL;
+
+ return (char *)&str->data[i - 1];
+}
+
/*
- * We cannot use strncasecmp here because that applies locale specific rules.
+ * We cannot use strncasecmp here because that applies locale specific rules. It
+ * also doesn't work with ASN1_STRINGs that may have embedded NUL characters.
* For example in Turkish 'I' is not the uppercase character for 'i'. We need to
* do a simple ASCII case comparison ignoring the locale (that is why we use
* numeric constants below).
@@ -89,20 +112,12 @@ static int ia5ncasecmp(const char *s1, const char *s2, size_t n)
/* c1 > c2 */
return 1;
- } else if (*s1 == 0) {
- /* If we get here we know that *s2 == 0 too */
- return 0;
}
}
return 0;
}
-static int ia5casecmp(const char *s1, const char *s2)
-{
- return ia5ncasecmp(s1, s2, SIZE_MAX);
-}
-
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
@@ -337,7 +352,7 @@ static int cn2dnsid(ASN1_STRING *cn, unsigned char **dnsid, size_t *idlen)
--utf8_length;
/* Reject *embedded* NULs */
- if ((size_t)utf8_length != strlen((char *)utf8_value)) {
+ if (memchr(utf8_value, 0, utf8_length) != NULL) {
OPENSSL_free(utf8_value);
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
}
@@ -536,9 +551,14 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
{
char *baseptr = (char *)base->data;
char *dnsptr = (char *)dns->data;
+
/* Empty matches everything */
- if (!*baseptr)
+ if (base->length == 0)
return X509_V_OK;
+
+ if (dns->length < base->length)
+ return X509_V_ERR_PERMITTED_VIOLATION;
+
/*
* Otherwise can add zero or more components on the left so compare RHS
* and if dns is longer and expect '.' as preceding character.
@@ -549,7 +569,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
return X509_V_ERR_PERMITTED_VIOLATION;
}
- if (ia5casecmp(baseptr, dnsptr))
+ if (ia5ncasecmp(baseptr, dnsptr, base->length))
return X509_V_ERR_PERMITTED_VIOLATION;
return X509_V_OK;
@@ -560,16 +580,17 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
{
const char *baseptr = (char *)base->data;
const char *emlptr = (char *)eml->data;
+ const char *baseat = ia5memrchr(base, '@');
+ const char *emlat = ia5memrchr(eml, '@');
+ size_t basehostlen, emlhostlen;
- const char *baseat = strchr(baseptr, '@');
- const char *emlat = strchr(emlptr, '@');
if (!emlat)
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
/* Special case: initial '.' is RHS match */
- if (!baseat && (*baseptr == '.')) {
+ if (!baseat && base->length > 0 && (*baseptr == '.')) {
if (eml->length > base->length) {
emlptr += eml->length - base->length;
- if (ia5casecmp(baseptr, emlptr) == 0)
+ if (ia5ncasecmp(baseptr, emlptr, base->length) == 0)
return X509_V_OK;
}
return X509_V_ERR_PERMITTED_VIOLATION;
@@ -589,8 +610,10 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
baseptr = baseat + 1;
}
emlptr = emlat + 1;
+ basehostlen = IA5_OFFSET_LEN(base, baseptr);
+ emlhostlen = IA5_OFFSET_LEN(eml, emlptr);
/* Just have hostname left to match: case insensitive */
- if (ia5casecmp(baseptr, emlptr))
+ if (basehostlen != emlhostlen || ia5ncasecmp(baseptr, emlptr, emlhostlen))
return X509_V_ERR_PERMITTED_VIOLATION;
return X509_V_OK;
@@ -601,10 +624,14 @@ static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
{
const char *baseptr = (char *)base->data;
const char *hostptr = (char *)uri->data;
- const char *p = strchr(hostptr, ':');
+ const char *p = ia5memchr(uri, (char *)uri->data, ':');
int hostlen;
+
/* Check for foo:// and skip past it */
- if (!p || (p[1] != '/') || (p[2] != '/'))
+ if (p == NULL
+ || IA5_OFFSET_LEN(uri, p) < 3
+ || p[1] != '/'
+ || p[2] != '/')
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
hostptr = p + 3;
@@ -612,13 +639,13 @@ static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
/* Look for a port indicator as end of hostname first */
- p = strchr(hostptr, ':');
+ p = ia5memchr(uri, hostptr, ':');
/* Otherwise look for trailing slash */
- if (!p)
- p = strchr(hostptr, '/');
+ if (p == NULL)
+ p = ia5memchr(uri, hostptr, '/');
- if (!p)
- hostlen = strlen(hostptr);
+ if (p == NULL)
+ hostlen = IA5_OFFSET_LEN(uri, hostptr);
else
hostlen = p - hostptr;
@@ -626,7 +653,7 @@ static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
/* Special case: initial '.' is RHS match */
- if (*baseptr == '.') {
+ if (base->length > 0 && *baseptr == '.') {
if (hostlen > base->length) {
p = hostptr + hostlen - base->length;
if (ia5ncasecmp(p, baseptr, base->length) == 0)
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_pci.c b/deps/openssl/openssl/crypto/x509v3/v3_pci.c
index 3d124fa6d9..532d4e192f 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_pci.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_pci.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -77,7 +77,8 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
BIO_puts(out, "\n");
if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
- BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
+ BIO_printf(out, "%*sPolicy Text: %.*s\n", indent, "",
+ pci->proxyPolicy->policy->length,
pci->proxyPolicy->policy->data);
return 1;
}
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_utl.c b/deps/openssl/openssl/crypto/x509v3/v3_utl.c
index 7281a7b917..f41c699b5a 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_utl.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_utl.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,6 +12,7 @@
#include "e_os.h"
#include "internal/cryptlib.h"
#include <stdio.h>
+#include <string.h>
#include "crypto/ctype.h"
#include <openssl/conf.h>
#include <openssl/crypto.h>
@@ -34,17 +35,26 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen);
/* Add a CONF_VALUE name value pair to stack */
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist)
+static int x509v3_add_len_value(const char *name, const char *value,
+ size_t vallen, STACK_OF(CONF_VALUE) **extlist)
{
CONF_VALUE *vtmp = NULL;
char *tname = NULL, *tvalue = NULL;
int sk_allocated = (*extlist == NULL);
- if (name && (tname = OPENSSL_strdup(name)) == NULL)
- goto err;
- if (value && (tvalue = OPENSSL_strdup(value)) == NULL)
+ if (name != NULL && (tname = OPENSSL_strdup(name)) == NULL)
goto err;
+ if (value != NULL && vallen > 0) {
+ /*
+ * We tolerate a single trailing NUL character, but otherwise no
+ * embedded NULs
+ */
+ if (memchr(value, 0, vallen - 1) != NULL)
+ goto err;
+ tvalue = OPENSSL_strndup(value, vallen);
+ if (tvalue == NULL)
+ goto err;
+ }
if ((vtmp = OPENSSL_malloc(sizeof(*vtmp))) == NULL)
goto err;
if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL)
@@ -56,7 +66,7 @@ int X509V3_add_value(const char *name, const char *value,
goto err;
return 1;
err:
- X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
+ X509V3err(X509V3_F_X509V3_ADD_LEN_VALUE, ERR_R_MALLOC_FAILURE);
if (sk_allocated) {
sk_CONF_VALUE_free(*extlist);
*extlist = NULL;
@@ -67,10 +77,26 @@ int X509V3_add_value(const char *name, const char *value,
return 0;
}
+int X509V3_add_value(const char *name, const char *value,
+ STACK_OF(CONF_VALUE) **extlist)
+{
+ return x509v3_add_len_value(name, value,
+ value != NULL ? strlen((const char *)value) : 0,
+ extlist);
+}
+
int X509V3_add_value_uchar(const char *name, const unsigned char *value,
STACK_OF(CONF_VALUE) **extlist)
{
- return X509V3_add_value(name, (const char *)value, extlist);
+ return x509v3_add_len_value(name, (const char *)value,
+ value != NULL ? strlen((const char *)value) : 0,
+ extlist);
+}
+
+int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
+ size_t vallen, STACK_OF(CONF_VALUE) **extlist)
+{
+ return x509v3_add_len_value(name, (const char *)value, vallen, extlist);
}
/* Free function for STACK_OF(CONF_VALUE) */
@@ -502,18 +528,26 @@ static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, const ASN1_IA5STRING *email
/* First some sanity checks */
if (email->type != V_ASN1_IA5STRING)
return 1;
- if (!email->data || !email->length)
+ if (email->data == NULL || email->length == 0)
+ return 1;
+ if (memchr(email->data, 0, email->length) != NULL)
return 1;
if (*sk == NULL)
*sk = sk_OPENSSL_STRING_new(sk_strcmp);
if (*sk == NULL)
return 0;
+
+ emtmp = OPENSSL_strndup((char *)email->data, email->length);
+ if (emtmp == NULL)
+ return 0;
+
/* Don't add duplicates */
- if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
+ if (sk_OPENSSL_STRING_find(*sk, emtmp) != -1) {
+ OPENSSL_free(emtmp);
return 1;
- emtmp = OPENSSL_strdup((char *)email->data);
- if (emtmp == NULL || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
- OPENSSL_free(emtmp); /* free on push failure */
+ }
+ if (!sk_OPENSSL_STRING_push(*sk, emtmp)) {
+ OPENSSL_free(emtmp); /* free on push failure */
X509_email_free(*sk);
*sk = NULL;
return 0;
diff --git a/deps/openssl/openssl/crypto/x509v3/v3err.c b/deps/openssl/openssl/crypto/x509v3/v3err.c
index 4f2ea52a4a..8b2918a64f 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3err.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -39,6 +39,8 @@ static const ERR_STRING_DATA X509V3_str_functs[] = {
"i2s_ASN1_INTEGER"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 0),
"i2v_AUTHORITY_INFO_ACCESS"},
+ {ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2V_AUTHORITY_KEYID, 0),
+ "i2v_AUTHORITY_KEYID"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_LEVEL_ADD_NODE, 0), "level_add_node"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_NOTICE_SECTION, 0), "notice_section"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_NREF_NOS, 0), "nref_nos"},
@@ -104,6 +106,8 @@ static const ERR_STRING_DATA X509V3_str_functs[] = {
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_V3_GENERIC_EXTENSION, 0),
"v3_generic_extension"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD1_I2D, 0), "X509V3_add1_i2d"},
+ {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD_LEN_VALUE, 0),
+ "x509v3_add_len_value"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD_VALUE, 0),
"X509V3_add_value"},
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_ADD, 0), "X509V3_EXT_add"},
diff --git a/deps/openssl/openssl/demos/bio/client-arg.c b/deps/openssl/openssl/demos/bio/client-arg.c
index e8d5e46ab5..d51c43c457 100644
--- a/deps/openssl/openssl/demos/bio/client-arg.c
+++ b/deps/openssl/openssl/demos/bio/client-arg.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -94,12 +94,6 @@ int main(int argc, char **argv)
goto end;
}
- if (BIO_do_handshake(sbio) <= 0) {
- fprintf(stderr, "Error establishing SSL connection\n");
- ERR_print_errors_fp(stderr);
- goto end;
- }
-
/* Could examine ssl here to get connection info */
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
diff --git a/deps/openssl/openssl/demos/bio/client-conf.c b/deps/openssl/openssl/demos/bio/client-conf.c
index e819030eec..cb5c729ee6 100644
--- a/deps/openssl/openssl/demos/bio/client-conf.c
+++ b/deps/openssl/openssl/demos/bio/client-conf.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -102,12 +102,6 @@ int main(int argc, char **argv)
goto end;
}
- if (BIO_do_handshake(sbio) <= 0) {
- fprintf(stderr, "Error establishing SSL connection\n");
- ERR_print_errors_fp(stderr);
- goto end;
- }
-
/* Could examine ssl here to get connection info */
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
diff --git a/deps/openssl/openssl/doc/man1/enc.pod b/deps/openssl/openssl/doc/man1/enc.pod
index 3c7b6c42ea..9068282db5 100644
--- a/deps/openssl/openssl/doc/man1/enc.pod
+++ b/deps/openssl/openssl/doc/man1/enc.pod
@@ -180,8 +180,8 @@ Debug the BIOs used for I/O.
=item B<-z>
-Compress or decompress clear text using zlib before encryption or after
-decryption. This option exists only if OpenSSL with compiled with zlib
+Compress or decompress encrypted data using zlib after encryption or before
+decryption. This option exists only if OpenSSL was compiled with the zlib
or zlib-dynamic option.
=item B<-none>
diff --git a/deps/openssl/openssl/doc/man1/s_client.pod b/deps/openssl/openssl/doc/man1/s_client.pod
index 743b2db2ba..f1a2c4abdf 100644
--- a/deps/openssl/openssl/doc/man1/s_client.pod
+++ b/deps/openssl/openssl/doc/man1/s_client.pod
@@ -797,7 +797,7 @@ server.
The B<s_client> utility is a test tool and is designed to continue the
handshake after any certificate verification errors. As a result it will
-accept any certificate chain (trusted or not) sent by the peer. None test
+accept any certificate chain (trusted or not) sent by the peer. Non-test
applications should B<not> do this as it makes them vulnerable to a MITM
attack. This behaviour can be changed by with the B<-verify_return_error>
option: any verify errors are then returned aborting the handshake.
diff --git a/deps/openssl/openssl/doc/man1/s_server.pod b/deps/openssl/openssl/doc/man1/s_server.pod
index 9fdac49190..aa6c19d31f 100644
--- a/deps/openssl/openssl/doc/man1/s_server.pod
+++ b/deps/openssl/openssl/doc/man1/s_server.pod
@@ -701,7 +701,7 @@ disabling the ephemeral DH cipher suites.
=item B<-alpn val>, B<-nextprotoneg val>
-These flags enable the Enable the Application-Layer Protocol Negotiation
+These flags enable the Application-Layer Protocol Negotiation
or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
IETF standard and replaces NPN.
The B<val> list is a comma-separated list of supported protocol
diff --git a/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod b/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
index 59cccbd4e5..641ee2329e 100644
--- a/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
@@ -185,11 +185,6 @@ unencrypted example in L<BIO_s_connect(3)>.
ERR_print_errors_fp(stderr);
exit(1);
}
- if (BIO_do_handshake(sbio) <= 0) {
- fprintf(stderr, "Error establishing SSL connection\n");
- ERR_print_errors_fp(stderr);
- exit(1);
- }
/* XXX Could examine ssl here to get connection info */
@@ -298,7 +293,7 @@ be modified to handle this fix or they may free up an already freed BIO.
=head1 COPYRIGHT
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_push.pod b/deps/openssl/openssl/doc/man3/BIO_push.pod
index 93f2cc31fd..8b98bee498 100644
--- a/deps/openssl/openssl/doc/man3/BIO_push.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_push.pod
@@ -61,8 +61,8 @@ the new chain is B<md1-md2-b64-f>. Data written to B<md1> will be digested
by B<md1> and B<md2>, B<base64> encoded and written to B<f>.
