Fedor Indutny via RT | 18 Dec 15:31 2014
Picon

[openssl.org #3637] [PATCH] x509: skip certs if in alternative cert chain

In situations like [0] the server may provide alternative certificate
chain, which is no longer valid in the current certificate store. In
fact the issuer of the leaf (or some intermediate) cert is known and
trusted, but the alternative chain certs that are sent by server are
not trusted, thus leading to `ctx->get_issuer(...)` return 0.

This patch changes the default behavior from "borking out the whole sent
chain" to "pop as much certs as needed to make it work".

Basically, it pops the last cert and checks if the previous has known
issuer.

[0]: https://bugzilla.mozilla.org/show_bug.cgi?id=986005#c4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJUkm/WAAoJENcGPM4Zt+iQO1UQAIIWnbOwB4DG3rT2E3GFQ3JU
gk2LFDFhrWgCmTPLki8TDkR664SimPYcMsI9Vg0v3v5PecQQaW2O/BLDYEJiZ07E
2nSQCI8APp10jIdt0QUmehP4uHYAYkGxOBnGzypsrXFz2N5MV4XJG1jUZOsgIgod
yZ2Vg8xTejnYrSJ/JfSNTBZy3s20wXDqh06TWNt6rn5o/AsT5l6/JVvC7Vi1DnNu
LcddPrCm2tiaUqVQP+Kn5tfYKGhACTGjnCi89t67rYYbZwxLN2YpgspB3Kv8aR4P
WMofhpZocAZ/uBQcshWe/ExiFsJESQazmM5KYLrVrLsa/hWYLx2E6Dl/N+6IvsUX
8eoG0QFa25iTRv+gLxXEiKca6EPuOWBm6kcz169nyogKBRBzASk3DMwK6TdOfiXI
5uw3zBByiI/DDaBQW62x1KTkTfrcg0pWZHurEVrSK7USr2nGLxI87IWq/e6kcd6x
QbkWmOY5qGoRVoBPjxeVowd5EfyaH2cM7bJLqXcNncYAEmIpvTUEN6YFbyUg2Nuc
DaqSUx6UrPOo3M2kyiqDdGz75Xq57ncWByvJ4Dj8DNqyxOliFG8Mldz7vDUYFbHt
aKR2UqehGsYZbnw/mFDRRtQ2WliB/BEtjISVKl7KPNgkv5twrZF7fMU/Oh3Mf7pe
(Continue reading)

ramyken | 18 Dec 11:16 2014
Picon

pkcs#7 signed data issue

Hi, i am trying to create pkcs#7 signed data structure and i have a problem
when using NID_pkcs7_signed (signedData content type) in PKCS7_content_new
function like this:

PKCS7_content_new(p7, NID_pkcs7_signed)

because when my app then calls PKCS7_dataFinal(p7,p7bio) i get a null
pointer in this construction (inside the scope of
PKCS7_dataFinal/pkcs7_doit.c function):

....
case NID_pkcs7_signed:
                si_sk=p7->d.sign->signer_info;
                os=PKCS7_get_octet_string(p7->d.sign->contents);    <------
NULL pointer returned to os
                /* If detached data then the content is excluded */
                if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached)
{
                        M_ASN1_OCTET_STRING_free(os);
                        p7->d.sign->contents->d.data = NULL;
                }
                break;
....

where PKCS7_get_octet_string(p7->d.sign->contents) gives NULL into os
variable and my app then crashes in the following condition when accesses
os->flags: if (!PKCS7_is_detached(p7) && !(os->flags &
ASN1_STRING_FLAG_NDEF)).

I know that this happens because PKCS7_get_octet_string and
(Continue reading)

Matt Caswell via RT | 18 Dec 11:10 2014
Picon

[openssl.org #3592] bug report. Crash. Critical? Security bug?

On Thu Dec 18 04:54:57 2014, v.badalyan <at> open-bs.ru wrote:
> Thanks! Great!
> 6000 calls. No crashes or leaks.... only messages like this in
> asterisk
> [2014-12-18 04:59:20] ERROR[31074][C-000013d4] res_rtp_asterisk.c:
> DTLS
> failure occurred on RTP instance '0x298c1d68' due to reason 'digest
> check
> failed', terminating
> [2014-12-18 04:59:28] ERROR[31081][C-000013d7] res_rtp_asterisk.c:
> DTLS
> failure occurred on RTP instance '0x29d16508' due to reason 'digest
> check
> failed', terminating
> [2014-12-18 05:04:07] ERROR[31881][C-0000142d] res_rtp_asterisk.c:
> DTLS
> failure occurred on RTP instance '0x29fe0ac8' due to reason 'digest
> check
> failed', terminating
>
> But 99% call go normal. We will test on production server and high
> load.

