Add back EC NIST P-224 and revert SSL_read() change
- revert SSL_read() behavior change - patch from upstream (#1394677) - EC curve NIST P-224 is now allowed, still kept disabled in TLS due to less than optimal security
This commit is contained in:
parent
be56ae067b
commit
e443a79334
45
ec_curve.c
45
ec_curve.c
@ -36,6 +36,44 @@ typedef struct {
|
||||
} EC_CURVE_DATA;
|
||||
|
||||
/* the nist prime curves */
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 28 * 6];
|
||||
} _EC_NIST_PRIME_224 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 28, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
|
||||
0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x01,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE,
|
||||
/* b */
|
||||
0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
|
||||
0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
|
||||
0x23, 0x55, 0xFF, 0xB4,
|
||||
/* x */
|
||||
0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
|
||||
0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
|
||||
0x11, 0x5C, 0x1D, 0x21,
|
||||
/* y */
|
||||
0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
|
||||
0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
|
||||
0x85, 0x00, 0x7e, 0x34,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
|
||||
0x5C, 0x5C, 0x2A, 0x3D
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 48 * 6];
|
||||
@ -220,6 +258,13 @@ typedef struct _ec_list_element_st {
|
||||
static const ec_list_element curve_list[] = {
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#else
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#endif
|
||||
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||
"SECG curve over a 256 bit prime field"},
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
|
65
ectest.c
65
ectest.c
@ -236,6 +236,70 @@ static void prime_field_tests(void)
|
||||
if (x == NULL || y == NULL || z == NULL || yplusone == NULL)
|
||||
ABORT;
|
||||
|
||||
/* Curve P-224 (FIPS PUB 186-2, App. 6) */
|
||||
|
||||
if (!BN_hex2bn
|
||||
(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
|
||||
ABORT;
|
||||
if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
|
||||
ABORT;
|
||||
if (!BN_hex2bn
|
||||
(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
|
||||
ABORT;
|
||||
if (!BN_hex2bn
|
||||
(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
|
||||
ABORT;
|
||||
if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
|
||||
ABORT;
|
||||
|
||||
if (!BN_hex2bn
|
||||
(&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
|
||||
ABORT;
|
||||
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
|
||||
ABORT;
|
||||
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
|
||||
ABORT;
|
||||
if (!BN_hex2bn
|
||||
(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
|
||||
ABORT;
|
||||
if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
|
||||
ABORT;
|
||||
|
||||
if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
|
||||
ABORT;
|
||||
fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x");
|
||||
BN_print_fp(stdout, x);
|
||||
fprintf(stdout, "\n y = 0x");
|
||||
BN_print_fp(stdout, y);
|
||||
fprintf(stdout, "\n");
|
||||
/* G_y value taken from the standard: */
|
||||
if (!BN_hex2bn
|
||||
(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
|
||||
ABORT;
|
||||
if (0 != BN_cmp(y, z))
|
||||
ABORT;
|
||||
|
||||
if (!BN_add(yplusone, y, BN_value_one()))
|
||||
ABORT;
|
||||
/*
|
||||
* When (x, y) is on the curve, (x, y + 1) is, as it happens, not,
|
||||
* and therefore setting the coordinates should fail.
