diff -Nru openssl-1.1.1i/apps/ca.c openssl-1.1.1j/apps/ca.c --- openssl-1.1.1i/apps/ca.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/apps/ca.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -2223,62 +2223,51 @@ static int do_updatedb(CA_DB *db) { - ASN1_UTCTIME *a_tm = NULL; + ASN1_TIME *a_tm = NULL; int i, cnt = 0; - int db_y2k, a_y2k; /* flags = 1 if y >= 2000 */ - char **rrow, *a_tm_s; + char **rrow; - a_tm = ASN1_UTCTIME_new(); + a_tm = ASN1_TIME_new(); if (a_tm == NULL) return -1; - /* get actual time and make a string */ + /* get actual time */ if (X509_gmtime_adj(a_tm, 0) == NULL) { - ASN1_UTCTIME_free(a_tm); + ASN1_TIME_free(a_tm); return -1; } - a_tm_s = app_malloc(a_tm->length + 1, "time string"); - - memcpy(a_tm_s, a_tm->data, a_tm->length); - a_tm_s[a_tm->length] = '\0'; - - if (strncmp(a_tm_s, "49", 2) <= 0) - a_y2k = 1; - else - a_y2k = 0; for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { rrow = sk_OPENSSL_PSTRING_value(db->db->data, i); if (rrow[DB_type][0] == DB_TYPE_VAL) { /* ignore entries that are not valid */ - if (strncmp(rrow[DB_exp_date], "49", 2) <= 0) - db_y2k = 1; - else - db_y2k = 0; - - if (db_y2k == a_y2k) { - /* all on the same y2k side */ - if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0) { - rrow[DB_type][0] = DB_TYPE_EXP; - rrow[DB_type][1] = '\0'; - cnt++; + ASN1_TIME *exp_date = NULL; - BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]); - } - } else if (db_y2k < a_y2k) { + exp_date = ASN1_TIME_new(); + if (exp_date == NULL) { + ASN1_TIME_free(a_tm); + return -1; + } + + if (!ASN1_TIME_set_string(exp_date, rrow[DB_exp_date])) { + ASN1_TIME_free(a_tm); + ASN1_TIME_free(exp_date); + return -1; + } + + if (ASN1_TIME_compare(exp_date, a_tm) <= 0) { rrow[DB_type][0] = DB_TYPE_EXP; rrow[DB_type][1] = '\0'; cnt++; BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]); } - + ASN1_TIME_free(exp_date); } } - ASN1_UTCTIME_free(a_tm); - OPENSSL_free(a_tm_s); + ASN1_TIME_free(a_tm); return cnt; } diff -Nru openssl-1.1.1i/AUTHORS openssl-1.1.1j/AUTHORS --- openssl-1.1.1i/AUTHORS 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/AUTHORS 2021-02-16 15:24:01.000000000 +0000 @@ -13,6 +13,8 @@ Bernd Edlinger Bodo Möller David Benjamin +David von Oheimb +Dmitry Belyavskiy (Дмитрий Белявский) Emilia Käsper Eric Young Geoff Thorpe @@ -22,14 +24,19 @@ Mark J. Cox Matt Caswell Matthias St. Pierre +Nicola Tuveri Nils Larsch +Patrick Steuer Paul Dale Paul C. Sutton +Paul Yang Ralf S. Engelschall Rich Salz Richard Levitte +Shane Lontis Stephen Henson Steve Marquess Tim Hudson +Tomáš Mráz Ulf Möller Viktor Dukhovni diff -Nru openssl-1.1.1i/CHANGES openssl-1.1.1j/CHANGES --- openssl-1.1.1i/CHANGES 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/CHANGES 2021-02-16 15:24:01.000000000 +0000 @@ -7,6 +7,43 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1i and 1.1.1j [16 Feb 2021] + + *) Fixed the X509_issuer_and_serial_hash() function. It attempts to + create a unique hash value based on the issuer and serial number data + contained within an X509 certificate. However it was failing to correctly + handle any errors that may occur while parsing the issuer field (which might + occur if the issuer field is maliciously constructed). This may subsequently + result in a NULL pointer deref and a crash leading to a potential denial of + service attack. + (CVE-2021-23841) + [Matt Caswell] + + *) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING + padding mode to correctly check for rollback attacks. This is considered a + bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is + CVE-2021-23839. + [Matt Caswell] + + *) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate + functions. Previously they could overflow the output length argument in some + cases where the input length is close to the maximum permissable length for + an integer on the platform. In such cases the return value from the function + call would be 1 (indicating success), but the output length value would be + negative. This could cause applications to behave incorrectly or crash. + (CVE-2021-23840) + [Matt Caswell] + + *) Fixed SRP_Calc_client_key so that it runs in constant time. The previous + implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This + could be exploited in a side channel attack to recover the password. Since + the attack is local host only this is outside of the current OpenSSL + threat model and therefore no CVE is assigned. + + Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this + issue. + [Matt Caswell] + Changes between 1.1.1h and 1.1.1i [8 Dec 2020] *) Fixed NULL pointer deref in the GENERAL_NAME_cmp function diff -Nru openssl-1.1.1i/Configurations/10-main.conf openssl-1.1.1j/Configurations/10-main.conf --- openssl-1.1.1i/Configurations/10-main.conf 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/Configurations/10-main.conf 2021-02-16 15:24:01.000000000 +0000 @@ -663,6 +663,7 @@ "linux-ppc" => { inherit_from => [ "linux-generic32", asm("ppc32_asm") ], perlasm_scheme => "linux32", + lib_cppflags => add("-DB_ENDIAN"), }, "linux-ppc64" => { inherit_from => [ "linux-generic64", asm("ppc64_asm") ], diff -Nru openssl-1.1.1i/Configurations/descrip.mms.tmpl openssl-1.1.1j/Configurations/descrip.mms.tmpl --- openssl-1.1.1i/Configurations/descrip.mms.tmpl 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/Configurations/descrip.mms.tmpl 2021-02-16 15:24:01.000000000 +0000 @@ -377,8 +377,13 @@ $(NODEBUG) ! $(NODEBUG) ! Installation logical names $(NODEBUG) ! - $(NODEBUG) installtop = F$PARSE(staging_instdir,"$(INSTALLTOP)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + ".]" - $(NODEBUG) datatop = F$PARSE(staging_datadir,"$(OPENSSLDIR)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + ".]" + $(NODEBUG) ! This also creates a few DCL variables that are used for + $(NODEBUG) ! the "install_msg" target. + $(NODEBUG) ! + $(NODEBUG) installroot = F$PARSE(staging_instdir,"$(INSTALLTOP)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + $(NODEBUG) installtop = installroot + ".]" + $(NODEBUG) dataroot = F$PARSE(staging_datadir,"$(OPENSSLDIR)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + $(NODEBUG) datatop = dataroot + ".]" $(NODEBUG) DEFINE ossl_installroot 'installtop' $(NODEBUG) DEFINE ossl_dataroot 'datatop' $(NODEBUG) ! @@ -455,30 +460,19 @@ @ WRITE SYS$OUTPUT "Tests are not supported with your chosen Configure options" @ ! {- output_on() if !$disabled{tests}; "" -} -install : install_sw install_ssldirs install_docs +install : install_sw install_ssldirs install_docs install_msg + @ ! + +install_msg : @ WRITE SYS$OUTPUT "" @ WRITE SYS$OUTPUT "######################################################################" @ WRITE SYS$OUTPUT "" @ IF "$(DESTDIR)" .EQS. "" THEN - - PIPE ( WRITE SYS$OUTPUT "Installation complete" ; - - WRITE SYS$OUTPUT "" ; - - WRITE SYS$OUTPUT "Run @$(SYSTARTUP)openssl_startup{- $osslver -} to set up logical names" ; - - WRITE SYS$OUTPUT "then run @$(SYSTARTUP)openssl_utils{- $osslver -} to define commands" ; - - WRITE SYS$OUTPUT "" ) + @{- sourcefile("VMS", "msg_install.com") -} "$(SYSTARTUP)" "{- $osslver -}" @ IF "$(DESTDIR)" .NES. "" THEN - - PIPE ( WRITE SYS$OUTPUT "Staging installation complete" ; - - WRITE SYS$OUTPUT "" ; - - WRITE SYS$OUTPUT "Finish or package in such a way that the contents of the directory tree" ; - - WRITE SYS$OUTPUT staging_instdir ; - - WRITE SYS$OUTPUT "ends up in $(INSTALLTOP)," ; - - WRITE SYS$OUTPUT "and that the contents of the contents of the directory tree" ; - - WRITE SYS$OUTPUT staging_datadir ; - - WRITE SYS$OUTPUT "ends up in $(OPENSSLDIR)" ; - - WRITE SYS$OUTPUT "" ; - - WRITE SYS$OUTPUT "When in its final destination," ; - - WRITE SYS$OUTPUT "Run @$(SYSTARTUP)openssl_startup{- $osslver -} to set up logical names" ; - - WRITE SYS$OUTPUT "then run @$(SYSTARTUP)openssl_utils{- $osslver -} to define commands" ; - - WRITE SYS$OUTPUT "" ) + @{- sourcefile("VMS", "msg_staging.com") -} - + "''installroot']" "''dataroot']" "$(INSTALLTOP)" "$(OPENSSLDIR)" - + "$(SYSTARTUP)" "{- $osslver -}" check_install : spawn/nolog @ossl_installroot:[SYSTEST]openssl_ivp{- $osslver -}.com diff -Nru openssl-1.1.1i/Configure openssl-1.1.1j/Configure --- openssl-1.1.1i/Configure 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/Configure 2021-02-16 15:24:01.000000000 +0000 @@ -1,6 +1,6 @@ #! /usr/bin/env perl # -*- mode: perl; -*- -# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -1201,6 +1201,10 @@ # At this point, we can forget everything about %user and %useradd, # because it's now all been merged into the corresponding $config entry +if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) { + disable('static', 'pic', 'threads'); +} + # Allow overriding the build file name $config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile"; @@ -1521,10 +1525,6 @@ } } -if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) { - disable('static', 'pic', 'threads'); -} - $config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings' ? @strict_warnings_collection : ( $_ ) } @@ -2611,19 +2611,22 @@ } print "\nEnabled features:\n\n"; foreach my $what (@disablables) { - print " $what\n" unless $disabled{$what}; + print " $what\n" + unless grep { $_ =~ /^${what}$/ } keys %disabled; } print "\nDisabled features:\n\n"; foreach my $what (@disablables) { - if ($disabled{$what}) { - print " $what", ' ' x ($longest - length($what) + 1), - "[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1); - print $disabled_info{$what}->{macro} - if $disabled_info{$what}->{macro}; + my @what2 = grep { $_ =~ /^${what}$/ } keys %disabled; + my $what3 = $what2[0]; + if ($what3) { + print " $what3", ' ' x ($longest - length($what3) + 1), + "[$disabled{$what3}]", ' ' x ($longest2 - length($disabled{$what3}) + 1); + print $disabled_info{$what3}->{macro} + if $disabled_info{$what3}->{macro}; print ' (skip ', - join(', ', @{$disabled_info{$what}->{skipped}}), + join(', ', @{$disabled_info{$what3}->{skipped}}), ')' - if $disabled_info{$what}->{skipped}; + if $disabled_info{$what3}->{skipped}; print "\n"; } } diff -Nru openssl-1.1.1i/CONTRIBUTING openssl-1.1.1j/CONTRIBUTING --- openssl-1.1.1i/CONTRIBUTING 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/CONTRIBUTING 2021-02-16 15:24:01.000000000 +0000 @@ -41,8 +41,8 @@ https://www.openssl.org/policies/codingstyle.html) and compile without warnings. Where gcc or clang is available you should use the --strict-warnings Configure option. OpenSSL compiles on many varied - platforms: try to ensure you only use portable features. Clean builds - via Travis and AppVeyor are required, and they are started automatically + platforms: try to ensure you only use portable features. Clean builds via + GitHub Actions and AppVeyor are required, and they are started automatically whenever a PR is created or updated. 5. When at all possible, patches should include tests. These can diff -Nru openssl-1.1.1i/crypto/armcap.c openssl-1.1.1j/crypto/armcap.c --- openssl-1.1.1i/crypto/armcap.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/armcap.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -69,6 +69,23 @@ # define OSSL_IMPLEMENT_GETAUXVAL # endif # endif +# if defined(__FreeBSD__) +# include +# if __FreeBSD_version >= 1200000 +# include +# define OSSL_IMPLEMENT_GETAUXVAL + +static unsigned long getauxval(unsigned long key) +{ + unsigned long val = 0ul; + + if (elf_aux_info((int)key, &val, sizeof(val)) != 0) + return 0ul; + + return val; +} +# endif +# endif /* * ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas diff -Nru openssl-1.1.1i/crypto/asn1/charmap.h openssl-1.1.1j/crypto/asn1/charmap.h --- openssl-1.1.1i/crypto/asn1/charmap.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/asn1/charmap.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/asn1/charmap.pl * - * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/crypto/bn/bn_prime.h openssl-1.1.1j/crypto/bn/bn_prime.h --- openssl-1.1.1i/crypto/bn/bn_prime.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/bn/bn_prime.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/bn/bn_prime.pl * - * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/crypto/conf/conf_def.c openssl-1.1.1j/crypto/conf/conf_def.c --- openssl-1.1.1i/crypto/conf/conf_def.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/conf/conf_def.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -185,6 +185,7 @@ BUF_MEM *buff = NULL; char *s, *p, *end; int again; + int first_call = 1; long eline = 0; char btmp[DECIMAL_SIZE(eline) + 1]; CONF_VALUE *v = NULL, *tv; @@ -233,6 +234,19 @@ BIO_gets(in, p, CONFBUFSIZE - 1); p[CONFBUFSIZE - 1] = '\0'; ii = i = strlen(p); + if (first_call) { + /* Other BOMs imply unsupported multibyte encoding, + * so don't strip them and let the error raise */ + const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF}; + + if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) { + memmove(p, p + 3, i - 3); + p[i - 3] = 0; + i -= 3; + ii -= 3; + } + first_call = 0; + } if (i == 0 && !again) { /* the currently processed BIO is at EOF */ BIO *parent; diff -Nru openssl-1.1.1i/crypto/conf/conf_def.h openssl-1.1.1j/crypto/conf/conf_def.h --- openssl-1.1.1i/crypto/conf/conf_def.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/conf/conf_def.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/conf/keysets.pl * - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff -Nru openssl-1.1.1i/crypto/dh/dh_key.c openssl-1.1.1j/crypto/dh/dh_key.c --- openssl-1.1.1i/crypto/dh/dh_key.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/dh/dh_key.