It should be noted that reading causes data to pass in the reverse
-direction, that is data is read from B<f>, base64 B<decoded> and digested
-by B<md1> and B<md2>. If the call:
+direction, that is data is read from B<f>, B<base64> decoded and digested
+by B<md2> and B<md1>. If the call:
BIO_pop(md2);
@@ -79,7 +79,7 @@ The BIO_set_next() function was added in OpenSSL 1.1.0.
=head1 COPYRIGHT
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BN_cmp.pod b/deps/openssl/openssl/doc/man3/BN_cmp.pod
index 95d162ff29..261619c512 100644
--- a/deps/openssl/openssl/doc/man3/BN_cmp.pod
+++ b/deps/openssl/openssl/doc/man3/BN_cmp.pod
@@ -2,42 +2,47 @@
=head1 NAME
-BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions
+BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd - BIGNUM comparison and test functions
=head1 SYNOPSIS
#include <openssl/bn.h>
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
+ int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+ int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
+ int BN_is_zero(const BIGNUM *a);
+ int BN_is_one(const BIGNUM *a);
+ int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_is_odd(const BIGNUM *a);
=head1 DESCRIPTION
-BN_cmp() compares the numbers B<a> and B<b>. BN_ucmp() compares their
+BN_cmp() compares the numbers I<a> and I<b>. BN_ucmp() compares their
absolute values.
-BN_is_zero(), BN_is_one() and BN_is_word() test if B<a> equals 0, 1,
-or B<w> respectively. BN_is_odd() tests if a is odd.
-
-BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
+BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if
+I<a> equals 0, 1, I<w>, or E<verbar>I<w>E<verbar> respectively.
+BN_is_odd() tests if I<a> is odd.
=head1 RETURN VALUES
-BN_cmp() returns -1 if B<a> E<lt> B<b>, 0 if B<a> == B<b> and 1 if
-B<a> E<gt> B<b>. BN_ucmp() is the same using the absolute values
-of B<a> and B<b>.
+BN_cmp() returns -1 if I<a> E<lt> I<b>, 0 if I<a> == I<b> and 1 if
+I<a> E<gt> I<b>. BN_ucmp() is the same using the absolute values
+of I<a> and I<b>.
+
+BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and
+BN_is_odd() return 1 if the condition is true, 0 otherwise.
+
+=head1 HISTORY
-BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
-the condition is true, 0 otherwise.
+Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(),
+BN_abs_is_word() and BN_is_odd() were macros.
=head1 COPYRIGHT
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_num_tickets.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_num_tickets.pod
index ad13ed15f4..67d9b7b2ca 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_num_tickets.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_set_num_tickets.pod
@@ -5,7 +5,8 @@
SSL_set_num_tickets,
SSL_get_num_tickets,
SSL_CTX_set_num_tickets,
-SSL_CTX_get_num_tickets
+SSL_CTX_get_num_tickets,
+SSL_new_session_ticket
- control the number of TLSv1.3 session tickets that are issued
=head1 SYNOPSIS
@@ -16,6 +17,7 @@ SSL_CTX_get_num_tickets
size_t SSL_get_num_tickets(SSL *s);
int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx);
+ int SSL_new_session_ticket(SSL *s);
=head1 DESCRIPTION
@@ -40,21 +42,43 @@ handshake then SSL_set_num_tickets() can be called again prior to calling
SSL_verify_client_post_handshake() to update the number of tickets that will be
sent.
+To issue tickets after other events (such as application-layer changes),
+SSL_new_session_ticket() is used by a server application to request that a new
+ticket be sent when it is safe to do so. New tickets are only allowed to be
+sent in this manner after the initial handshake has completed, and only for
+TLS 1.3 connections. By default, the ticket generation and transmission are
+delayed until the server is starting a new write operation, so that it is
+bundled with other application data being written and properly aligned to a
+record boundary. If the connection was at a record boundary when
+SSL_new_session_ticket() was called, the ticket can be sent immediately
+(without waiting for the next application write) by calling
+SSL_do_handshake(). SSL_new_session_ticket() can be called more than once to
+request additional tickets be sent; all such requests are queued and written
+together when it is safe to do so and triggered by SSL_write() or
+SSL_do_handshake(). Note that a successful return from
+SSL_new_session_ticket() indicates only that the request to send a ticket was
+processed, not that the ticket itself was sent. To be notified when the
+ticket itself is sent, a new-session callback can be registered with
+L<SSL_CTX_sess_set_new_cb(3)> that will be invoked as the ticket or tickets
+are generated.
+
SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of
tickets set by a previous call to SSL_CTX_set_num_tickets() or
SSL_set_num_tickets(), or 2 if no such call has been made.
=head1 RETURN VALUES
-SSL_CTX_set_num_tickets() and SSL_set_num_tickets() return 1 on success or 0 on
-failure.
+SSL_CTX_set_num_tickets(), SSL_set_num_tickets(), and
+SSL_new_session_ticket() return 1 on success or 0 on failure.
SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets
that have been previously set.
=head1 HISTORY
-These functions were added in OpenSSL 1.1.1.
+SSL_new_session_ticket() was added in OpenSSL 3.0.0.
+SSL_set_num_tickets(), SSL_get_num_tickets(), SSL_CTX_set_num_tickets(), and
+SSL_CTX_get_num_tickets() were added in OpenSSL 1.1.1.
=head1 COPYRIGHT
diff --git a/deps/openssl/openssl/doc/man3/d2i_PrivateKey.pod b/deps/openssl/openssl/doc/man3/d2i_PrivateKey.pod
index 4e3f20f8b3..e7272595bc 100644
--- a/deps/openssl/openssl/doc/man3/d2i_PrivateKey.pod
+++ b/deps/openssl/openssl/doc/man3/d2i_PrivateKey.pod
@@ -42,6 +42,10 @@ These functions are similar to the d2i_X509() functions; see L<d2i_X509(3)>.
=head1 NOTES
+All the functions that operate on data in memory update the data pointer I<*pp>
+after a successful operation, just like the other d2i and i2d functions;
+see L<d2i_X509(3)>.
+
All these functions use DER format and unencrypted keys. Applications wishing
to encrypt or decrypt private keys should use other functions such as
d2i_PKCS8PrivateKey() instead.
@@ -71,7 +75,7 @@ L<d2i_PKCS8PrivateKey_bio(3)>
=head1 COPYRIGHT
-Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/x509.pod b/deps/openssl/openssl/doc/man7/x509.pod
index 065dcb14fb..7274e5ce95 100644
--- a/deps/openssl/openssl/doc/man7/x509.pod
+++ b/deps/openssl/openssl/doc/man7/x509.pod
@@ -11,7 +11,7 @@ x509 - X.509 certificate handling
=head1 DESCRIPTION
An X.509 certificate is a structured grouping of information about
-an individual, a device, or anything one can imagine. A X.509 CRL
+an individual, a device, or anything one can imagine. An X.509 CRL
(certificate revocation list) is a tool to help determine if a
certificate is still valid. The exact definition of those can be
found in the X.509 document from ITU-T, or in RFC3280 from PKIX.
@@ -24,7 +24,7 @@ X509_REQ is used to express such a certificate request.
To handle some complex parts of a certificate, there are the types
X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express
-a certificate attributes), X509_EXTENSION (to express a certificate
+a certificate attribute), X509_EXTENSION (to express a certificate
extension) and a few more.
Finally, there's the supertype X509_INFO, which can contain a CRL, a
@@ -63,7 +63,7 @@ L<crypto(7)>
=head1 COPYRIGHT
-Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/deps/openssl/openssl/include/crypto/bn_conf.h b/deps/openssl/openssl/include/crypto/bn_conf.h
deleted file mode 100644
index 79400c6472..0000000000
--- a/deps/openssl/openssl/include/crypto/bn_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/bn_conf.h"
diff --git a/deps/openssl/openssl/include/crypto/dso_conf.h b/deps/openssl/openssl/include/crypto/dso_conf.h
deleted file mode 100644
index e7f2afa987..0000000000
--- a/deps/openssl/openssl/include/crypto/dso_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/dso_conf.h"
diff --git a/deps/openssl/openssl/include/crypto/sm2.h b/deps/openssl/openssl/include/crypto/sm2.h
index 76ee80baff..a7f5548c08 100644
--- a/deps/openssl/openssl/include/crypto/sm2.h
+++ b/deps/openssl/openssl/include/crypto/sm2.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
@@ -60,8 +60,7 @@ int sm2_verify(const unsigned char *dgst, int dgstlen,
int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
size_t *ct_size);
-int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
- size_t *pt_size);
+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size);
int sm2_encrypt(const EC_KEY *key,
const EVP_MD *digest,
diff --git a/deps/openssl/openssl/include/crypto/x509.h b/deps/openssl/openssl/include/crypto/x509.h
index b53c2b03c3..243ea74f6f 100644
--- a/deps/openssl/openssl/include/crypto/x509.h
+++ b/deps/openssl/openssl/include/crypto/x509.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,6 +8,8 @@
*/
#include "internal/refcount.h"
+#include <openssl/x509.h>
+#include <openssl/conf.h>
/* Internal X509 structures and functions: not for application use */
@@ -284,3 +286,6 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc);
int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
void x509_init_sig_info(X509 *x);
+
+int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
+ size_t vallen, STACK_OF(CONF_VALUE) **extlist);
diff --git a/deps/openssl/openssl/include/openssl/e_os2.h b/deps/openssl/openssl/include/openssl/e_os2.h
index cf308eee2c..5c88e51949 100644
--- a/deps/openssl/openssl/include/openssl/e_os2.h
+++ b/deps/openssl/openssl/include/openssl/e_os2.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -279,7 +279,8 @@ typedef unsigned __int64 uint64_t;
# define ossl_inline inline
# endif
-# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
+# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && \
+ !defined(__cplusplus)
# define ossl_noreturn _Noreturn
# elif defined(__GNUC__) && __GNUC__ >= 2
# define ossl_noreturn __attribute__((noreturn))
diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h
deleted file mode 100644
index 76c99d433a..0000000000
--- a/deps/openssl/openssl/include/openssl/opensslconf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../config/opensslconf.h"
diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h
index 44b464e526..a8b71e5114 100644
--- a/deps/openssl/openssl/include/openssl/opensslv.h
+++ b/deps/openssl/openssl/include/openssl/opensslv.h
@@ -39,8 +39,8 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x101010bfL
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k+quic 25 Mar 2021"
+# define OPENSSL_VERSION_NUMBER 0x101010cfL
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1l+quic 24 Aug 2021"
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h
index c6f8e4d180..17bd0bc2c9 100644
--- a/deps/openssl/openssl/include/openssl/ssl.h
+++ b/deps/openssl/openssl/include/openssl/ssl.h
@@ -1921,6 +1921,7 @@ int SSL_get_key_update_type(const SSL *s);
int SSL_renegotiate(SSL *s);
int SSL_renegotiate_abbreviated(SSL *s);
__owur int SSL_renegotiate_pending(const SSL *s);
+int SSL_new_session_ticket(SSL *s);
int SSL_shutdown(SSL *s);
__owur int SSL_verify_client_post_handshake(SSL *s);
void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
diff --git a/deps/openssl/openssl/include/openssl/sslerr.h b/deps/openssl/openssl/include/openssl/sslerr.h
index 528c880e1f..64e152cc51 100644
--- a/deps/openssl/openssl/include/openssl/sslerr.h
+++ b/deps/openssl/openssl/include/openssl/sslerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -70,6 +70,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_FINAL_EMS 486
# define SSL_F_FINAL_KEY_SHARE 503
# define SSL_F_FINAL_MAXFRAGMENTLEN 557
+# define SSL_F_FINAL_PSK 639
# define SSL_F_FINAL_QUIC_TRANSPORT_PARAMS 3012
# define SSL_F_FINAL_RENEGOTIATE 483
# define SSL_F_FINAL_SERVER_NAME 558
@@ -609,6 +610,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
# define SSL_R_MISSING_FATAL 256
# define SSL_R_MISSING_PARAMETERS 290
+# define SSL_R_MISSING_PSK_KEX_MODES_EXTENSION 310
# define SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION 801
# define SSL_R_MISSING_RSA_CERTIFICATE 168
# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
@@ -651,6 +653,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
# define SSL_R_NULL_SSL_CTX 195
# define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OCSP_CALLBACK_FAILURE 294
# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
# define SSL_R_OVERFLOW_ERROR 237
diff --git a/deps/openssl/openssl/include/openssl/x509v3err.h b/deps/openssl/openssl/include/openssl/x509v3err.h
index 5f25442f12..3b9f7139d8 100644
--- a/deps/openssl/openssl/include/openssl/x509v3err.h
+++ b/deps/openssl/openssl/include/openssl/x509v3err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -38,6 +38,7 @@ int ERR_load_X509V3_strings(void);
# define X509V3_F_I2S_ASN1_IA5STRING 149
# define X509V3_F_I2S_ASN1_INTEGER 120
# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
+# define X509V3_F_I2V_AUTHORITY_KEYID 173
# define X509V3_F_LEVEL_ADD_NODE 168
# define X509V3_F_NOTICE_SECTION 132
# define X509V3_F_NREF_NOS 133
@@ -78,6 +79,7 @@ int ERR_load_X509V3_strings(void);
# define X509V3_F_V2I_TLS_FEATURE 165
# define X509V3_F_V3_GENERIC_EXTENSION 116
# define X509V3_F_X509V3_ADD1_I2D 140
+# define X509V3_F_X509V3_ADD_LEN_VALUE 174
# define X509V3_F_X509V3_ADD_VALUE 105
# define X509V3_F_X509V3_EXT_ADD 104
# define X509V3_F_X509V3_EXT_ADD_ALIAS 106
diff --git a/deps/openssl/openssl/ssl/bio_ssl.c b/deps/openssl/openssl/ssl/bio_ssl.c
index 53129bfb88..c4239345b6 100644
--- a/deps/openssl/openssl/ssl/bio_ssl.c
+++ b/deps/openssl/openssl/ssl/bio_ssl.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -451,6 +451,7 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
goto err;
return ret;
err:
+ BIO_free(ssl);
BIO_free(con);
#endif
return NULL;
diff --git a/deps/openssl/openssl/ssl/d1_lib.c b/deps/openssl/openssl/ssl/d1_lib.c
index afbf015216..05b85c1078 100644
--- a/deps/openssl/openssl/ssl/d1_lib.c
+++ b/deps/openssl/openssl/ssl/d1_lib.c
@@ -342,12 +342,11 @@ int dtls1_is_timer_expired(SSL *s)
return 1;
}
-void dtls1_double_timeout(SSL *s)
+static void dtls1_double_timeout(SSL *s)
{
s->d1->timeout_duration_us *= 2;
if (s->d1->timeout_duration_us > 60000000)
s->d1->timeout_duration_us = 60000000;
- dtls1_start_timer(s);
}
void dtls1_stop_timer(SSL *s)
diff --git a/deps/openssl/openssl/ssl/record/rec_layer_s3.c b/deps/openssl/openssl/ssl/record/rec_layer_s3.c
index b2a7a47eb0..cdc90ed0b3 100644
--- a/deps/openssl/openssl/ssl/record/rec_layer_s3.c
+++ b/deps/openssl/openssl/ssl/record/rec_layer_s3.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -172,9 +172,9 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
/*
* If extend == 0, obtain new n-byte packet; if extend == 1, increase
* packet by another n bytes. The packet will be in the sub-array of
- * s->s3->rbuf.buf specified by s->packet and s->packet_length. (If
- * s->rlayer.read_ahead is set, 'max' bytes may be stored in rbuf [plus
- * s->packet_length bytes if extend == 1].)