|
||||
*/
|
||||
if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx))
|
||||
ABORT;
|
||||
|
||||
fprintf(stdout, "verify degree ...");
|
||||
if (EC_GROUP_get_degree(group) != 224)
|
||||
ABORT;
|
||||
fprintf(stdout, " ok\n");
|
||||
|
||||
group_order_tests(group);
|
||||
|
||||
if ((P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL)
|
||||
ABORT;
|
||||
if (!EC_GROUP_copy(P_224, group))
|
||||
ABORT;
|
||||
|
||||
/* Curve P-256 (FIPS PUB 186-2, App. 6) */
|
||||
|
||||
if (!BN_hex2bn
|
||||
@ -556,6 +620,7 @@ static void prime_field_tests(void)
|
||||
BN_free(z);
|
||||
BN_free(yplusone);
|
||||
|
||||
EC_GROUP_free(P_224);
|
||||
EC_GROUP_free(P_256);
|
||||
EC_GROUP_free(P_384);
|
||||
EC_GROUP_free(P_521);
|
||||
|
@ -26,7 +26,7 @@ for c in `find crypto/bn -name "*gf2m.c"`; do
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c" -o -name "ecp_nistp22?.c"`; do
|
||||
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
@ -1,13 +1,13 @@
|
||||
diff -up openssl-1.1.0/apps/speed.c.curves openssl-1.1.0/apps/speed.c
|
||||
--- openssl-1.1.0/apps/speed.c.curves 2016-09-08 11:03:15.550585422 +0200
|
||||
+++ openssl-1.1.0/apps/speed.c 2016-09-08 11:05:17.287315488 +0200
|
||||
@@ -536,42 +536,16 @@ static OPT_PAIR rsa_choices[] = {
|
||||
@@ -536,42 +536,18 @@ static OPT_PAIR rsa_choices[] = {
|
||||
#define R_EC_X25519 16
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static OPT_PAIR ecdsa_choices[] = {
|
||||
- {"ecdsap160", R_EC_P160},
|
||||
- {"ecdsap192", R_EC_P192},
|
||||
- {"ecdsap224", R_EC_P224},
|
||||
{"ecdsap224", R_EC_P224},
|
||||
{"ecdsap256", R_EC_P256},
|
||||
{"ecdsap384", R_EC_P384},
|
||||
{"ecdsap521", R_EC_P521},
|
||||
@ -27,7 +27,7 @@ diff -up openssl-1.1.0/apps/speed.c.curves openssl-1.1.0/apps/speed.c
|
||||
static OPT_PAIR ecdh_choices[] = {
|
||||
- {"ecdhp160", R_EC_P160},
|
||||
- {"ecdhp192", R_EC_P192},
|
||||
- {"ecdhp224", R_EC_P224},
|
||||
{"ecdhp224", R_EC_P224},
|
||||
{"ecdhp256", R_EC_P256},
|
||||
{"ecdhp384", R_EC_P384},
|
||||
{"ecdhp521", R_EC_P521},
|
||||
@ -44,21 +44,21 @@ diff -up openssl-1.1.0/apps/speed.c.curves openssl-1.1.0/apps/speed.c
|
||||
{"ecdhx25519", R_EC_X25519},
|
||||
{NULL}
|
||||
};
|
||||
diff -up openssl-1.1.0/include/openssl/ec.h.curves openssl-1.1.0/include/openssl/ec.h
|
||||
--- openssl-1.1.0/include/openssl/ec.h.curves 2016-08-25 17:29:22.000000000 +0200
|
||||
+++ openssl-1.1.0/include/openssl/ec.h 2016-09-08 11:03:15.550585422 +0200
|
||||
@@ -80,11 +80,6 @@ const EC_METHOD *EC_GFp_mont_method(void
|
||||
const EC_METHOD *EC_GFp_nist_method(void);
|
||||
diff -up openssl-1.1.0c/crypto/ec/ecp_smpl.c.curves openssl-1.1.0c/crypto/ec/ecp_smpl.c
|
||||
--- openssl-1.1.0c/crypto/ec/ecp_smpl.c.curves 2016-11-10 15:03:44.000000000 +0100
|
||||
+++ openssl-1.1.0c/crypto/ec/ecp_smpl.c 2016-11-11 13:31:51.329603626 +0100
|
||||
@@ -144,6 +144,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
|
||||
return 0;
|
||||
}
|
||||
|
||||
# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
-/** Returns 64-bit optimized methods for nistp224
|
||||
- * \return EC_METHOD object
|
||||
- */
|
||||
-const EC_METHOD *EC_GFp_nistp224_method(void);
|
||||
-
|
||||
/** Returns 64-bit optimized methods for nistp256
|
||||
* \return EC_METHOD object
|
||||
*/
|
||||
+ if (BN_num_bits(p) < 224) {
|
||||
+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (ctx == NULL) {
|
||||
ctx = new_ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
diff -up openssl-1.1.0/ssl/t1_lib.c.curves openssl-1.1.0/ssl/t1_lib.c
|
||||
--- openssl-1.1.0/ssl/t1_lib.c.curves 2016-09-08 11:03:15.551585445 +0200
|
||||
+++ openssl-1.1.0/ssl/t1_lib.c 2016-09-08 11:06:58.072575697 +0200
|
||||
|
@ -786,21 +786,6 @@ diff -up openssl-1.1.0c/crypto/ec/ec_key.c.fips openssl-1.1.0c/crypto/ec/ec_key.