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,18 +25,45 @@ return dh->meth->generate_key(dh); } +/*- + * NB: This function is inherently not constant time due to the + * RFC 5246 (8.1.2) padding style that strips leading zero bytes. + */ int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { - return dh->meth->compute_key(key, pub_key, dh); + int ret = 0, i; + volatile size_t npad = 0, mask = 1; + + /* compute the key; ret is constant unless compute_key is external */ + if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0) + return ret; + + /* count leading zero bytes, yet still touch all bytes */ + for (i = 0; i < ret; i++) { + mask &= !key[i]; + npad += mask; + } + + /* unpad key */ + ret -= npad; + /* key-dependent memory access, potentially leaking npad / ret */ + memmove(key, key + npad, ret); + /* key-dependent memory access, potentially leaking npad / ret */ + memset(key + ret, 0, npad); + + return ret; } int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh) { int rv, pad; + + /* rv is constant unless compute_key is external */ rv = dh->meth->compute_key(key, pub_key, dh); if (rv <= 0) return rv; pad = BN_num_bytes(dh->p) - rv; + /* pad is constant (zero) unless compute_key is external */ if (pad > 0) { memmove(key + pad, key, rv); memset(key, 0, pad); @@ -212,7 +239,7 @@ goto err; } - ret = BN_bn2bin(tmp, key); + ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p)); err: BN_CTX_end(ctx); BN_CTX_free(ctx); diff -Nru openssl-1.1.1i/crypto/err/openssl.txt openssl-1.1.1j/crypto/err/openssl.txt --- openssl-1.1.1i/crypto/err/openssl.txt 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/err/openssl.txt 2021-02-16 15:24:01.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -2283,6 +2283,7 @@ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ operation not supported for this keytype EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized +EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers EVP_R_PBKDF2_ERROR:181:pbkdf2 error EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ diff -Nru openssl-1.1.1i/crypto/evp/evp_enc.c openssl-1.1.1j/crypto/evp/evp_enc.c --- openssl-1.1.1i/crypto/evp/evp_enc.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/evp/evp_enc.c 2021-02-16 15:24:01.000000000 +0000 @@ -8,6 +8,7 @@ */ #include +#include #include #include "internal/cryptlib.h" #include @@ -355,6 +356,19 @@ return 1; } else { j = bl - i; + + /* + * Once we've processed the first j bytes from in, the amount of + * data left that is a multiple of the block length is: + * (inl - j) & ~(bl - 1) + * We must ensure that this amount of data, plus the one block that + * we process from ctx->buf does not exceed INT_MAX + */ + if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) { + EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE, + EVP_R_OUTPUT_WOULD_OVERFLOW); + return 0; + } memcpy(&(ctx->buf[i]), in, j); inl -= j; in += j; @@ -502,6 +516,19 @@ EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); return 0; } + /* + * final_used is only ever set if buf_len is 0. Therefore the maximum + * length output we will ever see from evp_EncryptDecryptUpdate is + * the maximum multiple of the block length that is <= inl, or just: + * inl & ~(b - 1) + * Since final_used has been set then the final output length is: + * (inl & ~(b - 1)) + b + * This must never exceed INT_MAX + */ + if ((inl & ~(b - 1)) > INT_MAX - b) { + EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW); + return 0; + } memcpy(out, ctx->final, b); out += b; fix_len = 1; diff -Nru openssl-1.1.1i/crypto/evp/evp_err.c openssl-1.1.1j/crypto/evp/evp_err.c --- openssl-1.1.1i/crypto/evp/evp_err.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/evp/evp_err.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -239,6 +239,8 @@ "operation not supported for this keytype"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW), + "output would overflow"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, diff -Nru openssl-1.1.1i/crypto/mem_sec.c openssl-1.1.1j/crypto/mem_sec.c --- openssl-1.1.1i/crypto/mem_sec.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/mem_sec.c 2021-02-16 15:24:01.000000000 +0000 @@ -34,6 +34,12 @@ # include # endif # endif +# if defined(__FreeBSD__) +# define MADV_DONTDUMP MADV_NOCORE +# endif +# if !defined(MAP_CONCEAL) +# define MAP_CONCEAL 0 +# endif # include # include # include @@ -442,7 +448,7 @@ if (1) { #ifdef MAP_ANON sh.map_result = mmap(NULL, sh.map_size, - PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0); + PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0); } else { #endif int fd; diff -Nru openssl-1.1.1i/crypto/objects/obj_dat.h openssl-1.1.1j/crypto/objects/obj_dat.h --- openssl-1.1.1i/crypto/objects/obj_dat.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/objects/obj_dat.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff -Nru openssl-1.1.1i/crypto/objects/obj_xref.h openssl-1.1.1j/crypto/objects/obj_xref.h --- openssl-1.1.1i/crypto/objects/obj_xref.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/objects/obj_xref.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by objxref.pl * - * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv4.pl openssl-1.1.1j/crypto/poly1305/asm/poly1305-armv4.pl --- openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv4.pl 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/poly1305/asm/poly1305-armv4.pl 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -133,10 +133,10 @@ # ifdef __thumb2__ itete eq # endif - addeq r12,r11,#(poly1305_emit-.Lpoly1305_init) - addne r12,r11,#(poly1305_emit_neon-.Lpoly1305_init) - addeq r11,r11,#(poly1305_blocks-.Lpoly1305_init) - addne r11,r11,#(poly1305_blocks_neon-.Lpoly1305_init) + addeq r12,r11,#(.Lpoly1305_emit-.Lpoly1305_init) + addne r12,r11,#(.Lpoly1305_emit_neon-.Lpoly1305_init) + addeq r11,r11,#(.Lpoly1305_blocks-.Lpoly1305_init) + addne r11,r11,#(.Lpoly1305_blocks_neon-.Lpoly1305_init) # endif # ifdef __thumb2__ orr r12,r12,#1 @ thumb-ify address @@ -352,6 +352,7 @@ .type poly1305_emit,%function .align 5 poly1305_emit: +.Lpoly1305_emit: stmdb sp!,{r4-r11} .Lpoly1305_emit_enter: @@ -671,6 +672,7 @@ .type poly1305_blocks_neon,%function .align 5 poly1305_blocks_neon: +.Lpoly1305_blocks_neon: ldr ip,[$ctx,#36] @ is_base2_26 ands $len,$len,#-16 beq .Lno_data_neon @@ -1157,6 +1159,7 @@ .type poly1305_emit_neon,%function .align 5 poly1305_emit_neon: +.Lpoly1305_emit_neon: ldr ip,[$ctx,#36] @ is_base2_26 stmdb sp!,{r4-r11} diff -Nru openssl-1.1.1i/crypto/ppccap.c openssl-1.1.1j/crypto/ppccap.c --- openssl-1.1.1i/crypto/ppccap.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/ppccap.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -214,6 +214,24 @@ # endif #endif +#if defined(__FreeBSD__) +# include +# if __FreeBSD_version >= 1200000 +# include +# define OSSL_IMPLEMENT_GETAUXVAL + +static unsigned long getauxval(unsigned long key) +{ + unsigned long val = 0ul; + + if (elf_aux_info((int)key, &val, sizeof(val)) != 0) + return 0ul; + + return val; +} +# endif +#endif + /* I wish was universally available */ #define HWCAP 16 /* AT_HWCAP */ #define HWCAP_PPC64 (1U << 30) diff -Nru openssl-1.1.1i/crypto/rsa/rsa_ssl.c openssl-1.1.1j/crypto/rsa/rsa_ssl.c --- openssl-1.1.1i/crypto/rsa/rsa_ssl.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/rsa/rsa_ssl.c 2021-02-16 15:24:01.000000000 +0000 @@ -55,7 +55,7 @@ /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -122,7 +122,13 @@ RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_ge(threes_in_row, 8); + /* + * Reject if nul delimiter is preceded by 8 consecutive 0x03 bytes. Note + * that RFC5246 incorrectly states this the other way around, i.e. reject + * if it is not preceded by 8 consecutive 0x03 bytes. However this is + * corrected in subsequent errata for that RFC. + */ + good &= constant_time_lt(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; diff -Nru openssl-1.1.1i/crypto/srp/srp_lib.c openssl-1.1.1j/crypto/srp/srp_lib.c --- openssl-1.1.1i/crypto/srp/srp_lib.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/srp/srp_lib.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2004, EdelKey Project. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use @@ -177,6 +177,7 @@ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u) { BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL; + BIGNUM *xtmp = NULL; BN_CTX *bn_ctx; if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL @@ -185,10 +186,13 @@ if ((tmp = BN_new()) == NULL || (tmp2 = BN_new()) == NULL || - (tmp3 = BN_new()) == NULL) + (tmp3 = BN_new()) == NULL || + (xtmp = BN_new()) == NULL) goto err; - if (!BN_mod_exp(tmp, g, x, N, bn_ctx)) + BN_with_flags(xtmp, x, BN_FLG_CONSTTIME); + BN_set_flags(tmp, BN_FLG_CONSTTIME); + if (!BN_mod_exp(tmp, g, xtmp, N, bn_ctx)) goto err; if ((k = srp_Calc_k(N, g)) == NULL) goto err; @@ -196,7 +200,7 @@ goto err; if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx)) goto err; - if (!BN_mul(tmp3, u, x, bn_ctx)) + if (!BN_mul(tmp3, u, xtmp, bn_ctx)) goto err; if (!BN_add(tmp2, a, tmp3)) goto err; @@ -208,6 +212,7 @@ err: BN_CTX_free(bn_ctx); + BN_free(xtmp); BN_clear_free(tmp); BN_clear_free(tmp2); BN_clear_free(tmp3); diff -Nru openssl-1.1.1i/crypto/x509/x509_cmp.c openssl-1.1.1j/crypto/x509/x509_cmp.c --- openssl-1.1.1i/crypto/x509/x509_cmp.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/x509/x509_cmp.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -39,6 +39,8 @@ if (ctx == NULL) goto err; f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); + if (f == NULL) + goto err; if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) goto err; if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f))) @@ -133,19 +135,21 @@ */ int X509_cmp(const X509 *a, const X509 *b) { - int rv; + int rv = 0; if (a == b) /* for efficiency */ return 0; - /* ensure hash is valid */ - if (X509_check_purpose((X509 *)a, -1, 0) != 1) - return -2; - if (X509_check_purpose((X509 *)b, -1, 0) != 1) - return -2; - rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); - if (rv) + /* try to make sure hash is valid */ + (void)X509_check_purpose((X509 *)a, -1, 0); + (void)X509_check_purpose((X509 *)b, -1, 0); + + if ((a->ex_flags & EXFLAG_NO_FINGERPRINT) == 0 + && (b->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) + rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); + if (rv != 0) return rv; + /* Check for match against stored encoding too */ if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) { if (a->cert_info.enc.len < b->cert_info.enc.len) diff -Nru openssl-1.1.1i/crypto/x509/x509_vfy.c openssl-1.1.1j/crypto/x509/x509_vfy.c --- openssl-1.1.1i/crypto/x509/x509_vfy.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/x509/x509_vfy.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -323,9 +323,10 @@ } /* - * Find in given STACK_OF(X509) sk a non-expired issuer cert (if any) of given cert x. - * The issuer must not be the same as x and must not yet be in ctx->chain, where the - * exceptional case x is self-issued and ctx->chain has just one element is allowed. + * Find in given STACK_OF(X509) sk an issuer cert of given cert x. + * The issuer must not yet be in ctx->chain, where the exceptional case + * that x is self-issued and ctx->chain has just one element is allowed. + * Prefer the first one that is not expired, else take the last expired one. */ static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) { @@ -334,11 +335,7 @@ for (i = 0; i < sk_X509_num(sk); i++) { issuer = sk_X509_value(sk, i); - /* - * Below check 'issuer != x' is an optimization and safety precaution: - * Candidate issuer cert cannot be the same as the subject cert 'x'. - */ - if (issuer != x && ctx->check_issued(ctx, x, issuer) + if (ctx->check_issued(ctx, x, issuer) && (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1) || !sk_X509_contains(ctx->chain, issuer))) { rv = issuer; diff -Nru openssl-1.1.1i/crypto/x509/x_all.c openssl-1.1.1j/crypto/x509/x_all.c --- openssl-1.1.1i/crypto/x509/x_all.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/x509/x_all.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -363,7 +363,7 @@ unsigned int *len) { if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0 - && (data->ex_flags & EXFLAG_INVALID) == 0) { + && (data->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) { /* Asking for SHA1 and we already computed it. */ if (len != NULL) *len = sizeof(data->sha1_hash); diff -Nru openssl-1.1.1i/crypto/x509/x_attrib.c openssl-1.1.1j/crypto/x509/x_attrib.c --- openssl-1.1.1i/crypto/x509/x_attrib.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/x509/x_attrib.c 2021-02-16 15:24:01.000000000 +0000 @@ -37,10 +37,13 @@ { X509_ATTRIBUTE *ret = NULL; ASN1_TYPE *val = NULL; + ASN1_OBJECT *oid; + if ((oid = OBJ_nid2obj(nid)) == NULL) + return NULL; if ((ret = X509_ATTRIBUTE_new()) == NULL) return NULL; - ret->object = OBJ_nid2obj(nid); + ret->object = oid; if ((val = ASN1_TYPE_new()) == NULL) goto err; if (!sk_ASN1_TYPE_push(ret->set, val)) diff -Nru openssl-1.1.1i/crypto/x509v3/v3_purp.c openssl-1.1.1j/crypto/x509v3/v3_purp.c --- openssl-1.1.1i/crypto/x509v3/v3_purp.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/crypto/x509v3/v3_purp.