Good news. Let me know how the testing goes in production so that I can
(hopefully) close the ticket.

Matt

_______________________________________________
openssl-dev mailing list
(Continue reading)

Fedor Indutny | 18 Dec 10:49 2014

[PATCH] x509: skip certs if in alternative cert chain

In situations like [0] the server may provide alternative certificate
chain, which is no longer valid in the current certificate store. In
fact the issuer of the leaf (or some intermediate) cert is known and
trusted, but the alternative chain certs that are sent by server are
not trusted, thus leading to `ctx->get_issuer(...)` return 0.

This patch changes the default behavior from "borking out the whole sent
chain" to "pop as much certs as needed to make it work".

Basically, it pops the last cert and checks if the previous has known
issuer.


NOTE: Possibly duplicate, I didn't get a reply from openssl-bugs <at>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJUkm/WAAoJENcGPM4Zt+iQO1UQAIIWnbOwB4DG3rT2E3GFQ3JU
gk2LFDFhrWgCmTPLki8TDkR664SimPYcMsI9Vg0v3v5PecQQaW2O/BLDYEJiZ07E
2nSQCI8APp10jIdt0QUmehP4uHYAYkGxOBnGzypsrXFz2N5MV4XJG1jUZOsgIgod
yZ2Vg8xTejnYrSJ/JfSNTBZy3s20wXDqh06TWNt6rn5o/AsT5l6/JVvC7Vi1DnNu
LcddPrCm2tiaUqVQP+Kn5tfYKGhACTGjnCi89t67rYYbZwxLN2YpgspB3Kv8aR4P
WMofhpZocAZ/uBQcshWe/ExiFsJESQazmM5KYLrVrLsa/hWYLx2E6Dl/N+6IvsUX
8eoG0QFa25iTRv+gLxXEiKca6EPuOWBm6kcz169nyogKBRBzASk3DMwK6TdOfiXI
5uw3zBByiI/DDaBQW62x1KTkTfrcg0pWZHurEVrSK7USr2nGLxI87IWq/e6kcd6x
QbkWmOY5qGoRVoBPjxeVowd5EfyaH2cM7bJLqXcNncYAEmIpvTUEN6YFbyUg2Nuc
DaqSUx6UrPOo3M2kyiqDdGz75Xq57ncWByvJ4Dj8DNqyxOliFG8Mldz7vDUYFbHt
aKR2UqehGsYZbnw/mFDRRtQ2WliB/BEtjISVKl7KPNgkv5twrZF7fMU/Oh3Mf7pe
Jiw6SKPj0JctQF8xpO5J
=4E+B
-----END PGP SIGNATURE-----
_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
Picon

Re: [openssl.org #3592] bug report. Crash. Critical? Security bug?

Thanks! Great!
6000 calls. No crashes or leaks.... only messages like this in asterisk
[2014-12-18 04:59:20] ERROR[31074][C-000013d4] res_rtp_asterisk.c: DTLS
failure occurred on RTP instance '0x298c1d68' due to reason 'digest check
failed', terminating
[2014-12-18 04:59:28] ERROR[31081][C-000013d7] res_rtp_asterisk.c: DTLS
failure occurred on RTP instance '0x29d16508' due to reason 'digest check
failed', terminating
[2014-12-18 05:04:07] ERROR[31881][C-0000142d] res_rtp_asterisk.c: DTLS
failure occurred on RTP instance '0x29fe0ac8' due to reason 'digest check
failed', terminating

But 99% call go normal. We will test on production server and high load.
Thanks!

2014-12-16 14:46 GMT+03:00 Matt Caswell via RT <rt <at> openssl.org>:
>
> On Mon Dec 15 13:39:43 2014, v.badalyan <at> open-bs.ru wrote:
> > Got assert
> > d1_both.c(296): OpenSSL internal error, assertion failed: s->init_num ==
> > (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
> >
>
> To confirm: you did retain your change to check the return value from
> dtls1_output_cert_chain?
>
> The official patch for that issue is here:
>
> https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=9beb948c0dae6056caddf46a9aa099e18905d184
>
> Matt
>
>

--

-- 
С уважением,
Бадалян Вячеслав Борисович

ООО "Открытые бизнес-решения"
Технический директор
+7 (495) 666-0-111
http://www.open-bs.ru

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
Rich Salz via RT | 17 Dec 23:26 2014
Picon

[openssl.org #3544] Remove MWERKS support

MWERKS added back to nw_rand.c
--
Rich Salz, OpenSSL dev team; rsalz <at> openssl.org

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev

Paul A. Steckler via RT | 17 Dec 21:18 2014
Picon

Re: [openssl.org #3635] Build error with 1.0.2-beta3

Many thanks!