|
||||
ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
|
||||
return 0;
|
||||
}
|
||||
diff -up openssl-1.1.0c/crypto/ec/ecp_smpl.c.fips openssl-1.1.0c/crypto/ec/ecp_smpl.c
|
||||
--- openssl-1.1.0c/crypto/ec/ecp_smpl.c.fips 2016-11-10 15:03:44.000000000 +0100
|
||||
+++ openssl-1.1.0c/crypto/ec/ecp_smpl.c 2016-11-11 13:31:51.329603626 +0100
|
||||
@@ -144,6 +144,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
|
||||
return 0;
|
||||
}
|
||||
|
||||
+ if (BN_num_bits(p) < 256) {
|
||||
+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (ctx == NULL) {
|
||||
ctx = new_ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
diff -up openssl-1.1.0c/crypto/err/err_all.c.fips openssl-1.1.0c/crypto/err/err_all.c
|
||||
--- openssl-1.1.0c/crypto/err/err_all.c.fips 2016-11-10 15:03:44.000000000 +0100
|
||||
+++ openssl-1.1.0c/crypto/err/err_all.c 2016-11-11 13:31:51.329603626 +0100
|
||||
|
270
openssl-1.1.0-sslread-revert.patch
Normal file
270
openssl-1.1.0-sslread-revert.patch
Normal file
@ -0,0 +1,270 @@
|
||||
From 11f1fd4b0d1b3aef5c79b843d081dbb9bcd0b85f Mon Sep 17 00:00:00 2001
|
||||
From: Kurt Roeckx <kurt@roeckx.be>
|
||||
Date: Tue, 15 Nov 2016 18:58:52 +0100
|
||||
Subject: [PATCH] Make SSL_read and SSL_write return the old behaviour and
|
||||
document it.
|
||||
|
||||
Backport of beacb0f0c1ae7b0542fe053b95307f515b578eb7, revert of
|
||||
122580ef71e4e5f355a1a104c9bfb36feee43759
|
||||
|
||||
Fixes: #1903
|
||||
|
||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||
|
||||
GH: #1966
|
||||
---
|
||||
doc/ssl/SSL_get_error.pod | 22 +++++++++---------
|
||||
doc/ssl/SSL_read.pod | 29 +++++++++---------------
|
||||
doc/ssl/SSL_write.pod | 19 +++++++---------
|
||||
ssl/record/rec_layer_s3.c | 14 ++++--------
|
||||
test/asynciotest.c | 57 ++++++++++++++++++++++++++++++++++-------------
|
||||
5 files changed, 75 insertions(+), 66 deletions(-)
|
||||
|
||||
diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
|
||||
index ddd72f7..47d2358 100644
|
||||
--- a/doc/ssl/SSL_get_error.pod
|
||||
+++ b/doc/ssl/SSL_get_error.pod
|
||||
@@ -38,12 +38,13 @@ if and only if B<ret E<gt> 0>.
|
||||
|
||||
=item SSL_ERROR_ZERO_RETURN
|
||||
|
||||
-The TLS/SSL connection has been closed. If the protocol version is SSL 3.0
|
||||
-or TLS 1.0, this result code is returned only if a closure
|
||||
-alert has occurred in the protocol, i.e. if the connection has been
|
||||
-closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
|
||||
-does not necessarily indicate that the underlying transport
|
||||
-has been closed.
|
||||
+The TLS/SSL connection has been closed.
|
||||
+If the protocol version is SSL 3.0 or higher, this result code is returned only
|
||||
+if a closure alert has occurred in the protocol, i.e. if the connection has been
|
||||
+closed cleanly.
|
||||
+Note that in this case B<SSL_ERROR_ZERO_RETURN> does not necessarily
|
||||
+indicate that the underlying transport has been closed.
|
||||
+
|
||||
|
||||
=item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
|
||||
|
||||
@@ -111,12 +112,9 @@ thread has completed.
|
||||
|
||||
=item SSL_ERROR_SYSCALL
|
||||
|
||||
-Some I/O error occurred. The OpenSSL error queue may contain more
|
||||
-information on the error. If the error queue is empty
|
||||
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
|
||||
-about the error: If B<ret == 0>, an EOF was observed that violates
|
||||
-the protocol. If B<ret == -1>, the underlying B<BIO> reported an
|
||||
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
|
||||
+Some non-recoverable I/O error occurred.
|
||||
+The OpenSSL error queue may contain more information on the error.
|
||||
+For socket I/O on Unix systems, consult B<errno> for details.
|
||||
|
||||
=item SSL_ERROR_SSL
|
||||
|
||||
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
|
||||
index 8dff244..20ccf40 100644
|
||||
--- a/doc/ssl/SSL_read.pod
|
||||
+++ b/doc/ssl/SSL_read.pod
|
||||
@@ -81,28 +81,21 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
-=item E<gt>0
|
||||
+=item E<gt> 0
|
||||
|
||||
-The read operation was successful; the return value is the number of
|
||||
-bytes actually read from the TLS/SSL connection.