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -348,14 +348,17 @@ /* Check that issuer public key algorithm matches subject signature algorithm */ static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject) { - int pkey_nid; + int pkey_sig_nid, subj_sig_nid; if (pkey == NULL) return X509_V_ERR_NO_ISSUER_PUBLIC_KEY; + if (OBJ_find_sigid_algs(EVP_PKEY_base_id(pkey), + NULL, &pkey_sig_nid) == 0) + pkey_sig_nid = EVP_PKEY_base_id(pkey); if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm), - NULL, &pkey_nid) == 0) + NULL, &subj_sig_nid) == 0) return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM; - if (EVP_PKEY_type(pkey_nid) != EVP_PKEY_base_id(pkey)) + if (pkey_sig_nid != EVP_PKEY_type(subj_sig_nid)) return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH; return X509_V_OK; } @@ -391,7 +394,8 @@ } if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) - x->ex_flags |= EXFLAG_INVALID; + x->ex_flags |= (EXFLAG_NO_FINGERPRINT | EXFLAG_INVALID); + /* V1 should mean no extensions ... */ if (!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; diff -Nru openssl-1.1.1i/debian/changelog openssl-1.1.1j/debian/changelog --- openssl-1.1.1i/debian/changelog 2021-02-22 09:35:47.000000000 +0000 +++ openssl-1.1.1j/debian/changelog 2021-02-23 22:01:12.000000000 +0000 @@ -1,3 +1,41 @@ +openssl (1.1.1j-1ubuntu1) hirsute; urgency=medium + + * Merge from Debian unstable. Remaining changes: + - Replace duplicate files in the doc directory with symlinks. + - debian/libssl1.1.postinst: + + Display a system restart required notification on libssl1.1 + upgrade on servers, unless needrestart is available. + + Use a different priority for libssl1.1/restart-services depending + on whether a desktop, or server dist-upgrade is being performed. + + Skip services restart & reboot notification if needrestart is in-use. + + Bump version check to to 1.1.1. + + Import libraries/restart-without-asking template as used by above. + - Revert "Enable system default config to enforce TLS1.2 as a + minimum" & "Increase default security level from 1 to 2". + - Reword the NEWS entry, as applicable on Ubuntu. + - Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20 + and ECC from master. + - Use perl:native in the autopkgtest for installability on i386. + - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security + level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions + below 1.2 and update documentation. Previous default of 1, can be set + by calling SSL_CTX_set_security_level(), SSL_set_security_level() or + using ':@SECLEVEL=1' CipherString value in openssl.cfg. + - Import https://github.com/openssl/openssl/pull/12272.patch to enable + CET. + * Add support for building with noudeb build profile. + + -- Dimitri John Ledkov Tue, 23 Feb 2021 22:01:12 +0000 + +openssl (1.1.1j-1) unstable; urgency=medium + + * New upstream version. + - CVE-2021-23841 (NULL pointer deref in X509_issuer_and_serial_hash()). + - CVE-2021-23840 (Possible overflow of the output length argument in + EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()). + + -- Sebastian Andrzej Siewior Tue, 16 Feb 2021 20:50:01 +0100 + openssl (1.1.1i-3ubuntu2) hirsute; urgency=medium * No-change rebuild to drop the udeb package. diff -Nru openssl-1.1.1i/debian/control openssl-1.1.1j/debian/control --- openssl-1.1.1i/debian/control 2021-02-08 10:57:59.000000000 +0000 +++ openssl-1.1.1j/debian/control 2021-02-23 22:01:12.000000000 +0000 @@ -46,6 +46,7 @@ Package: libcrypto1.1-udeb Package-Type: udeb +Build-Profiles: Section: debian-installer Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} @@ -59,6 +60,7 @@ Package: libssl1.1-udeb Package-Type: udeb +Build-Profiles: Section: debian-installer Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} diff -Nru openssl-1.1.1i/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch openssl-1.1.1j/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch --- openssl-1.1.1i/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch 2021-01-30 13:02:15.000000000 +0000 +++ openssl-1.1.1j/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,244 +0,0 @@ -From: "Dr. David von Oheimb" -Date: Tue, 26 Jan 2021 11:53:15 +0100 -Subject: check_sig_alg_match(): weaken sig nid comparison to base alg - -This (re-)allows RSA-PSS signers - -Fixes #13931 - -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/13982) ---- - crypto/x509v3/v3_purp.c | 9 ++++++--- - test/certs/ca-pss-cert.pem | 21 +++++++++++++++++++++ - test/certs/ca-pss-key.pem | 28 ++++++++++++++++++++++++++++ - test/certs/ee-pss-cert.pem | 21 +++++++++++++++++++++ - test/certs/mkcert.sh | 22 +++++++++++++++++----- - test/certs/setup.sh | 13 +++++++++---- - test/recipes/25-test_verify.t | 5 ++++- - 7 files changed, 106 insertions(+), 13 deletions(-) - create mode 100644 test/certs/ca-pss-cert.pem - create mode 100644 test/certs/ca-pss-key.pem - create mode 100644 test/certs/ee-pss-cert.pem - -diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c -index 93b5ca4d4283..3f5ce5c91c5d 100644 ---- a/crypto/x509v3/v3_purp.c -+++ b/crypto/x509v3/v3_purp.c -@@ -348,14 +348,17 @@ static int setup_crldp(X509 *x) - /* Check that issuer public key algorithm matches subject signature algorithm */ - static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject) - { -- int pkey_nid; -+ int pkey_sig_nid, subj_sig_nid; - - if (pkey == NULL) - return X509_V_ERR_NO_ISSUER_PUBLIC_KEY; -+ if (OBJ_find_sigid_algs(EVP_PKEY_base_id(pkey), -+ NULL, &pkey_sig_nid) == 0) -+ pkey_sig_nid = EVP_PKEY_base_id(pkey); - if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm), -- NULL, &pkey_nid) == 0) -+ NULL, &subj_sig_nid) == 0) - return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM; -- if (EVP_PKEY_type(pkey_nid) != EVP_PKEY_base_id(pkey)) -+ if (pkey_sig_nid != EVP_PKEY_type(subj_sig_nid)) - return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH; - return X509_V_OK; - } -diff --git a/test/certs/ca-pss-cert.pem b/test/certs/ca-pss-cert.pem -new file mode 100644 -index 000000000000..566b63a800f7 ---- /dev/null -+++ b/test/certs/ca-pss-cert.pem -@@ -0,0 +1,21 @@ -+-----BEGIN CERTIFICATE----- -+MIIDXjCCAhagAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa -+MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDASMRAwDgYDVQQDDAdSb290 -+IENBMCAXDTIxMDEyNjEwMDUwOFoYDzIxMjEwMTI3MTAwNTA4WjARMQ8wDQYDVQQD -+DAZDQS1QU1MwggEgMAsGCSqGSIb3DQEBCgOCAQ8AMIIBCgKCAQEAtclsFtJOQgAC -+ZxTPn2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivw -+epDaiu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJ -+t+8psfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaR -+fmU7tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4h -+gwnjXASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0Eybjyk -+gyAu7Zlf/wIDAQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAd -+BgNVHQ4EFgQUGfmhA/VcxWkh7VUBHxUdHHQLgrAwHwYDVR0jBBgwFoAUjvUlrx6b -+a4Q9fICayVOcTXL3o1IwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY -+BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBAF6rSSBj+dkv0UGuE1El -+lB9zVpqVlV72RY8gAkmSJmbzblHEO/PYV/UnNJ2C2IXEhAQaE0xKCg+WC2RO56oc -+qZc6UXBCN8G9rJKVxgXVbciP4pQYN6POpmhJfQqzNPwzTADt3HY6X9gQtyG0fuQF -+OPDc+mXjRvBrcYMkAgYiKe+oA45WDWYpIvipWVQ3xP/BSGJqrdKx5SOrJA72+BLM -+bPbD3tBC2SVirDjv0N926Wcb/JQFkM+5YY2/yKNybstngr4Pb1T/tESsIZvGG2Tk -+3IhBl1dJtC9gpGTRa8NzQvcmPK9VUjWtv5YNA+FxD9FTxGibh7Aw1fbFCV91Qjc3 -+JQQ= -+-----END CERTIFICATE----- -diff --git a/test/certs/ca-pss-key.pem b/test/certs/ca-pss-key.pem -new file mode 100644 -index 000000000000..9270c3648447 ---- /dev/null -+++ b/test/certs/ca-pss-key.pem -@@ -0,0 +1,28 @@ -+-----BEGIN PRIVATE KEY----- -+MIIEvQIBADALBgkqhkiG9w0BAQoEggSpMIIEpQIBAAKCAQEAtclsFtJOQgACZxTP -+n2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivwepDa -+iu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJt+8p -+sfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaRfmU7 -+tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4hgwnj -+XASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0EybjykgyAu -+7Zlf/wIDAQABAoIBAErkiNt+GS+nwVWmhUMt3UfsOjal2EgBQt7xCKSbyVEYSqCg -+TDN2Y0IC07kPbwhobR8u7kyzGCs5vwE/3EmQOwNRh/3FyxqSu9IfP9CKrG4GzqMu -+DFjH9PjBaEQhi/pXRqFbA6qBgLpvoytcJNlkK3w5HDVuytoNoDpJAm4XhbEAwVG2 -+u3De40lPKXBFaGjSrUQETnrm0Fhj+J7+VMheQZVjEHwMIOmbIDcckV0OSIWn00XG -+/Md0y0i/U8S0TkP9sVC+cKkKMCNL+BJYf5YucUIna/9PgBD36RRRq2D0e8/iP8m+ -+ftnmW7fxlL2neTZ2sAS+4sm7sOoudaeAta+JoEECgYEA5ZjbBJf+FhyFOBFRoYow -+OHP+JfU7rdi8n5GpNswVmtNx3FK+eoUz+PlXTluUydS3L40ba7/mzYFzAZETF6YO -+Z8STkmvLxRTDzvZoE0SCJQAcG9I1oVWMufDVnHvljflH+IBjvMQM527dfFgaebvD -+TkRvnCup2oV3uT430++15K0CgYEAyrESfgP5f9+zZqz30N+QTWHZCzCUqSDcGhke -+Irvjs5tSrCQibbSGkGNHZ/V019K8rKJQlvNbEEzlRRcohuqIuUPgPmXBbbruqCBP -+a1+DD/HRg6BrTsNo67SbUJ6EsV5D80Ie76Yzye3By7E71xvFzFxbMwcwPFHBDViR -+m4oRwNsCgYEAtdb/N78tVNPXytUkot0wXbW4RtXYI1Lx6StTKnwubEYk+otqIt1W -+kUzhkcTEralUQEvwuMDvCjoJHOeKiINTC2pMOn43j+pnPoY3XXM35BgXKw2svg9k -+emu8ssgJwgz5rF37ICjh03Yh4vZgWaOVBmr7PmPyjYiBjuwxCSDkHa0CgYEAkqwP -+9aBqq131NBd2PG+KvHRR2wcMjFZ672e9puTPoOiEqox7XWeE+Hbe9RtpscONRF8w -+cgsnmmQKhDR93yNYTLgRTRXVItJiYMcAsXIsJR2XvugWvqgpBGds/Km426CbCyyN -+tl1OnJCv6/YUl1RBjeBHHmXVQdDnIgE1XJhMwIECgYEAt4zgPqswoicfDBqakP6X -+ZND0s7fiki2YBmXyASIoUACnpJEWsOOEJrAcW7xtgXgjNxKdk1JqYV3ggU8wgCvv -+9Ugsx0FiuPmIBhYNZMWIItNmpYqPm8KbEwIPqChs9OA+5FREFwFjJgGK2ublfmVj -+dN2I3LilMIXTE4/MQ8Lhcjc= -+-----END PRIVATE KEY----- -diff --git a/test/certs/ee-pss-cert.pem b/test/certs/ee-pss-cert.pem -new file mode 100644 -index 000000000000..e908783b5536 ---- /dev/null -+++ b/test/certs/ee-pss-cert.pem -@@ -0,0 +1,21 @@ -+-----BEGIN CERTIFICATE----- -+MIIDdDCCAiygAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa -+MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDARMQ8wDQYDVQQDDAZDQS1Q -+U1MwIBcNMjEwMTI2MTAwNjMzWhgPMjEyMTAxMjcxMDA2MzNaMBExDzANBgNVBAMM -+BkVFLVBTUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e -+2ywP1XP74reoG3p1YCvUfTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx// -+DcZD/jE0+CjYdemju4iC76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aO -+wjagEf/AWTX9SRzdHEIzBniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5Zq -+ghsVi9GZq+Seb5Sq0pblV/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktH -+aKcpxz9K4iIntO+QY9fv0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h -+/nk0H0qJH7cCAwEAAaN1MHMwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4HmCKX4XOi -+MB8GA1UdIwQYMBaAFBn5oQP1XMVpIe1VAR8VHRx0C4KwMAkGA1UdEwQCMAAwEwYD -+VR0lBAwwCgYIKwYBBQUHAwEwEQYDVR0RBAowCIIGRUUtUFNTMD0GCSqGSIb3DQEB -+CjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaID -+AgEgA4IBAQCzCXb5XpMvhuwWso9wj4B8AJjCugMlGdrLXIj3ueqyS1qSEcFp1meO -+9jMDCjAkitTdZjf3gqEghC/joUd+XAw3JfOPOl36WlNrm9bwZTnfnCYFRrdprfMo -+Q1Kqy9SNvDeHZZVcGeU3PZSt+EabmR9mQODg/qfpa9/3WktzFbvxlPOS7Tb0n2tn -+vQnTmyrmGN2/o8X1qGQgETw5bH3csKgsPh668zN/gv3DxNN0EVACLaOSahNsNQa7 -+KCcl1ez5KcFc0QIlQajhorTYOIeTb8UmR4wdy5C4Nd9P5OKv1sQvVO9PtswAv/s7 -+Vs48cDO1+ASn0KjN41hXN5+fOIlNqOeU -+-----END CERTIFICATE----- -diff --git a/test/certs/mkcert.sh b/test/certs/mkcert.sh -index ebb71c177857..2126c4fcfea7 100755 ---- a/test/certs/mkcert.sh -+++ b/test/certs/mkcert.sh -@@ -114,6 +114,19 @@ genroot() { - } - - genca() { -+ local OPTIND=1 -+ local purpose= -+ -+ while getopts p: o -+ do -+ case $o in -+ p) purpose="$OPTARG";; -+ *) echo "Usage: $0 genca [-p EKU] cn keyname certname cakeyname cacertname" >&2 -+ return 1;; -+ esac -+ done -+ -+ shift $((OPTIND - 1)) - local cn=$1; shift - local key=$1; shift - local cert=$1; shift -@@ -123,17 +136,16 @@ genca() { - local akid="authorityKeyIdentifier = keyid" - - exts=$(printf "%s\n%s\n%s\n" "$skid" "$akid" "basicConstraints = critical,CA:true") -- for eku in "$@" -- do -- exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$eku") -- done -+ if [ -n "$purpose" ]; then -+ exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$purpose") -+ fi - if [ -n "$NC" ]; then - exts=$(printf "%s\nnameConstraints = %s\n" "$exts" "$NC") - fi - csr=$(req "$key" "CN = $cn") || return 1 - echo "$csr" | - cert "$cert" "$exts" -CA "${cacert}.pem" -CAkey "${cakey}.pem" \ -- -set_serial 2 -days "${DAYS}" -+ -set_serial 2 -days "${DAYS}" "$@" - } - - gen_nonbc_ca() { -diff --git a/test/certs/setup.sh b/test/certs/setup.sh -index 04591bcc05fe..49aab7118f0f 100755 ---- a/test/certs/setup.sh -+++ b/test/certs/setup.sh -@@ -125,7 +125,7 @@ OPENSSL_KEYBITS=768 \ - # client intermediate ca: cca-cert - # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth - # --./mkcert.sh genca "CA" ca-key cca-cert root-key root-cert clientAuth -+./mkcert.sh genca -p clientAuth "CA" ca-key cca-cert root-key root-cert - # - openssl x509 -in cca-cert.pem -trustout \ - -addtrust serverAuth -out cca+serverAuth.pem -@@ -143,7 +143,7 @@ openssl x509 -in cca-cert.pem -trustout \ - # server intermediate ca: sca-cert - # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth, -anyEKU, +anyEKU - # --./mkcert.sh genca "CA" ca-key sca-cert root-key root-cert serverAuth -+./mkcert.sh genca -p serverAuth "CA" ca-key sca-cert root-key root-cert - # - openssl x509 -in sca-cert.pem -trustout \ - -addtrust serverAuth -out sca+serverAuth.pem -@@ -380,9 +380,14 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \ - # SHA1 - ./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \ - -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest --# SHA256 -+# EE SHA256 - ./mkcert.sh genee PSS-SHA256 ee-key ee-pss-sha256-cert ca-key ca-cert \ -- -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest -+ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest -+# CA-PSS -+./mkcert.sh genca "CA-PSS" ca-pss-key ca-pss-cert root-key root-cert \ -+ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -+./mkcert.sh genee "EE-PSS" ee-key ee-pss-cert ca-pss-key ca-pss-cert \ -+ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 - - OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \ - "Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \ -diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t -index 1336b8a72615..070c8e2245d6 100644 ---- a/test/recipes/25-test_verify.t -+++ b/test/recipes/25-test_verify.t -@@ -27,7 +27,7 @@ sub verify { - run(app([@args])); - } - --plan tests => 145; -+plan tests => 146; - - # Canonical success - ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), -@@ -377,6 +377,9 @@ ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_l - ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), - "PSS signature using SHA256 and auth level 2"); - -+ok(verify("ee-pss-cert", "sslserver", ["root-cert"], ["ca-pss-cert"], ), -+ "CA PSS signature"); -+ - ok(!verify("many-names1", "sslserver", ["many-constraints"], ["many-constraints"], ), - "Too many names and constraints to check (1)"); - ok(!verify("many-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), diff -Nru openssl-1.1.1i/debian/patches/series openssl-1.1.1j/debian/patches/series --- openssl-1.1.1i/debian/patches/series 2021-02-08 11:05:54.000000000 +0000 +++ openssl-1.1.1j/debian/patches/series 2021-02-23 21:46:53.000000000 +0000 @@ -33,11 +33,6 @@ pic.patch c_rehash-compat.patch # Remove Set-systemwide-default-settings-for-libssl-users.patch, this is done differently -x509_vfy.c-Fix-a-regression-in-find_isser.patch -X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch -check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch - # Ubuntu patches tests-use-seclevel-1.patch tls1.2-min-seclevel2.patch - diff -Nru openssl-1.1.1i/debian/patches/X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch openssl-1.1.1j/debian/patches/X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch --- openssl-1.1.1i/debian/patches/X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch 2021-01-30 13:02:15.000000000 +0000 +++ openssl-1.1.1j/debian/patches/X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,232 +0,0 @@ -From: "Dr. David von Oheimb" -Date: Wed, 30 Dec 2020 09:57:49 +0100 -Subject: X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed - to due to invalid cert - -This is the backport of #13755 to v1.1.1. -Fixes #13698 - -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/13756) ---- - crypto/x509/x509_cmp.c | 18 ++++++++++-------- - crypto/x509/x_all.c | 2 +- - crypto/x509v3/v3_purp.c | 3 ++- - doc/man3/X509_get_extension_flags.pod | 9 +++++++-- - include/openssl/x509v3.h | 5 +++-- - test/certs/invalid-cert.pem | 19 +++++++++++++++++++ - test/recipes/80-test_x509aux.t | 13 ++++++++----- - test/x509aux.c | 17 +++++++++++------ - 8 files changed, 61 insertions(+), 25 deletions(-) - create mode 100644 test/certs/invalid-cert.pem - -diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c -index ad620af0aff4..c9d89336406f 100644 ---- a/crypto/x509/x509_cmp.c -+++ b/crypto/x509/x509_cmp.c -@@ -133,19 +133,21 @@ unsigned long X509_subject_name_hash_old(X509 *x) - */ - int X509_cmp(const X509 *a, const X509 *b) - { -- int rv; -+ int rv = 0; - - if (a == b) /* for efficiency */ - return 0; -- /* ensure hash is valid */ -- if (X509_check_purpose((X509 *)a, -1, 0) != 1) -- return -2; -- if (X509_check_purpose((X509 *)b, -1, 0) != 1) -- return -2; - -- rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); -- if (rv) -+ /* try to make sure hash is valid */ -+ (void)X509_check_purpose((X509 *)a, -1, 0); -+ (void)X509_check_purpose((X509 *)b, -1, 0); -+ -+ if ((a->ex_flags & EXFLAG_NO_FINGERPRINT) == 0 -+ && (b->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) -+ rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); -+ if (rv != 0) - return rv; -+ - /* Check for match against stored encoding too */ - if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) { - if (a->cert_info.enc.len < b->cert_info.enc.len) -diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c -index aa5ccba44899..bec850af5797 100644 ---- a/crypto/x509/x_all.c -+++ b/crypto/x509/x_all.c -@@ -363,7 +363,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) - { - if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0 -- && (data->ex_flags & EXFLAG_INVALID) == 0) { -+ && (data->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) { - /* Asking for SHA1 and we already computed it. */ - if (len != NULL) - *len = sizeof(data->sha1_hash); -diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c -index 2b06dba05398..93b5ca4d4283 100644 ---- a/crypto/x509v3/v3_purp.c -+++ b/crypto/x509v3/v3_purp.c -@@ -391,7 +391,8 @@ static void x509v3_cache_extensions(X509 *x) - } - - if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) -- x->ex_flags |= EXFLAG_INVALID; -+ x->ex_flags |= (EXFLAG_NO_FINGERPRINT | EXFLAG_INVALID); -+ - /* V1 should mean no extensions ... */ - if (!X509_get_version(x)) - x->ex_flags |= EXFLAG_V1; -diff --git a/doc/man3/X509_get_extension_flags.pod b/doc/man3/X509_get_extension_flags.pod -index 43c9c952c6b7..cca72c71fcab 100644 ---- a/doc/man3/X509_get_extension_flags.pod -+++ b/doc/man3/X509_get_extension_flags.pod -@@ -78,12 +78,17 @@ The certificate contains an unhandled critical extension. - - =item B - --Some certificate extension values are invalid or inconsistent. The --certificate should be rejected. -+Some certificate extension values are invalid or inconsistent. -+The certificate should be rejected. - This bit may also be raised after an out-of-memory error while - processing the X509 object, so it may not be related to the processed - ASN1 object itself. - -+=item B -+ -+Failed to compute the internal SHA1 hash value of the certificate. -+This may be due to malloc failure or because no SHA1 implementation was found. -+ - =item B - - The NID_certificate_policies certificate extension is invalid or -diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h -index 6c6eca38a582..b9a8943273fb 100644 ---- a/include/openssl/x509v3.h -+++ b/include/openssl/x509v3.h -@@ -364,8 +364,9 @@ struct ISSUING_DIST_POINT_st { - - # define EXFLAG_INVALID_POLICY 0x800 - # define EXFLAG_FRESHEST 0x1000 --/* Self signed */ --# define EXFLAG_SS 0x2000 -+# define EXFLAG_SS 0x2000 /* cert is apparently self-signed */ -+ -+# define EXFLAG_NO_FINGERPRINT 0x100000 - - # define KU_DIGITAL_SIGNATURE 0x0080 - # define KU_NON_REPUDIATION 0x0040 -diff --git a/test/certs/invalid-cert.pem b/test/certs/invalid-cert.pem -new file mode 100644 -index 000000000000..a8951305a3dc ---- /dev/null -+++ b/test/certs/invalid-cert.pem -@@ -0,0 +1,19 @@ -+-----BEGIN TRUSTED CERTIFICATE----- -+MIIDJTCCAg2gAwIBAgIUEUSW5o7qpgNCWyXic9Fc9tCLS0gwDQYJKoZIhvcNAQEL -+BQAwEzERMA8GA1UEAwwIUGVyc29TaW0wHhcNMjAxMjE2MDY1NjM5WhcNMzAxMjE2 -+MDY1NjM5WjATMREwDwYDVQQDDAhQZXJzb1NpbTCCASIwDQYJKoZIhvcNAQEBBQAD -+ggEPADCCAQoCggEBAMsgRKnnZbQtG9bB9Hn+CoOOsanmnRELSlGq521qi/eBgs2w -+SdHYM6rsJFwY89RvINLGeUZh/pu7c+ODtTafAWE3JkynG01d2Zrvp1V1r97+FGyD -+f+b1hAggxBy70bTRyr1gAoKQTAm74U/1lj13EpWz7zshgXJ/Pn/hUyTmpNW+fTRE -+xaifN0jkl5tZUURGA6w3+BRhVDQtt92vLihqUGaEFpL8yqqFnN44AoQ5+lgMafWi -+UyYMHcK75ZB8WWklq8zjRP3xC1h56k01rT6KJO6i+BxMcADerYsn5qTlcUiKcpRU -+b6RzLvCUwj91t1aX6npDI3BzSP+wBUUANBfuHEMCAwEAAaNxMG8wFwYDVR0OBBA8 -+yBBnvz1Zt6pHm2GwBaRyMBcGA1UdIwQQPMgQZ789WbeqR5thsAWkcjAPBgNVHRMB -+Af8EBTADAQH/MAsGA1UdDwQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB -+BQUHAwIwDQYJKoZIhvcNAQELBQADggEBAIEzVbttOUc7kK4aY+74TANFZK/qtBQ7 -+94a/P30TGWSRUq2HnDsR8Vo4z8xm5oKeC+SIi6NGzviWYquuzpJ7idcbr0MIuSyD -++Vg6n1sG64DxWNdGO9lR5c4mWFdIajShczS2+4QIRB/lFZCf7GhPMtIcbP1o9ckY -+2vyv5ZAEU9Z5n0PY+abrKsj0XyvJwdycEsUTywa36fuv6hP3UboLtvK6naXLMrTj -+WtSA6PXjHy7h8h0NC8XLk64mc0lcRC4WM+xJ/C+NHglpmBqBxnStpnZykMZYD1Vy -+JJ1wNc+Y3e2uMBDxZviH3dIPIgqP1Vpi2TWfqr3DTBNCRf4dl/wwNU8= -+-----END TRUSTED CERTIFICATE----- -diff --git a/test/recipes/80-test_x509aux.t b/test/recipes/80-test_x509aux.t -index 65ba5fcf5292..30adf252570a 100644 ---- a/test/recipes/80-test_x509aux.t -+++ b/test/recipes/80-test_x509aux.t -@@ -14,14 +14,17 @@ use OpenSSL::Test::Utils; - - setup("test_x509aux"); - -+my @path = qw(test certs); -+ - plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" - if disabled("ec"); - - plan tests => 1; # The number of tests being performed - - ok(run(test(["x509aux", -- srctop_file("test", "certs", "roots.pem"), -- srctop_file("test", "certs", "root+anyEKU.pem"), -- srctop_file("test", "certs", "root-anyEKU.pem"), -- srctop_file("test", "certs", "root-cert.pem")] -- )), "x509aux tests"); -+ srctop_file(@path, "roots.pem"), -+ srctop_file(@path, "root+anyEKU.pem"), -+ srctop_file(@path, "root-anyEKU.pem"), -+ srctop_file(@path, "root-cert.pem"), -+ srctop_file(@path, "invalid-cert.pem"), -+ ])), "x509aux tests"); -diff --git a/test/x509aux.c b/test/x509aux.c -index e41f1f6809d2..78013f23ae27 100644 ---- a/test/x509aux.c -+++ b/test/x509aux.c -@@ -30,17 +30,16 @@ static int test_certs(int num) - typedef int (*i2d_X509_t)(X509 *, unsigned char **); - int err = 0; - BIO *fp = BIO_new_file(test_get_argument(num), "r"); -- X509 *reuse = NULL; - - if (!TEST_ptr(fp)) - return 0; - - for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) { - const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0); -- - d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509; - i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509; - X509 *cert = NULL; -+ X509 *reuse = NULL; - const unsigned char *p = data; - unsigned char *buf = NULL; - unsigned char *bufp; -@@ -93,9 +92,15 @@ static int test_certs(int num) - goto next; - } - p = buf; -- reuse = d2i(&reuse, &p, enclen); -- if (reuse == NULL || X509_cmp (reuse, cert)) { -- TEST_error("X509_cmp does not work with %s", name); -+ reuse = d2i(NULL, &p, enclen); -+ if (reuse == NULL) { -+ TEST_error("second d2i call failed for %s", name); -+ err = 1; -+ goto next; -+ } -+ err = X509_cmp(reuse, cert); -+ if (err != 0) { -+ TEST_error("X509_cmp for %s resulted in %d", name, err); - err = 1; - goto next; - } -@@ -141,13 +146,13 @@ static int test_certs(int num) - */ - next: - X509_free(cert); -+ X509_free(reuse); - OPENSSL_free(buf); - OPENSSL_free(name); - OPENSSL_free(header); - OPENSSL_free(data); - } - BIO_free(fp); -- X509_free(reuse); - - if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) { - /* Reached end of PEM file */ diff -Nru openssl-1.1.1i/debian/patches/x509_vfy.c-Fix-a-regression-in-find_isser.patch openssl-1.1.1j/debian/patches/x509_vfy.c-Fix-a-regression-in-find_isser.patch --- openssl-1.1.1i/debian/patches/x509_vfy.c-Fix-a-regression-in-find_isser.patch 2021-01-30 13:02:15.000000000 +0000 +++ openssl-1.1.1j/debian/patches/x509_vfy.c-Fix-a-regression-in-find_isser.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,144 +0,0 @@ -From: "Dr. David von Oheimb" -Date: Mon, 28 Dec 2020 11:25:59 +0100 -Subject: x509_vfy.c: Fix a regression in find_isser() - -...in case the candidate issuer cert is identical to the target cert. - -Fixes #13739 - -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/13749) ---- - crypto/x509/x509_vfy.c | 13 ++++----- - test/recipes/70-test_verify_extra.t | 3 ++- - test/verify_extra_test.c | 53 ++++++++++++++++++++++++++++++++++--- - 3 files changed, 57 insertions(+), 12 deletions(-) - -diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c -index 730a0160ff0a..883c6d7118ac 100644 ---- a/crypto/x509/x509_vfy.c -+++ b/crypto/x509/x509_vfy.c -@@ -323,9 +323,10 @@ static int sk_X509_contains(STACK_OF(X509) *sk, X509 *cert) - } - - /* -- * Find in given STACK_OF(X509) sk a non-expired issuer cert (if any) of given cert x. -- * The issuer must not be the same as x and must not yet be in ctx->chain, where the -- * exceptional case x is self-issued and ctx->chain has just one element is allowed. -+ * Find in given STACK_OF(X509) sk an issuer cert of given cert x. -+ * The issuer must not yet be in ctx->chain, where the exceptional case -+ * that x is self-issued and ctx->chain has just one element is allowed. -+ * Prefer the first one that is not expired, else take the last expired one. - */ - static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) - { -@@ -334,11 +335,7 @@ static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) - - for (i = 0; i < sk_X509_num(sk); i++) { - issuer = sk_X509_value(sk, i); -- /* -- * Below check 'issuer != x' is an optimization and safety precaution: -- * Candidate issuer cert cannot be the same as the subject cert 'x'. -- */ -- if (issuer != x && ctx->check_issued(ctx, x, issuer) -+ if (ctx->check_issued(ctx, x, issuer) - && (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1) - || !sk_X509_contains(ctx->chain, issuer))) { - rv = issuer; -diff --git a/test/recipes/70-test_verify_extra.t b/test/recipes/70-test_verify_extra.t -index 79a33cd01679..e3bdcbaaf9f0 100644 ---- a/test/recipes/70-test_verify_extra.t -+++ b/test/recipes/70-test_verify_extra.t -@@ -16,4 +16,5 @@ plan tests => 1; - ok(run(test(["verify_extra_test", - srctop_file("test", "certs", "roots.pem"), - srctop_file("test", "certs", "untrusted.pem"), -- srctop_file("test", "certs", "bad.pem")]))); -+ srctop_file("test", "certs", "bad.pem"), -+ srctop_file("test", "certs", "rootCA.pem")]))); -diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c -index d9d1498954b1..94faa4c78b31 100644 ---- a/test/verify_extra_test.c -+++ b/test/verify_extra_test.c -@@ -18,6 +18,21 @@ - static const char *roots_f; - static const char *untrusted_f; - static const char *bad_f; -+static const char *good_f; -+ -+static X509 *load_cert_pem(const char *file) -+{ -+ X509 *cert = NULL; -+ BIO *bio = NULL; -+ -+ if (!TEST_ptr(bio = BIO_new(BIO_s_file()))) -+ return NULL; -+ if (TEST_int_gt(BIO_read_filename(bio, file), 0)) -+ (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)); -+ -+ BIO_free(bio); -+ return cert; -+} - - static STACK_OF(X509) *load_certs_from_file(const char *filename) - { -@@ -58,7 +73,7 @@ static STACK_OF(X509) *load_certs_from_file(const char *filename) - return certs; - } - --/* -+/*- - * Test for CVE-2015-1793 (Alternate Chains Certificate Forgery) - * - * Chain is as follows: -@@ -175,16 +190,48 @@ static int test_store_ctx(void) - return testresult; - } - -+static int test_self_signed(const char *filename, int expected) -+{ -+ X509 *cert = load_cert_pem(filename); -+ STACK_OF(X509) *trusted = sk_X509_new_null(); -+ X509_STORE_CTX *ctx = X509_STORE_CTX_new(); -+ int ret; -+ -+ ret = TEST_ptr(cert) -+ && TEST_true(sk_X509_push(trusted, cert)) -+ && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL)); -+ X509_STORE_CTX_trusted_stack(ctx, trusted); -+ ret = ret && TEST_int_eq(X509_verify_cert(ctx), expected); -+ -+ X509_STORE_CTX_free(ctx); -+ sk_X509_free(trusted); -+ X509_free(cert); -+ return ret; -+} -+ -+static int test_self_signed_good(void) -+{ -+ return test_self_signed(good_f, 1); -+} -+ -+static int test_self_signed_bad(void) -+{ -+ return test_self_signed(bad_f, 0); -+} -+ - int setup_tests(void) - { - if (!TEST_ptr(roots_f = test_get_argument(0)) - || !TEST_ptr(untrusted_f = test_get_argument(1)) -- || !TEST_ptr(bad_f = test_get_argument(2))) { -- TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); -+ || !TEST_ptr(bad_f = test_get_argument(2)) -+ || !TEST_ptr(good_f = test_get_argument(3))) { -+ TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem good.pem\n"); - return 0; - } - - ADD_TEST(test_alt_chains_cert_forgery); - ADD_TEST(test_store_ctx); -+ ADD_TEST(test_self_signed_good); -+ ADD_TEST(test_self_signed_bad); - return 1; - } diff -Nru openssl-1.1.1i/debian/rules openssl-1.1.1j/debian/rules --- openssl-1.1.1i/debian/rules 2021-02-08 11:08:09.000000000 +0000 +++ openssl-1.1.1j/debian/rules 2021-02-23 22:01:12.000000000 +0000 @@ -119,9 +119,11 @@ mkdir -p debian/tmp/etc/ssl mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/ ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/ +ifeq (,$(filter noudeb,$(DEB_BUILD_PROFILES))) cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so.* debian/libcrypto1.1-udeb/usr/lib/ cp -pf debian/tmp/etc/ssl/openssl.cnf debian/libcrypto1.1-udeb/usr/lib/ssl/openssl.cnf cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so.* debian/libssl1.1-udeb/usr/lib/ +endif cp -auv build_shared/lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/ for opt in $(OPTS); \ do set -xe; \ diff -Nru openssl-1.1.1i/doc/man1/ca.pod openssl-1.1.1j/doc/man1/ca.pod --- openssl-1.1.1i/doc/man1/ca.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/ca.pod 2021-02-16 15:24:01.000000000 +0000 @@ -163,7 +163,7 @@ =item B<-passin arg> The key password source. For more information about the format of B -see the B section in L. +see L. =item B<-notext> @@ -759,7 +759,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/cms.pod openssl-1.1.1j/doc/man1/cms.pod --- openssl-1.1.1i/doc/man1/cms.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/cms.pod 2021-02-16 15:24:01.000000000 +0000 @@ -465,7 +465,7 @@ =item B<-passin arg> The private key password source. For more information about the format of B -see the B section in L. +see L. =item B<-rand file...> @@ -735,7 +735,7 @@ =head1 COPYRIGHT -Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/crl2pkcs7.pod openssl-1.1.1j/doc/man1/crl2pkcs7.pod --- openssl-1.1.1i/doc/man1/crl2pkcs7.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/crl2pkcs7.pod 2021-02-16 15:24:01.000000000 +0000 @@ -56,7 +56,7 @@ Specifies a filename containing one or more certificates in B format. All certificates in the file will be added to the PKCS#7 structure. This -option can be used more than once to read certificates form multiple +option can be used more than once to read certificates from multiple files. =item B<-nocrl> @@ -96,7 +96,7 @@ =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/dgst.pod openssl-1.1.1j/doc/man1/dgst.pod --- openssl-1.1.1i/doc/man1/dgst.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/dgst.pod 2021-02-16 15:24:01.000000000 +0000 @@ -109,7 +109,7 @@ =item B<-passin arg> The private key password source. For more information about the format of B -see the B section in L. +see L. =item B<-verify filename> @@ -241,7 +241,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/dsa.pod openssl-1.1.1j/doc/man1/dsa.pod --- openssl-1.1.1i/doc/man1/dsa.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/dsa.pod 2021-02-16 15:24:01.000000000 +0000 @@ -75,7 +75,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -87,7 +87,7 @@ =item B<-passout arg> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> @@ -172,7 +172,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/ec.pod openssl-1.1.1j/doc/man1/ec.pod --- openssl-1.1.1i/doc/man1/ec.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/ec.pod 2021-02-16 15:24:01.000000000 +0000 @@ -68,7 +68,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -80,7 +80,7 @@ =item B<-passout arg> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-des|-des3|-idea> @@ -193,7 +193,7 @@ =head1 COPYRIGHT -Copyright 2003-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/enc.pod openssl-1.1.1j/doc/man1/enc.pod --- openssl-1.1.1i/doc/man1/enc.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/enc.pod 2021-02-16 15:24:01.000000000 +0000 @@ -76,7 +76,7 @@ =item B<-pass arg> The password source. For more information about the format of B -see the B section in L. +see L. =item B<-e> @@ -428,7 +428,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/genpkey.pod openssl-1.1.1j/doc/man1/genpkey.pod --- openssl-1.1.1i/doc/man1/genpkey.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/genpkey.pod 2021-02-16 15:24:01.000000000 +0000 @@ -44,7 +44,7 @@ =item B<-pass arg> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-I> @@ -325,7 +325,7 @@ =head1 COPYRIGHT -Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/genrsa.pod openssl-1.1.1j/doc/man1/genrsa.pod --- openssl-1.1.1i/doc/man1/genrsa.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/genrsa.pod 2021-02-16 15:24:01.000000000 +0000 @@ -51,7 +51,7 @@ =item B<-passout arg> The output file password source. For more information about the format -of B see the B section in L. +of B see L. =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> @@ -118,7 +118,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/pkcs12.pod openssl-1.1.1j/doc/man1/pkcs12.pod --- openssl-1.1.1i/doc/man1/pkcs12.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/pkcs12.pod 2021-02-16 15:24:01.000000000 +0000 @@ -78,14 +78,12 @@ =item B<-passin arg> The PKCS#12 file (i.e. input file) password source. For more information about -the format of B see the B section in -L. +the format of B see L. =item B<-passout arg> Pass phrase source to encrypt any outputted private keys with. For more -information about the format of B see the B section -in L. +information about the format of B see L. =item B<-password arg> @@ -206,14 +204,12 @@ =item B<-pass arg>, B<-passout arg> The PKCS#12 file (i.e. output file) password source. For more information about -the format of B see the B section in -L. +the format of B see L. =item B<-passin password> Pass phrase source to decrypt any input private keys with. For more information -about the format of B see the B section in -L. +about the format of B see L. =item B<-chain> @@ -383,7 +379,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/pkcs8.pod openssl-1.1.1j/doc/man1/pkcs8.pod --- openssl-1.1.1i/doc/man1/pkcs8.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/pkcs8.pod 2021-02-16 15:24:01.000000000 +0000 @@ -75,7 +75,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -87,7 +87,7 @@ =item B<-passout arg> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-iter count> @@ -309,7 +309,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/pkey.pod openssl-1.1.1j/doc/man1/pkey.pod --- openssl-1.1.1i/doc/man1/pkey.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/pkey.pod 2021-02-16 15:24:01.000000000 +0000 @@ -57,7 +57,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -69,7 +69,7 @@ =item B<-passout password> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-traditional> @@ -158,7 +158,7 @@ =head1 COPYRIGHT -Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/pkeyutl.pod openssl-1.1.1j/doc/man1/pkeyutl.pod --- openssl-1.1.1i/doc/man1/pkeyutl.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/pkeyutl.pod 2021-02-16 15:24:01.000000000 +0000 @@ -74,7 +74,7 @@ =item B<-passin arg> The input key password source. For more information about the format of B -see the B section in L. +see L. =item B<-peerkey file> @@ -327,7 +327,7 @@ =head1 COPYRIGHT -Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/req.pod openssl-1.1.1j/doc/man1/req.pod --- openssl-1.1.1i/doc/man1/req.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/req.pod 2021-02-16 15:24:01.000000000 +0000 @@ -91,7 +91,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -101,7 +101,7 @@ =item B<-passout arg> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-text> @@ -695,7 +695,7 @@ =head1 COPYRIGHT -Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/rsa.pod openssl-1.1.1j/doc/man1/rsa.pod --- openssl-1.1.1i/doc/man1/rsa.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/rsa.pod 2021-02-16 15:24:01.000000000 +0000 @@ -75,7 +75,7 @@ =item B<-passin arg> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-out filename> @@ -87,7 +87,7 @@ =item B<-passout password> The output file password source. For more information about the format of B -see the B section in L. +see L. =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> @@ -195,7 +195,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/s_client.pod openssl-1.1.1j/doc/man1/s_client.pod --- openssl-1.1.1i/doc/man1/s_client.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/s_client.pod 2021-02-16 15:24:01.000000000 +0000 @@ -258,7 +258,7 @@ =item B<-pass arg> the private key password source. For more information about the format of B -see the B section in L. +see L. =item B<-verify depth> @@ -828,7 +828,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/smime.pod openssl-1.1.1j/doc/man1/smime.pod --- openssl-1.1.1i/doc/man1/smime.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/smime.pod 2021-02-16 15:24:01.000000000 +0000 @@ -295,7 +295,7 @@ =item B<-passin arg> The private key password source. For more information about the format of B -see the B section in L. +see L. =item B<-rand file...> @@ -514,7 +514,7 @@ =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/spkac.pod openssl-1.1.1j/doc/man1/spkac.pod --- openssl-1.1.1i/doc/man1/spkac.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/spkac.pod 2021-02-16 15:24:01.000000000 +0000 @@ -60,7 +60,7 @@ =item B<-passin password> The input file password source. For more information about the format of B -see the B section in L. +see L. =item B<-challenge string> @@ -145,7 +145,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/s_server.pod openssl-1.1.1j/doc/man1/s_server.pod --- openssl-1.1.1i/doc/man1/s_server.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/s_server.pod 2021-02-16 15:24:01.000000000 +0000 @@ -297,7 +297,7 @@ =item B<-pass val> The private key password source. For more information about the format of B -see the B section in L. +see L. =item B<-dcert infile>, B<-dkey infile> @@ -845,7 +845,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/storeutl.pod openssl-1.1.1j/doc/man1/storeutl.pod --- openssl-1.1.1i/doc/man1/storeutl.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/storeutl.pod 2021-02-16 15:24:01.000000000 +0000 @@ -51,7 +51,7 @@ =item B<-passin arg> the key password source. For more information about the format of B -see the B section in L. +see L. =item B<-text> @@ -123,7 +123,7 @@ =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/ts.pod openssl-1.1.1j/doc/man1/ts.pod --- openssl-1.1.1i/doc/man1/ts.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/ts.pod 2021-02-16 15:24:01.000000000 +0000 @@ -242,7 +242,7 @@ =item B<-passin> password_src Specifies the password source for the private key of the TSA. See -B in L. (Optional) +L. (Optional) =item B<-signer> tsa_cert.pem @@ -665,7 +665,7 @@ =head1 COPYRIGHT -Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man1/x509.pod openssl-1.1.1j/doc/man1/x509.pod --- openssl-1.1.1i/doc/man1/x509.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man1/x509.pod 2021-02-16 15:24:01.000000000 +0000 @@ -376,7 +376,7 @@ =item B<-passin arg> The key password source. For more information about the format of B -see the B section in L. +see L. =item B<-clrext> @@ -932,7 +932,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man3/DH_generate_key.pod openssl-1.1.1j/doc/man3/DH_generate_key.pod --- openssl-1.1.1i/doc/man3/DH_generate_key.