+ * s->rlayer.rbuf.buf specified by s->rlayer.packet and
+ * s->rlayer.packet_length. (If s->rlayer.read_ahead is set, 'max' bytes may
+ * be stored in rbuf [plus s->rlayer.packet_length bytes if extend == 1].)
* if clearold == 1, move the packet to the start of the buffer; if
* clearold == 0 then leave any old packets where they were
*/
@@ -374,10 +374,12 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
s->rlayer.wnum = 0;
/*
- * If we are supposed to be sending a KeyUpdate then go into init unless we
- * have writes pending - in which case we should finish doing that first.
+ * If we are supposed to be sending a KeyUpdate or NewSessionTicket then go
+ * into init unless we have writes pending - in which case we should finish
+ * doing that first.
*/
- if (wb->left == 0 && s->key_update != SSL_KEY_UPDATE_NONE)
+ if (wb->left == 0 && (s->key_update != SSL_KEY_UPDATE_NONE
+ || s->ext.extra_tickets_expected > 0))
ossl_statem_set_in_init(s, 1);
/*
diff --git a/deps/openssl/openssl/ssl/record/ssl3_buffer.c b/deps/openssl/openssl/ssl/record/ssl3_buffer.c
index 9b2a6964c6..b9ba25e0c3 100644
--- a/deps/openssl/openssl/ssl/record/ssl3_buffer.c
+++ b/deps/openssl/openssl/ssl/record/ssl3_buffer.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -74,7 +74,6 @@ int ssl3_setup_read_buffer(SSL *s)
b->len = len;
}
- RECORD_LAYER_set_packet(&s->rlayer, &(b->buf[0]));
return 1;
}
diff --git a/deps/openssl/openssl/ssl/record/ssl3_record.c b/deps/openssl/openssl/ssl/record/ssl3_record.c
index ab5d22aa10..e6a8bbd710 100644
--- a/deps/openssl/openssl/ssl/record/ssl3_record.c
+++ b/deps/openssl/openssl/ssl/record/ssl3_record.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -405,7 +405,7 @@ int ssl3_get_record(SSL *s)
more = thisrr->length;
}
if (more > 0) {
- /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
+ /* now s->rlayer.packet_length == SSL3_RT_HEADER_LENGTH */
rret = ssl3_read_n(s, more, more, 1, 0, &n);
if (rret <= 0)
@@ -416,9 +416,9 @@ int ssl3_get_record(SSL *s)
RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_HEADER);
/*
- * At this point, s->packet_length == SSL3_RT_HEADER_LENGTH
- * + thisrr->length, or s->packet_length == SSL2_RT_HEADER_LENGTH
- * + thisrr->length and we have that many bytes in s->packet
+ * At this point, s->rlayer.packet_length == SSL3_RT_HEADER_LENGTH
+ * + thisrr->length, or s->rlayer.packet_length == SSL2_RT_HEADER_LENGTH
+ * + thisrr->length and we have that many bytes in s->rlayer.packet
*/
if (thisrr->rec_version == SSL2_VERSION) {
thisrr->input =
@@ -429,11 +429,11 @@ int ssl3_get_record(SSL *s)
}
/*
- * ok, we can now read from 's->packet' data into 'thisrr' thisrr->input
- * points at thisrr->length bytes, which need to be copied into
- * thisrr->data by either the decryption or by the decompression When
- * the data is 'copied' into the thisrr->data buffer, thisrr->input will
- * be pointed at the new buffer
+ * ok, we can now read from 's->rlayer.packet' data into 'thisrr'.
+ * thisrr->input points at thisrr->length bytes, which need to be copied
+ * into thisrr->data by either the decryption or by the decompression.
+ * When the data is 'copied' into the thisrr->data buffer,
+ * thisrr->input will be updated to point at the new buffer
*/
/*
@@ -1616,16 +1616,16 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
sess = s->session;
/*
- * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
- * and we have that many bytes in s->packet
+ * At this point, s->rlayer.packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+ * and we have that many bytes in s->rlayer.packet
*/
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]);
/*
- * ok, we can now read from 's->packet' data into 'rr' rr->input points
- * at rr->length bytes, which need to be copied into rr->data by either
- * the decryption or by the decompression When the data is 'copied' into
- * the rr->data buffer, rr->input will be pointed at the new buffer
+ * ok, we can now read from 's->rlayer.packet' data into 'rr'. rr->input
+ * points at rr->length bytes, which need to be copied into rr->data by
+ * either the decryption or by the decompression. When the data is 'copied'
+ * into the rr->data buffer, rr->input will be pointed at the new buffer
*/
/*
@@ -1947,7 +1947,7 @@ int dtls1_get_record(SSL *s)
if (rr->length >
RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) {
- /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
+ /* now s->rlayer.packet_length == DTLS1_RT_HEADER_LENGTH */
more = rr->length;
rret = ssl3_read_n(s, more, more, 1, 1, &n);
/* this packet contained a partial record, dump it */
@@ -1963,7 +1963,7 @@ int dtls1_get_record(SSL *s)
}
/*
- * now n == rr->length, and s->packet_length ==
+ * now n == rr->length, and s->rlayer.packet_length ==
* DTLS1_RT_HEADER_LENGTH + rr->length
*/
}
diff --git a/deps/openssl/openssl/ssl/s3_msg.c b/deps/openssl/openssl/ssl/s3_msg.c
index 7c38291221..1adf564e95 100644
--- a/deps/openssl/openssl/ssl/s3_msg.c
+++ b/deps/openssl/openssl/ssl/s3_msg.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -48,6 +48,8 @@ int ssl3_send_alert(SSL *s, int level, int desc)
* protocol_version alerts */
if (desc < 0)
return -1;
+ if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY)
+ return -1;
/* If a fatal one, remove from cache */
if ((level == SSL3_AL_FATAL) && (s->session != NULL))
SSL_CTX_remove_session(s->session_ctx, s->session);
diff --git a/deps/openssl/openssl/ssl/ssl_cert.c b/deps/openssl/openssl/ssl/ssl_cert.c
index 5d3e83f328..e7feda81d0 100644
--- a/deps/openssl/openssl/ssl/ssl_cert.c
+++ b/deps/openssl/openssl/ssl/ssl_cert.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -876,18 +876,36 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref)
return 1;
}
+int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp)
+{
+ int level;
+ static const int minbits_table[5 + 1] = { 0, 80, 112, 128, 192, 256 };
+
+ if (ctx != NULL)
+ level = SSL_CTX_get_security_level(ctx);
+ else
+ level = SSL_get_security_level(s);
+
+ if (level > 5)
+ level = 5;
+ else if (level < 0)
+ level = 0;
+
+ if (levelp != NULL)
+ *levelp = level;
+
+ return minbits_table[level];
+}
+
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
int op, int bits, int nid, void *other,
void *ex)
{
int level, minbits;
- static const int minbits_table[5] = { 80, 112, 128, 192, 256 };
- if (ctx)
- level = SSL_CTX_get_security_level(ctx);
- else
- level = SSL_get_security_level(s);
- if (level <= 0) {
+ minbits = ssl_get_security_level_bits(s, ctx, &level);
+
+ if (level == 0) {
/*
* No EDH keys weaker than 1024-bits even at level 0, otherwise,
* anything goes.
@@ -896,9 +914,6 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
return 0;
return 1;
}
- if (level > 5)
- level = 5;
- minbits = minbits_table[level - 1];
switch (op) {
case SSL_SECOP_CIPHER_SUPPORTED:
case SSL_SECOP_CIPHER_SHARED:
diff --git a/deps/openssl/openssl/ssl/ssl_err.c b/deps/openssl/openssl/ssl/ssl_err.c
index cb2fe7f77a..56adfdca42 100644
--- a/deps/openssl/openssl/ssl/ssl_err.c
+++ b/deps/openssl/openssl/ssl/ssl_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -85,6 +85,7 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_KEY_SHARE, 0), "final_key_share"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_MAXFRAGMENTLEN, 0),
"final_maxfragmentlen"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_PSK, 0), "final_psk"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_QUIC_TRANSPORT_PARAMS, 0),
"final_quic_transport_params"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_RENEGOTIATE, 0), "final_renegotiate"},
@@ -981,6 +982,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"missing ecdsa signing cert"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_FATAL), "missing fatal"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PARAMETERS), "missing parameters"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PSK_KEX_MODES_EXTENSION),
+ "missing psk kex modes extension"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION),
"missing quic transport parameters extension"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_CERTIFICATE),
@@ -1053,6 +1056,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
"null ssl method passed"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
+ "ocsp callback failure"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
"old session cipher not returned"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c
index ab0bf907b2..098a184277 100644
--- a/deps/openssl/openssl/ssl/ssl_lib.c
+++ b/deps/openssl/openssl/ssl/ssl_lib.c
@@ -2155,6 +2155,11 @@ int SSL_key_update(SSL *s, int updatetype)
return 0;
}
+ if (RECORD_LAYER_write_pending(&s->rlayer)) {
+ SSLerr(SSL_F_SSL_KEY_UPDATE, SSL_R_BAD_WRITE_RETRY);
+ return 0;
+ }
+
ossl_statem_set_in_init(s, 1);
s->key_update = updatetype;
return 1;
@@ -2210,6 +2215,19 @@ int SSL_renegotiate_pending(const SSL *s)
return (s->renegotiate != 0);
}
+int SSL_new_session_ticket(SSL *s)
+{
+ /* If we are in init because we're sending tickets, okay to send more. */
+ if ((SSL_in_init(s) && s->ext.extra_tickets_expected == 0)
+ || SSL_IS_FIRST_HANDSHAKE(s) || !s->server
+ || !SSL_IS_TLS13(s))
+ return 0;
+ s->ext.extra_tickets_expected++;
+ if (s->rlayer.wbuf[0].left == 0 && !SSL_in_init(s))
+ ossl_statem_set_in_init(s, 1);
+ return 1;
+}
+
long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
{
long l;
@@ -2865,6 +2883,19 @@ void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
}
#endif
+static int alpn_value_ok(const unsigned char *protos, unsigned int protos_len)
+{
+ unsigned int idx;
+
+ if (protos_len < 2 || protos == NULL)
+ return 0;
+
+ for (idx = 0; idx < protos_len; idx += protos[idx] + 1) {
+ if (protos[idx] == 0)
+ return 0;
+ }
+ return idx == protos_len;
+}
/*
* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
* |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
@@ -2873,13 +2904,25 @@ void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
unsigned int protos_len)
{
- OPENSSL_free(ctx->ext.alpn);
- ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
- if (ctx->ext.alpn == NULL) {
+ unsigned char *alpn;
+
+ if (protos_len == 0 || protos == NULL) {
+ OPENSSL_free(ctx->ext.alpn);
+ ctx->ext.alpn = NULL;
ctx->ext.alpn_len = 0;
+ return 0;
+ }
+ /* Not valid per RFC */
+ if (!alpn_value_ok(protos, protos_len))
+ return 1;
+
+ alpn = OPENSSL_memdup(protos, protos_len);
+ if (alpn == NULL) {
SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
return 1;
}
+ OPENSSL_free(ctx->ext.alpn);
+ ctx->ext.alpn = alpn;
ctx->ext.alpn_len = protos_len;
return 0;
@@ -2893,13 +2936,25 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned int protos_len)
{
- OPENSSL_free(ssl->ext.alpn);
- ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
- if (ssl->ext.alpn == NULL) {
+ unsigned char *alpn;
+
+ if (protos_len == 0 || protos == NULL) {
+ OPENSSL_free(ssl->ext.alpn);
+ ssl->ext.alpn = NULL;
ssl->ext.alpn_len = 0;
+ return 0;
+ }
+ /* Not valid per RFC */
+ if (!alpn_value_ok(protos, protos_len))
+ return 1;
+
+ alpn = OPENSSL_memdup(protos, protos_len);
+ if (alpn == NULL) {
SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
return 1;
}
+ OPENSSL_free(ssl->ext.alpn);
+ ssl->ext.alpn = alpn;
ssl->ext.alpn_len = protos_len;
return 0;
@@ -4576,8 +4631,11 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen,
}
ctx = EVP_MD_CTX_new();
- if (ctx == NULL)
+ if (ctx == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_HANDSHAKE_HASH,
+ ERR_R_INTERNAL_ERROR);
goto err;
+ }
if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
|| EVP_DigestFinal_ex(ctx, out, NULL) <= 0) {
diff --git a/deps/openssl/openssl/ssl/ssl_local.h b/deps/openssl/openssl/ssl/ssl_local.h
index 63b39378f3..9793306e75 100644
--- a/deps/openssl/openssl/ssl/ssl_local.h
+++ b/deps/openssl/openssl/ssl/ssl_local.h
@@ -1320,6 +1320,8 @@ struct ssl_st {
/* RFC4507 session ticket expected to be received or sent */
int ticket_expected;
+ /* TLS 1.3 tickets requested by the application. */
+ int extra_tickets_expected;
# ifndef OPENSSL_NO_EC
size_t ecpointformats_len;
/* our list */
@@ -2361,6 +2363,7 @@ __owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain,
__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other);
__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid,
void *other);
+int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp);
__owur int ssl_cert_lookup_by_nid(int nid, size_t *pidx);
__owur const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk,
@@ -2482,7 +2485,6 @@ __owur int dtls1_handle_timeout(SSL *s);
void dtls1_start_timer(SSL *s);
void dtls1_stop_timer(SSL *s);
__owur int dtls1_is_timer_expired(SSL *s);
-void dtls1_double_timeout(SSL *s);
__owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
size_t cookie_len);
__owur size_t dtls1_min_mtu(SSL *s);
diff --git a/deps/openssl/openssl/ssl/statem/extensions.c b/deps/openssl/openssl/ssl/statem/extensions.c
index b1d28bea4c..3a6702cd6a 100644
--- a/deps/openssl/openssl/ssl/statem/extensions.c
+++ b/deps/openssl/openssl/ssl/statem/extensions.c
@@ -18,6 +18,7 @@ static int final_renegotiate(SSL *s, unsigned int context, int sent);
static int init_server_name(SSL *s, unsigned int context);
static int final_server_name(SSL *s, unsigned int context, int sent);
#ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context);
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
#endif
static int init_session_ticket(SSL *s, unsigned int context);
@@ -56,6 +57,7 @@ static int final_sig_algs(SSL *s, unsigned int context, int sent);
static int final_early_data(SSL *s, unsigned int context, int sent);
static int final_maxfragmentlen(SSL *s, unsigned int context, int sent);
static int init_post_handshake_auth(SSL *s, unsigned int context);
+static int final_psk(SSL *s, unsigned int context, int sent);
#ifndef OPENSSL_NO_QUIC
static int init_quic_transport_params(SSL *s, unsigned int context);
static int final_quic_transport_params_draft(SSL *s, unsigned int context, int sent);
@@ -163,7 +165,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
TLSEXT_TYPE_ec_point_formats,
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
| SSL_EXT_TLS1_2_AND_BELOW_ONLY,
- NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
+ init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
final_ec_pt_formats
},
@@ -416,7 +418,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO
| SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY,
NULL, tls_parse_ctos_psk, tls_parse_stoc_psk, tls_construct_stoc_psk,
- tls_construct_ctos_psk, NULL
+ tls_construct_ctos_psk, final_psk
}
};
@@ -1053,6 +1055,15 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
}
#ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+ OPENSSL_free(s->ext.peer_ecpointformats);
+ s->ext.peer_ecpointformats = NULL;
+ s->ext.peer_ecpointformats_len = 0;
+
+ return 1;
+}
+
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
{
unsigned long alg_k, alg_a;
@@ -1746,6 +1757,22 @@ static int init_post_handshake_auth(SSL *s, unsigned int context)
return 1;
}
+/*
+ * If clients offer "pre_shared_key" without a "psk_key_exchange_modes"
+ * extension, servers MUST abort the handshake.
