From 2df56dbd60bb5d925d2ce0ddbdefdbe6107ea783 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Tue, 21 Aug 2018 09:39:55 +0200 Subject: Update to FreeBSD head 2018-04-01 Git mirror commit 8dfb1ccc26d1cea7e2529303003ff61f9f1784c4. Update #3472. --- freebsd/crypto/openssl/crypto/asn1/a_gentm.c | 2 +- freebsd/crypto/openssl/crypto/asn1/a_mbstr.c | 4 +- freebsd/crypto/openssl/crypto/asn1/a_object.c | 4 +- freebsd/crypto/openssl/crypto/asn1/a_strex.c | 8 +- freebsd/crypto/openssl/crypto/asn1/a_time.c | 2 +- freebsd/crypto/openssl/crypto/asn1/a_utctm.c | 4 +- freebsd/crypto/openssl/crypto/asn1/asn1.h | 1 + freebsd/crypto/openssl/crypto/asn1/asn1_err.c | 3 +- freebsd/crypto/openssl/crypto/asn1/asn1_lib.c | 4 +- freebsd/crypto/openssl/crypto/asn1/asn1_par.c | 8 +- freebsd/crypto/openssl/crypto/asn1/asn_mime.c | 3 +- freebsd/crypto/openssl/crypto/asn1/t_x509a.c | 4 +- freebsd/crypto/openssl/crypto/asn1/tasn_dec.c | 64 +++++++----- freebsd/crypto/openssl/crypto/asn1/tasn_prn.c | 2 +- freebsd/crypto/openssl/crypto/bf/bftest.c | 6 +- freebsd/crypto/openssl/crypto/bio/b_dump.c | 41 +++----- freebsd/crypto/openssl/crypto/bio/b_print.c | 4 +- freebsd/crypto/openssl/crypto/bio/bio_cb.c | 2 +- freebsd/crypto/openssl/crypto/bio/bss_bio.c | 2 +- freebsd/crypto/openssl/crypto/bio/bss_conn.c | 4 +- freebsd/crypto/openssl/crypto/bio/bss_file.c | 10 +- freebsd/crypto/openssl/crypto/bn/bn_exp.c | 8 +- freebsd/crypto/openssl/crypto/bn/bn_lib.c | 110 ++++++++------------- freebsd/crypto/openssl/crypto/bn/bn_mont.c | 79 +++++---------- freebsd/crypto/openssl/crypto/bn/bn_print.c | 4 +- freebsd/crypto/openssl/crypto/bn/bntest.c | 2 +- freebsd/crypto/openssl/crypto/bn/expspeed.c | 2 +- freebsd/crypto/openssl/crypto/bn/exptest.c | 8 +- freebsd/crypto/openssl/crypto/conf/conf_def.c | 2 +- freebsd/crypto/openssl/crypto/conf/conf_mod.c | 2 +- freebsd/crypto/openssl/crypto/des/ecb_enc.c | 2 +- freebsd/crypto/openssl/crypto/des/fcrypt.c | 4 +- freebsd/crypto/openssl/crypto/des/read_pwd.c | 2 +- freebsd/crypto/openssl/crypto/des/set_key.c | 2 +- freebsd/crypto/openssl/crypto/dh/dhtest.c | 2 +- freebsd/crypto/openssl/crypto/dsa/dsatest.c | 2 +- freebsd/crypto/openssl/crypto/ec/ec_lib.c | 10 +- freebsd/crypto/openssl/crypto/ec/ec_mult.c | 16 +-- freebsd/crypto/openssl/crypto/ec/ecp_nistp224.c | 15 ++- freebsd/crypto/openssl/crypto/ec/ecp_nistp256.c | 41 ++++---- freebsd/crypto/openssl/crypto/ec/ecp_nistp521.c | 17 ++-- freebsd/crypto/openssl/crypto/ec/ecp_nistz256.c | 2 +- freebsd/crypto/openssl/crypto/ec/ecp_smpl.c | 2 +- freebsd/crypto/openssl/crypto/ec/ectest.c | 14 +-- freebsd/crypto/openssl/crypto/ecdh/ecdhtest.c | 2 +- .../crypto/openssl/crypto/engine/eng_cryptodev.c | 12 +-- freebsd/crypto/openssl/crypto/engine/eng_table.c | 7 +- freebsd/crypto/openssl/crypto/err/err.c | 4 +- freebsd/crypto/openssl/crypto/err/err_prn.c | 2 +- freebsd/crypto/openssl/crypto/evp/bio_b64.c | 8 ++ freebsd/crypto/openssl/crypto/evp/digest.c | 8 +- freebsd/crypto/openssl/crypto/evp/e_aes.c | 4 +- freebsd/crypto/openssl/crypto/evp/e_camellia.c | 4 +- freebsd/crypto/openssl/crypto/evp/evp_enc.c | 10 +- freebsd/crypto/openssl/crypto/evp/evp_locl.h | 4 +- freebsd/crypto/openssl/crypto/evp/evp_pbe.c | 4 +- freebsd/crypto/openssl/crypto/evp/evp_test.c | 2 +- freebsd/crypto/openssl/crypto/evp/openbsd_hw.c | 6 +- freebsd/crypto/openssl/crypto/evp/p5_crpt2.c | 2 +- freebsd/crypto/openssl/crypto/hmac/hmac.c | 2 +- freebsd/crypto/openssl/crypto/md4/md4.c | 2 +- freebsd/crypto/openssl/crypto/mem_dbg.c | 18 ++-- freebsd/crypto/openssl/crypto/o_init.c | 5 + freebsd/crypto/openssl/crypto/o_time.c | 8 +- freebsd/crypto/openssl/crypto/objects/o_names.c | 4 +- freebsd/crypto/openssl/crypto/objects/obj_dat.c | 28 +++--- freebsd/crypto/openssl/crypto/opensslv.h | 6 +- freebsd/crypto/openssl/crypto/pem/pem_info.c | 2 +- freebsd/crypto/openssl/crypto/pem/pem_lib.c | 2 +- freebsd/crypto/openssl/crypto/pkcs7/pk7_doit.c | 8 +- freebsd/crypto/openssl/crypto/rand/md_rand.c | 6 +- freebsd/crypto/openssl/crypto/rand/rand_egd.c | 2 +- freebsd/crypto/openssl/crypto/rand/rand_unix.c | 10 +- freebsd/crypto/openssl/crypto/rsa/rsa_crpt.c | 2 +- freebsd/crypto/openssl/crypto/rsa/rsa_gen.c | 32 ++++-- freebsd/crypto/openssl/crypto/rsa/rsa_pss.c | 4 +- freebsd/crypto/openssl/crypto/rsa/rsa_test.c | 2 +- freebsd/crypto/openssl/crypto/srp/srp_grps.h | 28 +++--- freebsd/crypto/openssl/crypto/threads/mttest.c | 2 +- freebsd/crypto/openssl/crypto/ts/ts_rsp_sign.c | 6 +- freebsd/crypto/openssl/crypto/ui/ui_openssl.c | 2 +- freebsd/crypto/openssl/crypto/x509/x509_txt.c | 2 +- freebsd/crypto/openssl/crypto/x509/x509_v3.c | 2 +- freebsd/crypto/openssl/crypto/x509/x509_vpm.c | 2 +- freebsd/crypto/openssl/crypto/x509v3/v3_alt.c | 4 +- freebsd/crypto/openssl/crypto/x509v3/v3_conf.c | 10 +- freebsd/crypto/openssl/crypto/x509v3/v3_info.c | 2 +- freebsd/crypto/openssl/engines/ccgost/gost_eng.c | 7 +- freebsd/crypto/openssl/engines/e_atalla.c | 2 +- freebsd/crypto/openssl/ssl/bad_dtls_test.c | 2 +- freebsd/crypto/openssl/ssl/d1_lib.c | 4 +- freebsd/crypto/openssl/ssl/d1_pkt.c | 31 +++++- freebsd/crypto/openssl/ssl/kssl.c | 17 +++- freebsd/crypto/openssl/ssl/s23_srvr.c | 4 +- freebsd/crypto/openssl/ssl/s2_clnt.c | 6 +- freebsd/crypto/openssl/ssl/s2_enc.c | 2 +- freebsd/crypto/openssl/ssl/s2_lib.c | 8 +- freebsd/crypto/openssl/ssl/s2_srvr.c | 8 +- freebsd/crypto/openssl/ssl/s3_clnt.c | 24 ++--- freebsd/crypto/openssl/ssl/s3_lib.c | 8 +- freebsd/crypto/openssl/ssl/s3_pkt.c | 38 ++++--- freebsd/crypto/openssl/ssl/s3_srvr.c | 4 +- freebsd/crypto/openssl/ssl/ssl_cert.c | 10 +- freebsd/crypto/openssl/ssl/ssl_lib.c | 6 +- freebsd/crypto/openssl/ssl/ssl_sess.c | 8 +- freebsd/crypto/openssl/ssl/ssltest.c | 22 ++--- freebsd/crypto/openssl/ssl/t1_enc.c | 10 +- freebsd/crypto/openssl/ssl/t1_lib.c | 27 ++++- freebsd/crypto/openssl/ssl/t1_trce.c | 6 +- 109 files changed, 563 insertions(+), 503 deletions(-) (limited to 'freebsd/crypto') diff --git a/freebsd/crypto/openssl/crypto/asn1/a_gentm.c b/freebsd/crypto/openssl/crypto/asn1/a_gentm.c index 5d6cb71e..d06192bc 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_gentm.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_gentm.c @@ -80,7 +80,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp) ASN1_STRING tmpstr = *(ASN1_STRING *)a; len = tmpstr.length; - ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len); + ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len); tmpstr.data = tmp; a = (ASN1_GENERALIZEDTIME *)&tmpstr; diff --git a/freebsd/crypto/openssl/crypto/asn1/a_mbstr.c b/freebsd/crypto/openssl/crypto/asn1/a_mbstr.c index 954671b1..a00ae090 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_mbstr.c @@ -151,14 +151,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, if ((minsize > 0) && (nchar < minsize)) { ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT); - BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); + BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize); ERR_add_error_data(2, "minsize=", strbuf); return -1; } if ((maxsize > 0) && (nchar > maxsize)) { ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG); - BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); + BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize); ERR_add_error_data(2, "maxsize=", strbuf); return -1; } diff --git a/freebsd/crypto/openssl/crypto/asn1/a_object.c b/freebsd/crypto/openssl/crypto/asn1/a_object.c index ce6b9d34..069b1457 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_object.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_object.c @@ -91,7 +91,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { int i, first, len = 0, c, use_bn; char ftmp[24], *tmp = ftmp; - int tmpsize = sizeof ftmp; + int tmpsize = sizeof(ftmp); const char *p; unsigned long l; BIGNUM *bl = NULL; @@ -228,7 +228,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) if ((a == NULL) || (a->data == NULL)) return (BIO_write(bp, "NULL", 4)); - i = i2t_ASN1_OBJECT(buf, sizeof buf, a); + i = i2t_ASN1_OBJECT(buf, sizeof(buf), a); if (i > (int)(sizeof(buf) - 1)) { p = OPENSSL_malloc(i + 1); if (!p) diff --git a/freebsd/crypto/openssl/crypto/asn1/a_strex.c b/freebsd/crypto/openssl/crypto/asn1/a_strex.c index ec898cc4..8521cb39 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_strex.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_strex.c @@ -132,13 +132,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, if (c > 0xffffffffL) return -1; if (c > 0xffff) { - BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); + BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c); if (!io_ch(arg, tmphex, 10)) return -1; return 10; } if (c > 0xff) { - BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); + BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c); if (!io_ch(arg, tmphex, 6)) return -1; return 6; @@ -238,7 +238,7 @@ static int do_buf(unsigned char *buf, int buflen, if (type & BUF_TYPE_CONVUTF8) { unsigned char utfbuf[6]; int utflen; - utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); + utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c); for (i = 0; i < utflen; i++) { /* * We don't need to worry about setting orflags correctly @@ -535,7 +535,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, if (fn_opt != XN_FLAG_FN_NONE) { int objlen, fld_len; if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) { - OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); + OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1); fld_len = 0; /* XXX: what should this be? */ objbuf = objtmp; } else { diff --git a/freebsd/crypto/openssl/crypto/asn1/a_time.c b/freebsd/crypto/openssl/crypto/asn1/a_time.c index 2183a587..c853c070 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_time.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_time.c @@ -88,7 +88,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) tmpstr = *(ASN1_STRING *)a; len = tmpstr.length; ebcdic2ascii(tmp, tmpstr.data, - (len >= sizeof tmp) ? sizeof tmp : len); + (len >= sizeof(tmp)) ? sizeof(tmp) : len); tmpstr.data = tmp; a = (ASN1_GENERALIZEDTIME *)&tmpstr; } diff --git a/freebsd/crypto/openssl/crypto/asn1/a_utctm.c b/freebsd/crypto/openssl/crypto/asn1/a_utctm.c index 74690cce..5422f6fe 100644 --- a/freebsd/crypto/openssl/crypto/asn1/a_utctm.c +++ b/freebsd/crypto/openssl/crypto/asn1/a_utctm.c @@ -78,7 +78,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) ASN1_STRING x = *(ASN1_STRING *)a; len = x.length; - ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len); + ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len); x.data = tmp; return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL); # endif @@ -319,7 +319,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) struct tm tm; int offset; - memset(&tm, '\0', sizeof tm); + memset(&tm, '\0', sizeof(tm)); # define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') tm.tm_year = g2(s->data); diff --git a/freebsd/crypto/openssl/crypto/asn1/asn1.h b/freebsd/crypto/openssl/crypto/asn1/asn1.h index 68e791fc..35a2b2aa 100644 --- a/freebsd/crypto/openssl/crypto/asn1/asn1.h +++ b/freebsd/crypto/openssl/crypto/asn1/asn1.h @@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void); # define ASN1_R_MSTRING_NOT_UNIVERSAL 139 # define ASN1_R_MSTRING_WRONG_TAG 140 # define ASN1_R_NESTED_ASN1_STRING 197 +# define ASN1_R_NESTED_TOO_DEEP 219 # define ASN1_R_NON_HEX_CHARACTERS 141 # define ASN1_R_NOT_ASCII_FORMAT 190 # define ASN1_R_NOT_ENOUGH_DATA 142 diff --git a/freebsd/crypto/openssl/crypto/asn1/asn1_err.c b/freebsd/crypto/openssl/crypto/asn1/asn1_err.c index 6fac1684..2c343382 100644 --- a/freebsd/crypto/openssl/crypto/asn1/asn1_err.c +++ b/freebsd/crypto/openssl/crypto/asn1/asn1_err.c @@ -2,7 +2,7 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -281,6 +281,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"}, {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"}, + {ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"}, {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"}, {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"}, {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"}, diff --git a/freebsd/crypto/openssl/crypto/asn1/asn1_lib.c b/freebsd/crypto/openssl/crypto/asn1/asn1_lib.c index 25b3dfca..9488dd7b 100644 --- a/freebsd/crypto/openssl/crypto/asn1/asn1_lib.c +++ b/freebsd/crypto/openssl/crypto/asn1/asn1_lib.c @@ -458,8 +458,8 @@ void asn1_add_error(const unsigned char *address, int offset) { char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1]; - BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address); - BIO_snprintf(buf2, sizeof buf2, "%d", offset); + BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address); + BIO_snprintf(buf2, sizeof(buf2), "%d", offset); ERR_add_error_data(4, "address=", buf1, " offset=", buf2); } diff --git a/freebsd/crypto/openssl/crypto/asn1/asn1_par.c b/freebsd/crypto/openssl/crypto/asn1/asn1_par.c index 205380d9..ad53399e 100644 --- a/freebsd/crypto/openssl/crypto/asn1/asn1_par.c +++ b/freebsd/crypto/openssl/crypto/asn1/asn1_par.c @@ -89,13 +89,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, p = str; if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) - BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag); + BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag); else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) - BIO_snprintf(str, sizeof str, "cont [ %d ]", tag); + BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag); else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) - BIO_snprintf(str, sizeof str, "appl [ %d ]", tag); + BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag); else if (tag > 30) - BIO_snprintf(str, sizeof str, "", tag); + BIO_snprintf(str, sizeof(str), "", tag); else p = ASN1_tag2str(tag); diff --git a/freebsd/crypto/openssl/crypto/asn1/asn_mime.c b/freebsd/crypto/openssl/crypto/asn1/asn_mime.c index 80d7942c..ca9df134 100644 --- a/freebsd/crypto/openssl/crypto/asn1/asn_mime.c +++ b/freebsd/crypto/openssl/crypto/asn1/asn_mime.c @@ -6,7 +6,7 @@ * project. */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -475,6 +475,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { sk_MIME_HEADER_pop_free(headers, mime_hdr_free); ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE); + sk_BIO_pop_free(parts, BIO_vfree); return NULL; } diff --git a/freebsd/crypto/openssl/crypto/asn1/t_x509a.c