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man3/DH_generate_key.pod 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,8 @@ =head1 NAME -DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange +DH_generate_key, DH_compute_key, DH_compute_key_padded - perform +Diffie-Hellman key exchange =head1 SYNOPSIS @@ -10,14 +11,16 @@ int DH_generate_key(DH *dh); - int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); + int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); + + int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh); =head1 DESCRIPTION DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. By calling -DH_compute_key(), these are combined with the other party's public -value to compute the shared key. +DH_compute_key() or DH_compute_key_padded(), these are combined with +the other party's public value to compute the shared key. DH_generate_key() expects B to contain the shared parameters Bp> and Bg>. It generates a random private DH value @@ -28,6 +31,14 @@ DH_compute_key() computes the shared secret from the private DH value in B and the other party's public value in B and stores it in B. B must point to B bytes of memory. +The padding style is RFC 5246 (8.1.2) that strips leading zero bytes. +It is not constant time due to the leading zero bytes being stripped. +The return value should be considered public. + +DH_compute_key_padded() is similar but stores a fixed number of bytes. +The padding style is NIST SP 800-56A (C.1) that retains leading zero bytes. +It is constant time due to the leading zero bytes being retained. +The return value should be considered public. =head1 RETURN VALUES @@ -36,15 +47,21 @@ DH_compute_key() returns the size of the shared secret on success, -1 on error. +DH_compute_key_padded() returns B on success, -1 on error. + The error codes can be obtained by L. =head1 SEE ALSO L, L, L, L +=head1 HISTORY + +DH_compute_key_padded() was added in OpenSSL 1.0.2. + =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/doc/man3/OCSP_sendreq_new.pod openssl-1.1.1j/doc/man3/OCSP_sendreq_new.pod --- openssl-1.1.1i/doc/man3/OCSP_sendreq_new.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man3/OCSP_sendreq_new.pod 2021-02-16 15:24:01.000000000 +0000 @@ -2,9 +2,15 @@ =head1 NAME -OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, -OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, -OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions +OCSP_sendreq_new, +OCSP_sendreq_nbio, +OCSP_REQ_CTX_free, +OCSP_set_max_response_length, +OCSP_REQ_CTX_add1_header, +OCSP_REQ_CTX_set1_req, +OCSP_sendreq_bio, +OCSP_REQ_CTX_i2d +- OCSP responder query functions =head1 SYNOPSIS @@ -26,6 +32,9 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req); + int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type, + const ASN1_ITEM *it, ASN1_VALUE *req); + =head1 DESCRIPTION The function OCSP_sendreq_new() returns an B structure using the @@ -51,6 +60,15 @@ OCSP_REQ_CTX_set1_req() sets the OCSP request in B to B. This function should be called after any calls to OCSP_REQ_CTX_add1_header(). +OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following: + + OCSP_REQ_CTX_i2d(rctx, "application/ocsp-request", + ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req) + +OCSP_REQ_CTX_i2d() sets the request context B to have the request +B, which has the ASN.1 type B. +The B, if not NULL, will be included in the HTTP request. +The function should be called after all other headers have already been added. OCSP_sendreq_bio() performs an OCSP request using the responder B, the URL path B, and the OCSP request B with a response header maximum line @@ -64,8 +82,8 @@ OCSP_sendreq_nbio() returns B<1> if the operation was completed successfully, B<-1> if the operation should be retried and B<0> if an error occurred. -OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return B<1> for success -and B<0> for failure. +OCSP_REQ_CTX_add1_header(), OCSP_REQ_CTX_set1_req(), and OCSP_REQ_CTX_i2d() +return B<1> for success and B<0> for failure. OCSP_sendreq_bio() returns the B structure sent by the responder or B if an error occurred. diff -Nru openssl-1.1.1i/doc/man3/OPENSSL_malloc.pod openssl-1.1.1j/doc/man3/OPENSSL_malloc.pod --- openssl-1.1.1i/doc/man3/OPENSSL_malloc.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man3/OPENSSL_malloc.pod 2021-02-16 15:24:01.000000000 +0000 @@ -104,7 +104,7 @@ OPENSSL_cleanse() fills B of size B with a string of 0's. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. -If the storage controller uses write compression, then its possible +If the storage controller uses write compression, then it's possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of diff -Nru openssl-1.1.1i/doc/man3/X509_get_extension_flags.pod openssl-1.1.1j/doc/man3/X509_get_extension_flags.pod --- openssl-1.1.1i/doc/man3/X509_get_extension_flags.pod 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/doc/man3/X509_get_extension_flags.pod 2021-02-16 15:24:01.000000000 +0000 @@ -78,12 +78,17 @@ =item B -Some certificate extension values are invalid or inconsistent. The -certificate should be rejected. +Some certificate extension values are invalid or inconsistent. +The certificate should be rejected. This bit may also be raised after an out-of-memory error while processing the X509 object, so it may not be related to the processed ASN1 object itself. +=item B + +Failed to compute the internal SHA1 hash value of the certificate. +This may be due to malloc failure or because no SHA1 implementation was found. + =item B The NID_certificate_policies certificate extension is invalid or @@ -194,7 +199,7 @@ =head1 COPYRIGHT -Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-1.1.1i/fuzz/x509.c openssl-1.1.1j/fuzz/x509.c --- openssl-1.1.1i/fuzz/x509.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/fuzz/x509.c 2021-02-16 15:24:01.000000000 +0000 @@ -37,6 +37,8 @@ X509_print(bio, x509); BIO_free(bio); + X509_issuer_and_serial_hash(x509); + i2d_X509(x509, &der); OPENSSL_free(der); diff -Nru openssl-1.1.1i/include/openssl/evperr.h openssl-1.1.1j/include/openssl/evperr.h --- openssl-1.1.1i/include/openssl/evperr.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/include/openssl/evperr.h 2021-02-16 15:24:01.000000000 +0000 @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,9 +11,7 @@ #ifndef HEADER_EVPERR_H # define HEADER_EVPERR_H -# ifndef HEADER_SYMHACKS_H -# include -# endif +# include # ifdef __cplusplus extern "C" @@ -179,6 +177,7 @@ # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 # define EVP_R_OPERATON_NOT_INITIALIZED 151 +# define EVP_R_OUTPUT_WOULD_OVERFLOW 184 # define EVP_R_PARTIALLY_OVERLAPPING 162 # define EVP_R_PBKDF2_ERROR 181 # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 diff -Nru openssl-1.1.1i/include/openssl/obj_mac.h openssl-1.1.1j/include/openssl/obj_mac.h --- openssl-1.1.1i/include/openssl/obj_mac.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/include/openssl/obj_mac.h 2021-02-16 15:24:01.000000000 +0000 @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff -Nru openssl-1.1.1i/include/openssl/opensslv.h openssl-1.1.1j/include/openssl/opensslv.h --- openssl-1.1.1i/include/openssl/opensslv.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/include/openssl/opensslv.h 2021-02-16 15:24:01.000000000 +0000 @@ -39,8 +39,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1010109fL -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i 8 Dec 2020" +# define OPENSSL_VERSION_NUMBER 0x101010afL +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j 16 Feb 2021" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff -Nru openssl-1.1.1i/include/openssl/x509v3.h openssl-1.1.1j/include/openssl/x509v3.h --- openssl-1.1.1i/include/openssl/x509v3.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/include/openssl/x509v3.h 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -364,8 +364,9 @@ # define EXFLAG_INVALID_POLICY 0x800 # define EXFLAG_FRESHEST 0x1000 -/* Self signed */ -# define EXFLAG_SS 0x2000 +# define EXFLAG_SS 0x2000 /* cert is apparently self-signed */ + +# define EXFLAG_NO_FINGERPRINT 0x100000 # define KU_DIGITAL_SIGNATURE 0x0080 # define KU_NON_REPUDIATION 0x0040 diff -Nru openssl-1.1.1i/INSTALL openssl-1.1.1j/INSTALL --- openssl-1.1.1i/INSTALL 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/INSTALL 2021-02-16 15:24:01.000000000 +0000 @@ -106,8 +106,7 @@ This will build and install OpenSSL in the default location, which is: Unix: normal installation directories under /usr/local - OpenVMS: SYS$COMMON:[OPENSSL-'version'...], where 'version' is the - OpenSSL version number with underscores instead of periods. + OpenVMS: SYS$COMMON:[OPENSSL] Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL The installation directory should be appropriately protected to ensure @@ -116,7 +115,9 @@ your Operating System it is recommended that you do not overwrite the system version and instead install to somewhere else. - If you want to install it anywhere else, run config like this: + If you want to install it anywhere else, run config like this (the options + --prefix and --openssldir are explained further down, and the values shown + here are mere examples): On Unix: @@ -198,7 +199,7 @@ Unix: /usr/local Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL - OpenVMS: SYS$COMMON:[OPENSSL-'version'] + OpenVMS: SYS$COMMON:[OPENSSL] --release Build OpenSSL without debugging symbols. This is the default. @@ -961,9 +962,9 @@ share/doc/openssl/html/man7 Contains the HTML rendition of the man-pages. - OpenVMS ('arch' is replaced with the architecture name, "Alpha" - or "ia64", 'sover' is replaced with the shared library version - (0101 for 1.1), and 'pz' is replaced with the pointer size + OpenVMS ('arch' is replaced with the architecture name, "ALPHA" + or "IA64", 'sover' is replaced with the shared library version + (0101 for 1.1.x), and 'pz' is replaced with the pointer size OpenSSL was built with): [.EXE.'arch'] Contains the openssl binary. diff -Nru openssl-1.1.1i/NEWS openssl-1.1.1j/NEWS --- openssl-1.1.1i/NEWS 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/NEWS 2021-02-16 15:24:01.000000000 +0000 @@ -5,6 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021] + + o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash() + function (CVE-2021-23841) + o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING + padding mode to correctly check for rollback attacks + o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and + EVP_DecryptUpdate functions (CVE-2021-23840) + o Fixed SRP_Calc_client_key so that it runs in constant time + Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020] o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971) diff -Nru openssl-1.1.1i/NOTES.VMS openssl-1.1.1j/NOTES.VMS --- openssl-1.1.1i/NOTES.VMS 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/NOTES.VMS 2021-02-16 15:24:01.000000000 +0000 @@ -90,9 +90,9 @@ Unix mount point. The easiest way to check if everything got through as it should is to - check for one of the following files: + check that this file exists: - [.crypto]opensslconf^.h.in + [.include.openssl]opensslconf^.h.in The best way to get a correct distribution is to download the gzipped tar file from ftp://ftp.openssl.org/source/, use GZIP -d to uncompress @@ -105,3 +105,11 @@ Should you need it, you can find UnZip for VMS here: http://www.info-zip.org/UnZip.html + + + How the value of 'arch' is determined + ------------------------------------- + + 'arch' is mentioned in INSTALL. It's value is determined like this: + + arch = f$edit( f$getsyi( "arch_name"), "upcase") diff -Nru openssl-1.1.1i/NOTES.WIN openssl-1.1.1j/NOTES.WIN --- openssl-1.1.1i/NOTES.WIN 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/NOTES.WIN 2021-02-16 15:24:01.000000000 +0000 @@ -62,8 +62,8 @@ For VC-WIN32, the following defaults are use: - PREFIX: %ProgramFiles(86)%\OpenSSL - OPENSSLDIR: %CommonProgramFiles(86)%\SSL + PREFIX: %ProgramFiles(x86)%\OpenSSL + OPENSSLDIR: %CommonProgramFiles(x86)%\SSL For VC-WIN64, the following defaults are use: diff -Nru openssl-1.1.1i/README openssl-1.1.1j/README --- openssl-1.1.1i/README 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/README 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ - OpenSSL 1.1.1i 8 Dec 2020 + OpenSSL 1.1.1j 16 Feb 2021 Copyright (c) 1998-2020 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff -Nru openssl-1.1.1i/ssl/d1_lib.c openssl-1.1.1j/ssl/d1_lib.c --- openssl-1.1.1i/ssl/d1_lib.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/d1_lib.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -142,10 +142,11 @@ ssl3_free(s); - dtls1_clear_queues(s); - - pqueue_free(s->d1->buffered_messages); - pqueue_free(s->d1->sent_messages); + if (s->d1 != NULL) { + dtls1_clear_queues(s); + pqueue_free(s->d1->buffered_messages); + pqueue_free(s->d1->sent_messages); + } OPENSSL_free(s->d1); s->d1 = NULL; diff -Nru openssl-1.1.1i/ssl/record/rec_layer_d1.c openssl-1.1.1j/ssl/record/rec_layer_d1.c --- openssl-1.1.1i/ssl/record/rec_layer_d1.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/record/rec_layer_d1.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -46,6 +46,9 @@ void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl) { + if (rl->d == NULL) + return; + DTLS_RECORD_LAYER_clear(rl); pqueue_free(rl->d->unprocessed_rcds.q); pqueue_free(rl->d->processed_rcds.q); diff -Nru openssl-1.1.1i/ssl/ssl_local.h openssl-1.1.1j/ssl/ssl_local.h --- openssl-1.1.1i/ssl/ssl_local.h 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/ssl_local.h 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. * @@ -537,7 +537,6 @@ int not_resumable; /* This is the cert and type for the other end. */ X509 *peer; - int peer_type; /* Certificate chain peer sent. */ STACK_OF(X509) *peer_chain; /* diff -Nru openssl-1.1.1i/ssl/statem/extensions.c openssl-1.1.1j/ssl/statem/extensions.c --- openssl-1.1.1i/ssl/statem/extensions.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/statem/extensions.