+ */
+static int final_psk(SSL *s, unsigned int context, int sent)
+{
+ if (s->server && sent && s->clienthello != NULL
+ && !s->clienthello->pre_proc_exts[TLSEXT_IDX_psk_kex_modes].present) {
+ SSLfatal(s, TLS13_AD_MISSING_EXTENSION, SSL_F_FINAL_PSK,
+ SSL_R_MISSING_PSK_KEX_MODES_EXTENSION);
+ return 0;
+ }
+
+ return 1;
+}
+
#ifndef OPENSSL_NO_QUIC
static int init_quic_transport_params(SSL *s, unsigned int context)
{
diff --git a/deps/openssl/openssl/ssl/statem/extensions_srvr.c b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
index 617b67ebce..f47a09ed94 100644
--- a/deps/openssl/openssl/ssl/statem/extensions_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -1751,6 +1751,13 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
}
return EXT_RETURN_NOT_SENT;
}
+ if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0) {
+ /*
+ * PSK ('hit') and explicitly not doing DHE (if the client sent the
+ * DHE option we always take it); don't send key share.
+ */
+ return EXT_RETURN_NOT_SENT;
+ }
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)
|| !WPACKET_start_sub_packet_u16(pkt)
diff --git a/deps/openssl/openssl/ssl/statem/statem_clnt.c b/deps/openssl/openssl/ssl/statem/statem_clnt.c
index b756cdd1e0..8c0b5b5c71 100644
--- a/deps/openssl/openssl/ssl/statem/statem_clnt.c
+++ b/deps/openssl/openssl/ssl/statem/statem_clnt.c
@@ -1009,7 +1009,8 @@ size_t ossl_statem_client_max_message_size(SSL *s)
return CCS_MAX_LENGTH;
case TLS_ST_CR_SESSION_TICKET:
- return SSL3_RT_MAX_PLAIN_LENGTH;
+ return (SSL_IS_TLS13(s)) ? SESSION_TICKET_MAX_LENGTH_TLS13
+ : SESSION_TICKET_MAX_LENGTH_TLS12;
case TLS_ST_CR_FINISHED:
return FINISHED_MAX_LENGTH;
@@ -2841,7 +2842,7 @@ int tls_process_initial_server_flight(SSL *s)
if (ret < 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT,
- ERR_R_MALLOC_FAILURE);
+ SSL_R_OCSP_CALLBACK_FAILURE);
return 0;
}
}
diff --git a/deps/openssl/openssl/ssl/statem/statem_local.h b/deps/openssl/openssl/ssl/statem/statem_local.h
index 97aff78b30..7bf905f3df 100644
--- a/deps/openssl/openssl/ssl/statem/statem_local.h
+++ b/deps/openssl/openssl/ssl/statem/statem_local.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -22,6 +22,8 @@
#define SERVER_HELLO_MAX_LENGTH 20000
#define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
#define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
+#define SESSION_TICKET_MAX_LENGTH_TLS13 131338
+#define SESSION_TICKET_MAX_LENGTH_TLS12 65541
#define SERVER_KEY_EXCH_MAX_LENGTH 102400
#define SERVER_HELLO_DONE_MAX_LENGTH 0
#define KEY_UPDATE_MAX_LENGTH 1
diff --git a/deps/openssl/openssl/ssl/statem/statem_srvr.c b/deps/openssl/openssl/ssl/statem/statem_srvr.c
index 7f5f0db0c7..4a2f8872ac 100644
--- a/deps/openssl/openssl/ssl/statem/statem_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/statem_srvr.c
@@ -437,6 +437,10 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
st->hand_state = TLS_ST_SW_CERT_REQ;
return WRITE_TRAN_CONTINUE;
}
+ if (s->ext.extra_tickets_expected > 0) {
+ st->hand_state = TLS_ST_SW_SESSION_TICKET;
+ return WRITE_TRAN_CONTINUE;
+ }
/* Try to read from the client instead */
return WRITE_TRAN_FINISHED;
@@ -527,7 +531,9 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
* Following an initial handshake we send the number of tickets we have
* been configured for.
*/
- if (s->hit || s->num_tickets <= s->sent_tickets) {
+ if (!SSL_IS_FIRST_HANDSHAKE(s) && s->ext.extra_tickets_expected > 0) {
+ return WRITE_TRAN_CONTINUE;
+ } else if (s->hit || s->num_tickets <= s->sent_tickets) {
/* We've written enough tickets out. */
st->hand_state = TLS_ST_OK;
}
@@ -723,7 +729,8 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
return WORK_FINISHED_CONTINUE;
case TLS_ST_SW_SESSION_TICKET:
- if (SSL_IS_TLS13(s) && s->sent_tickets == 0) {
+ if (SSL_IS_TLS13(s) && s->sent_tickets == 0
+ && s->ext.extra_tickets_expected == 0) {
/*
* Actually this is the end of the handshake, but we're going
* straight into writing the session ticket out. So we finish off
@@ -3764,6 +3771,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
sk_X509_pop_free(s->session->peer_chain, X509_free);
s->session->peer_chain = sk;
+ sk = NULL;
/*
* Freeze the handshake buffer. For <TLS1.3 we do this after the CKE
@@ -3778,7 +3786,6 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
* Inconsistency alert: cert_chain does *not* include the peer's own
* certificate, while we do include it in statem_clnt.c
*/
- sk = NULL;
/* Save the current hash state for when we receive the CertificateVerify */
if (SSL_IS_TLS13(s)) {
@@ -4150,9 +4157,12 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
}
if (tctx->generate_ticket_cb != NULL &&
- tctx->generate_ticket_cb(s, tctx->ticket_cb_data) == 0)
+ tctx->generate_ticket_cb(s, tctx->ticket_cb_data) == 0) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
+ ERR_R_INTERNAL_ERROR);
goto err;
-
+ }
/*
* If we are using anti-replay protection then we behave as if
* SSL_OP_NO_TICKET is set - we are caching tickets anyway so there
@@ -4182,10 +4192,13 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
/*
* Increment both |sent_tickets| and |next_ticket_nonce|. |sent_tickets|
* gets reset to 0 if we send more tickets following a post-handshake
- * auth, but |next_ticket_nonce| does not.
+ * auth, but |next_ticket_nonce| does not. If we're sending extra
+ * tickets, decrement the count of pending extra tickets.
*/
s->sent_tickets++;
s->next_ticket_nonce++;
+ if (s->ext.extra_tickets_expected > 0)
+ s->ext.extra_tickets_expected--;
ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
}
diff --git a/deps/openssl/openssl/ssl/t1_lib.c b/deps/openssl/openssl/ssl/t1_lib.c
index 48d46f8a48..b1d3add187 100644
--- a/deps/openssl/openssl/ssl/t1_lib.c
+++ b/deps/openssl/openssl/ssl/t1_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -2441,7 +2441,8 @@ DH *ssl_get_auto_dh(SSL *s)
{
DH *dhp = NULL;
BIGNUM *p = NULL, *g = NULL;
- int dh_secbits = 80;
+ int dh_secbits = 80, sec_level_bits;
+
if (s->cert->dh_tmp_auto != 2) {
if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) {
if (s->s3->tmp.new_cipher->strength_bits == 256)
@@ -2464,6 +2465,12 @@ DH *ssl_get_auto_dh(SSL *s)
BN_free(g);
return NULL;
}
+
+ /* Do not pick a prime that is too weak for the current security level */
+ sec_level_bits = ssl_get_security_level_bits(s, NULL, NULL);
+ if (dh_secbits < sec_level_bits)
+ dh_secbits = sec_level_bits;
+
if (dh_secbits >= 192)
p = BN_get_rfc3526_prime_8192(NULL);
else if (dh_secbits >= 152)
diff --git a/deps/openssl/openssl/test/asn1_decode_test.c b/deps/openssl/openssl/test/asn1_decode_test.c
index 18f0ca12e9..de4dff6363 100644
--- a/deps/openssl/openssl/test/asn1_decode_test.c
+++ b/deps/openssl/openssl/test/asn1_decode_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,6 +12,7 @@
#include <openssl/rand.h>
#include <openssl/asn1t.h>
+#include <openssl/obj_mac.h>
#include "internal/numbers.h"
#include "testutil.h"
@@ -195,6 +196,30 @@ static int test_invalid_template(void)
return 0;
}
+static int test_reuse_asn1_object(void)
+{
+ static unsigned char cn_der[] = { 0x06, 0x03, 0x55, 0x04, 0x06 };
+ static unsigned char oid_der[] = {
+ 0x06, 0x06, 0x2a, 0x03, 0x04, 0x05, 0x06, 0x07
+ };
+ int ret = 0;
+ ASN1_OBJECT *obj;
+ unsigned char const *p = oid_der;
+
+ /* Create an object that owns dynamically allocated 'sn' and 'ln' fields */
+
+ if (!TEST_ptr(obj = ASN1_OBJECT_create(NID_undef, cn_der, sizeof(cn_der),
+ "C", "countryName")))
+ goto err;
+ /* reuse obj - this should not leak sn and ln */
+ if (!TEST_ptr(d2i_ASN1_OBJECT(&obj, &p, sizeof(oid_der))))
+ goto err;
+ ret = 1;
+err:
+ ASN1_OBJECT_free(obj);
+ return ret;
+}
+
int setup_tests(void)
{
#if OPENSSL_API_COMPAT < 0x10200000L
@@ -205,5 +230,6 @@ int setup_tests(void)
ADD_TEST(test_int64);
ADD_TEST(test_uint64);
ADD_TEST(test_invalid_template);
+ ADD_TEST(test_reuse_asn1_object);
return 1;
}
diff --git a/deps/openssl/openssl/test/bio_memleak_test.c b/deps/openssl/openssl/test/bio_memleak_test.c
index 383c82d156..610f8febc7 100644
--- a/deps/openssl/openssl/test/bio_memleak_test.c
+++ b/deps/openssl/openssl/test/bio_memleak_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,6 +10,8 @@
#include <string.h>
#include <openssl/buffer.h>
#include <openssl/bio.h>
+#include <openssl/pkcs7.h>
+#include <openssl/obj_mac.h>
#include "testutil.h"
@@ -35,7 +37,7 @@ static int test_bio_memleak(void)
goto finish;
ok = 1;
-finish:
+ finish:
BIO_free(bio);
return ok;
}
@@ -62,7 +64,7 @@ static int test_bio_get_mem(void)
goto finish;
ok = 1;
-finish:
+ finish:
BIO_free(bio);
BUF_MEM_free(bufmem);
return ok;
@@ -98,7 +100,7 @@ static int test_bio_new_mem_buf(void)
goto finish;
ok = 1;
-finish:
+ finish:
BIO_free(bio);
return ok;
}
@@ -139,7 +141,7 @@ static int test_bio_rdonly_mem_buf(void)
goto finish;
ok = 1;
-finish:
+ finish:
BIO_free(bio);
BIO_free(bio2);
return ok;
@@ -176,7 +178,7 @@ static int test_bio_rdwr_rdonly(void)
ok = 1;
-finish:
+ finish:
BIO_free(bio);
return ok;
}
@@ -216,11 +218,72 @@ static int test_bio_nonclear_rst(void)
ok = 1;
-finish:
+ finish:
BIO_free(bio);
return ok;
}
+static int error_callback_fired;
+static long BIO_error_callback(BIO *bio, int cmd, const char *argp,
+ size_t len, int argi,
+ long argl, int ret, size_t *processed)
+{
+ if ((cmd & (BIO_CB_READ | BIO_CB_RETURN)) != 0) {
+ error_callback_fired = 1;
+ ret = 0; /* fail for read operations to simulate error in input BIO */
+ }
+ return ret;
+}
+
+/* Checks i2d_ASN1_bio_stream() is freeing all memory when input BIO ends unexpectedly. */
+static int test_bio_i2d_ASN1_mime(void)
+{
+ int ok = 0;
+ BIO *bio = NULL, *out = NULL;
+ BUF_MEM bufmem;
+ static const char str[] = "BIO mime test\n";
+ PKCS7 *p7 = NULL;
+
+ if (!TEST_ptr(bio = BIO_new(BIO_s_mem())))
+ goto finish;
+
+ bufmem.length = sizeof(str);
+ bufmem.data = (char *) str;
+ bufmem.max = bufmem.length;
+ BIO_set_mem_buf(bio, &bufmem, BIO_NOCLOSE);
+ BIO_set_flags(bio, BIO_FLAGS_MEM_RDONLY);
+ BIO_set_callback_ex(bio, BIO_error_callback);
+
+ if (!TEST_ptr(out = BIO_new(BIO_s_mem())))
+ goto finish;
+ if (!TEST_ptr(p7 = PKCS7_new()))
+ goto finish;
+ if (!TEST_true(PKCS7_set_type(p7, NID_pkcs7_data)))
+ goto finish;
+
+ error_callback_fired = 0;
+
+ /*
+ * The call succeeds even if the input stream ends unexpectedly as
+ * there is no handling for this case in SMIME_crlf_copy().