b/freebsd/crypto/openssl/crypto/asn1/t_x509a.c index 3724b1ca..5fce1cb2 100644 --- a/freebsd/crypto/openssl/crypto/asn1/t_x509a.c +++ b/freebsd/crypto/openssl/crypto/asn1/t_x509a.c @@ -83,7 +83,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) BIO_puts(out, ", "); else first = 0; - OBJ_obj2txt(oidstr, sizeof oidstr, + OBJ_obj2txt(oidstr, sizeof(oidstr), sk_ASN1_OBJECT_value(aux->trust, i), 0); BIO_puts(out, oidstr); } @@ -98,7 +98,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) BIO_puts(out, ", "); else first = 0; - OBJ_obj2txt(oidstr, sizeof oidstr, + OBJ_obj2txt(oidstr, sizeof(oidstr), sk_ASN1_OBJECT_value(aux->reject, i), 0); BIO_puts(out, oidstr); } diff --git a/freebsd/crypto/openssl/crypto/asn1/tasn_dec.c b/freebsd/crypto/openssl/crypto/asn1/tasn_dec.c index 01c8f1da..d9db75e3 100644 --- a/freebsd/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/freebsd/crypto/openssl/crypto/asn1/tasn_dec.c @@ -6,7 +6,7 @@ * 2000. */ /* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -67,6 +67,14 @@ #include #include +/* + * Constructed types with a recursive definition (such as can be found in PKCS7) + * could eventually exceed the stack given malicious input with excessive + * recursion. Therefore we limit the stack depth. This is the maximum number of + * recursive invocations of asn1_item_embed_d2i(). + */ +#define ASN1_MAX_CONSTRUCTED_NEST 30 + static int asn1_check_eoc(const unsigned char **in, long len); static int asn1_find_end(const unsigned char **in, long len, char inf); @@ -83,11 +91,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, - ASN1_TLC *ctx); + ASN1_TLC *ctx, int depth); static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, - ASN1_TLC *ctx); + ASN1_TLC *ctx, int depth); static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, @@ -156,17 +164,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval, { ASN1_TLC c; asn1_tlc_clear_nc(&c); - return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); + return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0); } /* * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and * tag mismatch return -1 to handle OPTIONAL */ - -int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx) +static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, + long len, const ASN1_ITEM *it, int tag, int aclass, + char opt, ASN1_TLC *ctx, int depth) { const ASN1_TEMPLATE *tt, *errtt = NULL; const ASN1_COMPAT_FUNCS *cf; @@ -191,6 +198,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else asn1_cb = 0; + if (++depth > ASN1_MAX_CONSTRUCTED_NEST) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP); + goto err; + } + switch (it->itype) { case ASN1_ITYPE_PRIMITIVE: if (it->templates) { @@ -206,7 +218,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, goto err; } return asn1_template_ex_d2i(pval, in, len, - it->templates, opt, ctx); + it->templates, opt, ctx, depth); } return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); @@ -328,7 +340,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* * We mark field as OPTIONAL so its absence can be recognised. */ - ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); + ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth); /* If field not present, try the next one */ if (ret == -1) continue; @@ -446,7 +458,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, * attempt to read in field, allowing each to be OPTIONAL */ - ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); + ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx, + depth); if (!ret) { errtt = seqtt; goto err; @@ -516,6 +529,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, return 0; } +int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) +{ + return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0); +} + /* * Templates are handled with two separate functions. One handles any * EXPLICIT tag and the other handles the rest. @@ -524,7 +544,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, static int asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, - ASN1_TLC *ctx) + ASN1_TLC *ctx, int depth) { int flags, aclass; int ret; @@ -559,7 +579,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, return 0; } /* We've found the field so it can't be OPTIONAL now */ - ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); + ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; @@ -583,7 +603,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, } } } else - return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); + return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth); *in = p; return 1; @@ -596,7 +616,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, - ASN1_TLC *ctx) + ASN1_TLC *ctx, int depth) { int flags, aclass; int ret; @@ -667,8 +687,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, break; } skfield = NULL; - if (!ASN1_item_ex_d2i(&skfield, &p, len, - ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { + if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), + -1, 0, 0, ctx, depth)) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; @@ -686,9 +706,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, } } else if (flags & ASN1_TFLG_IMPTAG) { /* IMPLICIT tagging */ - ret = ASN1_item_ex_d2i(val, &p, len, - ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, - ctx); + ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, + aclass, opt, ctx, depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; @@ -696,8 +715,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, return -1; } else { /* Nothing special */ - ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), - -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx); + ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), + -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx, + depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; diff --git a/freebsd/crypto/openssl/crypto/asn1/tasn_prn.c b/freebsd/crypto/openssl/crypto/asn1/tasn_prn.c index 7c07c9b0..0dd50646 100644 --- a/freebsd/crypto/openssl/crypto/asn1/tasn_prn.c +++ b/freebsd/crypto/openssl/crypto/asn1/tasn_prn.c @@ -465,7 +465,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid, ln = OBJ_nid2ln(OBJ_obj2nid(oid)); if (!ln) ln = ""; - OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1); + OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1); if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0) return 0; return 1; diff --git a/freebsd/crypto/openssl/crypto/bf/bftest.c b/freebsd/crypto/openssl/crypto/bf/bftest.c index 4b08929b..c2a3e206 100644 --- a/freebsd/crypto/openssl/crypto/bf/bftest.c +++ b/freebsd/crypto/openssl/crypto/bf/bftest.c @@ -464,9 +464,9 @@ static int test(void) len = strlen(cbc_data) + 1; BF_set_key(&key, 16, cbc_key); - memset(cbc_in, 0, sizeof cbc_in); - memset(cbc_out, 0, sizeof cbc_out); - memcpy(iv, cbc_iv, sizeof iv); + memset(cbc_in, 0, sizeof(cbc_in)); + memset(cbc_out, 0, sizeof(cbc_out)); + memcpy(iv, cbc_iv, sizeof(iv)); BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len, &key, iv, BF_ENCRYPT); if (memcmp(cbc_out, cbc_ok, 32) != 0) { diff --git a/freebsd/crypto/openssl/crypto/bio/b_dump.c b/freebsd/crypto/openssl/crypto/bio/b_dump.c index a4378de3..d4bc5240 100644 --- a/freebsd/crypto/openssl/crypto/bio/b_dump.c +++ b/freebsd/crypto/openssl/crypto/bio/b_dump.c @@ -66,7 +66,6 @@ #include "cryptlib.h" #include "bio_lcl.h" -#define TRUNCATE #define DUMP_WIDTH 16 #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) @@ -81,17 +80,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u), { int ret = 0; char buf[288 + 1], tmp[20], str[128 + 1]; - int i, j, rows, trc; + int i, j, rows; unsigned char ch; int dump_width; - trc = 0; - -#ifdef TRUNCATE - for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--) - trc++; -#endif - if (indent < 0) indent = 0; if (indent) { @@ -106,50 +98,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u), if ((rows * dump_width) < len) rows++; for (i = 0; i < rows; i++) { - BUF_strlcpy(buf, str, sizeof buf); - BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width); - BUF_strlcat(buf, tmp, sizeof buf); + BUF_strlcpy(buf, str, sizeof(buf)); + BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width); + BUF_strlcat(buf, tmp, sizeof(buf)); for (j = 0; j < dump_width; j++) { if (((i * dump_width) + j) >= len) { - BUF_strlcat(buf, " ", sizeof buf); + BUF_strlcat(buf, " ", sizeof(buf)); } else { ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff; - BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch, + BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch, j == 7 ? '-' : ' '); - BUF_strlcat(buf, tmp, sizeof buf); + BUF_strlcat(buf, tmp, sizeof(buf)); } } - BUF_strlcat(buf, " ", sizeof buf); + BUF_strlcat(buf, " ", sizeof(buf)); for (j = 0; j < dump_width; j++) { if (((i * dump_width) + j) >= len) break; ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff; #ifndef CHARSET_EBCDIC - BIO_snprintf(tmp, sizeof tmp, "%c", + BIO_snprintf(tmp, sizeof(tmp), "%c", ((ch >= ' ') && (ch <= '~')) ? ch : '.'); #else - BIO_snprintf(tmp, sizeof tmp, "%c", + BIO_snprintf(tmp, sizeof(tmp), "%c", ((ch >= os_toascii[' ']) && (ch <= os_toascii['~'])) ? os_toebcdic[ch] : '.'); #endif - BUF_strlcat(buf, tmp, sizeof buf); + BUF_strlcat(buf, tmp, sizeof(buf)); } - BUF_strlcat(buf, "\n", sizeof buf); + BUF_strlcat(buf, "\n", sizeof(buf)); /* * if this is the last call then update the ddt_dump thing so that we * will move the selection point in the debug window */ ret += cb((void *)buf, strlen(buf), u); } -#ifdef TRUNCATE - if (trc > 0) { - BIO_snprintf(buf, sizeof buf, "%s%04x - \n", str, - len + trc); - ret += cb((void *)buf, strlen(buf), u); - } -#endif - return (ret); + return ret; } #ifndef OPENSSL_NO_FP_API diff --git a/freebsd/crypto/openssl/crypto/bio/b_print.c b/freebsd/crypto/openssl/crypto/bio/b_print.c index 738904bc..656d63bb 100644 --- a/freebsd/crypto/openssl/crypto/bio/b_print.c +++ b/freebsd/crypto/openssl/crypto/bio/b_print.c @@ -665,7 +665,7 @@ fmtfp(char **sbuffer, iconvert[iplace++] = "0123456789"[intpart % 10]; intpart = (intpart / 10); } while (intpart && (iplace < (int)sizeof(iconvert))); - if (iplace == sizeof iconvert) + if (iplace == sizeof(iconvert)) iplace--; iconvert[iplace] = 0; @@ -674,7 +674,7 @@ fmtfp(char **sbuffer, fconvert[fplace++] = "0123456789"[fracpart % 10]; fracpart = (fracpart / 10); } while (fplace < max); - if (fplace == sizeof fconvert) + if (fplace == sizeof(fconvert)) fplace--; fconvert[fplace] = 0; diff --git a/freebsd/crypto/openssl/crypto/bio/bio_cb.c b/freebsd/crypto/openssl/crypto/bio/bio_cb.c index 3f35fc04..68daae27 100644 --- a/freebsd/crypto/openssl/crypto/bio/bio_cb.c +++ b/freebsd/crypto/openssl/crypto/bio/bio_cb.c @@ -78,7 +78,7 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp, if (BIO_CB_RETURN & cmd) r = ret; - len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio); + len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio); /* Ignore errors and continue printing the other information. */ if (len < 0) diff --git a/freebsd/crypto/openssl/crypto/bio/bss_bio.c b/freebsd/crypto/openssl/crypto/bio/bss_bio.c index 6408afc4..0b7efc05 100644 --- a/freebsd/crypto/openssl/crypto/bio/bss_bio.c +++ b/freebsd/crypto/openssl/crypto/bio/bss_bio.c @@ -146,7 +146,7 @@ static int bio_new(BIO *bio) { struct bio_bio_st *b; - b = OPENSSL_malloc(sizeof *b); + b = OPENSSL_malloc(sizeof(*b)); if (b == NULL) return 0; diff --git a/freebsd/crypto/openssl/crypto/bio/bss_conn.c b/freebsd/crypto/openssl/crypto/bio/bss_conn.c index ce6a3238..49c14905 100644 --- a/freebsd/crypto/openssl/crypto/bio/bss_conn.c +++ b/freebsd/crypto/openssl/crypto/bio/bss_conn.c @@ -483,7 +483,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) char buf[16]; unsigned char *p = ptr; - BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d", + BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); if (data->param_hostname != NULL) OPENSSL_free(data->param_hostname); @@ -492,7 +492,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) } else if (num == 3) { char buf[DECIMAL_SIZE(int) + 1]; - BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr); + BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr); if (data->param_port != NULL) OPENSSL_free(data->param_port); data->param_port = BUF_strdup(buf); diff --git a/freebsd/crypto/openssl/crypto/bio/bss_file.c b/freebsd/crypto/openssl/crypto/bio/bss_file.c index 283d85c9..0f81ccd9 100644 --- a/freebsd/crypto/openssl/crypto/bio/bss_file.c +++ b/freebsd/crypto/openssl/crypto/bio/bss_file.c @@ -377,15 +377,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) b->shutdown = (int)num & BIO_CLOSE; if (num & BIO_FP_APPEND) { if (num & BIO_FP_READ) - BUF_strlcpy(p, "a+", sizeof p); + BUF_strlcpy(p, "a+", sizeof(p)); else - BUF_strlcpy(p, "a", sizeof p); + BUF_strlcpy(p, "a", sizeof(p)); } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) - BUF_strlcpy(p, "r+", sizeof p); + BUF_strlcpy(p, "r+", sizeof(p)); else if (num & BIO_FP_WRITE) - BUF_strlcpy(p, "w", sizeof p); + BUF_strlcpy(p, "w", sizeof(p)); else if (num & BIO_FP_READ) - BUF_strlcpy(p, "r", sizeof p); + BUF_strlcpy(p, "r", sizeof(p)); else { BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE); ret = 0; diff --git a/freebsd/crypto/openssl/crypto/bn/bn_exp.c b/freebsd/crypto/openssl/crypto/bn/bn_exp.c index 7261c8db..50374334 100644 --- a/freebsd/crypto/openssl/crypto/bn/bn_exp.c +++ b/freebsd/crypto/openssl/crypto/bn/bn_exp.c @@ -58,7 +58,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -729,7 +729,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, top = m->top; - bits = BN_num_bits(p); + /* + * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak + * whether the top bits are zero. + */ + bits = p->top * BN_BITS2; if (bits == 0) { /* x**0 mod 1 is still zero. */ if (BN_is_one(m)) { diff --git a/freebsd/crypto/openssl/crypto/bn/bn_lib.c b/freebsd/crypto/openssl/crypto/bn/bn_lib.c index da58a91a..e63f6100 100644 --- a/freebsd/crypto/openssl/crypto/bn/bn_lib.c +++ b/freebsd/crypto/openssl/crypto/bn/bn_lib.c @@ -146,74 +146,47 @@ const BIGNUM *BN_value_one(void) int BN_num_bits_word(BN_ULONG l) { - static const unsigned char bits[256] = { - 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4, - 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, - }; - -#if defined(SIXTY_FOUR_BIT_LONG) - if (l & 0xffffffff00000000L) { - if (l & 0xffff000000000000L) { - if (l & 