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -966,7 +966,8 @@ * context, to avoid the confusing situation of having sess_accept_good * exceed sess_accept (zero) for the new context. */ - if (SSL_IS_FIRST_HANDSHAKE(s) && s->ctx != s->session_ctx) { + if (SSL_IS_FIRST_HANDSHAKE(s) && s->ctx != s->session_ctx + && s->hello_retry_request == SSL_HRR_NONE) { tsan_counter(&s->ctx->stats.sess_accept); tsan_decr(&s->session_ctx->stats.sess_accept); } diff -Nru openssl-1.1.1i/ssl/statem/statem_clnt.c openssl-1.1.1j/ssl/statem/statem_clnt.c --- openssl-1.1.1i/ssl/statem/statem_clnt.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/statem/statem_clnt.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. * @@ -1960,7 +1960,6 @@ goto err; } } - s->session->peer_type = certidx; X509_free(s->session->peer); X509_up_ref(x); diff -Nru openssl-1.1.1i/ssl/statem/statem_lib.c openssl-1.1.1j/ssl/statem/statem_lib.c --- openssl-1.1.1i/ssl/statem/statem_lib.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/ssl/statem/statem_lib.c 2021-02-16 15:24:01.000000000 +0000 @@ -1504,8 +1504,8 @@ /* * Only called by servers. Returns 1 if the server has a TLSv1.3 capable - * certificate type, or has PSK or a certificate callback configured. Otherwise - * returns 0. + * certificate type, or has PSK or a certificate callback configured, or has + * a servername callback configured. Otherwise returns 0. */ static int is_tls13_capable(const SSL *s) { @@ -1515,6 +1515,17 @@ EC_KEY *eckey; #endif + if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL)) + return 0; + + /* + * A servername callback can change the available certs, so if a servername + * cb is set then we just assume TLSv1.3 will be ok + */ + if (s->ctx->ext.servername_cb != NULL + || s->session_ctx->ext.servername_cb != NULL) + return 1; + #ifndef OPENSSL_NO_PSK if (s->psk_server_callback != NULL) return 1; diff -Nru openssl-1.1.1i/test/build.info openssl-1.1.1j/test/build.info --- openssl-1.1.1i/test/build.info 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/build.info 2021-02-16 15:24:01.000000000 +0000 @@ -499,7 +499,7 @@ IF[{- !$disabled{cmac} -}] SOURCE[cmactest]=cmactest.c - INCLUDE[cmactest]=../include ../apps/include + INCLUDE[cmactest]=../include DEPEND[cmactest]=../libcrypto.a libtestutil.a ENDIF @@ -567,7 +567,6 @@ SOURCE[gosttest]=gosttest.c ssltestlib.c INCLUDE[gosttest]=../include .. DEPEND[gosttest]=../libcrypto ../libssl libtestutil.a -ENDIF SOURCE[ssl_ctx_test]=ssl_ctx_test.c INCLUDE[ssl_ctx_test]=../include @@ -609,3 +608,4 @@ _____ } -} +ENDIF diff -Nru openssl-1.1.1i/test/certs/ca-pss-cert.pem openssl-1.1.1j/test/certs/ca-pss-cert.pem --- openssl-1.1.1i/test/certs/ca-pss-cert.pem 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/test/certs/ca-pss-cert.pem 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDXjCCAhagAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIxMDEyNjEwMDUwOFoYDzIxMjEwMTI3MTAwNTA4WjARMQ8wDQYDVQQD +DAZDQS1QU1MwggEgMAsGCSqGSIb3DQEBCgOCAQ8AMIIBCgKCAQEAtclsFtJOQgAC +ZxTPn2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivw +epDaiu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJ +t+8psfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaR +fmU7tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4h +gwnjXASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0Eybjyk +gyAu7Zlf/wIDAQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAd +BgNVHQ4EFgQUGfmhA/VcxWkh7VUBHxUdHHQLgrAwHwYDVR0jBBgwFoAUjvUlrx6b +a4Q9fICayVOcTXL3o1IwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY +BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBAF6rSSBj+dkv0UGuE1El +lB9zVpqVlV72RY8gAkmSJmbzblHEO/PYV/UnNJ2C2IXEhAQaE0xKCg+WC2RO56oc +qZc6UXBCN8G9rJKVxgXVbciP4pQYN6POpmhJfQqzNPwzTADt3HY6X9gQtyG0fuQF +OPDc+mXjRvBrcYMkAgYiKe+oA45WDWYpIvipWVQ3xP/BSGJqrdKx5SOrJA72+BLM +bPbD3tBC2SVirDjv0N926Wcb/JQFkM+5YY2/yKNybstngr4Pb1T/tESsIZvGG2Tk +3IhBl1dJtC9gpGTRa8NzQvcmPK9VUjWtv5YNA+FxD9FTxGibh7Aw1fbFCV91Qjc3 +JQQ= +-----END CERTIFICATE----- diff -Nru openssl-1.1.1i/test/certs/ca-pss-key.pem openssl-1.1.1j/test/certs/ca-pss-key.pem --- openssl-1.1.1i/test/certs/ca-pss-key.pem 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/test/certs/ca-pss-key.pem 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADALBgkqhkiG9w0BAQoEggSpMIIEpQIBAAKCAQEAtclsFtJOQgACZxTP +n2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivwepDa +iu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJt+8p +sfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaRfmU7 +tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4hgwnj +XASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0EybjykgyAu +7Zlf/wIDAQABAoIBAErkiNt+GS+nwVWmhUMt3UfsOjal2EgBQt7xCKSbyVEYSqCg +TDN2Y0IC07kPbwhobR8u7kyzGCs5vwE/3EmQOwNRh/3FyxqSu9IfP9CKrG4GzqMu +DFjH9PjBaEQhi/pXRqFbA6qBgLpvoytcJNlkK3w5HDVuytoNoDpJAm4XhbEAwVG2 +u3De40lPKXBFaGjSrUQETnrm0Fhj+J7+VMheQZVjEHwMIOmbIDcckV0OSIWn00XG +/Md0y0i/U8S0TkP9sVC+cKkKMCNL+BJYf5YucUIna/9PgBD36RRRq2D0e8/iP8m+ +ftnmW7fxlL2neTZ2sAS+4sm7sOoudaeAta+JoEECgYEA5ZjbBJf+FhyFOBFRoYow +OHP+JfU7rdi8n5GpNswVmtNx3FK+eoUz+PlXTluUydS3L40ba7/mzYFzAZETF6YO +Z8STkmvLxRTDzvZoE0SCJQAcG9I1oVWMufDVnHvljflH+IBjvMQM527dfFgaebvD +TkRvnCup2oV3uT430++15K0CgYEAyrESfgP5f9+zZqz30N+QTWHZCzCUqSDcGhke +Irvjs5tSrCQibbSGkGNHZ/V019K8rKJQlvNbEEzlRRcohuqIuUPgPmXBbbruqCBP +a1+DD/HRg6BrTsNo67SbUJ6EsV5D80Ie76Yzye3By7E71xvFzFxbMwcwPFHBDViR +m4oRwNsCgYEAtdb/N78tVNPXytUkot0wXbW4RtXYI1Lx6StTKnwubEYk+otqIt1W +kUzhkcTEralUQEvwuMDvCjoJHOeKiINTC2pMOn43j+pnPoY3XXM35BgXKw2svg9k +emu8ssgJwgz5rF37ICjh03Yh4vZgWaOVBmr7PmPyjYiBjuwxCSDkHa0CgYEAkqwP +9aBqq131NBd2PG+KvHRR2wcMjFZ672e9puTPoOiEqox7XWeE+Hbe9RtpscONRF8w +cgsnmmQKhDR93yNYTLgRTRXVItJiYMcAsXIsJR2XvugWvqgpBGds/Km426CbCyyN +tl1OnJCv6/YUl1RBjeBHHmXVQdDnIgE1XJhMwIECgYEAt4zgPqswoicfDBqakP6X +ZND0s7fiki2YBmXyASIoUACnpJEWsOOEJrAcW7xtgXgjNxKdk1JqYV3ggU8wgCvv +9Ugsx0FiuPmIBhYNZMWIItNmpYqPm8KbEwIPqChs9OA+5FREFwFjJgGK2ublfmVj +dN2I3LilMIXTE4/MQ8Lhcjc= +-----END PRIVATE KEY----- diff -Nru openssl-1.1.1i/test/certs/ee-pss-cert.pem openssl-1.1.1j/test/certs/ee-pss-cert.pem --- openssl-1.1.1i/test/certs/ee-pss-cert.pem 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/test/certs/ee-pss-cert.pem 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAiygAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDARMQ8wDQYDVQQDDAZDQS1Q +U1MwIBcNMjEwMTI2MTAwNjMzWhgPMjEyMTAxMjcxMDA2MzNaMBExDzANBgNVBAMM +BkVFLVBTUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e +2ywP1XP74reoG3p1YCvUfTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx// +DcZD/jE0+CjYdemju4iC76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aO +wjagEf/AWTX9SRzdHEIzBniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5Zq +ghsVi9GZq+Seb5Sq0pblV/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktH +aKcpxz9K4iIntO+QY9fv0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h +/nk0H0qJH7cCAwEAAaN1MHMwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4HmCKX4XOi +MB8GA1UdIwQYMBaAFBn5oQP1XMVpIe1VAR8VHRx0C4KwMAkGA1UdEwQCMAAwEwYD +VR0lBAwwCgYIKwYBBQUHAwEwEQYDVR0RBAowCIIGRUUtUFNTMD0GCSqGSIb3DQEB +CjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaID +AgEgA4IBAQCzCXb5XpMvhuwWso9wj4B8AJjCugMlGdrLXIj3ueqyS1qSEcFp1meO +9jMDCjAkitTdZjf3gqEghC/joUd+XAw3JfOPOl36WlNrm9bwZTnfnCYFRrdprfMo +Q1Kqy9SNvDeHZZVcGeU3PZSt+EabmR9mQODg/qfpa9/3WktzFbvxlPOS7Tb0n2tn +vQnTmyrmGN2/o8X1qGQgETw5bH3csKgsPh668zN/gv3DxNN0EVACLaOSahNsNQa7 +KCcl1ez5KcFc0QIlQajhorTYOIeTb8UmR4wdy5C4Nd9P5OKv1sQvVO9PtswAv/s7 +Vs48cDO1+ASn0KjN41hXN5+fOIlNqOeU +-----END CERTIFICATE----- diff -Nru openssl-1.1.1i/test/certs/invalid-cert.pem openssl-1.1.1j/test/certs/invalid-cert.pem --- openssl-1.1.1i/test/certs/invalid-cert.pem 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/test/certs/invalid-cert.pem 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,19 @@ +-----BEGIN TRUSTED CERTIFICATE----- +MIIDJTCCAg2gAwIBAgIUEUSW5o7qpgNCWyXic9Fc9tCLS0gwDQYJKoZIhvcNAQEL +BQAwEzERMA8GA1UEAwwIUGVyc29TaW0wHhcNMjAxMjE2MDY1NjM5WhcNMzAxMjE2 +MDY1NjM5WjATMREwDwYDVQQDDAhQZXJzb1NpbTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAMsgRKnnZbQtG9bB9Hn+CoOOsanmnRELSlGq521qi/eBgs2w +SdHYM6rsJFwY89RvINLGeUZh/pu7c+ODtTafAWE3JkynG01d2Zrvp1V1r97+FGyD +f+b1hAggxBy70bTRyr1gAoKQTAm74U/1lj13EpWz7zshgXJ/Pn/hUyTmpNW+fTRE +xaifN0jkl5tZUURGA6w3+BRhVDQtt92vLihqUGaEFpL8yqqFnN44AoQ5+lgMafWi +UyYMHcK75ZB8WWklq8zjRP3xC1h56k01rT6KJO6i+BxMcADerYsn5qTlcUiKcpRU +b6RzLvCUwj91t1aX6npDI3BzSP+wBUUANBfuHEMCAwEAAaNxMG8wFwYDVR0OBBA8 +yBBnvz1Zt6pHm2GwBaRyMBcGA1UdIwQQPMgQZ789WbeqR5thsAWkcjAPBgNVHRMB +Af8EBTADAQH/MAsGA1UdDwQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwDQYJKoZIhvcNAQELBQADggEBAIEzVbttOUc7kK4aY+74TANFZK/qtBQ7 +94a/P30TGWSRUq2HnDsR8Vo4z8xm5oKeC+SIi6NGzviWYquuzpJ7idcbr0MIuSyD ++Vg6n1sG64DxWNdGO9lR5c4mWFdIajShczS2+4QIRB/lFZCf7GhPMtIcbP1o9ckY +2vyv5ZAEU9Z5n0PY+abrKsj0XyvJwdycEsUTywa36fuv6hP3UboLtvK6naXLMrTj +WtSA6PXjHy7h8h0NC8XLk64mc0lcRC4WM+xJ/C+NHglpmBqBxnStpnZykMZYD1Vy +JJ1wNc+Y3e2uMBDxZviH3dIPIgqP1Vpi2TWfqr3DTBNCRf4dl/wwNU8= +-----END TRUSTED CERTIFICATE----- diff -Nru openssl-1.1.1i/test/certs/mkcert.sh openssl-1.1.1j/test/certs/mkcert.sh --- openssl-1.1.1i/test/certs/mkcert.sh 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/certs/mkcert.sh 2021-02-16 15:24:01.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/bash # -# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2016 Viktor Dukhovni . # All rights reserved. # @@ -114,6 +114,19 @@ } genca() { + local OPTIND=1 + local purpose= + + while getopts p: o + do + case $o in + p) purpose="$OPTARG";; + *) echo "Usage: $0 genca [-p EKU] cn keyname certname cakeyname cacertname" >&2 + return 1;; + esac + done + + shift $((OPTIND - 1)) local cn=$1; shift local key=$1; shift local cert=$1; shift @@ -123,17 +136,16 @@ local akid="authorityKeyIdentifier = keyid" exts=$(printf "%s\n%s\n%s\n" "$skid" "$akid" "basicConstraints = critical,CA:true") - for eku in "$@" - do - exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$eku") - done + if [ -n "$purpose" ]; then + exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$purpose") + fi if [ -n "$NC" ]; then exts=$(printf "%s\nnameConstraints = %s\n" "$exts" "$NC") fi csr=$(req "$key" "CN = $cn") || return 1 echo "$csr" | cert "$cert" "$exts" -CA "${cacert}.pem" -CAkey "${cakey}.pem" \ - -set_serial 2 -days "${DAYS}" + -set_serial 2 -days "${DAYS}" "$@" } gen_nonbc_ca() { diff -Nru openssl-1.1.1i/test/certs/setup.sh openssl-1.1.1j/test/certs/setup.sh --- openssl-1.1.1i/test/certs/setup.sh 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/certs/setup.sh 2021-02-16 15:24:01.000000000 +0000 @@ -125,7 +125,7 @@ # client intermediate ca: cca-cert # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth # -./mkcert.sh genca "CA" ca-key cca-cert root-key root-cert clientAuth +./mkcert.sh genca -p clientAuth "CA" ca-key cca-cert root-key root-cert # openssl x509 -in cca-cert.pem -trustout \ -addtrust serverAuth -out cca+serverAuth.pem @@ -143,7 +143,7 @@ # server intermediate ca: sca-cert # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth, -anyEKU, +anyEKU # -./mkcert.sh genca "CA" ca-key sca-cert root-key root-cert serverAuth +./mkcert.sh genca -p serverAuth "CA" ca-key sca-cert root-key root-cert # openssl x509 -in sca-cert.pem -trustout \ -addtrust serverAuth -out sca+serverAuth.pem @@ -380,9 +380,14 @@ # SHA1 ./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \ -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest -# SHA256 +# EE SHA256 ./mkcert.sh genee PSS-SHA256 ee-key ee-pss-sha256-cert ca-key ca-cert \ - -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest + -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest +# CA-PSS +./mkcert.sh genca "CA-PSS" ca-pss-key ca-pss-cert root-key root-cert \ + -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 +./mkcert.sh genee "EE-PSS" ee-key ee-pss-cert ca-pss-key ca-pss-cert \ + -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \ "Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \ diff -Nru openssl-1.1.1i/test/recipes/25-test_verify.t openssl-1.1.1j/test/recipes/25-test_verify.t --- openssl-1.1.1i/test/recipes/25-test_verify.t 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/recipes/25-test_verify.t 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ run(app([@args])); } -plan tests => 145; +plan tests => 146; # Canonical success ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), @@ -377,6 +377,9 @@ ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), "PSS signature using SHA256 and auth level 2"); +ok(verify("ee-pss-cert", "sslserver", ["root-cert"], ["ca-pss-cert"], ), + "CA PSS signature"); + ok(!verify("many-names1", "sslserver", ["many-constraints"], ["many-constraints"], ), "Too many names and constraints to check (1)"); ok(!verify("many-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), diff -Nru openssl-1.1.1i/test/recipes/70-test_verify_extra.t openssl-1.1.1j/test/recipes/70-test_verify_extra.t --- openssl-1.1.1i/test/recipes/70-test_verify_extra.t 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/recipes/70-test_verify_extra.t 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -16,4 +16,5 @@ ok(run(test(["verify_extra_test", srctop_file("test", "certs", "roots.pem"), srctop_file("test", "certs", "untrusted.pem"), - srctop_file("test", "certs", "bad.pem")]))); + srctop_file("test", "certs", "bad.pem"), + srctop_file("test", "certs", "rootCA.pem")]))); diff -Nru openssl-1.1.1i/test/recipes/80-test_x509aux.t openssl-1.1.1j/test/recipes/80-test_x509aux.t --- openssl-1.1.1i/test/recipes/80-test_x509aux.t 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/recipes/80-test_x509aux.t 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -14,14 +14,17 @@ setup("test_x509aux"); +my @path = qw(test certs); + plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" if disabled("ec"); plan tests => 1; # The number of tests being performed ok(run(test(["x509aux", - srctop_file("test", "certs", "roots.pem"), - srctop_file("test", "certs", "root+anyEKU.pem"), - srctop_file("test", "certs", "root-anyEKU.pem"), - srctop_file("test", "certs", "root-cert.pem")] - )), "x509aux tests"); + srctop_file(@path, "roots.pem"), + srctop_file(@path, "root+anyEKU.pem"), + srctop_file(@path, "root-anyEKU.pem"), + srctop_file(@path, "root-cert.pem"), + srctop_file(@path, "invalid-cert.pem"), + ])), "x509aux tests"); diff -Nru openssl-1.1.1i/test/rsa_test.c openssl-1.1.1j/test/rsa_test.c --- openssl-1.1.1i/test/rsa_test.