+ */
+ if (!TEST_true(i2d_ASN1_bio_stream(out, (ASN1_VALUE*) p7, bio,
+ SMIME_STREAM | SMIME_BINARY,
+ ASN1_ITEM_rptr(PKCS7))))
+ goto finish;
+
+ if (!TEST_int_eq(error_callback_fired, 1))
+ goto finish;
+
+ ok = 1;
+
+ finish:
+ BIO_free(bio);
+ BIO_free(out);
+ PKCS7_free(p7);
+ return ok;
+}
+
int global_init(void)
{
CRYPTO_set_mem_debug(1);
@@ -236,5 +299,6 @@ int setup_tests(void)
ADD_TEST(test_bio_rdonly_mem_buf);
ADD_TEST(test_bio_rdwr_rdonly);
ADD_TEST(test_bio_nonclear_rst);
+ ADD_TEST(test_bio_i2d_ASN1_mime);
return 1;
}
diff --git a/deps/openssl/openssl/test/bntest.c b/deps/openssl/openssl/test/bntest.c
index 97d08ac0be..236501e679 100644
--- a/deps/openssl/openssl/test/bntest.c
+++ b/deps/openssl/openssl/test/bntest.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -305,6 +305,75 @@ static int test_div_recip(void)
return st;
}
+static struct {
+ int n, divisor, result, remainder;
+} signed_mod_tests[] = {
+ { 10, 3, 3, 1 },
+ { -10, 3, -3, -1 },
+ { 10, -3, -3, 1 },
+ { -10, -3, 3, -1 },
+};
+
+static BIGNUM *set_signed_bn(int value)
+{
+ BIGNUM *bn = BN_new();
+
+ if (bn == NULL)
+ return NULL;
+ if (!BN_set_word(bn, value < 0 ? -value : value)) {
+ BN_free(bn);
+ return NULL;
+ }
+ BN_set_negative(bn, value < 0);
+ return bn;
+}
+
+static int test_signed_mod_replace_ab(int n)
+{
+ BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL;
+ int st = 0;
+
+ if (!TEST_ptr(a = set_signed_bn(signed_mod_tests[n].n))
+ || !TEST_ptr(b = set_signed_bn(signed_mod_tests[n].divisor))
+ || !TEST_ptr(c = set_signed_bn(signed_mod_tests[n].result))
+ || !TEST_ptr(d = set_signed_bn(signed_mod_tests[n].remainder)))
+ goto err;
+
+ if (TEST_true(BN_div(a, b, a, b, ctx))
+ && TEST_BN_eq(a, c)
+ && TEST_BN_eq(b, d))
+ st = 1;
+ err:
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return st;
+}
+
+static int test_signed_mod_replace_ba(int n)
+{
+ BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL;
+ int st = 0;
+
+ if (!TEST_ptr(a = set_signed_bn(signed_mod_tests[n].n))
+ || !TEST_ptr(b = set_signed_bn(signed_mod_tests[n].divisor))
+ || !TEST_ptr(c = set_signed_bn(signed_mod_tests[n].result))
+ || !TEST_ptr(d = set_signed_bn(signed_mod_tests[n].remainder)))
+ goto err;
+
+ if (TEST_true(BN_div(b, a, a, b, ctx))
+ && TEST_BN_eq(b, c)
+ && TEST_BN_eq(a, d))
+ st = 1;
+ err:
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return st;
+}
+
static int test_mod(void)
{
BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL;
@@ -326,8 +395,10 @@ static int test_mod(void)
BN_set_negative(b, rand_neg());
if (!(TEST_true(BN_mod(c, a, b, ctx))
&& TEST_true(BN_div(d, e, a, b, ctx))
- && TEST_true(BN_sub(e, e, c))
- && TEST_BN_eq_zero(e)))
+ && TEST_BN_eq(e, c)
+ && TEST_true(BN_mul(c, d, b, ctx))
+ && TEST_true(BN_add(d, c, e))
+ && TEST_BN_eq(d, a)))
goto err;
}
st = 1;
@@ -2759,6 +2830,8 @@ int setup_tests(void)
if (n == 0) {
ADD_TEST(test_sub);
ADD_TEST(test_div_recip);
+ ADD_ALL_TESTS(test_signed_mod_replace_ab, OSSL_NELEM(signed_mod_tests));
+ ADD_ALL_TESTS(test_signed_mod_replace_ba, OSSL_NELEM(signed_mod_tests));
ADD_TEST(test_mod);
ADD_TEST(test_modexp_mont5);
ADD_TEST(test_kronecker);
diff --git a/deps/openssl/openssl/test/certs/ee-self-signed.pem b/deps/openssl/openssl/test/certs/ee-self-signed.pem
index e854c9ad27..ad1e37ba0e 100644
--- a/deps/openssl/openssl/test/certs/ee-self-signed.pem
+++ b/deps/openssl/openssl/test/certs/ee-self-signed.pem
@@ -1,19 +1,18 @@
-----BEGIN CERTIFICATE-----
-MIIDIjCCAgqgAwIBAgIUT99h/YrAdcDg3fdLy5UajB8e994wDQYJKoZIhvcNAQEL
-BQAwGTEXMBUGA1UEAwwOZWUtc2VsZi1zaWduZWQwIBcNMjAwNzI4MTQxNjA4WhgP
-MjEyMDA3MDQxNDE2MDhaMBkxFzAVBgNVBAMMDmVlLXNlbGYtc2lnbmVkMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP+JWGGFrt7bLA/Vc/vit6gbenVg
-K9R9PHN2ta7eky9/JJBtyRz0ijjNn6KAFlbLtCy7k+UXH/8NxkP+MTT4KNh16aO7
-iILvo3LiU2IFRU3gMZfvqp0Q0lgNngaeMrsbCFZdZQ8/Zo7CNqAR/8BZNf1JHN0c
-QjMGeK4EOCPl53Vn05StWqlAH6xZEPUMwWStSsTGNVOzlmqCGxWL0Zmr5J5vlKrS
-luVX+4yRZIo8JBbG0hm+gmATO2Kw7T4ds8r5a98xuXqeS0dopynHP0riIie075Bj
-1+/Qckk+W625G9Qrb4Zo3dVzErhDydxBD6KjRk+LZ4iED2H+eTQfSokftwIDAQAB
-o2AwXjAdBgNVHQ4EFgQU55viKq2KbDrLdlHljgeYIpfhc6IwHwYDVR0jBBgwFoAU
-55viKq2KbDrLdlHljgeYIpfhc6IwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC
-B4AwDQYJKoZIhvcNAQELBQADggEBAGDEbS5kJArjjQNK02oxhQyz1dbDy23evRxm
-WW/NtlJAQAgEMXoNo9fioj0L4cvDy40r87V6/RsV2eijwZEfwGloACif7v78w8QO
-h4XiW9oGxcQkdMIYZLDVW9AZPDIkK5NHNfQaeAxCprAufYnRMv035UotLzCBRrkG
-G2TIs45vRp/6mYFVtm0Nf9CFvu4dXH8W+GlBONG0FAiBW+JzgTr9OmrzfqJTEDrf
-vv/hOiu8XvvlF5piPBqKE76rEvkXUSjgDZ2/Ju1fjqpV2I8Hz1Mj9w9tRE8g4E9o
-ZcRXX3MNPaHxnNhgYSPdpywwkyILz2AHwmAzh07cdttRFFPw+fM=
+MIICzzCCAbegAwIBAgIUBP7iEKPlKuinZGQNFxSY3IBIb0swDQYJKoZIhvcNAQEL
+BQAwGTEXMBUGA1UEAwwOZWUtc2VsZi1zaWduZWQwHhcNMjAwNjI4MTA1MTQ1WhcN
+MjAwNzI4MTA1MTQ1WjAZMRcwFQYDVQQDDA5lZS1zZWxmLXNpZ25lZDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e2ywP1XP74reoG3p1YCvU
+fTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx//DcZD/jE0+CjYdemju4iC
+76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aOwjagEf/AWTX9SRzdHEIz
+BniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5ZqghsVi9GZq+Seb5Sq0pbl
+V/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktHaKcpxz9K4iIntO+QY9fv
+0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h/nk0H0qJH7cCAwEAAaMP
+MA0wCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBiLmIUCGb+hmRGbmpO
+lDqEwiRVdxHBs4OSb3IA9QgU1QKUDRqn7q27RRelmzTXllubZZcX3K6o+dunRW5G
+d3f3FVr+3Z7wnmkQtC2y3NWtGuWNczss+6rMLzKvla5CjRiNPlSvluMNpcs7BJxI
+ppk1LxlaiYlQkDW32OPyxzXWDNv1ZkphcOcoCkHAagnq9x1SszvLTjAlo5XpYrm5
+CPgBOEnVwFCgne5Ab4QPTgkxPh/Ta508I/FKaPLJqci1EfGKipZkS7mMGTUJEeVK
+wZrn4z7RiTfJ4PdqO5iv8eOpt03fqdPEXQWe8DrKyfGM6/e369FaXMFhcd2ZxZy2
+WHoc
-----END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/clienthellotest.c b/deps/openssl/openssl/test/clienthellotest.c
index 8ae1e4d9c6..ee32b5e2c5 100644
--- a/deps/openssl/openssl/test/clienthellotest.c
+++ b/deps/openssl/openssl/test/clienthellotest.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -45,10 +45,16 @@
static const char *sessionfile = NULL;
/* Dummy ALPN protocols used to pad out the size of the ClientHello */
+/* ASCII 'O' = 79 = 0x4F = EBCDIC '|'*/
+#ifdef CHARSET_EBCDIC
static const char alpn_prots[] =
- "0123456789012345678901234567890123456789012345678901234567890123456789"
- "0123456789012345678901234567890123456789012345678901234567890123456789"
- "01234567890123456789";
+ "|1234567890123456789012345678901234567890123456789012345678901234567890123456789"
+ "|1234567890123456789012345678901234567890123456789012345678901234567890123456789";
+#else
+static const char alpn_prots[] =
+ "O1234567890123456789012345678901234567890123456789012345678901234567890123456789"
+ "O1234567890123456789012345678901234567890123456789012345678901234567890123456789";
+#endif
static int test_client_hello(int currtest)
{
diff --git a/deps/openssl/openssl/test/ectest.c b/deps/openssl/openssl/test/ectest.c
index 9bdbf70afb..bd3c4d8cad 100644
--- a/deps/openssl/openssl/test/ectest.c
+++ b/deps/openssl/openssl/test/ectest.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -1124,7 +1124,56 @@ err:
BN_free(yplusone);
return r;
}
-# endif
+
+static int hybrid_point_encoding_test(void)
+{
+ BIGNUM *x = NULL, *y = NULL;
+ EC_GROUP *group = NULL;
+ EC_POINT *point = NULL;
+ unsigned char *buf = NULL;
+ size_t len;
+ int r = 0;
+
+ if (!TEST_true(BN_dec2bn(&x, "0"))
+ || !TEST_true(BN_dec2bn(&y, "1"))
+ || !TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_sect571k1))
+ || !TEST_ptr(point = EC_POINT_new(group))
+ || !TEST_true(EC_POINT_set_affine_coordinates(group, point, x, y, NULL))
+ || !TEST_size_t_ne(0, (len = EC_POINT_point2oct(group,
+ point,
+ POINT_CONVERSION_HYBRID,
+ NULL,
+ 0,
+ NULL)))
+ || !TEST_ptr(buf = OPENSSL_malloc(len))
+ || !TEST_size_t_eq(len, EC_POINT_point2oct(group,
+ point,
+ POINT_CONVERSION_HYBRID,
+ buf,
+ len,
+ NULL)))
+ goto err;
+
+ r = 1;
+
+ /* buf contains a valid hybrid point, check that we can decode it. */
+ if (!TEST_true(EC_POINT_oct2point(group, point, buf, len, NULL)))
+ r = 0;
+
+ /* Flip the y_bit and verify that the invalid encoding is rejected. */
+ buf[0] ^= 1;
+ if (!TEST_false(EC_POINT_oct2point(group, point, buf, len, NULL)))
+ r = 0;
+
+err:
+ BN_free(x);
+ BN_free(y);
+ EC_GROUP_free(group);
+ EC_POINT_free(point);
+ OPENSSL_free(buf);
+ return r;
+}
+#endif
static int internal_curve_test(int n)
{
@@ -2195,6 +2244,7 @@ int setup_tests(void)
ADD_ALL_TESTS(cardinality_test, crv_len);
ADD_TEST(prime_field_tests);
# ifndef OPENSSL_NO_EC2M
+ ADD_TEST(hybrid_point_encoding_test);
ADD_TEST(char2_field_tests);
ADD_ALL_TESTS(char2_curve_test, OSSL_NELEM(char2_curve_tests));
# endif
diff --git a/deps/openssl/openssl/test/evp_extra_test.c b/deps/openssl/openssl/test/evp_extra_test.c
index 877b99197b..2a5eefb104 100644
--- a/deps/openssl/openssl/test/evp_extra_test.c
+++ b/deps/openssl/openssl/test/evp_extra_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -320,6 +320,96 @@ static const unsigned char pExampleECParamDER[] = {
};
#endif
+static const unsigned char kCFBDefaultKey[] = {
+ 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88,
+ 0x09, 0xCF, 0x4F, 0x3C
+};
+
+static const unsigned char kGCMDefaultKey[32] = { 0 };
+
+static const unsigned char kGCMResetKey[] = {
+ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94,
+ 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+ 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+};
+
+static const unsigned char iCFBIV[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
+ 0x0C, 0x0D, 0x0E, 0x0F
+};
+
+static const unsigned char iGCMDefaultIV[12] = { 0 };
+
+static const unsigned char iGCMResetIV1[] = {
+ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
+};
+
+static const unsigned char iGCMResetIV2[] = {
+ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
+};
+
+static const unsigned char cfbPlaintext[] = {
+ 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11,
+ 0x73, 0x93, 0x17, 0x2A
+};
+
+static const unsigned char gcmDefaultPlaintext[16] = { 0 };
+
+static const unsigned char gcmResetPlaintext[] = {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
+ 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
+ 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39
+};
+
+static const unsigned char cfbCiphertext[] = {
+ 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, 0x33, 0x34, 0x49, 0xF8,
+ 0xE8, 0x3C, 0xFB, 0x4A
+};
+
+static const unsigned char gcmDefaultCiphertext[] = {
+ 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, 0x07, 0x4e, 0xc5, 0xd3,
+ 0xba, 0xf3, 0x9d, 0x18
+};
+
+static const unsigned char gcmResetCiphertext1[] = {
+ 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, 0xae, 0x47, 0xc1, 0x3b,
+ 0xf1, 0x98, 0x44, 0xcb, 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
+ 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, 0xfe, 0xb5, 0x82, 0xd3,
+ 0x39, 0x34, 0xa4, 0xf0, 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
+ 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, 0xf4, 0x7c, 0x9b, 0x1f
+};
+
+static const unsigned char gcmResetCiphertext2[] = {
+ 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, 0xf4, 0x7f, 0x37, 0xa3,
+ 0x2a, 0x84, 0x42, 0x7d, 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+ 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, 0x8c, 0xb0, 0x8e, 0x48,
+ 0x59, 0x0d, 0xbb, 0x3d, 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+ 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, 0xbc, 0xc9, 0xf6, 0x62
+};
+
+static const unsigned char gcmAAD[] = {
+ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce,
+ 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2
+};
+
+static const unsigned char gcmDefaultTag[] = {
+ 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, 0x26, 0x5b, 0x98, 0xb5,
+ 0xd4, 0x8a, 0xb9, 0x19
+};
+
+static const unsigned char gcmResetTag1[] = {
+ 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, 0x5e, 0x45, 0x49, 0x13,
+ 0xfe, 0x2e, 0xa8, 0xf2
+};
+
+static const unsigned char gcmResetTag2[] = {
+ 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, 0xcd, 0xdf, 0x88, 0x53,
+ 0xbb, 0x2d, 0x55, 0x1b
+};
+
+
typedef struct APK_DATA_st {
const unsigned char *kder;
size_t size;
@@ -330,6 +420,494 @@ typedef struct APK_DATA_st {
int type; /* 0 for private, 1 for public, 2 for params */
} APK_DATA;
+typedef struct {
+ const char *cipher;
+ const unsigned char *key;
+ const unsigned char *iv;
+ const unsigned char *input;
+ const unsigned char *expected;
+ const unsigned char *tag;
+ size_t ivlen; /* 0 if we do not need to set a specific IV len */
+ size_t inlen;
+ size_t expectedlen;
+ size_t taglen;
+ int keyfirst;
+ int initenc;
+ int finalenc;
+} EVP_INIT_TEST_st;
+
+static const EVP_INIT_TEST_st evp_init_tests[] = {
+ {
+ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbPlaintext,
+ cfbCiphertext, NULL, 0, sizeof(cfbPlaintext), sizeof(cfbCiphertext),
+ 0, 1, 0, 1
+ },
+ {
+ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultPlaintext,
+ gcmDefaultCiphertext, gcmDefaultTag, sizeof(iGCMDefaultIV),
+ sizeof(gcmDefaultPlaintext), sizeof(gcmDefaultCiphertext),
+ sizeof(gcmDefaultTag), 1, 0, 1
+ },
+ {
+ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbPlaintext,
+ cfbCiphertext, NULL, 0, sizeof(cfbPlaintext), sizeof(cfbCiphertext),
+ 0, 0, 0, 1
+ },
+ {
+ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultPlaintext,
+ gcmDefaultCiphertext, gcmDefaultTag, sizeof(iGCMDefaultIV),
+ sizeof(gcmDefaultPlaintext), sizeof(gcmDefaultCiphertext),
+ sizeof(gcmDefaultTag), 0, 0, 1
+ },
+ {
+ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbCiphertext,
+ cfbPlaintext, NULL, 0, sizeof(cfbCiphertext), sizeof(cfbPlaintext),
+ 0, 1, 1, 0
+ },
+ {
+ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultCiphertext,
+ gcmDefaultPlaintext, gcmDefaultTag, sizeof(iGCMDefaultIV),
+ sizeof(gcmDefaultCiphertext), sizeof(gcmDefaultPlaintext),
+ sizeof(gcmDefaultTag), 1, 1, 0
+ },
+ {
+ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbCiphertext,
+ cfbPlaintext, NULL, 0, sizeof(cfbCiphertext), sizeof(cfbPlaintext),
+ 0, 0, 1, 0
+ },
+ {
+ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultCiphertext,
+ gcmDefaultPlaintext, gcmDefaultTag, sizeof(iGCMDefaultIV),
+ sizeof(gcmDefaultCiphertext), sizeof(gcmDefaultPlaintext),
+ sizeof(gcmDefaultTag), 0, 1, 0
+ }
+};
+
+static int evp_init_seq_set_iv(EVP_CIPHER_CTX *ctx, const EVP_INIT_TEST_st *t)
+{
+ int res = 0;
+
+ if (t->ivlen != 0) {
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen, NULL)))
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, t->iv, -1)))
+ goto err;
+ res = 1;
+ err:
+ return res;
+}
+
+/*
+ * Test step-wise cipher initialization via EVP_CipherInit_ex where the
+ * arguments are given one at a time and a final adjustment to the enc
+ * parameter sets the correct operation.