|
||||
+The read operation was successful.
|
||||
+The return value is the number of bytes actually read from the TLS/SSL
|
||||
+connection.
|
||||
|
||||
-=item Z<>0
|
||||
+=item Z<><= 0
|
||||
|
||||
-The read operation was not successful. The reason may either be a clean
|
||||
-shutdown due to a "close notify" alert sent by the peer (in which case
|
||||
-the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
|
||||
-(see L<SSL_shutdown(3)>,
|
||||
-L<SSL_set_shutdown(3)>). It is also possible, that
|
||||
-the peer simply shut down the underlying transport and the shutdown is
|
||||
-incomplete. Call SSL_get_error() with the return value B<ret> to find out,
|
||||
-whether an error occurred or the connection was shut down cleanly
|
||||
-(SSL_ERROR_ZERO_RETURN).
|
||||
+The read operation was not successful, because either the connection was closed,
|
||||
+an error occurred or action must be taken by the calling process.
|
||||
+Call L<SSL_get_error(3)> with the return value B<ret> to find out the reason.
|
||||
|
||||
-=item E<lt>0
|
||||
-
|
||||
-The read operation was not successful, because either an error occurred
|
||||
-or action must be taken by the calling process. Call SSL_get_error() with the
|
||||
-return value B<ret> to find out the reason.
|
||||
+Old documentation indicated a difference between 0 and -1, and that -1 was
|
||||
+retryable.
|
||||
+You should instead call SSL_get_error() to find out if it's retryable.
|
||||
|
||||
=back
|
||||
|
||||
diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
|
||||
index 5ab0790..ef3b92a 100644
|
||||
--- a/doc/ssl/SSL_write.pod
|
||||
+++ b/doc/ssl/SSL_write.pod
|
||||
@@ -74,23 +74,20 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
-=item E<gt>0
|
||||
+=item E<gt> 0
|
||||
|
||||
The write operation was successful, the return value is the number of
|
||||
bytes actually written to the TLS/SSL connection.
|
||||
|
||||
-=item Z<>0
|
||||
+=item Z<><= 0
|
||||
|
||||
-The write operation was not successful. Probably the underlying connection
|
||||
-was closed. Call SSL_get_error() with the return value B<ret> to find out,
|
||||
-whether an error occurred or the connection was shut down cleanly
|
||||
-(SSL_ERROR_ZERO_RETURN).
|
||||
+The write operation was not successful, because either the connection was
|
||||
+closed, an error occurred or action must be taken by the calling process.
|
||||
+Call SSL_get_error() with the return value B<ret> to find out the reason.
|
||||
|
||||
-=item E<lt>0
|
||||
-
|
||||
-The write operation was not successful, because either an error occurred
|
||||
-or action must be taken by the calling process. Call SSL_get_error() with the
|
||||
-return value B<ret> to find out the reason.
|
||||
+Old documentation indicated a difference between 0 and -1, and that -1 was
|
||||
+retryable.
|
||||
+You should instead call SSL_get_error() to find out if it's retryable.
|
||||
|
||||
=back
|
||||
|
||||
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
|
||||
index 28de7c3..1270a5f 100644
|
||||
--- a/ssl/record/rec_layer_s3.c
|
||||
+++ b/ssl/record/rec_layer_s3.c
|
||||
@@ -178,10 +178,7 @@ const char *SSL_rstate_string(const SSL *s)
|
||||
}
|
||||
|
||||
/*
|
||||
- * Return values are as per SSL_read(), i.e.
|
||||
- * >0 The number of read bytes
|
||||
- * 0 Failure (not retryable)
|
||||
- * <0 Failure (may be retryable)
|
||||
+ * Return values are as per SSL_read()
|
||||
*/
|
||||
int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
|
||||
{
|
||||
@@ -312,7 +309,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
|
||||
if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
|
||||
if (len + left == 0)
|
||||
ssl3_release_read_buffer(s);
|
||||
- return -1;
|
||||
+ return i;
|
||||
}
|
||||
left += i;
|
||||
/*
|
||||
@@ -882,10 +879,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
|
||||
|
||||
/* if s->s3->wbuf.left != 0, we need to call this
|
||||
*
|
||||
- * Return values are as per SSL_read(), i.e.