0xff00000000000000L) { - return (bits[(int)(l >> 56)] + 56); - } else - return (bits[(int)(l >> 48)] + 48); - } else { - if (l & 0x0000ff0000000000L) { - return (bits[(int)(l >> 40)] + 40); - } else - return (bits[(int)(l >> 32)] + 32); - } - } else -#else -# ifdef SIXTY_FOUR_BIT - if (l & 0xffffffff00000000LL) { - if (l & 0xffff000000000000LL) { - if (l & 0xff00000000000000LL) { - return (bits[(int)(l >> 56)] + 56); - } else - return (bits[(int)(l >> 48)] + 48); - } else { - if (l & 0x0000ff0000000000LL) { - return (bits[(int)(l >> 40)] + 40); - } else - return (bits[(int)(l >> 32)] + 32); - } - } else -# endif -#endif - { -#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) - if (l & 0xffff0000L) { - if (l & 0xff000000L) - return (bits[(int)(l >> 24L)] + 24); - else - return (bits[(int)(l >> 16L)] + 16); - } else -#endif - { -#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) - if (l & 0xff00L) - return (bits[(int)(l >> 8)] + 8); - else + BN_ULONG x, mask; + int bits = (l != 0); + +#if BN_BITS2 > 32 + x = l >> 32; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 32 & mask; + l ^= (x ^ l) & mask; #endif - return (bits[(int)(l)]); - } - } + + x = l >> 16; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 16 & mask; + l ^= (x ^ l) & mask; + + x = l >> 8; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 8 & mask; + l ^= (x ^ l) & mask; + + x = l >> 4; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 4 & mask; + l ^= (x ^ l) & mask; + + x = l >> 2; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 2 & mask; + l ^= (x ^ l) & mask; + + x = l >> 1; + mask = (0 - x) & BN_MASK2; + mask = (0 - (mask >> (BN_BITS2 - 1))); + bits += 1 & mask; + + return bits; } int BN_num_bits(const BIGNUM *a) @@ -526,9 +499,6 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) memcpy(a->d, b->d, sizeof(b->d[0]) * b->top); #endif - if (BN_get_flags(b, BN_FLG_CONSTTIME) != 0) - BN_set_flags(a, BN_FLG_CONSTTIME); - a->top = b->top; a->neg = b->neg; bn_check_top(a); diff --git a/freebsd/crypto/openssl/crypto/bn/bn_mont.c b/freebsd/crypto/openssl/crypto/bn/bn_mont.c index ddf25f5c..d21a9501 100644 --- a/freebsd/crypto/openssl/crypto/bn/bn_mont.c +++ b/freebsd/crypto/openssl/crypto/bn/bn_mont.c @@ -58,7 +58,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -209,26 +209,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) r->top = max; n0 = mont->n0[0]; -# ifdef BN_COUNT - fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl); -# endif + /* + * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On + * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r| + * includes |carry| which is stored separately. + */ for (carry = 0, i = 0; i < nl; i++, rp++) { -# ifdef __TANDEM - { - long long t1; - long long t2; - long long t3; - t1 = rp[0] * (n0 & 0177777); - t2 = 037777600000l; - t2 = n0 & t2; - t3 = rp[0] & 0177777; - t2 = (t3 * t2) & BN_MASK2; - t1 = t1 + t2; - v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1); - } -# else v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2); -# endif v = (v + carry + rp[nl]) & BN_MASK2; carry |= (v != rp[nl]); carry &= (v <= rp[nl]); @@ -241,46 +228,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) ret->neg = r->neg; rp = ret->d; - ap = &(r->d[nl]); -# define BRANCH_FREE 1 -# if BRANCH_FREE - { - BN_ULONG *nrp; - size_t m; + /* + * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap| + * includes |carry| which is stored separately. + */ + ap = &(r->d[nl]); - v = bn_sub_words(rp, ap, np, nl) - carry; - /* - * if subtraction result is real, then trick unconditional memcpy - * below to perform in-place "refresh" instead of actual copy. - */ - m = (0 - (size_t)v); - nrp = - (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m)); - - for (i = 0, nl -= 4; i < nl; i += 4) { - BN_ULONG t1, t2, t3, t4; - - t1 = nrp[i + 0]; - t2 = nrp[i + 1]; - t3 = nrp[i + 2]; - ap[i + 0] = 0; - t4 = nrp[i + 3]; - ap[i + 1] = 0; - rp[i + 0] = t1; - ap[i + 2] = 0; - rp[i + 1] = t2; - ap[i + 3] = 0; - rp[i + 2] = t3; - rp[i + 3] = t4; - } - for (nl += 4; i < nl; i++) - rp[i] = nrp[i], ap[i] = 0; + /* + * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v| + * cannot be -1. That would imply the subtraction did not fit in |nl| words, + * and we know at most one subtraction is needed. + */ + v = bn_sub_words(rp, ap, np, nl) - carry; + v = 0 - v; + for (i = 0; i < nl; i++) { + rp[i] = (v & ap[i]) | (~v & rp[i]); + ap[i] = 0; } -# else - if (bn_sub_words(rp, ap, np, nl) - carry) - memcpy(rp, ap, nl * sizeof(BN_ULONG)); -# endif bn_correct_top(r); bn_correct_top(ret); bn_check_top(ret); @@ -384,6 +349,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) R = &(mont->RR); /* grab RR as a temp */ if (!BN_copy(&(mont->N), mod)) goto err; /* Set N */ + if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) + BN_set_flags(&(mont->N), BN_FLG_CONSTTIME); mont->N.neg = 0; #ifdef MONT_WORD diff --git a/freebsd/crypto/openssl/crypto/bn/bn_print.c b/freebsd/crypto/openssl/crypto/bn/bn_print.c index 6d897da2..b316dcc8 100644 --- a/freebsd/crypto/openssl/crypto/bn/bn_print.c +++ b/freebsd/crypto/openssl/crypto/bn/bn_print.c @@ -393,10 +393,10 @@ char *BN_options(void) if (!init) { init++; #ifdef BN_LLONG - BIO_snprintf(data, sizeof data, "bn(%d,%d)", + BIO_snprintf(data, sizeof(data), "bn(%d,%d)", (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8); #else - BIO_snprintf(data, sizeof data, "bn(%d,%d)", + BIO_snprintf(data, sizeof(data), "bn(%d,%d)", (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8); #endif } diff --git a/freebsd/crypto/openssl/crypto/bn/bntest.c b/freebsd/crypto/openssl/crypto/bn/bntest.c index ecbb52ff..ea585878 100644 --- a/freebsd/crypto/openssl/crypto/bn/bntest.c +++ b/freebsd/crypto/openssl/crypto/bn/bntest.c @@ -150,7 +150,7 @@ int main(int argc, char *argv[]) results = 0; - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ + RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */ argc--; argv++; diff --git a/freebsd/crypto/openssl/crypto/bn/expspeed.c b/freebsd/crypto/openssl/crypto/bn/expspeed.c index 0068f971..5c58128c 100644 --- a/freebsd/crypto/openssl/crypto/bn/expspeed.c +++ b/freebsd/crypto/openssl/crypto/bn/expspeed.c @@ -200,7 +200,7 @@ static int mul_c[NUM_SIZES] = * static int sizes[NUM_SIZES]={59,179,299,419,539}; */ -#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); } +#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); } void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx); diff --git a/freebsd/crypto/openssl/crypto/bn/exptest.c b/freebsd/crypto/openssl/crypto/bn/exptest.c index 1bbf5ef7..ee2cb663 100644 --- a/freebsd/crypto/openssl/crypto/bn/exptest.c +++ b/freebsd/crypto/openssl/crypto/bn/exptest.c @@ -185,9 +185,11 @@ int main(int argc, char *argv[]) unsigned char c; BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m; - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we - * don't even check its return - * value (which we should) */ + /* + * Seed or BN_rand may fail, and we don't even check its return + * value (which we should) + */ + RAND_seed(rnd_seed, sizeof(rnd_seed)); ERR_load_BN_strings(); diff --git a/freebsd/crypto/openssl/crypto/conf/conf_def.c b/freebsd/crypto/openssl/crypto/conf/conf_def.c index ea2b96eb..8043b7c3 100644 --- a/freebsd/crypto/openssl/crypto/conf/conf_def.c +++ b/freebsd/crypto/openssl/crypto/conf/conf_def.c @@ -425,7 +425,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) OPENSSL_free(section); if (line != NULL) *line = eline; - BIO_snprintf(btmp, sizeof btmp, "%ld", eline); + BIO_snprintf(btmp, sizeof(btmp), "%ld", eline); ERR_add_error_data(2, "line ", btmp); if ((h != conf->data) && (conf->data != NULL)) { CONF_free(conf->data); diff --git a/freebsd/crypto/openssl/crypto/conf/conf_mod.c b/freebsd/crypto/openssl/crypto/conf/conf_mod.c index cee6f45e..d355ee83 100644 --- a/freebsd/crypto/openssl/crypto/conf/conf_mod.c +++ b/freebsd/crypto/openssl/crypto/conf/conf_mod.c @@ -223,7 +223,7 @@ static int module_run(const CONF *cnf, char *name, char *value, if (!(flags & CONF_MFLAGS_SILENT)) { char rcode[DECIMAL_SIZE(ret) + 1]; CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); - BIO_snprintf(rcode, sizeof rcode, "%-8d", ret); + BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); } diff --git a/freebsd/crypto/openssl/crypto/des/ecb_enc.c b/freebsd/crypto/openssl/crypto/des/ecb_enc.c index dd2453a5..08d266d3 100644 --- a/freebsd/crypto/openssl/crypto/des/ecb_enc.c +++ b/freebsd/crypto/openssl/crypto/des/ecb_enc.c @@ -98,7 +98,7 @@ const char *DES_options(void) size = "int"; else size = "long"; - BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll, + BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll, size); init = 0; } diff --git a/freebsd/crypto/openssl/crypto/des/fcrypt.c b/freebsd/crypto/openssl/crypto/des/fcrypt.c index c4ffda33..a5708421 100644 --- a/freebsd/crypto/openssl/crypto/des/fcrypt.c +++ b/freebsd/crypto/openssl/crypto/des/fcrypt.c @@ -82,10 +82,10 @@ char *DES_crypt(const char *buf, const char *salt) e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0'; /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */ - ebcdic2ascii(e_salt, e_salt, sizeof e_salt); + ebcdic2ascii(e_salt, e_salt, sizeof(e_salt)); /* Convert the cleartext password to ASCII */ - ebcdic2ascii(e_buf, e_buf, sizeof e_buf); + ebcdic2ascii(e_buf, e_buf, sizeof(e_buf)); /* Encrypt it (from/to ASCII) */ ret = DES_fcrypt(e_buf, e_salt, buff); diff --git a/freebsd/crypto/openssl/crypto/des/read_pwd.c b/freebsd/crypto/openssl/crypto/des/read_pwd.c index 6f84ce48..d6ce46a5 100644 --- a/freebsd/crypto/openssl/crypto/des/read_pwd.c +++ b/freebsd/crypto/openssl/crypto/des/read_pwd.c @@ -436,7 +436,7 @@ static void pushsig(void) # ifdef SIGACTION struct sigaction sa; - memset(&sa, 0, sizeof sa); + memset(&sa, 0, sizeof(sa)); sa.sa_handler = recsig; # endif diff --git a/freebsd/crypto/openssl/crypto/des/set_key.c b/freebsd/crypto/openssl/crypto/des/set_key.c index 77f46881..446e0861 100644 --- a/freebsd/crypto/openssl/crypto/des/set_key.c +++ b/freebsd/crypto/openssl/crypto/des/set_key.c @@ -379,7 +379,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key, register int i; #ifdef OPENBSD_DEV_CRYPTO - memcpy(schedule->key, key, sizeof schedule->key); + memcpy(schedule->key, key, sizeof(schedule->key)); schedule->session = NULL; #endif k = &schedule->ks->deslong[0]; diff --git a/freebsd/crypto/openssl/crypto/dh/dhtest.c b/freebsd/crypto/openssl/crypto/dh/dhtest.c index d5494c86..747d7e2f 100644 --- a/freebsd/crypto/openssl/crypto/dh/dhtest.c +++ b/freebsd/crypto/openssl/crypto/dh/dhtest.c @@ -118,7 +118,7 @@ int main(int argc, char *argv[]) CRYPTO_malloc_init(); # endif - RAND_seed(rnd_seed, sizeof rnd_seed); + RAND_seed(rnd_seed, sizeof(rnd_seed)); out = BIO_new(BIO_s_file()); if (out == NULL) diff --git a/freebsd/crypto/openssl/crypto/dsa/dsatest.c b/freebsd/crypto/openssl/crypto/dsa/dsatest.c index 7832fe53..e7c846a1 100644 --- a/freebsd/crypto/openssl/crypto/dsa/dsatest.c +++ b/freebsd/crypto/openssl/crypto/dsa/dsatest.c @@ -159,7 +159,7 @@ int main(int argc, char **argv) CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); ERR_load_crypto_strings(); - RAND_seed(rnd_seed, sizeof rnd_seed); + RAND_seed(rnd_seed, sizeof(rnd_seed)); BIO_printf(bio_err, "test generation of DSA parameters\n"); diff --git a/freebsd/crypto/openssl/crypto/ec/ec_lib.c b/freebsd/crypto/openssl/crypto/ec/ec_lib.c index 81360f45..ce22b252 100644 --- a/freebsd/crypto/openssl/crypto/ec/ec_lib.c +++ b/freebsd/crypto/openssl/crypto/ec/ec_lib.c @@ -87,7 +87,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -166,7 +166,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) OPENSSL_free(group->seed); } - OPENSSL_cleanse(group, sizeof *group); + OPENSSL_cleanse(group, sizeof(*group)); OPENSSL_free(group); } @@ -577,7 +577,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, /* no explicit entry needed */ return 1; - d = OPENSSL_malloc(sizeof *d); + d = OPENSSL_malloc(sizeof(*d)); if (d == NULL) return 0; @@ -714,7 +714,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -749,7 +749,7 @@ void EC_POINT_clear_free(EC_POINT *point) point->meth->point_clear_finish(point); else if (point->meth->point_finish != 0) point->meth->point_finish(point); - OPENSSL_cleanse(point, sizeof *point); + OPENSSL_cleanse(point, sizeof(*point)); OPENSSL_free(point); } diff --git a/freebsd/crypto/openssl/crypto/ec/ec_mult.c b/freebsd/crypto/openssl/crypto/ec/ec_mult.c index f14a8965..d37f6470 100644 --- a/freebsd/crypto/openssl/crypto/ec/ec_mult.c +++ b/freebsd/crypto/openssl/crypto/ec/ec_mult.c @@ -171,11 +171,11 @@ static void ec_pre_comp_clear_free(void *pre_) for (p = pre->points; *p != NULL; p++) { EC_POINT_clear_free(*p); - OPENSSL_cleanse(p, sizeof *p); + OPENSSL_cleanse(p, sizeof(*p)); } OPENSSL_free(pre->points); } - OPENSSL_cleanse(pre, sizeof *pre); + OPENSSL_cleanse(pre, sizeof(*pre)); OPENSSL_free(pre); } @@ -432,11 +432,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, totalnum = num + numblocks; - wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); - wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); - wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space - * for pivot */ - val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); + wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0])); + wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0])); + /* include space for pivot */ + wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0])); + val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0])); /* Ensure wNAF is initialised in case we end up going to err */ if (wNAF) @@ -582,7 +582,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a * subarray of 'pre_comp->points' if we already have precomputation. */ - val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); + val = OPENSSL_malloc((num_val + 1) * sizeof(val[0])); if (val == NULL) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); goto err; diff --git a/freebsd/crypto/openssl/crypto/ec/ecp_nistp224.c b/freebsd/crypto/openssl/crypto/ec/ecp_nistp224.c index aba7ff6d..8cde8002 100644 --- a/freebsd/crypto/openssl/crypto/ec/ecp_nistp224.c +++ b/freebsd/crypto/openssl/crypto/ec/ecp_nistp224.c @@ -50,7 +50,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit typedef uint8_t u8; typedef uint64_t u64; -typedef int64_t s64; /******************************************************************************/ /*- @@ -353,9 +352,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn) unsigned num_bytes; /* BN_bn2bin eats leading zeroes */ - memset(b_out, 0, sizeof b_out); + memset(b_out, 0, sizeof(b_out)); num_bytes = BN_num_bytes(bn); - if (num_bytes > sizeof b_out) { + if (num_bytes > sizeof(b_out)) { ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -374,8 +373,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in) { felem_bytearray b_in, b_out; felem_to_bin28(b_in, in); - flip_endian(b_out, b_in, sizeof b_out); - return BN_bin2bn(b_out, sizeof b_out, out); + flip_endian(b_out, b_in, sizeof(b_out)); + return BN_bin2bn(b_out, sizeof(b_out), out); } /******************************************************************************/ @@ -1236,7 +1235,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, static NISTP224_PRE_COMP *nistp224_pre_comp_new() { NISTP224_PRE_COMP *ret = NULL; - ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret); + ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; @@ -1283,7 +1282,7 @@ static void nistp224_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_cleanse(pre, sizeof *pre); + OPENSSL_cleanse(pre, sizeof(*pre)); OPENSSL_free(pre); } @@ -1570,7 +1569,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, /* the scalar for the generator */ if ((scalar != NULL) && (have_pre_comp)) { - memset(g_secret, 0, sizeof g_secret); + memset(g_secret, 0, sizeof(g_secret)); /* reduce scalar to 0 <= scalar < 2^224 */ if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) { /* diff --git a/freebsd/crypto/openssl/crypto/ec/ecp_nistp256.c b/freebsd/crypto/openssl/crypto/ec/ecp_nistp256.c index c34288fc..d3fb9931 100644 --- a/freebsd/crypto/openssl/crypto/ec/ecp_nistp256.c +++ b/freebsd/crypto/openssl/crypto/ec/ecp_nistp256.c @@ -53,7 +53,6 @@ typedef __int128_t int128_t; typedef uint8_t u8; typedef uint32_t u32; typedef uint64_t u64; -typedef int64_t s64; /* * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We @@ -163,9 +162,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn) unsigned num_bytes; /* BN_bn2bin eats leading zeroes */ - memset(b_out, 0, sizeof b_out); + memset(b_out, 0, sizeof(b_out)); num_bytes = BN_num_bytes(bn); - if (num_bytes > sizeof b_out) { + if (num_bytes > sizeof(b_out)) { ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -184,8 +183,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in) { felem_bytearray b_in, b_out; smallfelem_to_bin32(b_in, in); - flip_endian(b_out, b_in, sizeof b_out); - return BN_bin2bn(b_out, sizeof b_out, out); + flip_endian(b_out, b_in, sizeof(b_out)); + return BN_bin2bn(b_out, sizeof(b_out), out); } /*- @@ -394,7 +393,7 @@ static void felem_shrink(smallfelem out, const felem in) { felem tmp; u64 a, b, mask; - s64 high, low; + u64 high, low; static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */ /* Carry 2->3 */ @@ -435,29 +434,31 @@ static void felem_shrink(smallfelem out, const felem in) * In order to make space in tmp[3] for the carry from 2 -> 3, we * conditionally subtract kPrime if tmp[3] is large enough. */ - high = tmp[3] >> 64; + high = (u64)(tmp[3] >> 64); /* As tmp[3] < 2^65, high is either 1 or 0 */ - high <<= 63; - high >>= 63; + high = 0 - high; /*- * high is: * all ones if the high word of tmp[3] is 1 - * all zeros if the high word of tmp[3] if 0 */ - low = tmp[3]; - mask = low >> 63; + * all zeros if the high word of tmp[3] if 0 + */ + low = (u64)tmp[3]; + mask = 0 - (low >> 63); /*- * mask is: * all ones if the MSB of low is 1 - * all zeros if the MSB of low if 0 */ + * all zeros if the MSB of low if 0 + */ low &= bottom63bits; low -= kPrime3Test; /* if low was greater than kPrime3Test then the MSB is zero */ low = ~low; - low >>= 63; + low = 0 - (low >> 63); /*- * low is: * all ones if low was > kPrime3Test - * all zeros if low was <= kPrime3Test */ + * all zeros if low was <= kPrime3Test + */ mask = (mask & low) | high; tmp[0] -= mask & kPrime[0]; tmp[1] -= mask & kPrime[1]; @@ -891,7 +892,7 @@ static void felem_contract(smallfelem out, const felem in) equal &= equal << 4; equal &= equal << 2; equal &= equal << 1; - equal = ((s64) equal) >> 63; + equal = 0 - (equal >> 63); all_equal_so_far &= equal; } @@ -958,7 +959,7 @@ static limb smallfelem_is_zero(const smallfelem small) is_zero &= is_zero << 4; is_zero &= is_zero << 2; is_zero &= is_zero << 1; - is_zero = ((s64) is_zero) >> 63; + is_zero = 0 - (is_zero >> 63); is_p = (small[0] ^ kPrime[0]) | (small[1] ^ kPrime[1]) | @@ -970,7 +971,7 @@ static limb smallfelem_is_zero(const smallfelem small) is_p &= is_p << 4; is_p &= is_p << 2; is_p &= is_p << 1; - is_p = ((s64) is_p) >> 63; + is_p = 0 - (is_p >> 63); is_zero |= is_p; @@ -1822,7 +1823,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void) static NISTP256_PRE_COMP *nistp256_pre_comp_new() { NISTP256_PRE_COMP *ret = NULL; - ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret); + ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; @@ -1869,7 +1870,7 @@ static void nistp256_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_cleanse(pre, sizeof *pre); + OPENSSL_cleanse(pre, sizeof(*pre)); OPENSSL_free(pre); } diff --git a/freebsd/crypto/openssl/crypto/ec/ecp_nistp521.c b/freebsd/crypto/openssl/crypto/ec/ecp_nistp521.c index 3d83b2d7..a07c91f5 100644 --- a/freebsd/crypto/openssl/crypto/ec/ecp_nistp521.c +++ b/freebsd/crypto/openssl/crypto/ec/ecp_nistp521.c @@ -51,7 +51,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit typedef uint8_t u8; typedef uint64_t u64; -typedef int64_t s64; /* * The underlying field. P521 operates over GF(2^521-1). We can serialise an @@ -187,9 +186,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn) unsigned num_bytes; /* BN_bn2bin eats leading zeroes */ - memset(b_out, 0, sizeof b_out); + memset(b_out, 0, sizeof(b_out)); num_bytes = BN_num_bytes(bn); - if (num_bytes > sizeof b_out) { + if (num_bytes > sizeof(b_out)) { ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -208,8 +207,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in) { felem_bytearray b_in, b_out; felem_to_bin66(b_in, in); - flip_endian(b_out, b_in, sizeof b_out); - return BN_bin2bn(b_out, sizeof b_out, out); + flip_endian(b_out, b_in, sizeof(b_out)); + return BN_bin2bn(b_out, sizeof(b_out), out); } /*- @@ -854,7 +853,7 @@ static limb felem_is_zero(const felem in) * We know that ftmp[i] < 2^63, therefore the only way that the top bit * can be set is if is_zero was 0 before the decrement. */ - is_zero = ((s64) is_zero) >> 63; + is_zero = 0 - (is_zero >> 63); is_p = ftmp[0] ^ kPrime[0]; is_p |= ftmp[1] ^ kPrime[1]; @@ -867,7 +866,7 @@ static limb felem_is_zero(const felem in) is_p |= ftmp[8] ^ kPrime[8]; is_p--; - is_p = ((s64) is_p) >> 63; + is_p = 0 - (is_p >> 63); is_zero |= is_p; return is_zero; @@ -938,7 +937,7 @@ static void felem_contract(felem out, const felem in) is_p &= is_p << 4; is_p &= is_p << 2; is_p &= is_p << 1; - is_p = ((s64) is_p) >> 63; + is_p = 0 - (is_p >> 63); is_p = ~is_p; /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */ @@ -964,7 +963,7 @@ static void felem_contract(felem out, const felem in) is_greater |= is_greater << 4; is_greater |= is_greater << 2; is_greater |= is_greater << 1; - is_greater = ((s64) is_greater) >> 63; + is_greater = 0 - (is_greater >> 63); out[0] -= kPrime[0] & is_greater; out[1] -= kPrime[1] & is_greater; diff --git a/freebsd/crypto/openssl/crypto/ec/ecp_nistz256.c b/freebsd/crypto/openssl/crypto/ec/ecp_nistz256.c index 99cbe3c8..27c0e870 100644 --- a/freebsd/crypto/openssl/crypto/ec/ecp_nistz256.c +++ b/freebsd/crypto/openssl/crypto/ec/ecp_nistz256.c @@ -1506,7 +1506,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_) 32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37); OPENSSL_free(pre->precomp_storage); } - OPENSSL_cleanse(pre, sizeof *pre); + OPENSSL_cleanse(pre, sizeof(*pre)); OPENSSL_free(pre); } diff --git a/freebsd/crypto/openssl/crypto/ec/ecp_smpl.c b/freebsd/crypto/openssl/crypto/ec/ecp_smpl.c index 64208b9a..370219a9 100644 --- a/freebsd/crypto/openssl/crypto/ec/ecp_smpl.c +++ b/freebsd/crypto/openssl/crypto/ec/ecp_smpl.c @@ -1272,7 +1272,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, if (tmp == NULL || tmp_Z == NULL) goto err; - prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]); + prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0])); if (prod_Z == NULL) goto err; for (i = 0; i < num; i++) { diff --git a/freebsd/crypto/openssl/crypto/ec/ectest.c b/freebsd/crypto/openssl/crypto/ec/ectest.c index 0efe415c..18c7981b 100644 --- a/freebsd/crypto/openssl/crypto/ec/ectest.c +++ b/freebsd/crypto/openssl/crypto/ec/ectest.c @@ -471,7 +471,7 @@ static void prime_field_tests(void) len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, - sizeof buf, ctx); + sizeof(buf), ctx); if (len == 0) ABORT; if (!EC_POINT_oct2point(group, P, buf, len, ctx)) @@ -484,7 +484,7 @@ static void prime_field_tests(void) len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, - sizeof buf, ctx); + sizeof(buf), ctx); if (len == 0) ABORT; if (!EC_POINT_oct2point(group, P, buf, len, ctx)) @@ -496,7 +496,7 @@ static void prime_field_tests(void) fprintf(stdout, "%02X", buf[i]); len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, + EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf), ctx); if (len == 0) ABORT; @@ -1208,7 +1208,7 @@ static void char2_field_tests(void) # ifdef OPENSSL_EC_BIN_PT_COMP len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, - sizeof buf, ctx); + sizeof(buf), ctx); if (len == 0) ABORT; if (!EC_POINT_oct2point(group, P, buf, len, ctx)) @@ -1222,7 +1222,7 @@ static void char2_field_tests(void) len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, - sizeof buf, ctx); + sizeof(buf), ctx); if (len == 0) ABORT; if (!EC_POINT_oct2point(group, P, buf, len, ctx)) @@ -1236,7 +1236,7 @@ static void char2_field_tests(void) /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, + EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf), ctx); if (len == 0) ABORT; @@ -1846,7 +1846,7 @@ int main(int argc, char *argv[]) CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); ERR_load_crypto_strings(); - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ + RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */ prime_field_tests(); puts(""); diff --git a/freebsd/crypto/openssl/crypto/ecdh/ecdhtest.c b/freebsd/crypto/openssl/crypto/ecdh/ecdhtest.c index a0b4e5af..b29cb23e 100644 --- a/freebsd/crypto/openssl/crypto/ecdh/ecdhtest.c +++ b/freebsd/crypto/openssl/crypto/ecdh/ecdhtest.c @@ -492,7 +492,7 @@ int main(int argc, char *argv[]) CRYPTO_malloc_init(); # endif - RAND_seed(rnd_seed, sizeof rnd_seed); + RAND_seed(rnd_seed, sizeof(rnd_seed)); out = BIO_new(BIO_s_file()); if (out == NULL) diff --git a/freebsd/crypto/openssl/crypto/engine/eng_cryptodev.c b/freebsd/crypto/openssl/crypto/engine/eng_cryptodev.c index 4662025a..1d17290a 100644 --- a/freebsd/crypto/openssl/crypto/engine/eng_cryptodev.c +++ b/freebsd/crypto/openssl/crypto/engine/eng_cryptodev.c @@ -1059,7 +1059,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a) return (-1); for (i = 0; i < bytes; i++) - pd[i] = crp->crp_p[bytes - i - 1]; + pd[i] = ((char *)crp->crp_p)[bytes - i - 1]; BN_bin2bn(pd, bytes, a); free(pd); @@ -1135,7 +1135,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, return (ret); } - memset(&kop, 0, sizeof kop); + memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_MOD_EXP; /* inputs: a^p % m */ @@ -1186,7 +1186,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) return (0); } - memset(&kop, 0, sizeof kop); + memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_MOD_EXP_CRT; /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ if (bn2crparam(rsa->p, &kop.crk_param[0])) @@ -1289,7 +1289,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, goto err; } - memset(&kop, 0, sizeof kop); + memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_DSA_SIGN; /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ @@ -1332,7 +1332,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, struct crypt_kop kop; int dsaret = 1; - memset(&kop, 0, sizeof kop); + memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_DSA_VERIFY; /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ @@ -1405,7 +1405,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) keylen = BN_num_bits(dh->p); - memset(&kop, 0, sizeof kop); + memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_DH_COMPUTE_KEY; /* inputs: dh->priv_key pub_key dh->p key */ diff --git a/freebsd/crypto/openssl/crypto/engine/eng_table.c b/freebsd/crypto/openssl/crypto/engine/eng_table.c index 75207cca..ade6dc29 100644 --- a/freebsd/crypto/openssl/crypto/engine/eng_table.c +++ b/freebsd/crypto/openssl/crypto/engine/eng_table.c @@ -1,7 +1,7 @@ #include /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -161,6 +161,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, } fnd->funct = NULL; (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); + if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) { + sk_ENGINE_free(fnd->sk); + OPENSSL_free(fnd); + goto end; + } } /* A registration shouldn't add duplciate entries */ (void)sk_ENGINE_delete_ptr(fnd->sk, e); diff --git a/freebsd/crypto/openssl/crypto/err/err.c b/freebsd/crypto/openssl/crypto/err/err.c index 326a1670..3f16a7b0 100644 --- a/freebsd/crypto/openssl/crypto/err/err.c +++ b/freebsd/crypto/openssl/crypto/err/err.c @@ -604,8 +604,8 @@ static void build_SYS_str_reasons(void) char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); char *src = strerror(i); if (src != NULL) { - strncpy(*dest, src, sizeof *dest); - (*dest)[sizeof *dest - 1] = '\0'; + strncpy(*dest, src, sizeof(*dest)); + (*dest)[sizeof(*dest) - 1] = '\0'; str->string = *dest; } } diff --git a/freebsd/crypto/openssl/crypto/err/err_prn.c b/freebsd/crypto/openssl/crypto/err/err_prn.c index e813e92b..6adff26a 100644 --- a/freebsd/crypto/openssl/crypto/err/err_prn.c +++ b/freebsd/crypto/openssl/crypto/err/err_prn.c @@ -79,7 +79,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u), CRYPTO_THREADID_current(&cur); es = CRYPTO_THREADID_hash(&cur); while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) { - ERR_error_string_n(l, buf, sizeof buf); + ERR_error_string_n(l, buf, sizeof(buf)); BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf, file, line, (flags & ERR_TXT_STRING) ? data : ""); if (cb(buf2, strlen(buf2), u) <= 0) diff --git a/freebsd/crypto/openssl/crypto/evp/bio_b64.c b/freebsd/crypto/openssl/crypto/evp/bio_b64.c index 8e6ae72d..442b41e0 100644 --- a/freebsd/crypto/openssl/crypto/evp/bio_b64.c +++ b/freebsd/crypto/openssl/crypto/evp/bio_b64.c @@ -332,6 +332,14 @@ static int b64_read(BIO *b, char *out, int outl) (unsigned char *)ctx->tmp, i); ctx->tmp_len = 0; } + /* + * If eof or an error was signalled, then the condition + * 'ctx->cont <= 0' will prevent b64_read() from reading + * more data on subsequent calls. This assignment was + * deleted accidentally in commit 5562cfaca4f3. + */ + ctx->cont = i; + ctx->buf_off = 0; if (i < 0) { ret_code = 0; diff --git a/freebsd/crypto/openssl/crypto/evp/digest.c b/freebsd/crypto/openssl/crypto/evp/digest.c index 62ae0f34..e35855d9 100644 --- a/freebsd/crypto/openssl/crypto/evp/digest.c +++ b/freebsd/crypto/openssl/crypto/evp/digest.c @@ -126,12 +126,12 @@ void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { - memset(ctx, '\0', sizeof *ctx); + memset(ctx, '\0', sizeof(*ctx)); } EVP_MD_CTX *EVP_MD_CTX_create(void) { - EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx); + EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx)); if (ctx) EVP_MD_CTX_init(ctx); @@ -318,7 +318,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) } else tmp_buf = NULL; EVP_MD_CTX_cleanup(out); - memcpy(out, in, sizeof *out); + memcpy(out, in, sizeof(*out)); if (in->md_data && out->digest->ctx_size) { if (tmp_buf) @@ -404,7 +404,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) #ifdef OPENSSL_FIPS FIPS_md_ctx_cleanup(ctx); #endif - memset(ctx, '\0', sizeof *ctx); + memset(ctx, '\0', sizeof(*ctx)); return 1; } diff --git a/freebsd/crypto/openssl/crypto/evp/e_aes.c b/freebsd/crypto/openssl/crypto/evp/e_aes.c index 116bb390..187aaa14 100644 --- a/freebsd/crypto/openssl/crypto/evp/e_aes.c +++ b/freebsd/crypto/openssl/crypto/evp/e_aes.c @@ -1,7 +1,7 @@ #include /* ==================================================================== - * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -1091,6 +1091,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; + out += MAXBITCHUNK; + in += MAXBITCHUNK; } if (len) CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, diff --git a/freebsd/crypto/openssl/crypto/evp/e_camellia.c b/freebsd/crypto/openssl/crypto/evp/e_camellia.c index 6625b54a..277ced92 100644 --- a/freebsd/crypto/openssl/crypto/evp/e_camellia.c +++ b/freebsd/crypto/openssl/crypto/evp/e_camellia.c @@ -2,7 +2,7 @@ /* crypto/evp/e_camellia.c */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -358,6 +358,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; + out += MAXBITCHUNK; + in += MAXBITCHUNK; } if (len) CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, diff --git a/freebsd/crypto/openssl/crypto/evp/evp_enc.c b/freebsd/crypto/openssl/crypto/evp/evp_enc.c index ea2b36ad..6334e026 100644 --- a/freebsd/crypto/openssl/crypto/evp/evp_enc.c +++ b/freebsd/crypto/openssl/crypto/evp/evp_enc.c @@ -87,7 +87,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { - EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx); + EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx)); if (ctx) EVP_CIPHER_CTX_init(ctx); return ctx; @@ -404,7 +404,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) } b = ctx->cipher->block_size; - OPENSSL_assert(b <= sizeof ctx->buf); + OPENSSL_assert(b <= sizeof(ctx->buf)); if (b == 1) { *outl = 0; return 1; @@ -456,7 +456,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, return EVP_EncryptUpdate(ctx, out, outl, in, inl); b = ctx->cipher->block_size; - OPENSSL_assert(b <= sizeof ctx->final); + OPENSSL_assert(b <= sizeof(ctx->final)); if (ctx->final_used) { memcpy(out, ctx->final, b); @@ -522,7 +522,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH); return (0); } - OPENSSL_assert(b <= sizeof ctx->final); + OPENSSL_assert(b <= sizeof(ctx->final)); /* * The following assumes that the ciphertext has been authenticated. @@ -653,7 +653,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) #endif EVP_CIPHER_CTX_cleanup(out); - memcpy(out, in, sizeof *out); + memcpy(out, in, sizeof(*out)); if (in->cipher_data && in->cipher->ctx_size) { out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); diff --git a/freebsd/crypto/openssl/crypto/evp/evp_locl.h b/freebsd/crypto/openssl/crypto/evp/evp_locl.h index 2bb709a0..bee7f6d1 100644 --- a/freebsd/crypto/openssl/crypto/evp/evp_locl.h +++ b/freebsd/crypto/openssl/crypto/evp/evp_locl.h @@ -4,7 +4,7 @@ * 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (inl=chunk)\ {\ - cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ inl-=chunk;\ in +=chunk;\ out+=chunk;\ diff --git a/freebsd/crypto/openssl/crypto/evp/evp_pbe.c b/freebsd/crypto/openssl/crypto/evp/evp_pbe.c index 6dae2954..627678fc 100644 --- a/freebsd/crypto/openssl/crypto/evp/evp_pbe.c +++ b/freebsd/crypto/openssl/crypto/evp/evp_pbe.c @@ -163,9 +163,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, char obj_tmp[80]; EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); if (!pbe_obj) - BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp); + BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp)); else - i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); + i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj); ERR_add_error_data(2, "TYPE=", obj_tmp); return 0; } diff --git a/freebsd/crypto/openssl/crypto/evp/evp_test.c b/freebsd/crypto/openssl/crypto/evp/evp_test.c index 3de4b389..02047207 100644 --- a/freebsd/crypto/openssl/crypto/evp/evp_test.c +++ b/freebsd/crypto/openssl/crypto/evp/evp_test.c @@ -508,7 +508,7 @@ int main(int argc, char **argv) int an = 0; int tn = 0; - if (!fgets((char *)line, sizeof line, f)) + if (!fgets((char *)line, sizeof(line), f)) break; if (line[0] == '#' || line[0] == '\n') continue; diff --git a/freebsd/crypto/openssl/crypto/evp/openbsd_hw.c b/freebsd/crypto/openssl/crypto/evp/openbsd_hw.c index eaa24fb7..89a61b06 100644 --- a/freebsd/crypto/openssl/crypto/evp/openbsd_hw.c +++ b/freebsd/crypto/openssl/crypto/evp/openbsd_hw.c @@ -113,7 +113,7 @@ static int dev_crypto_init(session_op *ses) close(cryptodev_fd); } assert(ses); - memset(ses, '\0', sizeof *ses); + memset(ses, '\0', sizeof(*ses)); return 1; } @@ -166,7 +166,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, assert(CDATA(ctx)); assert(!dev_failed); - memset(&cryp, '\0', sizeof cryp); + memset(&cryp, '\0', sizeof(cryp)); cryp.ses = CDATA(ctx)->ses; cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; cryp.flags = 0; @@ -331,7 +331,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len) return 1; } - memset(&cryp, '\0', sizeof cryp); + memset(&cryp, '\0', sizeof(cryp)); cryp.ses = ses; cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check * it */ diff --git a/freebsd/crypto/openssl/crypto/evp/p5_crpt2.c b/freebsd/crypto/openssl/crypto/evp/p5_crpt2.c index 9e663b2c..9c239d87 100644 --- a/freebsd/crypto/openssl/crypto/evp/p5_crpt2.c +++ b/freebsd/crypto/openssl/crypto/evp/p5_crpt2.c @@ -264,7 +264,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, goto err; } keylen = EVP_CIPHER_CTX_key_length(ctx); - OPENSSL_assert(keylen <= sizeof key); + OPENSSL_assert(keylen <= sizeof(key)); /* Decode parameter */ diff --git a/freebsd/crypto/openssl/crypto/hmac/hmac.c b/freebsd/crypto/openssl/crypto/hmac/hmac.c index 6ad2c36c..21895bc0 100644 --- a/freebsd/crypto/openssl/crypto/hmac/hmac.c +++ b/freebsd/crypto/openssl/crypto/hmac/hmac.c @@ -236,7 +236,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) EVP_MD_CTX_cleanup(&ctx->i_ctx); EVP_MD_CTX_cleanup(&ctx->o_ctx); EVP_MD_CTX_cleanup(&ctx->md_ctx); - OPENSSL_cleanse(ctx, sizeof *ctx); + OPENSSL_cleanse(ctx, sizeof(*ctx)); } unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, diff --git a/freebsd/crypto/openssl/crypto/md4/md4.c b/freebsd/crypto/openssl/crypto/md4/md4.c index 4a2325b4..20fe2ce3 100644 --- a/freebsd/crypto/openssl/crypto/md4/md4.c +++ b/freebsd/crypto/openssl/crypto/md4/md4.c @@ -104,7 +104,7 @@ void do_fp(FILE *f) fd = fileno(f); MD4_Init(&c); for (;;) { - i = read(fd, buf, sizeof buf); + i = read(fd, buf, sizeof(buf)); if (i <= 0) break; MD4_Update(&c, buf, (unsigned long)i); diff --git a/freebsd/crypto/openssl/crypto/mem_dbg.c b/freebsd/crypto/openssl/crypto/mem_dbg.c index 9da25ac3..ec67691e 100644 --- a/freebsd/crypto/openssl/crypto/mem_dbg.c +++ b/freebsd/crypto/openssl/crypto/mem_dbg.c @@ -58,7 +58,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -635,16 +635,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l) APP_INFO *amip; int ami_cnt; struct tm *lcl = NULL; + struct tm result = {0}; CRYPTO_THREADID ti; -#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf)) +#define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf)) if (m->addr == (char *)l->bio) return; if (options & V_CRYPTO_MDEBUG_TIME) { +# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \ + !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \ + (!defined(OPENSSL_SYS_VMS) || defined(localtime_r)) + lcl = localtime_r(&m->time, &result); +# else lcl = localtime(&m->time); - +# endif BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ", lcl->tm_hour, lcl->tm_min, lcl->tm_sec); bufp += strlen(bufp); @@ -681,7 +687,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l) ami_cnt++; memset(buf, '>', ami_cnt); - BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt, + BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt, " thread=%lu, file=%s, line=%d, info=\"", CRYPTO_THREADID_hash(&amip->threadid), amip->file, amip->line); @@ -691,10 +697,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l) memcpy(buf + buf_len, amip->info, 128 - buf_len - 3); buf_len = 128 - 3; } else { - BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len); + BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len); buf_len = strlen(buf); } - BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n"); + BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n"); BIO_puts(l->bio, buf); diff --git a/freebsd/crypto/openssl/crypto/o_init.c b/freebsd/crypto/openssl/crypto/o_init.c index d58284b0..81599802 100644 --- a/freebsd/crypto/openssl/crypto/o_init.c +++ b/freebsd/crypto/openssl/crypto/o_init.c @@ -60,6 +60,11 @@ #ifdef OPENSSL_FIPS # include # include + +# ifndef OPENSSL_NO_DEPRECATED +/* the prototype is missing in */ +void FIPS_crypto_set_id_callback(unsigned long (*func)(void)); +# endif #endif /* diff --git a/freebsd/crypto/openssl/crypto/o_time.c b/freebsd/crypto/openssl/crypto/o_time.c index 024435d4..5ec10108 100644 --- a/freebsd/crypto/openssl/crypto/o_time.c +++ b/freebsd/crypto/openssl/crypto/o_time.c @@ -10,7 +10,7 @@ * 2008. */ /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -107,7 +107,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) { struct tm *ts = NULL; -#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS) +#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS) if (gmtime_r(timer, result) == NULL) return NULL; ts = result; @@ -143,14 +143,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) pitem->ileb_64$w_mbo = 1; pitem->ileb_64$w_code = LNM$_STRING; pitem->ileb_64$l_mbmo = -1; - pitem->ileb_64$q_length = sizeof (logvalue); + pitem->ileb_64$q_length = sizeof(logvalue); pitem->ileb_64$pq_bufaddr = logvalue; pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen; pitem++; /* Last item of the item list is null terminated */ pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0; # else - pitem->ile3$w_length = sizeof (logvalue); + pitem->ile3$w_length = sizeof(logvalue); pitem->ile3$w_code = LNM$_STRING; pitem->ile3$ps_bufaddr = logvalue; pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen; diff --git a/freebsd/crypto/openssl/crypto/objects/o_names.c b/freebsd/crypto/openssl/crypto/objects/o_names.c index 58b7b09f..e548711f 100644 --- a/freebsd/crypto/openssl/crypto/objects/o_names.c +++ b/freebsd/crypto/openssl/crypto/objects/o_names.c @@ -314,13 +314,13 @@ void OBJ_NAME_do_all_sorted(int type, d.type = type; d.names = - OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names); + OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names)); /* Really should return an error if !d.names...but its a void function! */ if (d.names) { d.n = 0; OBJ_NAME_do_all(type, do_all_sorted_fn, &d); - qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp); + qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp); for (n = 0; n < d.n; ++n) fn(d.names[n], arg); diff --git a/freebsd/crypto/openssl/crypto/objects/obj_dat.c b/freebsd/crypto/openssl/crypto/objects/obj_dat.c index 77cfee9f..861641bc 100644 --- a/freebsd/crypto/openssl/crypto/objects/obj_dat.c +++ b/freebsd/crypto/openssl/crypto/objects/obj_dat.c @@ -307,9 +307,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj) for (i = ADDED_DATA; i <= ADDED_NID; i++) if (ao[i] != NULL) OPENSSL_free(ao[i]); - if (o != NULL) - OPENSSL_free(o); - return (NID_undef); + ASN1_OBJECT_free(o); + return NID_undef; } ASN1_OBJECT *OBJ_nid2obj(int n) @@ -593,7 +592,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) n += i; OPENSSL_free(bndec); } else { - BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l); + BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l); i = strlen(tbuf); if (buf && (buf_len > 0)) { BUF_strlcpy(buf, tbuf, buf_len); @@ -727,6 +726,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num, return (p); } +/* + * Parse a BIO sink to create some extra oid's objects. + * Line format: + */ int OBJ_create_objects(BIO *in) { MS_STATIC char buf[512]; @@ -748,9 +751,9 @@ int OBJ_create_objects(BIO *in) *(s++) = '\0'; while (isspace((unsigned char)*s)) s++; - if (*s == '\0') + if (*s == '\0') { s = NULL; - else { + } else { l = s; while ((*l != '\0') && !isspace((unsigned char)*l)) l++; @@ -758,15 +761,18 @@ int OBJ_create_objects(BIO *in) *(l++) = '\0'; while (isspace((unsigned char)*l)) l++; - if (*l == '\0') + if (*l == '\0') { l = NULL; - } else + } + } else { l = NULL; + } } - } else + } else { s = NULL; - if ((o == NULL) || (*o == '\0')) - return (num); + } + if (*o == '\0') + return num; if (!OBJ_create(o, s, l)) return (num); num++; diff --git a/freebsd/crypto/openssl/crypto/opensslv.h b/freebsd/crypto/openssl/crypto/opensslv.h index d5835040..668757f4 100644 --- a/freebsd/crypto/openssl/crypto/opensslv.h +++ b/freebsd/crypto/openssl/crypto/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x100020efL +# define