+ */
+static int test_evp_init_seq(int idx)
+{
+ int outlen1, outlen2;
+ int testresult = 0;
+ unsigned char outbuf[1024];
+ unsigned char tag[16];
+ const EVP_INIT_TEST_st *t = &evp_init_tests[idx];
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *type = NULL;
+ size_t taglen = sizeof(tag);
+ char *errmsg = NULL;
+
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL) {
+ errmsg = "CTX_ALLOC";
+ goto err;
+ }
+ if (!TEST_ptr(type = EVP_get_cipherbyname(t->cipher))) {
+ errmsg = "GET_CIPHERBYNAME";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, t->initenc))) {
+ errmsg = "EMPTY_ENC_INIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))) {
+ errmsg = "PADDING";
+ goto err;
+ }
+ if (t->keyfirst && !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, t->key, NULL, -1))) {
+ errmsg = "KEY_INIT (before iv)";
+ goto err;
+ }
+ if (!evp_init_seq_set_iv(ctx, t)) {
+ errmsg = "IV_INIT";
+ goto err;
+ }
+ if (t->keyfirst == 0 && !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, t->key, NULL, -1))) {
+ errmsg = "KEY_INIT (after iv)";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, t->finalenc))) {
+ errmsg = "FINAL_ENC_INIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) {
+ errmsg = "CIPHER_UPDATE";
+ goto err;
+ }
+ if (t->finalenc == 0 && t->tag != NULL) {
+ /* Set expected tag */
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ t->taglen, (void *)t->tag))) {
+ errmsg = "SET_TAG";
+ goto err;
+ }
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) {
+ errmsg = "WRONG_RESULT";
+ goto err;
+ }
+ if (t->finalenc != 0 && t->tag != NULL) {
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) {
+ errmsg = "GET_TAG";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->tag, t->taglen, tag, taglen)) {
+ errmsg = "TAG_ERROR";
+ goto err;
+ }
+ }
+ testresult = 1;
+ err:
+ if (errmsg != NULL)
+ TEST_info("evp_init_test %d: %s", idx, errmsg);
+ EVP_CIPHER_CTX_free(ctx);
+ return testresult;
+}
+
+typedef struct {
+ const unsigned char *input;
+ const unsigned char *expected;
+ size_t inlen;
+ size_t expectedlen;
+ int enc;
+} EVP_RESET_TEST_st;
+
+static const EVP_RESET_TEST_st evp_reset_tests[] = {
+ {
+ cfbPlaintext, cfbCiphertext,
+ sizeof(cfbPlaintext), sizeof(cfbCiphertext), 1
+ },
+ {
+ cfbCiphertext, cfbPlaintext,
+ sizeof(cfbCiphertext), sizeof(cfbPlaintext), 0
+ }
+};
+
+/*
+ * Test a reset of a cipher via EVP_CipherInit_ex after the cipher has already
+ * been used.
+ */
+static int test_evp_reset(int idx)
+{
+ const EVP_RESET_TEST_st *t = &evp_reset_tests[idx];
+ int outlen1, outlen2;
+ int testresult = 0;
+ unsigned char outbuf[1024];
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *type = NULL;
+ char *errmsg = NULL;
+
+ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) {
+ errmsg = "CTX_ALLOC";
+ goto err;
+ }
+ if (!TEST_ptr(type = EVP_get_cipherbyname("aes-128-cfb"))) {
+ errmsg = "GET_CIPHERBYNAME";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, kCFBDefaultKey, iCFBIV, t->enc))) {
+ errmsg = "CIPHER_INIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))) {
+ errmsg = "PADDING";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) {
+ errmsg = "CIPHER_UPDATE";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) {
+ errmsg = "WRONG_RESULT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1))) {
+ errmsg = "CIPHER_REINIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) {
+ errmsg = "CIPHER_UPDATE (reinit)";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL (reinit)";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) {
+ errmsg = "WRONG_RESULT (reinit)";
+ goto err;
+ }
+ testresult = 1;
+ err:
+ if (errmsg != NULL)
+ TEST_info("test_evp_reset %d: %s", idx, errmsg);
+ EVP_CIPHER_CTX_free(ctx);
+ return testresult;
+}
+
+typedef struct {
+ const unsigned char *iv1;
+ const unsigned char *iv2;
+ const unsigned char *expected1;
+ const unsigned char *expected2;
+ const unsigned char *tag1;
+ const unsigned char *tag2;
+ size_t ivlen1;
+ size_t ivlen2;
+ size_t expectedlen1;
+ size_t expectedlen2;
+} TEST_GCM_IV_REINIT_st;
+
+static const TEST_GCM_IV_REINIT_st gcm_reinit_tests[] = {
+ {
+ iGCMResetIV1, iGCMResetIV2, gcmResetCiphertext1, gcmResetCiphertext2,
+ gcmResetTag1, gcmResetTag2, sizeof(iGCMResetIV1), sizeof(iGCMResetIV2),
+ sizeof(gcmResetCiphertext1), sizeof(gcmResetCiphertext2)
+ },
+ {
+ iGCMResetIV2, iGCMResetIV1, gcmResetCiphertext2, gcmResetCiphertext1,
+ gcmResetTag2, gcmResetTag1, sizeof(iGCMResetIV2), sizeof(iGCMResetIV1),
+ sizeof(gcmResetCiphertext2), sizeof(gcmResetCiphertext1)
+ }
+};
+
+static int test_gcm_reinit(int idx)
+{
+ int outlen1, outlen2, outlen3;
+ int testresult = 0;
+ unsigned char outbuf[1024];
+ unsigned char tag[16];
+ const TEST_GCM_IV_REINIT_st *t = &gcm_reinit_tests[idx];
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *type = NULL;
+ size_t taglen = sizeof(tag);
+ char *errmsg = NULL;
+
+ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) {
+ errmsg = "CTX_ALLOC";
+ goto err;
+ }
+ if (!TEST_ptr(type = EVP_get_cipherbyname("aes-256-gcm"))) {
+ errmsg = "GET_CIPHERBYNAME";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, 1))) {
+ errmsg = "ENC_INIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen1, NULL))) {
+ errmsg = "SET_IVLEN1";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, kGCMResetKey, t->iv1, 1))) {
+ errmsg = "SET_IV1";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, NULL, &outlen3, gcmAAD, sizeof(gcmAAD)))) {
+ errmsg = "AAD1";
+ goto err;
+ }
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, gcmResetPlaintext,
+ sizeof(gcmResetPlaintext)))) {
+ errmsg = "CIPHER_UPDATE1";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL1";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->expected1, t->expectedlen1, outbuf, outlen1 + outlen2)) {
+ errmsg = "WRONG_RESULT1";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) {
+ errmsg = "GET_TAG1";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->tag1, taglen, tag, taglen)) {
+ errmsg = "TAG_ERROR1";
+ goto err;
+ }
+ /* Now reinit */
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen2, NULL))) {
+ errmsg = "SET_IVLEN2";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, t->iv2, -1))) {
+ errmsg = "SET_IV2";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, NULL, &outlen3, gcmAAD, sizeof(gcmAAD)))) {
+ errmsg = "AAD2";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, gcmResetPlaintext,
+ sizeof(gcmResetPlaintext)))) {
+ errmsg = "CIPHER_UPDATE2";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL2";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->expected2, t->expectedlen2, outbuf, outlen1 + outlen2)) {
+ errmsg = "WRONG_RESULT2";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) {
+ errmsg = "GET_TAG2";
+ goto err;
+ }
+ if (!TEST_mem_eq(t->tag2, taglen, tag, taglen)) {
+ errmsg = "TAG_ERROR2";
+ goto err;
+ }
+ testresult = 1;
+ err:
+ if (errmsg != NULL)
+ TEST_info("evp_init_test %d: %s", idx, errmsg);
+ EVP_CIPHER_CTX_free(ctx);
+ return testresult;
+}
+
+typedef struct {
+ const char *cipher;
+ int enc;
+} EVP_UPDATED_IV_TEST_st;
+
+static const EVP_UPDATED_IV_TEST_st evp_updated_iv_tests[] = {
+ {
+ "aes-128-cfb", 1
+ },
+ {
+ "aes-128-cfb", 0
+ },
+ {
+ "aes-128-cfb1", 1
+ },
+ {
+ "aes-128-cfb1", 0
+ },
+ {
+ "aes-128-cfb128", 1
+ },
+ {
+ "aes-128-cfb128", 0
+ },
+ {
+ "aes-128-cfb8", 1
+ },
+ {
+ "aes-128-cfb8", 0
+ },
+ {
+ "aes-128-ofb", 1
+ },
+ {
+ "aes-128-ofb", 0
+ },
+ {
+ "aes-128-ctr", 1
+ },
+ {
+ "aes-128-ctr", 0
+ },
+ {
+ "aes-128-cbc", 1
+ },
+ {
+ "aes-128-cbc", 0
+ }
+};
+
+/*
+ * Test that the IV in the context is updated during a crypto operation for CFB
+ * and OFB.