-- Paul

On Wed, Dec 17, 2014 at 5:32 AM, Richard Levitte via RT <rt <at> openssl.org> wrote:
> Hi,
>
> As far as I can tell, the problem should be fixed as off commit
> 8bc8450a26329e3c890df60026f969e7caabff3d (for the 1.0.2 branch, I did apply the
> same changes to master and 1.0.1 branch as well). I went through all the
> available xxx_DEBUG macros to make sure they'd all be clear (at least with
> gcc).
>
> Cheers,
> Richard
>
> On Fri Dec 12 20:06:48 2014, steck <at> stecksoft.com wrote:
>> Hi,
>>
>> I'm trying to build 1.0.2-beta3 on Fedora 20 x86_64. I've configured
>> with some xxx_DEBUG
>> flags, which results in a compile failure in ssl/t1_enc.c. See the
>> attached testlog for
>> the exact flags used.
>>
>> Application details: N/A
>>
>> Problem Description:
>>
>> These compile-time (warnings and) errors:
>> --
>> t1_enc.c: In function ‘tls1_enc’:
>> t1_enc.c:843:4: warning: format ‘%d’ expects argument of type ‘int’,
>> but argument 4 has type ‘long unsigned int’ [-Wformat=]
>> ds->cipher->iv_len);
>> ^
>> t1_enc.c:843:4: warning: format ‘%d’ expects argument of type ‘int’,
>> but argument 5 has type ‘long unsigned int’ [-Wformat=]
>> t1_enc.c: In function ‘tls1_mac’:
>> t1_enc.c:1075:59: error: ‘mac_sec’ undeclared (first use in this function)
>> {unsigned int z; for (z=0; z<md_size; z++) printf("%02X
>> ",mac_sec[z]); printf("\n"); }
>> ^
>> t1_enc.c:1075:59: note: each undeclared identifier is reported only
>> once for each function it appears in
>> t1_enc.c:1079:44: error: ‘buf’ undeclared (first use in this function)
>> {int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
>> ^
>> t1_enc.c: In function ‘tls1_export_keying_material’:
>> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
>> but argument 4 has type ‘size_t’ [-Wformat=]
>> printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s,
>> out, olen, label, llen, context, contextlen);
>> ^
>> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
>> but argument 6 has type ‘size_t’ [-Wformat=]
>> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
>> but argument 8 has type ‘size_t’ [-Wformat=]
>> --
>>
>> Stack traceback: N/A
>>
>> -- Paul
>
>
> --
> Richard Levitte
> levitte <at> openssl.org
>

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
Picon

Coredump in Openssl Library

Hai All,

I am reporting one coredump when using openssl library

Can anyone have some idea on it.

hread 1 (Thread 28457):

#0  0x00007f1871bb61b5 in raise () from /lib/libc.so.6

#1  0x00007f1871bb8fc0 in abort () from /lib/libc.so.6

#2  0x00007f1871bec5bb in ?? () from /lib/libc.so.6

#3  0x00007f1871bf5e16 in ?? () from /lib/libc.so.6

#4  0x00007f1871bfab8c in free () from /lib/libc.so.6

#5  0x00007f187721c6b8 in CRYPTO_realloc_clean ()

   from /usr/lib/libcrypto.so.1.0.0

#6  0x00007f187727e8c5 in BUF_MEM_grow_clean ()

   from /usr/lib/libcrypto.so.1.0.0

#7  0x00007f187727fde7 in mem_write () from /usr/lib/libcrypto.so.1.0.0

#8  0x00007f187727eec9 in BIO_write () from /usr/lib/libcrypto.so.1.0.0


Regards

Satya

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
Vadim Lebedev | 17 Dec 15:05 2014

Possible bug in crypto/evp/e_aes.c:aes_cbc_cipher

Hello,

I'was tracking a segfault in EVP_OpneUdate and stumbled on following:

static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
	const unsigned char *in, size_t len)
{
	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;

	if (dat->stream.cbc)
		(*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
	else if (ctx->encrypt)
	 CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
	else
	 CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block); 

	return 1;
}

I think that the second call to CRYPTO_cbc128_encrypt  should be actually to
CRYPTO_cbc128_decrypt.

Any feedback please?
Thanks
Vadim

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev

Richard Levitte via RT | 17 Dec 14:51 2014
Picon

[openssl.org #3631] Bug in the binary search in OBJ_bsearch_ex_ in obj_dat.c (1.0.1j)

Are you using OBJ_bsearch_ex_ directly from your code? It seems to me that you
have misunderstood how it works. size is the size of one element of your array,
num is the number of elements. The actual size of the array (in bytes) should
then be size*num, and you need to make sure that it is.