OPENSSL_VERSION_NUMBER 0x100020ffL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-fips 7 Dec 2017" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o-fips 27 Mar 2018" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-freebsd 7 Dec 2017" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o-freebsd 27 Mar 2018" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/freebsd/crypto/openssl/crypto/pem/pem_info.c b/freebsd/crypto/openssl/crypto/pem/pem_info.c index df8d371c..c0370daf 100644 --- a/freebsd/crypto/openssl/crypto/pem/pem_info.c +++ b/freebsd/crypto/openssl/crypto/pem/pem_info.c @@ -356,7 +356,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, /* create the right magic header stuff */ OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= - sizeof buf); + sizeof(buf)); buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); diff --git a/freebsd/crypto/openssl/crypto/pem/pem_lib.c b/freebsd/crypto/openssl/crypto/pem/pem_lib.c index 877f6424..53e44553 100644 --- a/freebsd/crypto/openssl/crypto/pem/pem_lib.c +++ b/freebsd/crypto/openssl/crypto/pem/pem_lib.c @@ -408,7 +408,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, OPENSSL_cleanse(buf, PEM_BUFSIZE); OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= - sizeof buf); + sizeof(buf)); buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); diff --git a/freebsd/crypto/openssl/crypto/pkcs7/pk7_doit.c b/freebsd/crypto/openssl/crypto/pkcs7/pk7_doit.c index ed166b79..b2bb6a29 100644 --- a/freebsd/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/freebsd/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -377,16 +377,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) } if (bio == NULL) { - if (PKCS7_is_detached(p7)) + if (PKCS7_is_detached(p7)) { bio = BIO_new(BIO_s_null()); - else if (os && os->length > 0) + } else if (os && os->length > 0) { bio = BIO_new_mem_buf(os->data, os->length); - if (bio == NULL) { + } else { bio = BIO_new(BIO_s_mem()); if (bio == NULL) goto err; BIO_set_mem_eof_return(bio, 0); } + if (bio == NULL) + goto err; } if (out) BIO_push(out, bio); diff --git a/freebsd/crypto/openssl/crypto/rand/md_rand.c b/freebsd/crypto/openssl/crypto/rand/md_rand.c index 9672afca..7a18a784 100644 --- a/freebsd/crypto/openssl/crypto/rand/md_rand.c +++ b/freebsd/crypto/openssl/crypto/rand/md_rand.c @@ -240,7 +240,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) md_c[0] = md_count[0]; md_c[1] = md_count[1]; - memcpy(local_md, md, sizeof md); + memcpy(local_md, md, sizeof(md)); /* state_index <= state_num <= STATE_SIZE */ state_index += num; @@ -456,7 +456,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) st_num = state_num; md_c[0] = md_count[0]; md_c[1] = md_count[1]; - memcpy(local_md, md, sizeof md); + memcpy(local_md, md, sizeof(md)); state_index += num_ceil; if (state_index > state_num) @@ -482,7 +482,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) goto err; #ifndef GETPID_IS_MEANINGLESS if (curr_pid) { /* just in the first iteration to save time */ - if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid)) + if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid))) goto err; curr_pid = 0; } diff --git a/freebsd/crypto/openssl/crypto/rand/rand_egd.c b/freebsd/crypto/openssl/crypto/rand/rand_egd.c index 11b33750..563689f6 100644 --- a/freebsd/crypto/openssl/crypto/rand/rand_egd.c +++ b/freebsd/crypto/openssl/crypto/rand/rand_egd.c @@ -150,7 +150,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) addr.sun_family = AF_UNIX; if (strlen(path) >= sizeof(addr.sun_path)) return (-1); - BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path); + BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); len = offsetof(struct sockaddr_un, sun_path) + strlen(path); fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) diff --git a/freebsd/crypto/openssl/crypto/rand/rand_unix.c b/freebsd/crypto/openssl/crypto/rand/rand_unix.c index 8baa816e..f606c4ea 100644 --- a/freebsd/crypto/openssl/crypto/rand/rand_unix.c +++ b/freebsd/crypto/openssl/crypto/rand/rand_unix.c @@ -183,15 +183,15 @@ int RAND_poll(void) */ curr_gid = getgid(); - RAND_add(&curr_gid, sizeof curr_gid, 1); + RAND_add(&curr_gid, sizeof(curr_gid), 1); curr_gid = 0; curr_pid = getpid(); - RAND_add(&curr_pid, sizeof curr_pid, 1); + RAND_add(&curr_pid, sizeof(curr_pid), 1); curr_pid = 0; curr_uid = getuid(); - RAND_add(&curr_uid, sizeof curr_uid, 1); + RAND_add(&curr_uid, sizeof(curr_uid), 1); curr_uid = 0; for (i = 0; i < (ENTROPY_NEEDED * 4); i++) { @@ -219,7 +219,7 @@ int RAND_poll(void) /* take 8 bits */ v = (unsigned char)(ts.tv_nsec % 256); - RAND_add(&v, sizeof v, 1); + RAND_add(&v, sizeof(v), 1); v = 0; } return 1; @@ -405,7 +405,7 @@ int RAND_poll(void) # if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) if (n > 0) { - RAND_add(tmpbuf, sizeof tmpbuf, (double)n); + RAND_add(tmpbuf, sizeof(tmpbuf), (double)n); OPENSSL_cleanse(tmpbuf, n); } # endif diff --git a/freebsd/crypto/openssl/crypto/rsa/rsa_crpt.c b/freebsd/crypto/openssl/crypto/rsa/rsa_crpt.c index dd0a812b..172d072b 100644 --- a/freebsd/crypto/openssl/crypto/rsa/rsa_crpt.c +++ b/freebsd/crypto/openssl/crypto/rsa/rsa_crpt.c @@ -221,7 +221,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) * if PRNG is not properly seeded, resort to secret exponent as * unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); + RAND_add(rsa->d->d, rsa->d->dmax * sizeof(rsa->d->d[0]), 0.0); } if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { diff --git a/freebsd/crypto/openssl/crypto/rsa/rsa_gen.c b/freebsd/crypto/openssl/crypto/rsa/rsa_gen.c index e12803a8..36dea9e1 100644 --- a/freebsd/crypto/openssl/crypto/rsa/rsa_gen.c +++ b/freebsd/crypto/openssl/crypto/rsa/rsa_gen.c @@ -111,6 +111,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BIGNUM *pr0, *d, *p; int bitsp, bitsq, ok = -1, n = 0; BN_CTX *ctx = NULL; + unsigned long error = 0; /* * When generating ridiculously small keys, we can get stuck @@ -157,16 +158,26 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, if (BN_copy(rsa->e, e_value) == NULL) goto err; + BN_set_flags(r2, BN_FLG_CONSTTIME); /* generate p and q */ for (;;) { if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) goto err; if (!BN_sub(r2, rsa->p, BN_value_one())) goto err; - if (!BN_gcd(r1, r2, rsa->e, ctx)) - goto err; - if (BN_is_one(r1)) + ERR_set_mark(); + if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { + /* GCD == 1 since inverse exists */ break; + } + error = ERR_peek_last_error(); + if (ERR_GET_LIB(error) == ERR_LIB_BN + && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { + /* GCD != 1 */ + ERR_pop_to_mark(); + } else { + goto err; + } if (!BN_GENCB_call(cb, 2, n++)) goto err; } @@ -179,10 +190,19 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, } while (BN_cmp(rsa->p, rsa->q) == 0); if (!BN_sub(r2, rsa->q, BN_value_one())) goto err; - if (!BN_gcd(r1, r2, rsa->e, ctx)) - goto err; - if (BN_is_one(r1)) + ERR_set_mark(); + if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { + /* GCD == 1 since inverse exists */ break; + } + error = ERR_peek_last_error(); + if (ERR_GET_LIB(error) == ERR_LIB_BN + && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { + /* GCD != 1 */ + ERR_pop_to_mark(); + } else { + goto err; + } if (!BN_GENCB_call(cb, 2, n++)) goto err; } diff --git a/freebsd/crypto/openssl/crypto/rsa/rsa_pss.c b/freebsd/crypto/openssl/crypto/rsa/rsa_pss.c index ed7f109e..37070cf7 100644 --- a/freebsd/crypto/openssl/crypto/rsa/rsa_pss.c +++ b/freebsd/crypto/openssl/crypto/rsa/rsa_pss.c @@ -159,7 +159,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, goto err; } if (!EVP_DigestInit_ex(&ctx, Hash, NULL) - || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) + || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes)) || !EVP_DigestUpdate(&ctx, mHash, hLen)) goto err; if (maskedDBLen - i) { @@ -254,7 +254,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, H = EM + maskedDBLen; EVP_MD_CTX_init(&ctx); if (!EVP_DigestInit_ex(&ctx, Hash, NULL) - || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) + || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes)) || !EVP_DigestUpdate(&ctx, mHash, hLen)) goto err; if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen)) diff --git a/freebsd/crypto/openssl/crypto/rsa/rsa_test.c b/freebsd/crypto/openssl/crypto/rsa/rsa_test.c index eee4bcac..69aa10db 100644 --- a/freebsd/crypto/openssl/crypto/rsa/rsa_test.c +++ b/freebsd/crypto/openssl/crypto/rsa/rsa_test.c @@ -228,7 +228,7 @@ int main(int argc, char *argv[]) CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */ + RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */ plen = sizeof(ptext_ex) - 1; diff --git a/freebsd/crypto/openssl/crypto/srp/srp_grps.h b/freebsd/crypto/openssl/crypto/srp/srp_grps.h index 31312de1..f76652cb 100644 --- a/freebsd/crypto/openssl/crypto/srp/srp_grps.h +++ b/freebsd/crypto/openssl/crypto/srp/srp_grps.h @@ -21,8 +21,8 @@ static BN_ULONG bn_group_1024_value[] = { static BIGNUM bn_group_1024 = { bn_group_1024_value, - (sizeof bn_group_1024_value) / sizeof(BN_ULONG), - (sizeof bn_group_1024_value) / sizeof(BN_ULONG), + (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -56,8 +56,8 @@ static BN_ULONG bn_group_1536_value[] = { static BIGNUM bn_group_1536 = { bn_group_1536_value, - (sizeof bn_group_1536_value) / sizeof(BN_ULONG), - (sizeof bn_group_1536_value) / sizeof(BN_ULONG), + (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -99,8 +99,8 @@ static BN_ULONG bn_group_2048_value[] = { static BIGNUM bn_group_2048 = { bn_group_2048_value, - (sizeof bn_group_2048_value) / sizeof(BN_ULONG), - (sizeof bn_group_2048_value) / sizeof(BN_ULONG), + (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -158,8 +158,8 @@ static BN_ULONG bn_group_3072_value[] = { static BIGNUM bn_group_3072 = { bn_group_3072_value, - (sizeof bn_group_3072_value) / sizeof(BN_ULONG), - (sizeof bn_group_3072_value) / sizeof(BN_ULONG), + (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -233,8 +233,8 @@ static BN_ULONG bn_group_4096_value[] = { static BIGNUM bn_group_4096 = { bn_group_4096_value, - (sizeof bn_group_4096_value) / sizeof(BN_ULONG), - (sizeof bn_group_4096_value) / sizeof(BN_ULONG), + (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -340,8 +340,8 @@ static BN_ULONG bn_group_6144_value[] = { static BIGNUM bn_group_6144 = { bn_group_6144_value, - (sizeof bn_group_6144_value) / sizeof(BN_ULONG), - (sizeof bn_group_6144_value) / sizeof(BN_ULONG), + (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; @@ -479,8 +479,8 @@ static BN_ULONG bn_group_8192_value[] = { static BIGNUM bn_group_8192 = { bn_group_8192_value, - (sizeof bn_group_8192_value) / sizeof(BN_ULONG), - (sizeof bn_group_8192_value) / sizeof(BN_ULONG), + (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG), + (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA }; diff --git a/freebsd/crypto/openssl/crypto/threads/mttest.c b/freebsd/crypto/openssl/crypto/threads/mttest.c index ea822a1a..3502785a 100644 --- a/freebsd/crypto/openssl/crypto/threads/mttest.c +++ b/freebsd/crypto/openssl/crypto/threads/mttest.c @@ -192,7 +192,7 @@ int main(int argc, char *argv[]) char *ccert = TEST_CLIENT_CERT; const SSL_METHOD *ssl_method = SSLv23_method(); - RAND_seed(rnd_seed, sizeof rnd_seed); + RAND_seed(rnd_seed, sizeof(rnd_seed)); if (bio_err == NULL) bio_err = BIO_new_fd(2, BIO_NOCLOSE); diff --git a/freebsd/crypto/openssl/crypto/ts/ts_rsp_sign.c b/freebsd/crypto/openssl/crypto/ts/ts_rsp_sign.c index ff3cf223..0f2643aa 100644 --- a/freebsd/crypto/openssl/crypto/ts/ts_rsp_sign.c +++ b/freebsd/crypto/openssl/crypto/ts/ts_rsp_sign.c @@ -6,7 +6,7 @@ * 2002. */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -60,6 +60,7 @@ */ #include "cryptlib.h" +#include "o_time.h" #if defined(OPENSSL_SYS_UNIX) # include @@ -950,6 +951,7 @@ static ASN1_GENERALIZEDTIME { time_t time_sec = (time_t)sec; struct tm *tm = NULL; + struct tm result = {0}; char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS]; char *p = genTime_str; char *p_end = genTime_str + sizeof(genTime_str); @@ -957,7 +959,7 @@ static ASN1_GENERALIZEDTIME if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) goto err; - if (!(tm = gmtime(&time_sec))) + if (!(tm = OPENSSL_gmtime(&time_sec, &result))) goto err; /* diff --git a/freebsd/crypto/openssl/crypto/ui/ui_openssl.c b/freebsd/crypto/openssl/crypto/ui/ui_openssl.c index c0e8c573..cc6e2175 100644 --- a/freebsd/crypto/openssl/crypto/ui/ui_openssl.c +++ b/freebsd/crypto/openssl/crypto/ui/ui_openssl.c @@ -616,7 +616,7 @@ static void pushsig(void) # ifdef SIGACTION struct sigaction sa; - memset(&sa, 0, sizeof sa); + memset(&sa, 0, sizeof(sa)); sa.sa_handler = recsig; # endif diff --git a/freebsd/crypto/openssl/crypto/x509/x509_txt.c b/freebsd/crypto/openssl/crypto/x509/x509_txt.c index d46e6dd2..4f624f7e 100644 --- a/freebsd/crypto/openssl/crypto/x509/x509_txt.c +++ b/freebsd/crypto/openssl/crypto/x509/x509_txt.c @@ -214,7 +214,7 @@ const char *X509_verify_cert_error_string(long n) return ("proxy subject name violation"); default: - BIO_snprintf(buf, sizeof buf, "error number %ld", n); + BIO_snprintf(buf, sizeof(buf), "error number %ld", n); return (buf); } } diff --git a/freebsd/crypto/openssl/crypto/x509/x509_v3.c b/freebsd/crypto/openssl/crypto/x509/x509_v3.c index 883fab31..57a8f7e8 100644 --- a/freebsd/crypto/openssl/crypto/x509/x509_v3.c +++ b/freebsd/crypto/openssl/crypto/x509/x509_v3.c @@ -179,7 +179,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, err2: if (new_ex != NULL) X509_EXTENSION_free(new_ex); - if (sk != NULL) + if (x != NULL && *x == NULL && sk != NULL) sk_X509_EXTENSION_free(sk); return (NULL); } diff --git a/freebsd/crypto/openssl/crypto/x509/x509_vpm.c b/freebsd/crypto/openssl/crypto/x509/x509_vpm.c index 92d6e350..ef78469e 100644 --- a/freebsd/crypto/openssl/crypto/x509/x509_vpm.c +++ b/freebsd/crypto/openssl/crypto/x509/x509_vpm.c @@ -175,7 +175,7 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) X509_VERIFY_PARAM *param; X509_VERIFY_PARAM_ID *paramid; - param = OPENSSL_malloc(sizeof *param); + param = OPENSSL_malloc(sizeof(*param)); if (!param) return NULL; memset(param, 0, sizeof(*param)); diff --git a/freebsd/crypto/openssl/crypto/x509v3/v3_alt.c b/freebsd/crypto/openssl/crypto/x509v3/v3_alt.c index 5e44dedb..d00765e7 100644 --- a/freebsd/crypto/openssl/crypto/x509v3/v3_alt.c +++ b/freebsd/crypto/openssl/crypto/x509v3/v3_alt.c @@ -159,12 +159,12 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, case GEN_IPADD: p = gen->d.ip->data; if (gen->d.ip->length == 4) - BIO_snprintf(oline, sizeof oline, + BIO_snprintf(oline, sizeof(oline), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); else if (gen->d.ip->length == 16) { oline[0] = 0; for (i = 0; i < 8; i++) { - BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]); + BIO_snprintf(htmp, sizeof(htmp), "%X", p[0] << 8 | p[1]); p += 2; strcat(oline, htmp); if (i != 7) diff --git a/freebsd/crypto/openssl/crypto/x509v3/v3_conf.c b/freebsd/crypto/openssl/crypto/x509v3/v3_conf.c index 8991fc13..2b157af6 100644 --- a/freebsd/crypto/openssl/crypto/x509v3/v3_conf.c +++ b/freebsd/crypto/openssl/crypto/x509v3/v3_conf.c @@ -6,7 +6,7 @@ * 1999. */ /* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -342,8 +342,12 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, val = sk_CONF_VALUE_value(nval, i); if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value))) return 0; - if (sk) - X509v3_add_ext(sk, ext, -1); + if (sk != NULL) { + if (X509v3_add_ext(sk, ext, -1) == NULL) { + X509_EXTENSION_free(ext); + return 0; + } + } X509_EXTENSION_free(ext); } return 1; diff --git a/freebsd/crypto/openssl/crypto/x509v3/v3_info.c b/freebsd/crypto/openssl/crypto/x509v3/v3_info.c index b824ed28..21a901f0 100644 --- a/freebsd/crypto/openssl/crypto/x509v3/v3_info.c +++ b/freebsd/crypto/openssl/crypto/x509v3/v3_info.c @@ -128,7 +128,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS( goto err; tret = tmp; vtmp = sk_CONF_VALUE_value(tret, i); - i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); + i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method); nlen = strlen(objtmp) + strlen(vtmp->name) + 5; ntmp = OPENSSL_malloc(nlen); if (ntmp == NULL) diff --git a/freebsd/crypto/openssl/engines/ccgost/gost_eng.c b/freebsd/crypto/openssl/engines/ccgost/gost_eng.c index a1eb4791..c6364fbe 100644 --- a/freebsd/crypto/openssl/engines/ccgost/gost_eng.c +++ b/freebsd/crypto/openssl/engines/ccgost/gost_eng.c @@ -159,10 +159,6 @@ static int bind_gost(ENGINE *e, const char *id) return ret; } -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -IMPLEMENT_DYNAMIC_BIND_FN(bind_gost) - IMPLEMENT_DYNAMIC_CHECK_FN() -#endif /* ndef OPENSSL_NO_DYNAMIC_ENGINE */ static int gost_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid) { @@ -280,4 +276,7 @@ void ENGINE_load_gost(void) ENGINE_free(toadd); ERR_clear_error(); } +#else +IMPLEMENT_DYNAMIC_BIND_FN(bind_gost) +IMPLEMENT_DYNAMIC_CHECK_FN() #endif diff --git a/freebsd/crypto/openssl/engines/e_atalla.c b/freebsd/crypto/openssl/engines/e_atalla.c index 6d627029..f7d1143b 100644 --- a/freebsd/crypto/openssl/engines/e_atalla.c +++ b/freebsd/crypto/openssl/engines/e_atalla.c @@ -496,7 +496,7 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; } /* Prepare the key-data */ - memset(&keydata, 0, sizeof keydata); + memset(&keydata, 0, sizeof(keydata)); numbytes = BN_num_bytes(m); memset(exponent->d, 0, numbytes); memset(modulus->d, 0, numbytes); diff --git a/freebsd/crypto/openssl/ssl/bad_dtls_test.c b/freebsd/crypto/openssl/ssl/bad_dtls_test.c index 0a432a4a..a31bebbb 100644 --- a/freebsd/crypto/openssl/ssl/bad_dtls_test.c +++ b/freebsd/crypto/openssl/ssl/bad_dtls_test.c @@ -21,7 +21,7 @@ * Note that unlike other SSL tests, we don't test against our own SSL * server method. Firstly because we don't have one; we *only* support * DTLS1_BAD_VER as a client. And secondly because even if that were - * fixed up it's the wrong thing to test against — because if changes + * fixed up it's the wrong thing to test against - because if changes * are made in generic DTLS code which don't take DTLS1_BAD_VER into * account, there's plenty of scope for making those changes such that * they break *both* the client and the server in the same way. diff --git a/freebsd/crypto/openssl/ssl/d1_lib.c b/freebsd/crypto/openssl/ssl/d1_lib.c index 78fc3d8e..19fce8bf 100644 --- a/freebsd/crypto/openssl/ssl/d1_lib.c +++ b/freebsd/crypto/openssl/ssl/d1_lib.c @@ -128,9 +128,9 @@ int dtls1_new(SSL *s) if (!ssl3_new(s)) return (0); - if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) + if ((d1 = OPENSSL_malloc(sizeof(*d1))) == NULL) return (0); - memset(d1, 0, sizeof *d1); + memset(d1, 0, sizeof(*d1)); /* d1->handshake_epoch=0; */ diff --git a/freebsd/crypto/openssl/ssl/d1_pkt.c b/freebsd/crypto/openssl/ssl/d1_pkt.c index a2647e79..4cbfb8e6 100644 --- a/freebsd/crypto/openssl/ssl/d1_pkt.c +++ b/freebsd/crypto/openssl/ssl/d1_pkt.c @@ -6,7 +6,7 @@ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. */ /* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -708,8 +708,11 @@ int dtls1_get_record(SSL *s) n2s(p, rr->length); - /* Lets check version */ - if (!s->first_packet) { + /* + * Lets check the version. We tolerate alerts that don't have the exact + * version number (e.g. because of protocol version errors) + */ + if (!s->first_packet && rr->type != SSL3_RT_ALERT) { if (version != s->version) { /* unexpected version, silently discard */ rr->length = 0; @@ -1063,7 +1066,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) unsigned int *dest_len = NULL; if (rr->type == SSL3_RT_HANDSHAKE) { - dest_maxlen = sizeof s->d1->handshake_fragment; + dest_maxlen = sizeof(s->d1->handshake_fragment); dest = s->d1->handshake_fragment; dest_len = &s->d1->handshake_fragment_len; } else if (rr->type == SSL3_RT_ALERT) { @@ -1204,6 +1207,24 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) goto start; } + /* + * If we are a server and get a client hello when renegotiation isn't + * allowed send back a no renegotiation alert and carry on. + */ + if (s->server + && SSL_is_init_finished(s) + && !s->s3->send_connection_binding + && s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH + && s->d1->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO + && s->s3->previous_client_finished_len != 0 + && (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) { + s->d1->handshake_fragment_len = 0; + rr->length = 0; + ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); + goto start; + } + + if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) { int alert_level = s->d1->alert_fragment[0]; int alert_descr = s->d1->alert_fragment[1]; @@ -1288,7 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) s->s3->fatal_alert = alert_descr; SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); - BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); + BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; SSL_CTX_remove_session(s->session_ctx, s->session); diff --git a/freebsd/crypto/openssl/ssl/kssl.c b/freebsd/crypto/openssl/ssl/kssl.c index d1422ef8..0688bcf2 100644 --- a/freebsd/crypto/openssl/ssl/kssl.c +++ b/freebsd/crypto/openssl/ssl/kssl.c @@ -6,7 +6,7 @@ * 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -80,6 +80,7 @@ #include #include #include +#include "o_time.h" #include "kssl_lcl.h" #ifndef OPENSSL_NO_KRB5 @@ -2028,6 +2029,8 @@ krb5_error_code kssl_check_authent( int outl, unencbufsize; struct tm tm_time, *tm_l, *tm_g; time_t now, tl, tg, tr, tz_offset; + struct tm gmt_result = {0}; + struct tm lt_result = {0}; EVP_CIPHER_CTX_init(&ciph_ctx); *atimep = 0; @@ -2084,7 +2087,7 @@ krb5_error_code kssl_check_authent( } # endif enc = kssl_map_enc(enctype); - memset(iv, 0, sizeof iv); /* per RFC 1510 */ + memset(iv, 0, sizeof(iv)); /* per RFC 1510 */ if (enc == NULL) { /* @@ -2142,9 +2145,17 @@ krb5_error_code kssl_check_authent( if (k_gmtime(auth->ctime, &tm_time) && ((tr = mktime(&tm_time)) != (time_t)(-1))) { now = time(&now); + tm_g = OPENSSL_gmtime(&now, &gmt_result); + +# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \ + !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \ + (!defined(OPENSSL_SYS_VMS) || defined(localtime_r)) + tm_l = localtime_r(&now, <_result); +# else tm_l = localtime(&now); +# endif + tl = mktime(tm_l); - tm_g = gmtime(&now); tg = mktime(tm_g); tz_offset = tg - tl; diff --git a/freebsd/crypto/openssl/ssl/s23_srvr.c b/freebsd/crypto/openssl/ssl/s23_srvr.c index 7e508906..1929962b 100644 --- a/freebsd/crypto/openssl/ssl/s23_srvr.c +++ b/freebsd/crypto/openssl/ssl/s23_srvr.c @@ -270,8 +270,8 @@ int ssl23_get_client_hello(SSL *s) if (!ssl3_setup_buffers(s)) goto err; - n = ssl23_read_bytes(s, sizeof buf_space); - if (n != sizeof buf_space) + n = ssl23_read_bytes(s, sizeof(buf_space)); + if (n != sizeof(buf_space)) return (n); /* n == -1 || n == 0 */ p = s->packet; diff --git a/freebsd/crypto/openssl/ssl/s2_clnt.c b/freebsd/crypto/openssl/ssl/s2_clnt.c index 5291742e..32bb60a2 100644 --- a/freebsd/crypto/openssl/ssl/s2_clnt.c +++ b/freebsd/crypto/openssl/ssl/s2_clnt.c @@ -525,7 +525,7 @@ static int get_server_hello(SSL *s) } s->s2->conn_id_length = s->s2->tmp.conn_id_length; - if (s->s2->conn_id_length > sizeof s->s2->conn_id) { + if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); return -1; @@ -710,7 +710,7 @@ static int client_finished(SSL *s) if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) { p = (unsigned char *)s->init_buf->data; *(p++) = SSL2_MT_CLIENT_FINISHED; - if (s->s2->conn_id_length > sizeof s->s2->conn_id) { + if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) { SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); return -1; } @@ -983,7 +983,7 @@ static int get_server_finished(SSL *s) } else { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { if ((s->session->session_id_length > - sizeof s->session->session_id) + sizeof(s->session->session_id)) || (0 != memcmp(buf + 1, s->session->session_id, (unsigned int)s->session->session_id_length))) { diff --git a/freebsd/crypto/openssl/ssl/s2_enc.c b/freebsd/crypto/openssl/ssl/s2_enc.c index e092a28c..61597d3b 100644 --- a/freebsd/crypto/openssl/ssl/s2_enc.c +++ b/freebsd/crypto/openssl/ssl/s2_enc.c @@ -101,7 +101,7 @@ int ssl2_enc_init(SSL *s, int client) num = c->key_len; s->s2->key_material_length = num * 2; - OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); + OPENSSL_assert(s->s2->key_material_length <= sizeof(s->s2->key_material)); if (ssl2_generate_key_material(s) <= 0) return 0; diff --git a/freebsd/crypto/openssl/ssl/s2_lib.c b/freebsd/crypto/openssl/ssl/s2_lib.c index b764e60a..263d143a 100644 --- a/freebsd/crypto/openssl/ssl/s2_lib.c +++ b/freebsd/crypto/openssl/ssl/s2_lib.c @@ -328,9 +328,9 @@ int ssl2_new(SSL *s) { SSL2_STATE *s2; - if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL) + if ((s2 = OPENSSL_malloc(sizeof(*s2))) == NULL) goto err; - memset(s2, 0, sizeof *s2); + memset(s2, 0, sizeof(*s2)); # if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 # error "assertion failed" @@ -373,7 +373,7 @@ void ssl2_free(SSL *s) OPENSSL_free(s2->rbuf); if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); - OPENSSL_cleanse(s2, sizeof *s2); + OPENSSL_cleanse(s2, sizeof(*s2)); OPENSSL_free(s2); s->s2 = NULL; } @@ -388,7 +388,7 @@ void ssl2_clear(SSL *s) rbuf = s2->rbuf; wbuf = s2->wbuf; - memset(s2, 0, sizeof *s2); + memset(s2, 0, sizeof(*s2)); s2->rbuf = rbuf; s2->wbuf = wbuf; diff --git a/freebsd/crypto/openssl/ssl/s2_srvr.c b/freebsd/crypto/openssl/ssl/s2_srvr.c index cde6d294..115bdadb 100644 --- a/freebsd/crypto/openssl/ssl/s2_srvr.c +++ b/freebsd/crypto/openssl/ssl/s2_srvr.c @@ -726,7 +726,7 @@ static int get_client_hello(SSL *s) p += s->s2->tmp.session_id_length; /* challenge */ - if (s->s2->challenge_length > sizeof s->s2->challenge) { + if (s->s2->challenge_length > sizeof(s->s2->challenge)) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); return -1; @@ -874,7 +874,7 @@ static int get_client_finished(SSL *s) } /* SSL2_ST_GET_CLIENT_FINISHED_B */ - if (s->s2->conn_id_length > sizeof s->s2->conn_id) { + if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); return -1; @@ -905,7 +905,7 @@ static int server_verify(SSL *s) if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) { p = (unsigned char *)s->init_buf->data; *(p++) = SSL2_MT_SERVER_VERIFY; - if (s->s2->challenge_length > sizeof s->s2->challenge) { + if (s->s2->challenge_length > sizeof(s->s2->challenge)) { SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); return -1; } @@ -927,7 +927,7 @@ static int server_finish(SSL *s) p = (unsigned char *)s->init_buf->data; *(p++) = SSL2_MT_SERVER_FINISHED; - if (s->session->session_id_length > sizeof s->session->session_id) { + if (s->session->session_id_length > sizeof(s->session->session_id)) { SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); return -1; } diff --git a/freebsd/crypto/openssl/ssl/s3_clnt.c b/freebsd/crypto/openssl/ssl/s3_clnt.c index 012b8b23..b57694b3 100644 --- a/freebsd/crypto/openssl/ssl/s3_clnt.c +++ b/freebsd/crypto/openssl/ssl/s3_clnt.c @@ -986,7 +986,7 @@ int ssl3_get_server_hello(SSL *s) /* get the session-id */ j = *(p++); - if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) { + if ((j > sizeof(s->session->session_id)) || (j > SSL3_SESSION_ID_SIZE)) { al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG); goto f_err; @@ -2563,16 +2563,16 @@ int ssl3_send_client_key_exchange(SSL *s) tmp_buf[0] = s->client_version >> 8; tmp_buf[1] = s->client_version & 0xff; - if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0) + if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0) goto err; - s->session->master_key_length = sizeof tmp_buf; + s->session->master_key_length = sizeof(tmp_buf); q = p; /* Fix buf for TLS and beyond */ if (s->version > SSL3_VERSION) p += 2; - n = RSA_public_encrypt(sizeof tmp_buf, + n = RSA_public_encrypt(sizeof(tmp_buf), tmp_buf, p, rsa, RSA_PKCS1_PADDING); # ifdef PKCS1_CHECK if (s->options & SSL_OP_PKCS1_CHECK_1) @@ -2597,8 +2597,8 @@ int ssl3_send_client_key_exchange(SSL *s) s-> session->master_key, tmp_buf, - sizeof tmp_buf); - OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); + sizeof(tmp_buf)); + OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf)); } #endif #ifndef OPENSSL_NO_KRB5 @@ -2690,7 +2690,7 @@ int ssl3_send_client_key_exchange(SSL *s) tmp_buf[0] = s->client_version >> 8; tmp_buf[1] = s->client_version & 0xff; - if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0) + if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0) goto err; /*- @@ -2701,13 +2701,13 @@ int ssl3_send_client_key_exchange(SSL *s) * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); */ - memset(iv, 0, sizeof iv); /* per RFC 1510 */ + memset(iv, 0, sizeof(iv)); /* per RFC 1510 */ EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv); EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf, - sizeof tmp_buf); + sizeof(tmp_buf)); EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl); outl += padl; - if (outl > (int)sizeof epms) { + if (outl > (int)sizeof(epms)) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; @@ -2725,9 +2725,9 @@ int ssl3_send_client_key_exchange(SSL *s) s-> session->master_key, tmp_buf, - sizeof tmp_buf); + sizeof(tmp_buf)); - OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); + OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf)); OPENSSL_cleanse(epms, outl); } #endif diff --git a/freebsd/crypto/openssl/ssl/s3_lib.c b/freebsd/crypto/openssl/ssl/s3_lib.c index 21994883..0fb5d354 100644 --- a/freebsd/crypto/openssl/ssl/s3_lib.c +++ b/freebsd/crypto/openssl/ssl/s3_lib.c @@ -3020,9 +3020,9 @@ int ssl3_new(SSL *s) { SSL3_STATE *s3; - if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) + if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL) goto err; - memset(s3, 0, sizeof *s3); + memset(s3, 0, sizeof(*s3)); memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); @@ -3080,7 +3080,7 @@ void ssl3_free(SSL *s) #ifndef OPENSSL_NO_SRP SSL_SRP_CTX_free(s); #endif - OPENSSL_cleanse(s->s3, sizeof *s->s3); + OPENSSL_cleanse(s->s3, sizeof(*s->s3)); OPENSSL_free(s->s3); s->s3 = NULL; } @@ -3144,7 +3144,7 @@ void ssl3_clear(SSL *s) s->s3->alpn_selected = NULL; } #endif - memset(s->s3, 0, sizeof *s->s3); + memset(s->s3, 0, sizeof(*s->s3)); s->s3->rbuf.buf = rp; s->s3->wbuf.buf = wp; s->s3->rbuf.len = rlen; diff --git a/freebsd/crypto/openssl/ssl/s3_pkt.c b/freebsd/crypto/openssl/ssl/s3_pkt.c index c2194d18..13f2c0f3 100644 --- a/freebsd/crypto/openssl/ssl/s3_pkt.c +++ b/freebsd/crypto/openssl/ssl/s3_pkt.c @@ -58,7 +58,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -1098,10 +1098,9 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, int i; SSL3_BUFFER *wb = &(s->s3->wbuf); -/* XXXX */ if ((s->s3->wpend_tot > (int)len) - || ((s->s3->wpend_buf != buf) && - !