+ */
+static int test_evp_updated_iv(int idx)
+{
+ const EVP_UPDATED_IV_TEST_st *t = &evp_updated_iv_tests[idx];
+ int outlen1, outlen2;
+ int testresult = 0;
+ unsigned char outbuf[1024];
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *type = NULL;
+ const unsigned char *updated_iv;
+ int iv_len;
+ char *errmsg = NULL;
+
+ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) {
+ errmsg = "CTX_ALLOC";
+ goto err;
+ }
+ if ((type = EVP_get_cipherbyname(t->cipher)) == NULL) {
+ TEST_info("cipher %s not supported, skipping", t->cipher);
+ goto ok;
+ }
+ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, kCFBDefaultKey, iCFBIV, t->enc))) {
+ errmsg = "CIPHER_INIT";
+ goto err;
+ }
+ if (!TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))) {
+ errmsg = "PADDING";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, cfbPlaintext, sizeof(cfbPlaintext)))) {
+ errmsg = "CIPHER_UPDATE";
+ goto err;
+ }
+ if (!TEST_ptr(updated_iv = EVP_CIPHER_CTX_iv(ctx))) {
+ errmsg = "CIPHER_CTX_IV";
+ goto err;
+ }
+ if (!TEST_true(iv_len = EVP_CIPHER_CTX_iv_length(ctx))) {
+ errmsg = "CIPHER_CTX_IV_LEN";
+ goto err;
+ }
+ if (!TEST_mem_ne(iCFBIV, sizeof(iCFBIV), updated_iv, iv_len)) {
+ errmsg = "IV_NOT_UPDATED";
+ goto err;
+ }
+ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) {
+ errmsg = "CIPHER_FINAL";
+ goto err;
+ }
+ ok:
+ testresult = 1;
+ err:
+ if (errmsg != NULL)
+ TEST_info("test_evp_updated_iv %d: %s", idx, errmsg);
+ EVP_CIPHER_CTX_free(ctx);
+ return testresult;
+}
+
static APK_DATA keydata[] = {
{kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
{kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
@@ -818,10 +1396,14 @@ static struct keys_st {
} keys[] = {
{
EVP_PKEY_HMAC, "0123456789", NULL
+#ifndef OPENSSL_NO_POLY1305
}, {
EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
+#endif
+#ifndef OPENSSL_NO_SIPHASH
}, {
EVP_PKEY_SIPHASH, "0123456789012345", NULL
+#endif
},
#ifndef OPENSSL_NO_EC
{
@@ -851,18 +1433,22 @@ static int test_set_get_raw_keys_int(int tst, int pub)
EVP_PKEY *pkey;
/* Check if this algorithm supports public keys */
- if (keys[tst].pub == NULL)
+ if (pub && keys[tst].pub == NULL)
return 1;
memset(buf, 0, sizeof(buf));
if (pub) {
+#ifndef OPENSSL_NO_EC
inlen = strlen(keys[tst].pub);
in = (unsigned char *)keys[tst].pub;
pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
NULL,
in,
inlen);
+#else
+ return 1;
+#endif
} else {
inlen = strlen(keys[tst].priv);
in = (unsigned char *)keys[tst].priv;
@@ -873,6 +1459,7 @@ static int test_set_get_raw_keys_int(int tst, int pub)
}
if (!TEST_ptr(pkey)
+ || !TEST_int_eq(EVP_PKEY_cmp(pkey, pkey), 1)
|| (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
|| (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
|| !TEST_true(len == inlen)
@@ -1251,5 +1838,10 @@ int setup_tests(void)
ADD_TEST(test_EVP_PKEY_set1_DH);
#endif
+ ADD_ALL_TESTS(test_evp_init_seq, OSSL_NELEM(evp_init_tests));
+ ADD_ALL_TESTS(test_evp_reset, OSSL_NELEM(evp_reset_tests));
+ ADD_ALL_TESTS(test_gcm_reinit, OSSL_NELEM(gcm_reinit_tests));
+ ADD_ALL_TESTS(test_evp_updated_iv, OSSL_NELEM(evp_updated_iv_tests));
+
return 1;
}
diff --git a/deps/openssl/openssl/test/recipes/25-test_req.t b/deps/openssl/openssl/test/recipes/25-test_req.t
index 5e1ea308a2..383120c234 100644
--- a/deps/openssl/openssl/test/recipes/25-test_req.t
+++ b/deps/openssl/openssl/test/recipes/25-test_req.t
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -47,7 +47,7 @@ ok(!run(app([@addext_args, "-addext", $val, "-addext", $val3])));
ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3])));
subtest "generating certificate requests with RSA" => sub {
- plan tests => 2;
+ plan tests => 6;
SKIP: {
skip "RSA is not supported by this OpenSSL build", 2
@@ -63,6 +63,29 @@ subtest "generating certificate requests with RSA" => sub {
"-config", srctop_file("test", "test.cnf"),
"-verify", "-in", "testreq.pem", "-noout"])),
"Verifying signature on request");
+
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-new", "-out", "testreq_withattrs_pem.pem", "-utf8",
+ "-key", srctop_file("test", "testrsa_withattrs.pem")])),
+ "Generating request from a key with extra attributes - PEM");
+
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-verify", "-in", "testreq_withattrs_pem.pem", "-noout"])),
+ "Verifying signature on request from a key with extra attributes - PEM");
+
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-new", "-out", "testreq_withattrs_der.pem", "-utf8",
+ "-key", srctop_file("test", "testrsa_withattrs.der"),
+ "-keyform", "DER"])),
+ "Generating request from a key with extra attributes - PEM");
+
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-verify", "-in", "testreq_withattrs_der.pem", "-noout"])),
+ "Verifying signature on request from a key with extra attributes - PEM");
}
};
@@ -165,7 +188,7 @@ run_conversion('req conversions',
run_conversion('req conversions -- testreq2',
srctop_file("test", "testreq2.pem"));
-unlink "testkey.pem", "testreq.pem";
+unlink "testkey.pem", "testreq.pem", "testreq_withattrs_pem.pem", "testreq_withattrs_der.pem";
sub run_conversion {
my $title = shift;
diff --git a/deps/openssl/openssl/test/recipes/25-test_verify.t b/deps/openssl/openssl/test/recipes/25-test_verify.t
index 96b559e5c9..ffa48ed20b 100644
--- a/deps/openssl/openssl/test/recipes/25-test_verify.t
+++ b/deps/openssl/openssl/test/recipes/25-test_verify.t
@@ -396,7 +396,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"]
ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"),
"Public Key Algorithm rsa instead of rsaEncryption");
- ok(verify("ee-self-signed", "sslserver", ["ee-self-signed"], []),
+ok(verify("ee-self-signed", "sslserver", ["ee-self-signed"], [],
+ "-attime", "1593565200"),
"accept trusted self-signed EE cert excluding key usage keyCertSign");
SKIP: {
diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt
index 736e0ce4d3..05baeae72a 100644
--- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt
+++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt
@@ -1,5 +1,5 @@
#
-# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -18444,6 +18444,16 @@ Decrypt = SM2_key1
Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197
Output = "The floofy bunnies hop at midnight"
+# Test with an C1y value < 32 bytes in length (self generated)
+Decrypt = SM2_key1
+Input = 3072022070DAD60CDA7C30D64CF4F278A849003581223F5324BFEC9BB329229BFFAD21A6021F18AFAB2B35459D2643243B242BE4EA80C6FA5071D2D847340CC57EB9309E5D04200B772E4DB664B2601E3B85E39C4AA8C2C1910308BE13B331E009C5A9258C29FD040B6D588BE9260A94DA18E0E6
+Output = "Hello World"
+
+# Test with an C1x and C1y valuey > 32 bytes in length, and longer plaintext (self generated)
+Decrypt = SM2_key1
+Input = 3081DD022100CD49634BBCB21CAFFFA6D33669A5A867231CB2A942A14352EF4CAF6DC3344D54022100C35B41D4DEBB3A2735EFEE821B9EBA566BD86900176A0C06672E30EE5CC04E930420C4190A3D80D86C4BD20E99F7E4B59BF6427C6808793533EEA9591D1188EC56B50473747295470E81D951BED279AC1B86A1AFE388CD2833FA9632799EC199C7D364E5663D5A94888BB2358CFCBF6283184DE0CBC41CCEA91D24746E99D231A1DA77AFD83CDF908190ED628B7369724494568A27C782A1D1D7294BCAD80C34569ED22859896301128A8118F48924D8CCD43E998D9533
+Output = "Some longer plaintext for testing SM2 decryption. Blah blah blah blah blah blah blah blah blah blah blah blah blah."
+
# This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface
# is capable of creating a signature without failing, but it does not say
# anything about the generated signature being valid, nor does it test the
diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
index 98989b4703..1f76bcb8c7 100644
--- a/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
+++ b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -195,17 +195,14 @@ $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 11;
ok(TLSProxy::Message->success(), "Initial connection");
-#Test 2: Attempt a resume with no kex modes extension. Should not resume
+#Test 2: Attempt a resume with no kex modes extension. Should fail (server
+# MUST abort handshake with pre_shared key and no psk_kex_modes)
$proxy->clear();
$proxy->clientflags("-sess_in ".$session);
my $testtype = DELETE_EXTENSION;
$proxy->filter(\&modify_kex_modes_filter);
$proxy->start();
-checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
- checkhandshake::DEFAULT_EXTENSIONS
- | checkhandshake::KEY_SHARE_SRV_EXTENSION
- | checkhandshake::PSK_CLI_EXTENSION,
- "Resume with no kex modes");
+ok(TLSProxy::Message->fail(), "Resume with no kex modes");
#Test 3: Attempt a resume with empty kex modes extension. Should fail (empty
# extension is invalid)
@@ -243,6 +240,7 @@ checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE,
"Resume with non-dhe kex mode");
#Test 6: Attempt a resume with only unrecognised kex modes. Should not resume
+# but rather fall back to full handshake
$proxy->clear();
$proxy->clientflags("-sess_in ".$session);
$testtype = UNKNOWN_KEX_MODES;
@@ -252,7 +250,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
| checkhandshake::PSK_KEX_MODES_EXTENSION
| checkhandshake::KEY_SHARE_SRV_EXTENSION
| checkhandshake::PSK_CLI_EXTENSION,
- "Resume with empty kex modes");
+ "Resume with unrecognized kex mode");
#Test 7: Attempt a resume with both non-dhe and dhe kex mode. Should resume with
# a key_share
diff --git a/deps/openssl/openssl/test/recipes/80-test_ssl_old.t b/deps/openssl/openssl/test/recipes/80-test_ssl_old.t
index 377bf090ba..6f5fdb7669 100644
--- a/deps/openssl/openssl/test/recipes/80-test_ssl_old.t
+++ b/deps/openssl/openssl/test/recipes/80-test_ssl_old.t
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -476,10 +476,10 @@ sub testssl {
subtest 'RSA/(EC)DHE/PSK tests' => sub {
######################################################################
- plan tests => 5;
+ plan tests => 6;
SKIP: {
- skip "TLSv1.0 is not supported by this OpenSSL build", 5
+ skip "TLSv1.0 is not supported by this OpenSSL build", 6
if $no_tls1;
SKIP: {
@@ -514,6 +514,14 @@ sub testssl {
ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK", "-psk", "abc123"])),
'test tls1 with PSK via BIO pair');
}
+
+ SKIP: {
+ skip "skipping auto PSK tests", 1
+ if ($no_dh || $no_psk || $no_ec);
+
+ ok(run(test(['ssltest_old', '-psk', '0102030405', '-cipher', '@SECLEVEL=2:DHE-PSK-AES128-CCM'])),
+ 'test auto DH meets security strength');
+ }
}
};
diff --git a/deps/openssl/openssl/test/rsa_test.c b/deps/openssl/openssl/test/rsa_test.c
index be6db02941..15e8767a2e 100644
--- a/deps/openssl/openssl/test/rsa_test.c
+++ b/deps/openssl/openssl/test/rsa_test.c
@@ -306,7 +306,6 @@ static int test_rsa_oaep(int idx)
int ret = 0;
RSA *key = NULL;
unsigned char ptext[256];
- unsigned char ctext[256];
static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
unsigned char ctext_ex[256];
int plen;
@@ -328,17 +327,17 @@ static int test_rsa_oaep(int idx)
/* Try decrypting corrupted ciphertexts. */
for (n = 0; n < clen; ++n) {
- ctext[n] ^= 1;
- num = RSA_private_decrypt(clen, ctext, ptext, key,
+ ctext_ex[n] ^= 1;
+ num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (!TEST_int_le(num, 0))
goto err;
- ctext[n] ^= 1;
+ ctext_ex[n] ^= 1;
}
/* Test truncated ciphertexts, as well as negative length. */
for (n = -1; n < clen; ++n) {
- num = RSA_private_decrypt(n, ctext, ptext, key,
+ num = RSA_private_decrypt(n, ctext_ex, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (!TEST_int_le(num, 0))
goto err;
diff --git a/deps/openssl/openssl/test/sm2_internal_test.c b/deps/openssl/openssl/test/sm2_internal_test.c
index 2bb73947ff..18b1407c97 100644
--- a/deps/openssl/openssl/test/sm2_internal_test.c
+++ b/deps/openssl/openssl/test/sm2_internal_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -185,7 +185,7 @@ static int test_sm2_crypt(const EC_GROUP *group,
if (!TEST_mem_eq(ctext, ctext_len, expected, ctext_len))
goto done;
- if (!TEST_true(sm2_plaintext_size(key, digest, ctext_len, &ptext_len))
+ if (!TEST_true(sm2_plaintext_size(ctext, ctext_len, &ptext_len))
|| !TEST_int_eq(ptext_len, msg_len))
goto done;
diff --git a/deps/openssl/openssl/test/sslapitest.c b/deps/openssl/openssl/test/sslapitest.c
index f00d5cb074..64082ed4e5 100644
--- a/deps/openssl/openssl/test/sslapitest.c
+++ b/deps/openssl/openssl/test/sslapitest.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -17,6 +17,7 @@
#include <openssl/srp.h>
#include <openssl/txt_db.h>
#include <openssl/aes.h>
+#include <openssl/x509v3.h>
#include "ssltestlib.h"
#include "testutil.h"
@@ -1626,6 +1627,168 @@ static int test_psk_tickets(void)
return testresult;
}
+
+static int test_extra_tickets(int idx)
+{
+ SSL_CTX *sctx = NULL, *cctx = NULL;
+ SSL *serverssl = NULL, *clientssl = NULL;
+ BIO *bretry = BIO_new(bio_s_always_retry());
+ BIO *tmp = NULL;
+ int testresult = 0;
+ int stateful = 0;
+ size_t nbytes;
+ unsigned char c, buf[1];
+
+ new_called = 0;
+ do_cache = 1;
+
+ if (idx >= 3) {
+ idx -= 3;
+ stateful = 1;
+ }
+
+ if (!TEST_ptr(bretry) || !setup_ticket_test(stateful, idx, &sctx, &cctx))
+ goto end;
+ SSL_CTX_sess_set_new_cb(sctx, new_session_cb);
+ /* setup_ticket_test() uses new_cachesession_cb which we don't need. */
+ SSL_CTX_sess_set_new_cb(cctx, new_session_cb);
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
+ &clientssl, NULL, NULL)))
+ goto end;
+
+ /*
+ * Note that we have new_session_cb on both sctx and cctx, so new_called is
+ * incremented by both client and server.
+ */
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE))
+ /* Check we got the number of tickets we were expecting */
+ || !TEST_int_eq(idx * 2, new_called)
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_int_eq(idx * 2, new_called))
+ goto end;
+
+ /* Now try a (real) write to actually send the tickets */
+ c = '1';
+ if (!TEST_true(SSL_write_ex(serverssl, &c, 1, &nbytes))
+ || !TEST_size_t_eq(1, nbytes)
+ || !TEST_int_eq(idx * 2 + 2, new_called)
+ || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(idx * 2 + 4, new_called)
+ || !TEST_int_eq(sizeof(buf), nbytes)
+ || !TEST_int_eq(c, buf[0])
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes)))
+ goto end;
+
+ /* Try with only requesting one new ticket, too */
+ c = '2';
+ new_called = 0;
+ if (!TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_write_ex(serverssl, &c, sizeof(c), &nbytes))
+ || !TEST_size_t_eq(sizeof(c), nbytes)
+ || !TEST_int_eq(1, new_called)
+ || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(2, new_called)
+ || !TEST_size_t_eq(sizeof(buf), nbytes)
+ || !TEST_int_eq(c, buf[0]))
+ goto end;
+
+ /* Do it again but use dummy writes to drive the ticket generation */
+ c = '3';
+ new_called = 0;
+ if (!TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_write_ex(serverssl, &c, 0, &nbytes))
+ || !TEST_size_t_eq(0, nbytes)
+ || !TEST_int_eq(2, new_called)
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(4, new_called))
+ goto end;
+
+ /* Once more, but with SSL_do_handshake() to drive the ticket generation */
+ c = '4';
+ new_called = 0;
+ if (!TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_do_handshake(serverssl))
+ || !TEST_int_eq(2, new_called)
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(4, new_called))
+ goto end;
+
+ /*
+ * Use the always-retry BIO to exercise the logic that forces ticket
+ * generation to wait until a record boundary.