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/rsa_test.c 2021-02-16 15:24:01.000000000 +0000 @@ -42,7 +42,8 @@ BN_bin2bn(dmp1, sizeof(dmp1)-1, NULL), \ BN_bin2bn(dmq1, sizeof(dmq1)-1, NULL), \ BN_bin2bn(iqmp, sizeof(iqmp)-1, NULL)); \ - memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ + if (c != NULL) \ + memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ return sizeof(ctext_ex) - 1; static int key1(RSA *key, unsigned char *c) @@ -211,16 +212,7 @@ SetKey; } -static int pad_unknown(void) -{ - unsigned long l; - while ((l = ERR_get_error()) != 0) - if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE) - return 1; - return 0; -} - -static int rsa_setkey(RSA** key, unsigned char* ctext, int idx) +static int rsa_setkey(RSA** key, unsigned char *ctext, int idx) { int clen = 0; @@ -240,63 +232,72 @@ return clen; } -static int test_rsa_pkcs1(int idx) +static int test_rsa_simple(int idx, int en_pad_type, int de_pad_type, + int success, unsigned char *ctext_ex, int *clen, + RSA **retkey) { int ret = 0; RSA *key; unsigned char ptext[256]; unsigned char ctext[256]; static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; - unsigned char ctext_ex[256]; int plen; - int clen = 0; + int clentmp = 0; int num; plen = sizeof(ptext_ex) - 1; - clen = rsa_setkey(&key, ctext_ex, idx); + clentmp = rsa_setkey(&key, ctext_ex, idx); + if (clen != NULL) + *clen = clentmp; - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, - RSA_PKCS1_PADDING); - if (!TEST_int_eq(num, clen)) + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, en_pad_type); + if (!TEST_int_eq(num, clentmp)) goto err; - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); - if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) - goto err; + num = RSA_private_decrypt(num, ctext, ptext, key, de_pad_type); + if (success) { + if (!TEST_int_gt(num, 0) || !TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; + } else { + if (!TEST_int_lt(num, 0)) + goto err; + } ret = 1; + if (retkey != NULL) { + *retkey = key; + key = NULL; + } err: RSA_free(key); return ret; } -static int test_rsa_sslv23(int idx) +static int test_rsa_pkcs1(int idx) { - int ret = 0; - RSA *key; - unsigned char ptext[256]; - unsigned char ctext[256]; - static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; - unsigned char ctext_ex[256]; - int plen; - int clen = 0; - int num; - - plen = sizeof(ptext_ex) - 1; - clen = rsa_setkey(&key, ctext_ex, idx); + return test_rsa_simple(idx, RSA_PKCS1_PADDING, RSA_PKCS1_PADDING, 1, NULL, + NULL, NULL); +} - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, - RSA_SSLV23_PADDING); - if (!TEST_int_eq(num, clen)) - goto err; +static int test_rsa_sslv23(int idx) +{ + int ret; - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_SSLV23_PADDING); - if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) - goto err; + /* Simulate an SSLv2 only client talking to a TLS capable server */ + ret = test_rsa_simple(idx, RSA_PKCS1_PADDING, RSA_SSLV23_PADDING, 1, NULL, + NULL, NULL); + + /* Simulate a TLS capable client talking to an SSLv2 only server */ + ret &= test_rsa_simple(idx, RSA_SSLV23_PADDING, RSA_PKCS1_PADDING, 1, NULL, + NULL, NULL); + + /* + * Simulate a TLS capable client talking to a TLS capable server. Should + * fail due to detecting a rollback attack. + */ + ret &= test_rsa_simple(idx, RSA_SSLV23_PADDING, RSA_SSLV23_PADDING, 0, NULL, + NULL, NULL); - ret = 1; -err: - RSA_free(key); return ret; } @@ -313,28 +314,16 @@ int num; int n; - plen = sizeof(ptext_ex) - 1; - clen = rsa_setkey(&key, ctext_ex, idx); - - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, - RSA_PKCS1_OAEP_PADDING); - if (num == -1 && pad_unknown()) { - TEST_info("Skipping: No OAEP support"); - ret = 1; - goto err; - } - if (!TEST_int_eq(num, clen)) + if (!test_rsa_simple(idx, RSA_PKCS1_OAEP_PADDING, RSA_PKCS1_OAEP_PADDING, 1, + ctext_ex, &clen, &key)) goto err; - num = RSA_private_decrypt(num, ctext, ptext, key, - RSA_PKCS1_OAEP_PADDING); - if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) - goto err; + plen = sizeof(ptext_ex) - 1; /* Different ciphertexts. Try decrypting ctext_ex */ num = RSA_private_decrypt(clen, ctext_ex, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + if (num <= 0 || !TEST_mem_eq(ptext, num, ptext_ex, plen)) goto err; /* Try decrypting corrupted ciphertexts. */ diff -Nru openssl-1.1.1i/test/sslapitest.c openssl-1.1.1j/test/sslapitest.c --- openssl-1.1.1i/test/sslapitest.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/sslapitest.c 2021-02-16 15:24:01.000000000 +0000 @@ -6658,6 +6658,62 @@ } #endif +#ifndef OPENSSL_NO_TLS1_3 +/* + * Test that setting an SNI callback works with TLSv1.3. Specifically we check + * that it works even without a certificate configured for the original + * SSL_CTX + */ +static int test_sni_tls13(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + + /* Reset callback counter */ + snicb = 0; + + /* Create an initial SSL_CTX with no certificate configured */ + sctx = SSL_CTX_new(TLS_server_method()); + if (!TEST_ptr(sctx)) + goto end; + /* Require TLSv1.3 as a minimum */ + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_3_VERSION, 0, &sctx2, &cctx, cert, + privkey))) + goto end; + + /* Set up SNI */ + if (!TEST_true(SSL_CTX_set_tlsext_servername_callback(sctx, sni_cb)) + || !TEST_true(SSL_CTX_set_tlsext_servername_arg(sctx, sctx2))) + goto end; + + /* + * Connection should still succeed because the final SSL_CTX has the right + * certificates configured. + */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + /* We should have had the SNI callback called exactly once */ + if (!TEST_int_eq(snicb, 1)) + goto end; + + testresult = 1; + +end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx2); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} +#endif + int setup_tests(void) { if (!TEST_ptr(certsdir = test_get_argument(0)) @@ -6781,6 +6837,9 @@ #ifndef OPENSSL_NO_TLS1_2 ADD_TEST(test_ssl_dup); #endif +#ifndef OPENSSL_NO_TLS1_3 + ADD_TEST(test_sni_tls13); +#endif return 1; } diff -Nru openssl-1.1.1i/test/v3nametest.c openssl-1.1.1j/test/v3nametest.c --- openssl-1.1.1i/test/v3nametest.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/v3nametest.c 2021-02-16 15:24:01.000000000 +0000 @@ -359,7 +359,7 @@ return failed == 0; } -struct gennamedata { +static struct gennamedata { const unsigned char der[22]; size_t derlen; } gennames[] = { diff -Nru openssl-1.1.1i/test/verify_extra_test.c openssl-1.1.1j/test/verify_extra_test.c --- openssl-1.1.1i/test/verify_extra_test.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/verify_extra_test.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,6 +18,21 @@ static const char *roots_f; static const char *untrusted_f; static const char *bad_f; +static const char *good_f; + +static X509 *load_cert_pem(const char *file) +{ + X509 *cert = NULL; + BIO *bio = NULL; + + if (!TEST_ptr(bio = BIO_new(BIO_s_file()))) + return NULL; + if (TEST_int_gt(BIO_read_filename(bio, file), 0)) + (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)); + + BIO_free(bio); + return cert; +} static STACK_OF(X509) *load_certs_from_file(const char *filename) { @@ -58,7 +73,7 @@ return certs; } -/* +/*- * Test for CVE-2015-1793 (Alternate Chains Certificate Forgery) * * Chain is as follows: @@ -175,16 +190,48 @@ return testresult; } +static int test_self_signed(const char *filename, int expected) +{ + X509 *cert = load_cert_pem(filename); + STACK_OF(X509) *trusted = sk_X509_new_null(); + X509_STORE_CTX *ctx = X509_STORE_CTX_new(); + int ret; + + ret = TEST_ptr(cert) + && TEST_true(sk_X509_push(trusted, cert)) + && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL)); + X509_STORE_CTX_set0_trusted_stack(ctx, trusted); + ret = ret && TEST_int_eq(X509_verify_cert(ctx), expected); + + X509_STORE_CTX_free(ctx); + sk_X509_free(trusted); + X509_free(cert); + return ret; +} + +static int test_self_signed_good(void) +{ + return test_self_signed(good_f, 1); +} + +static int test_self_signed_bad(void) +{ + return test_self_signed(bad_f, 0); +} + int setup_tests(void) { if (!TEST_ptr(roots_f = test_get_argument(0)) || !TEST_ptr(untrusted_f = test_get_argument(1)) - || !TEST_ptr(bad_f = test_get_argument(2))) { - TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); + || !TEST_ptr(bad_f = test_get_argument(2)) + || !TEST_ptr(good_f = test_get_argument(3))) { + TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem good.pem\n"); return 0; } ADD_TEST(test_alt_chains_cert_forgery); ADD_TEST(test_store_ctx); + ADD_TEST(test_self_signed_good); + ADD_TEST(test_self_signed_bad); return 1; } diff -Nru openssl-1.1.1i/test/x509aux.c openssl-1.1.1j/test/x509aux.c --- openssl-1.1.1i/test/x509aux.c 2020-12-08 13:20:59.000000000 +0000 +++ openssl-1.1.1j/test/x509aux.c 2021-02-16 15:24:01.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL licenses, (the "License"); * you may not use this file except in compliance with the License. @@ -30,17 +30,16 @@ typedef int (*i2d_X509_t)(X509 *, unsigned char **); int err = 0; BIO *fp = BIO_new_file(test_get_argument(num), "r"); - X509 *reuse = NULL; if (!TEST_ptr(fp)) return 0; for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) { const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0); - d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509; i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509; X509 *cert = NULL; + X509 *reuse = NULL; const unsigned char *p = data; unsigned char *buf = NULL; unsigned char *bufp; @@ -93,9 +92,15 @@ goto next; } p = buf; - reuse = d2i(&reuse, &p, enclen); - if (reuse == NULL || X509_cmp (reuse, cert)) { - TEST_error("X509_cmp does not work with %s", name); + reuse = d2i(NULL, &p, enclen); + if (reuse == NULL) { + TEST_error("second d2i call failed for %s", name); + err = 1; + goto next; + } + err = X509_cmp(reuse, cert); + if (err != 0) { + TEST_error("X509_cmp for %s resulted in %d", name, err); err = 1; goto next; } @@ -141,13 +146,13 @@ */ next: X509_free(cert); + X509_free(reuse); OPENSSL_free(buf); OPENSSL_free(name); OPENSSL_free(header); OPENSSL_free(data); } BIO_free(fp); - X509_free(reuse); if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) { /* Reached end of PEM file */ diff -Nru openssl-1.1.1i/VMS/msg_install.com openssl-1.1.1j/VMS/msg_install.com --- openssl-1.1.1i/VMS/msg_install.com 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/VMS/msg_install.com 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,19 @@ +$ ! Used by the main descrip.mms to print the installation complete +$ ! message. +$ ! Arguments: +$ ! P1 startup / setup / shutdown scripts directory +$ ! P2 distinguishing version number ("major version") +$ +$ systartup = p1 +$ osslver = p2 +$ +$ WRITE SYS$OUTPUT "Installation complete" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "The following commands need to be executed to enable you to use OpenSSL:" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "- to set up OpenSSL logical names:" +$ WRITE SYS$OUTPUT " @''systartup'openssl_startup''osslver'" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "- to define the OpenSSL command" +$ WRITE SYS$OUTPUT " @''systartup'openssl_utils''osslver'" +$ WRITE SYS$OUTPUT "" diff -Nru openssl-1.1.1i/VMS/msg_staging.com openssl-1.1.1j/VMS/msg_staging.com --- openssl-1.1.1i/VMS/msg_staging.com 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.1.1j/VMS/msg_staging.com 2021-02-16 15:24:01.000000000 +0000 @@ -0,0 +1,37 @@ +$ ! Used by the main descrip.mms to print the statging installation +$ ! complete +$ ! message. +$ ! Arguments: +$ ! P1 staging software installation directory +$ ! P2 staging data installation directory +$ ! P3 final software installation directory +$ ! P4 final data installation directory +$ ! P5 startup / setup / shutdown scripts directory +$ ! P6 distinguishing version number ("major version") +$ +$ staging_instdir = p1 +$ staging_datadir = p2 +$ final_instdir = p3 +$ final_datadir = p4 +$ systartup = p5 +$ osslver = p6 +$ +$ WRITE SYS$OUTPUT "Staging installation complete" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "Finish or package in such a way that the contents of the following directory" +$ WRITE SYS$OUTPUT "trees end up being copied:" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "- from ", staging_instdir +$ WRITE SYS$OUTPUT " to ", final_instdir +$ WRITE SYS$OUTPUT "- from ", staging_datadir +$ WRITE SYS$OUTPUT " to ", final_datadir +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "When in its final destination, the following commands need to be executed" +$ WRITE SYS$OUTPUT "to use OpenSSL:" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "- to set up OpenSSL logical names:" +$ WRITE SYS$OUTPUT " @''systartup'openssl_startup''osslver'" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "- to define the OpenSSL command" +$ WRITE SYS$OUTPUT " @''systartup'openssl_utils''osslver'" +$ WRITE SYS$OUTPUT ""