|
||||
- * >0 The number of read bytes
|
||||
- * 0 Failure (not retryable)
|
||||
- * <0 Failure (may be retryable)
|
||||
+ * Return values are as per SSL_write()
|
||||
*/
|
||||
int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
|
||||
unsigned int len)
|
||||
@@ -936,7 +930,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
|
||||
*/
|
||||
SSL3_BUFFER_set_left(&wb[currbuf], 0);
|
||||
}
|
||||
- return -1;
|
||||
+ return i;
|
||||
}
|
||||
SSL3_BUFFER_add_offset(&wb[currbuf], i);
|
||||
SSL3_BUFFER_add_left(&wb[currbuf], -i);
|
||||
diff --git a/test/asynciotest.c b/test/asynciotest.c
|
||||
index 0d382d7..133e3d5 100644
|
||||
--- a/test/asynciotest.c
|
||||
+++ b/test/asynciotest.c
|
||||
@@ -297,32 +297,59 @@ int main(int argc, char *argv[])
|
||||
* we hit at least one async event in both reading and writing
|
||||
*/
|
||||
for (j = 0; j < 2; j++) {
|
||||
+ int len;
|
||||
+
|
||||
/*
|
||||
* Write some test data. It should never take more than 2 attempts
|
||||
- * (the first one might be a retryable fail). A zero return from
|
||||
- * SSL_write() is a non-retryable failure, so fail immediately if
|
||||
- * we get that.
|
||||
+ * (the first one might be a retryable fail).
|
||||
*/
|
||||
- for (ret = -1, i = 0; ret < 0 && i < 2 * sizeof(testdata); i++)
|
||||
- ret = SSL_write(clientssl, testdata, sizeof(testdata));
|
||||
- if (ret <= 0) {
|
||||
- printf("Test %d failed: Failed to write app data\n", test);
|
||||
+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
|
||||
+ i++) {
|
||||
+ ret = SSL_write(clientssl, testdata + len,
|
||||
+ sizeof(testdata) - len);
|
||||
+ if (ret > 0) {
|
||||
+ len += ret;
|
||||
+ } else {
|
||||
+ int ssl_error = SSL_get_error(clientssl, ret);
|
||||
+
|
||||
+ if (ssl_error == SSL_ERROR_SYSCALL ||
|
||||
+ ssl_error == SSL_ERROR_SSL) {
|
||||
+ printf("Test %d failed: Failed to write app data\n", test);
|
||||
+ err = -1;
|
||||
+ goto end;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+ if (len != sizeof(testdata)) {
|
||||
+ err = -1;
|
||||
+ printf("Test %d failed: Failed to write all app data\n", test);
|
||||
goto end;
|
||||
}
|
||||
/*
|
||||
* Now read the test data. It may take more attemps here because
|
||||
* it could fail once for each byte read, including all overhead
|
||||
- * bytes from the record header/padding etc. Fail immediately if we
|
||||
- * get a zero return from SSL_read().
|
||||
+ * bytes from the record header/padding etc.
|
||||
*/
|
||||
- for (ret = -1, i = 0; ret < 0 && i < MAX_ATTEMPTS; i++)
|
||||
- ret = SSL_read(serverssl, buf, sizeof(buf));
|
||||
- if (ret <= 0) {
|
||||
- printf("Test %d failed: Failed to read app data\n", test);
|
||||
- goto end;
|
||||
+ for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
|
||||
+ i < MAX_ATTEMPTS; i++)
|
||||
+ {
|
||||
+ ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);
|
||||
+ if (ret > 0) {
|
||||
+ len += ret;
|
||||
+ } else {
|
||||
+ int ssl_error = SSL_get_error(serverssl, ret);
|
||||
+
|
||||
+ if (ssl_error == SSL_ERROR_SYSCALL ||
|
||||
+ ssl_error == SSL_ERROR_SSL) {
|
||||
+ printf("Test %d failed: Failed to read app data\n", test);
|
||||
+ err = -1;
|
||||
+ goto end;
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
- if (ret != sizeof(testdata)
|
||||
+ if (len != sizeof(testdata)
|
||||
|| memcmp(buf, testdata, sizeof(testdata)) != 0) {
|
||||
+ err = -1;
|
||||
printf("Test %d failed: Unexpected app data received\n", test);
|
||||
goto end;
|
||||
}
|
||||
--
|
||||
2.5.5
|
||||
|
@ -22,7 +22,7 @@
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.1.0c
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
@ -425,6 +425,11 @@ export LD_LIBRARY_PATH
|
||||
%postun libs -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Tue Nov 22 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0c-2
|
||||
- revert SSL_read() behavior change - patch from upstream (#1394677)
|
||||
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
|
||||
to less than optimal security
|
||||
|
||||
* Fri Nov 11 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0c-1
|
||||
- update to upstream version 1.1.0c
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user