+ */
+ c = '5';
+ new_called = 0;
+ tmp = SSL_get_wbio(serverssl);
+ if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
+ tmp = NULL;
+ goto end;
+ }
+ SSL_set0_wbio(serverssl, bretry);
+ bretry = NULL;
+ if (!TEST_false(SSL_write_ex(serverssl, &c, 1, &nbytes))
+ || !TEST_int_eq(SSL_get_error(serverssl, 0), SSL_ERROR_WANT_WRITE)
+ || !TEST_size_t_eq(nbytes, 0))
+ goto end;
+ /* Restore a BIO that will let the write succeed */
+ SSL_set0_wbio(serverssl, tmp);
+ tmp = NULL;
+ /*
+ * These calls should just queue the request and not send anything
+ * even if we explicitly try to hit the state machine.
+ */
+ if (!TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_int_eq(0, new_called)
+ || !TEST_true(SSL_do_handshake(serverssl))
+ || !TEST_int_eq(0, new_called))
+ goto end;
+ /* Re-do the write; still no tickets sent */
+ if (!TEST_true(SSL_write_ex(serverssl, &c, 1, &nbytes))
+ || !TEST_size_t_eq(1, nbytes)
+ || !TEST_int_eq(0, new_called)
+ || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(0, new_called)
+ || !TEST_int_eq(sizeof(buf), nbytes)
+ || !TEST_int_eq(c, buf[0])
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes)))
+ goto end;
+ /* Even trying to hit the state machine now will still not send tickets */
+ if (!TEST_true(SSL_do_handshake(serverssl))
+ || !TEST_int_eq(0, new_called))
+ goto end;
+ /* Now the *next* write should send the tickets */
+ c = '6';
+ if (!TEST_true(SSL_write_ex(serverssl, &c, 1, &nbytes))
+ || !TEST_size_t_eq(1, nbytes)
+ || !TEST_int_eq(2, new_called)
+ || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(4, new_called)
+ || !TEST_int_eq(sizeof(buf), nbytes)
+ || !TEST_int_eq(c, buf[0])
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes)))
+ goto end;
+
+ SSL_shutdown(clientssl);
+ SSL_shutdown(serverssl);
+ testresult = 1;
+
+ end:
+ BIO_free(bretry);
+ BIO_free(tmp);
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ clientssl = serverssl = NULL;
+ sctx = cctx = NULL;
+ return testresult;
+}
#endif
#define USE_NULL 0
@@ -1826,8 +1989,10 @@ static int execute_test_ssl_bio(int pop_ssl, bio_change_t change_bio)
/* Verify changing the rbio/wbio directly does not cause leaks */
if (change_bio != NO_BIO_CHANGE) {
- if (!TEST_ptr(membio2 = BIO_new(BIO_s_mem())))
+ if (!TEST_ptr(membio2 = BIO_new(BIO_s_mem()))) {
+ ssl = NULL;
goto end;
+ }
if (change_bio == CHANGE_RBIO)
SSL_set0_rbio(ssl, membio2);
else
@@ -6713,6 +6878,118 @@ end:
return testresult;
}
#endif
+/*
+ * Test that setting an ALPN does not violate RFC
+ */
+static int test_set_alpn(void)
+{
+ SSL_CTX *ctx = NULL;
+ SSL *ssl = NULL;
+ int testresult = 0;
+
+ unsigned char bad0[] = { 0x00, 'b', 'a', 'd' };
+ unsigned char good[] = { 0x04, 'g', 'o', 'o', 'd' };
+ unsigned char bad1[] = { 0x01, 'b', 'a', 'd' };
+ unsigned char bad2[] = { 0x03, 'b', 'a', 'd', 0x00};
+ unsigned char bad3[] = { 0x03, 'b', 'a', 'd', 0x01, 'b', 'a', 'd'};
+ unsigned char bad4[] = { 0x03, 'b', 'a', 'd', 0x06, 'b', 'a', 'd'};
+
+ /* Create an initial SSL_CTX with no certificate configured */
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!TEST_ptr(ctx))
+ goto end;
+
+ /* the set_alpn functions return 0 (false) on success, non-zero (true) on failure */
+ if (!TEST_false(SSL_CTX_set_alpn_protos(ctx, NULL, 2)))
+ goto end;
+ if (!TEST_false(SSL_CTX_set_alpn_protos(ctx, good, 0)))
+ goto end;
+ if (!TEST_false(SSL_CTX_set_alpn_protos(ctx, good, sizeof(good))))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, good, 1)))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, bad0, sizeof(bad0))))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, bad1, sizeof(bad1))))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, bad2, sizeof(bad2))))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, bad3, sizeof(bad3))))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_alpn_protos(ctx, bad4, sizeof(bad4))))
+ goto end;
+
+ ssl = SSL_new(ctx);
+ if (!TEST_ptr(ssl))
+ goto end;
+
+ if (!TEST_false(SSL_set_alpn_protos(ssl, NULL, 2)))
+ goto end;
+ if (!TEST_false(SSL_set_alpn_protos(ssl, good, 0)))
+ goto end;
+ if (!TEST_false(SSL_set_alpn_protos(ssl, good, sizeof(good))))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, good, 1)))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, bad0, sizeof(bad0))))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, bad1, sizeof(bad1))))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, bad2, sizeof(bad2))))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, bad3, sizeof(bad3))))
+ goto end;
+ if (!TEST_true(SSL_set_alpn_protos(ssl, bad4, sizeof(bad4))))
+ goto end;
+
+ testresult = 1;
+
+end:
+ SSL_free(ssl);
+ SSL_CTX_free(ctx);
+ return testresult;
+}
+
+static int test_inherit_verify_param(void)
+{
+ int testresult = 0;
+
+ SSL_CTX *ctx = NULL;
+ X509_VERIFY_PARAM *cp = NULL;
+ SSL *ssl = NULL;
+ X509_VERIFY_PARAM *sp = NULL;
+ int hostflags = X509_CHECK_FLAG_NEVER_CHECK_SUBJECT;
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!TEST_ptr(ctx))
+ goto end;
+
+ cp = SSL_CTX_get0_param(ctx);
+ if (!TEST_ptr(cp))
+ goto end;
+ if (!TEST_int_eq(X509_VERIFY_PARAM_get_hostflags(cp), 0))
+ goto end;
+
+ X509_VERIFY_PARAM_set_hostflags(cp, hostflags);
+
+ ssl = SSL_new(ctx);
+ if (!TEST_ptr(ssl))
+ goto end;
+
+ sp = SSL_get0_param(ssl);
+ if (!TEST_ptr(sp))
+ goto end;
+ if (!TEST_int_eq(X509_VERIFY_PARAM_get_hostflags(sp), hostflags))
+ goto end;
+
+ testresult = 1;
+
+ end:
+ SSL_free(ssl);
+ SSL_CTX_free(ctx);
+
+ return testresult;
+}
#ifndef OPENSSL_NO_QUIC
@@ -7115,6 +7392,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_stateful_tickets, 3);
ADD_ALL_TESTS(test_stateless_tickets, 3);
ADD_TEST(test_psk_tickets);
+ ADD_ALL_TESTS(test_extra_tickets, 6);
#endif
ADD_ALL_TESTS(test_ssl_set_bio, TOTAL_SSL_SET_BIO_TESTS);
ADD_TEST(test_ssl_bio_pop_next_bio);
@@ -7193,6 +7471,8 @@ int setup_tests(void)
#ifndef OPENSSL_NO_TLS1_3
ADD_TEST(test_sni_tls13);
#endif
+ ADD_TEST(test_set_alpn);
+ ADD_TEST(test_inherit_verify_param);
#ifndef OPENSSL_NO_QUIC
ADD_ALL_TESTS(test_quic_api, 9);
ADD_ALL_TESTS(test_quic_early_data, 3);
diff --git a/deps/openssl/openssl/test/testrsa_withattrs.der b/deps/openssl/openssl/test/testrsa_withattrs.der
new file mode 100644
index 0000000000..811e1e0bcb
--- /dev/null
+++ b/deps/openssl/openssl/test/testrsa_withattrs.der
Binary files differ
diff --git a/deps/openssl/openssl/test/testrsa_withattrs.pem b/deps/openssl/openssl/test/testrsa_withattrs.pem
new file mode 100644
index 0000000000..42d0a3c51c
--- /dev/null
+++ b/deps/openssl/openssl/test/testrsa_withattrs.pem
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIE+QIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDsh7QWxhftrqng
+RC3Ms+HxH2NFCX1sRoiIV4cYK2z0DQdEiNpFdpHlcs3weTuudcpr8XursodVFMTB
+eHjROhgwO/LT9xReEUiaoHJgfv6KcKcxEvntCjQkzGhkw03OH5VYdtTRAbwpwcYt
+groPiZ2STINpQOmFabzai+K+3rddwTGkkca3C5kY7KOMlnt9IuvmycksRqH6MPKz
+P5QbztlgY95rtra+OEzKLYQ1ux6hkaUlpxT5eGKfzYdccwKJWa0dUXyT/8F6rpTm
+Zbz3BxdKGAWMywaTfh5ywhNmVNTeIumxIRc3+PInn0rqKTaDrWylxiBdb3t27HxQ
+InDZmPwdAgMBAAECggEBAMTRrzN8JxEq1ES/tvStgodoPOyHlwxwLNB3NP0RtZnm
+9XM8BZTjs0egnmlKGDV14riruuMGrcJIg+kR3EcN9m68k7V51kLoUugINuTBCAIe
+96DIT5vFb9pnFT8znRy1/0obp787mF2O1t+r9jNTqgDBFmCRGUBg2jtpR4bYQPEL
+ZjXMDPcsmOlmbBdsyQvjlOHqXjCoUWwOCBEZdtaLzxaOPrBW5Jh2h3Xz1pV3NdZ/
+xufAYRhpJamPNiSipRehBZAeQP2ZAyHj/5x3tgEcA+C04Ki8NvuwJx/6T/lGKD+1
+x3DKsniNi6fEbGlpST/Zp1GY4WyVPcrLa8JxyO+UagECgYEA+gvBBI+LSK5enPXu
+WooEQP17fKzdZG7Cic8TfTPbtBIcXjNQFLHjFoBNk+TBFCjZma7L+fEcKcDm+Bg1
+qa4xihOP6BoQqHXZZNZ+9ZU96MPmI9Zb60CMG9lM1VVhSqrm2n3Q+tefod/a2bQk
+oz8QsdpsUFqVFCF5l+Tb6lp2QN0CgYEA8imPEml6LG35snBY1H6t0ASCHT1oFdHP
+o01WKQas/tuLO+pMfZrA0zLZBExxZuUJloC6COsTcOrlK+hGM60Ab6TgSPbUvYqH
+8yMV7SYLvheEngqIiFExmHg79mxnys3Rgv9KMxAV2Ip2wBrBMwUOaURU9pUKXlIN
+xiaUuevSVEECgYEA0Dbrcs3JUSuKM7AC3DfjlO6/XrFf5hrpOfJKq058m/Uc1EBs
+Zd8/V2RdtVKeiRf/Ix9QUYA6UHaGnn8iaHpaXD0v7zmNN4pzDaojrIKrO+GtCZid
+kEd+pE4N0fO4AYJQnA567/aPwi7zQaflfl6smz1kRoE3dLzvUNHNYtgTcq0CgYAm
+Op1VgMVCwlHK86VyVlVGI5AO4aTO3QJ0ez8A1wb0bOA8Iy7UHVwXe017Oj4kyj+L
+POMhiUrWZp6rIc4DVmpdNaAapKzNB1OS9JT/jSQJbFkJQgxvyLGVqlV8/3wbLgbH
+MVobWYy5VJKOnSqmzUOLJrhq/PhYD4gRIgIUn7/igQKBgQCptqrREOq9fXDEpozC
+39TL4vDrKJWpB1uK6pBEjgEVD/+tcfziVN40j5hnNFDUu/8kxxp9/4w8mPjdJ0CF
+hWIvrXasjnnFehy6IewWCljNH5CfOM64rDoXaF+ESIM4rLBHbQ8KYvaKkMjOcdNB
+JG1sRWVU01AwEhnvxS1zbyBtiqA4MDYGCCqFAwIJAwgBMSoEKBqiSOXm8r5I7hEA
++gglN/s0bbRCnzopEhuEorpcnDXrktVtjQrmMi0=
+-----END PRIVATE KEY-----
diff --git a/deps/openssl/openssl/test/x509_time_test.c b/deps/openssl/openssl/test/x509_time_test.c
index b6fd38a5c5..93a5b07565 100644
--- a/deps/openssl/openssl/test/x509_time_test.c
+++ b/deps/openssl/openssl/test/x509_time_test.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -330,10 +330,12 @@ static int test_x509_time(int idx)
/* if t is not NULL but expected_string is NULL, it is an 'OK' case too */
if (t != NULL && x509_format_tests[idx].expected_string) {
- if (!TEST_str_eq((const char *)t->data,
- x509_format_tests[idx].expected_string)) {
- TEST_info("test_x509_time(%d) failed: expected_string %s, got %s\n",
- idx, x509_format_tests[idx].expected_string, t->data);
+ if (!TEST_mem_eq((const char *)t->data, t->length,
+ x509_format_tests[idx].expected_string,
+ strlen(x509_format_tests[idx].expected_string))) {
+ TEST_info("test_x509_time(%d) failed: expected_string %s, got %.*s\n",
+ idx, x509_format_tests[idx].expected_string, t->length,
+ t->data);
goto out;
}
}
diff --git a/deps/openssl/openssl/util/libssl.num b/deps/openssl/openssl/util/libssl.num
index 7c8f9463ab..e4df4b580f 100644
--- a/deps/openssl/openssl/util/libssl.num
+++ b/deps/openssl/openssl/util/libssl.num
@@ -514,3 +514,4 @@ SSL_set_quic_transport_version 20012 1_1_1i EXIST::FUNCTION:QUIC
SSL_get_peer_quic_transport_version 20013 1_1_1i EXIST::FUNCTION:QUIC
SSL_get_quic_transport_version 20014 1_1_1i EXIST::FUNCTION:QUIC
SSL_set_quic_early_data_enabled 20015 1_1_1j EXIST::FUNCTION:QUIC
+SSL_new_session_ticket 20016 1_1_1k EXIST::FUNCTION:
diff --git a/deps/openssl/openssl/util/mkdir-p.pl b/deps/openssl/openssl/util/mkdir-p.pl
index 328060243f..b02db98f03 100755
--- a/deps/openssl/openssl/util/mkdir-p.pl
+++ b/deps/openssl/openssl/util/mkdir-p.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -34,11 +34,12 @@ sub do_mkdir_p {
}
unless (mkdir($dir, 0777)) {
+ local($err) = $!;
if (-d $dir) {
# We raced against another instance doing the same thing.
return;
}
- die "Cannot create directory $dir: $!\n";
+ die "Cannot create directory $dir: $err\n";
}
print "created directory `$dir'\n";
}