I would, however, recommend that you don't call this function directly, and
instead use the macro OBJ_bsearch_ex, which will calculate the element size
properly for you, given a type that you give it.

On Fri Dec 12 17:52:07 2014, matthias.mucha <at> jojema.de wrote:
> Hello,
>
> I strapped down OpenSSL 1.0.1j to only the PEM to RSA, BIO and RSA
> public
> decrypt functions. So a bug in the binary search in appeared:
>
> Current code:
>
> const void *OBJ_bsearch_ex_(const void *key, const void *base_, int
> num,
> int size,
> int (*cmp)(const void *, const void *),
> int flags)
> {
> const char *base=base_;
> int l,h,i=0,c=0;
> const char *p = NULL;
>
> if (num == 0) return(NULL);
> l=0;
> h=num;
> while (l < h)
> {
> i=(l+h)/2;
> p= &(base[i*size]);
> c=(*cmp)(key,p);
> if (c < 0)
> h=i;
> else if (c > 0)
> l=i+1;
> else
> break;
> }
>
>
> [...]
>
> My case: size = 4
> num = 4
>
> In the first round i evaluates to 2 which can not be divided by size
> and lets p
> escape the frame for the pointers, which results in a segfault.
>
> General case:
>
> This will fail for every case where num < (size * 2)
>
>
> My fix:
>
> const void *OBJ_bsearch_ex_(const void *key, const void *base_, int
> num,
> int size,
> int (*cmp)(const void *, const void *),
> int flags)
> {
> const char *base=base_;
> int l,h,i=0,c=0;
> const char *p = NULL;
>
> if (num == 0) return(NULL);
> if (num < size*2) {
> while(i<num)
> {
> p=&(base[i*size]);
> c=(*cmp)(key,p);
> if (!c) break;
> else ++i;
> }
> }
> else {
> l=0;
> h=num;
> while (l < h)
> {
> i=(l+h)/2;
> p= &(base[i*size]);
> c=(*cmp)(key,p);
> if (c < 0)
> h=i;
> else if (c > 0)
> l=i+1;
> else
> break;
> }
> }
>
> [...]
>
> Regards
>
> Matthias Mucha
>

--
Richard Levitte
levitte <at> openssl.org

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev

Richard Levitte via RT | 17 Dec 14:32 2014
Picon

[openssl.org #3635] Build error with 1.0.2-beta3

Hi,

As far as I can tell, the problem should be fixed as off commit
8bc8450a26329e3c890df60026f969e7caabff3d (for the 1.0.2 branch, I did apply the
same changes to master and 1.0.1 branch as well). I went through all the
available xxx_DEBUG macros to make sure they'd all be clear (at least with
gcc).

Cheers,
Richard

On Fri Dec 12 20:06:48 2014, steck <at> stecksoft.com wrote:
> Hi,
>
> I'm trying to build 1.0.2-beta3 on Fedora 20 x86_64. I've configured
> with some xxx_DEBUG
> flags, which results in a compile failure in ssl/t1_enc.c. See the
> attached testlog for
> the exact flags used.
>
> Application details: N/A
>
> Problem Description:
>
> These compile-time (warnings and) errors:
> --
> t1_enc.c: In function ‘tls1_enc’:
> t1_enc.c:843:4: warning: format ‘%d’ expects argument of type ‘int’,
> but argument 4 has type ‘long unsigned int’ [-Wformat=]
> ds->cipher->iv_len);
> ^
> t1_enc.c:843:4: warning: format ‘%d’ expects argument of type ‘int’,
> but argument 5 has type ‘long unsigned int’ [-Wformat=]
> t1_enc.c: In function ‘tls1_mac’:
> t1_enc.c:1075:59: error: ‘mac_sec’ undeclared (first use in this function)
> {unsigned int z; for (z=0; z<md_size; z++) printf("%02X
> ",mac_sec[z]); printf("\n"); }
> ^
> t1_enc.c:1075:59: note: each undeclared identifier is reported only
> once for each function it appears in
> t1_enc.c:1079:44: error: ‘buf’ undeclared (first use in this function)
> {int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
> ^
> t1_enc.c: In function ‘tls1_export_keying_material’:
> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
> but argument 4 has type ‘size_t’ [-Wformat=]
> printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s,
> out, olen, label, llen, context, contextlen);
> ^
> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
> but argument 6 has type ‘size_t’ [-Wformat=]
> t1_enc.c:1176:2: warning: format ‘%d’ expects argument of type ‘int’,
> but argument 8 has type ‘size_t’ [-Wformat=]
> --
>
> Stack traceback: N/A
>
> -- Paul

--
Richard Levitte
levitte <at> openssl.org

_______________________________________________
openssl-dev mailing list
openssl-dev <at> openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev

Gmane