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) + || (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) + && (s->s3->wpend_buf != buf)) || (s->s3->wpend_type != type)) { SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY); return (-1); @@ -1316,11 +1315,11 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) unsigned int *dest_len = NULL; if (rr->type == SSL3_RT_HANDSHAKE) { - dest_maxlen = sizeof s->s3->handshake_fragment; + dest_maxlen = sizeof(s->s3->handshake_fragment); dest = s->s3->handshake_fragment; dest_len = &s->s3->handshake_fragment_len; } else if (rr->type == SSL3_RT_ALERT) { - dest_maxlen = sizeof s->s3->alert_fragment; + dest_maxlen = sizeof(s->s3->alert_fragment); dest = s->s3->alert_fragment; dest_len = &s->s3->alert_fragment_len; } @@ -1423,26 +1422,25 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) */ goto start; } + /* * If we are a server and get a client hello when renegotiation isn't - * allowed send back a no renegotiation alert and carry on. WARNING: - * experimental code, needs reviewing (steve) + * allowed send back a no renegotiation alert and carry on. */ - if (s->server && - SSL_is_init_finished(s) && - !s->s3->send_connection_binding && - (s->version > SSL3_VERSION) && - (s->s3->handshake_fragment_len >= 4) && - (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && - (s->session != NULL) && (s->session->cipher != NULL) && - !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { - /* - * s->s3->handshake_fragment_len = 0; - */ + if (s->server + && SSL_is_init_finished(s) + && !s->s3->send_connection_binding + && s->version > SSL3_VERSION + && s->s3->handshake_fragment_len >= SSL3_HM_HEADER_LENGTH + && s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO + && s->s3->previous_client_finished_len != 0 + && (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) { + s->s3->handshake_fragment_len = 0; rr->length = 0; ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); goto start; } + if (s->s3->alert_fragment_len >= 2) { int alert_level = s->s3->alert_fragment[0]; int alert_descr = s->s3->alert_fragment[1]; @@ -1500,7 +1498,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) s->rwstate = SSL_NOTHING; s->s3->fatal_alert = alert_descr; SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); - BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); + BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; SSL_CTX_remove_session(s->session_ctx, s->session); diff --git a/freebsd/crypto/openssl/ssl/s3_srvr.c b/freebsd/crypto/openssl/ssl/s3_srvr.c index 6162941b..40524d99 100644 --- a/freebsd/crypto/openssl/ssl/s3_srvr.c +++ b/freebsd/crypto/openssl/ssl/s3_srvr.c @@ -2512,7 +2512,7 @@ int ssl3_get_client_key_exchange(SSL *s) /* * Note that the length is checked again below, ** after decryption */ - if (enc_pms.length > sizeof pms) { + if (enc_pms.length > sizeof(pms)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; @@ -2565,7 +2565,7 @@ int ssl3_get_client_key_exchange(SSL *s) if (enc == NULL) goto err; - memset(iv, 0, sizeof iv); /* per RFC 1510 */ + memset(iv, 0, sizeof(iv)); /* per RFC 1510 */ if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, diff --git a/freebsd/crypto/openssl/ssl/ssl_cert.c b/freebsd/crypto/openssl/ssl/ssl_cert.c index f138fbcf..6becbd65 100644 --- a/freebsd/crypto/openssl/ssl/ssl_cert.c +++ b/freebsd/crypto/openssl/ssl/ssl_cert.c @@ -638,13 +638,13 @@ SESS_CERT *ssl_sess_cert_new(void) { SESS_CERT *ret; - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); return NULL; } - memset(ret, 0, sizeof *ret); + memset(ret, 0, sizeof(*ret)); ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); ret->references = 1; @@ -1020,15 +1020,15 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, char buf[1024]; int r; - if (strlen(dir) + strlen(filename) + 2 > sizeof buf) { + if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) { SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, SSL_R_PATH_TOO_LONG); goto err; } #ifdef OPENSSL_SYS_VMS - r = BIO_snprintf(buf, sizeof buf, "%s%s", dir, filename); + r = BIO_snprintf(buf, sizeof(buf), "%s%s", dir, filename); #else - r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename); + r = BIO_snprintf(buf, sizeof(buf), "%s/%s", dir, filename); #endif if (r <= 0 || r >= (int)sizeof(buf)) goto err; diff --git a/freebsd/crypto/openssl/ssl/ssl_lib.c b/freebsd/crypto/openssl/ssl/ssl_lib.c index 43e3f76b..cbcecb77 100644 --- a/freebsd/crypto/openssl/ssl/ssl_lib.c +++ b/freebsd/crypto/openssl/ssl/ssl_lib.c @@ -345,7 +345,7 @@ SSL *SSL_new(SSL_CTX *ctx) s->verify_depth = ctx->verify_depth; #endif s->sid_ctx_length = ctx->sid_ctx_length; - OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); + OPENSSL_assert(s->sid_ctx_length <= sizeof(s->sid_ctx)); memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); s->verify_callback = ctx->default_verify_callback; s->generate_session_id = ctx->generate_session_id; @@ -439,7 +439,7 @@ SSL *SSL_new(SSL_CTX *ctx) int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len) { - if (sid_ctx_len > sizeof ctx->sid_ctx) { + if (sid_ctx_len > sizeof(ctx->sid_ctx)) { SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; @@ -492,7 +492,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, */ SSL_SESSION r, *p; - if (id_len > sizeof r.session_id) + if (id_len > sizeof(r.session_id)) return 0; r.ssl_version = ssl->version; diff --git a/freebsd/crypto/openssl/ssl/ssl_sess.c b/freebsd/crypto/openssl/ssl/ssl_sess.c index fbded359..66a3d253 100644 --- a/freebsd/crypto/openssl/ssl/ssl_sess.c +++ b/freebsd/crypto/openssl/ssl/ssl_sess.c @@ -531,7 +531,7 @@ int ssl_get_new_session(SSL *s, int session) ss->session_id_length = 0; } - if (s->sid_ctx_length > sizeof ss->sid_ctx) { + if (s->sid_ctx_length > sizeof(ss->sid_ctx)) { SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR); SSL_SESSION_free(ss); return 0; @@ -872,9 +872,9 @@ void SSL_SESSION_free(SSL_SESSION *ss) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); - OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg); - OPENSSL_cleanse(ss->master_key, sizeof ss->master_key); - OPENSSL_cleanse(ss->session_id, sizeof ss->session_id); + OPENSSL_cleanse(ss->key_arg, sizeof(ss->key_arg)); + OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key)); + OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id)); if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); if (ss->peer != NULL) diff --git a/freebsd/crypto/openssl/ssl/ssltest.c b/freebsd/crypto/openssl/ssl/ssltest.c index f6da7d32..352dbedc 100644 --- a/freebsd/crypto/openssl/ssl/ssltest.c +++ b/freebsd/crypto/openssl/ssl/ssltest.c @@ -1104,7 +1104,7 @@ int main(int argc, char *argv[]) } CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - RAND_seed(rnd_seed, sizeof rnd_seed); + RAND_seed(rnd_seed, sizeof(rnd_seed)); bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); @@ -1675,9 +1675,9 @@ int main(int argc, char *argv[]) { int session_id_context = 0; SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, - sizeof session_id_context); + sizeof(session_id_context)); SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context, - sizeof session_id_context); + sizeof(session_id_context)); } /* Use PSK only if PSK key is given */ @@ -1863,9 +1863,9 @@ int main(int argc, char *argv[]) if (c_ssl && c_ssl->kssl_ctx) { char localhost[MAXHOSTNAMELEN + 2]; - if (gethostname(localhost, sizeof localhost - 1) == 0) { - localhost[sizeof localhost - 1] = '\0'; - if (strlen(localhost) == sizeof localhost - 1) { + if (gethostname(localhost, sizeof(localhost) - 1) == 0) { + localhost[sizeof(localhost) - 1] = '\0'; + if (strlen(localhost) == sizeof(localhost) - 1) { BIO_printf(bio_err, "localhost name too long\n"); goto end; } @@ -2043,8 +2043,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (cw_num > 0) { /* Write to server. */ - if (cw_num > (long)sizeof cbuf) - i = sizeof cbuf; + if (cw_num > (long)sizeof(cbuf)) + i = sizeof(cbuf); else i = (int)cw_num; r = BIO_write(c_ssl_bio, cbuf, i); @@ -2120,8 +2120,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (sw_num > 0) { /* Write to client. */ - if (sw_num > (long)sizeof sbuf) - i = sizeof sbuf; + if (sw_num > (long)sizeof(sbuf)) + i = sizeof(sbuf); else i = (int)sw_num; r = BIO_write(s_ssl_bio, sbuf, i); @@ -2632,7 +2632,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) char *s, buf[256]; s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, - sizeof buf); + sizeof(buf)); if (s != NULL) { if (ok) fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); diff --git a/freebsd/crypto/openssl/ssl/t1_enc.c b/freebsd/crypto/openssl/ssl/t1_enc.c index 4969b6ef..662c4989 100644 --- a/freebsd/crypto/openssl/ssl/t1_enc.c +++ b/freebsd/crypto/openssl/ssl/t1_enc.c @@ -974,7 +974,7 @@ int tls1_final_finish_mac(SSL *s, int hashsize = EVP_MD_size(md); EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx]; if (!hdgst || hashsize < 0 - || hashsize > (int)(sizeof buf - (size_t)(q - buf))) { + || hashsize > (int)(sizeof(buf) - (size_t)(q - buf))) { /* * internal error: 'buf' is too small for this cipersuite! */ @@ -992,7 +992,7 @@ int tls1_final_finish_mac(SSL *s, if (!tls1_PRF(ssl_get_algorithm2(s), str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0, s->session->master_key, s->session->master_key_length, - out, buf2, sizeof buf2)) + out, buf2, sizeof(buf2))) err = 1; EVP_MD_CTX_cleanup(&ctx); @@ -1001,7 +1001,7 @@ int tls1_final_finish_mac(SSL *s, if (err) return 0; else - return sizeof buf2; + return sizeof(buf2); } int tls1_mac(SSL *ssl, unsigned char *md, int send) @@ -1167,8 +1167,8 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, s->s3->client_random, SSL3_RANDOM_SIZE, co, col, s->s3->server_random, SSL3_RANDOM_SIZE, - so, sol, p, len, s->session->master_key, buff, sizeof buff); - OPENSSL_cleanse(buff, sizeof buff); + so, sol, p, len, s->session->master_key, buff, sizeof(buff)); + OPENSSL_cleanse(buff, sizeof(buff)); #ifdef SSL_DEBUG fprintf(stderr, "Premaster Secret:\n"); BIO_dump_fp(stderr, (char *)p, len); diff --git a/freebsd/crypto/openssl/ssl/t1_lib.c b/freebsd/crypto/openssl/ssl/t1_lib.c index 5e86a780..8434aa57 100644 --- a/freebsd/crypto/openssl/ssl/t1_lib.c +++ b/freebsd/crypto/openssl/ssl/t1_lib.c @@ -58,7 +58,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -2286,8 +2286,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, # ifndef OPENSSL_NO_EC else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; - int ecpointformatlist_length = *(sdata++); + int ecpointformatlist_length; + if (size == 0) + goto err; + + ecpointformatlist_length = *(sdata++); if (ecpointformatlist_length != size - 1 || ecpointformatlist_length < 1) goto err; @@ -2713,8 +2717,14 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, # ifndef OPENSSL_NO_EC else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; - int ecpointformatlist_length = *(sdata++); + int ecpointformatlist_length; + + if (size == 0) { + *al = TLS1_AD_DECODE_ERROR; + return 0; + } + ecpointformatlist_length = *(sdata++); if (ecpointformatlist_length != size - 1) { *al = TLS1_AD_DECODE_ERROR; return 0; @@ -3507,6 +3517,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, EVP_CIPHER_CTX ctx; SSL_CTX *tctx = s->initial_ctx; + /* Need at least keyname + iv */ + if (eticklen < 16 + EVP_MAX_IV_LENGTH) + return 2; + /* Initialize session ticket encryption and HMAC contexts */ HMAC_CTX_init(&hctx); EVP_CIPHER_CTX_init(&ctx); @@ -3515,9 +3529,12 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16, &ctx, &hctx, 0); if (rv < 0) - return -1; - if (rv == 0) + goto err; + if (rv == 0) { + HMAC_CTX_cleanup(&hctx); + EVP_CIPHER_CTX_cleanup(&ctx); return 2; + } if (rv == 2) renew_ticket = 1; } else { diff --git a/freebsd/crypto/openssl/ssl/t1_trce.c b/freebsd/crypto/openssl/ssl/t1_trce.c index b006e517..99028d20 100644 --- a/freebsd/crypto/openssl/ssl/t1_trce.c +++ b/freebsd/crypto/openssl/ssl/t1_trce.c @@ -1249,13 +1249,15 @@ void SSL_trace(int write_p, int version, int content_type, break; case SSL3_RT_ALERT: - if (msglen != 2) + if (msglen != 2) { BIO_puts(bio, " Illegal Alert Length\n"); - else { + } else { BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n", SSL_alert_type_string_long(msg[0] << 8), msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]); } + break; + case TLS1_RT_HEARTBEAT: ssl_print_heartbeat(bio, 4, msg, msglen); break; -- cgit v1.2.3