Fix typos and repeated words by gustafn · Pull Request #12370 · openssl/openssl

gustafn · 2020-07-04T20:08:20Z

CLA: trivial

This is essentially a backport of pull request #12320 to the OpenSSL_1_1_1-stable branch where also the recommended notation from the Linux man pages (https://man7.org/linux/man-pages/man7/man-pages.7.html) are respected.

Checklist

[ x] documentation is added or updated

InfoHunter · 2020-07-13T09:45:39Z

doc/man3/ERR_print_errors.pod

I wonder why the word filename should be treated as a whole while others like library name is not...

This change follows the conventions of the Linux man page project [1], which seem to be as well the preferred rule set in OpenSSL 3 [2]. These conventions state that "file name" should avoided and "filename" should be used instead. "Filename" is in some common dictionaries [3,4], while "libraryname" is not.

[1] https://man7.org/linux/man-pages/man7/man-pages.7.html
[2] https://github.com/openssl/openssl/blob/master/util/find-doc-nits#L552
[3] https://dictionary.cambridge.org/dictionary/english/filename
[4] https://www.macmillandictionary.com/dictionary/british/filename

mspncp · 2020-07-15T18:03:47Z

I'm a little bit confused, because it seems like you made some additional corrections here in #12370, which you didn't make in #12320 (see listing at the end). Some of these replacements seem ok, they preexisted on master (like time stamp -> timestamp), but others, most notably the changes non-blocking -> nonblocking and non-negative -> nonnegative appear to be new. At least, I still see a lot of misspelled instances on master (in the doc directory). Was this intentional or by mistake? If you did it intentionally, you might want to do it on master, too?

A propos: it seems like you made the corrections in the doc directory only, but there are also some misspellings in source code comments. Have you tried to correct those, too? Or did you avoid them in order not to break anything accidentally?

Here is my quick and dirty comparison of your two pull requests:

git show gh-12320 | grep '^[+-]' | grep -v -F -e '+++' -e '---' | sort > changes-12320
git show gh-12370 | grep '^[+-]' | grep -v -F -e '+++' -e '---' | sort > changes-12370
diff changes-12320 changes-12370

(watch out for the green lines, ++ vs. +-)

--- changes-12320	2020-07-15 19:22:39.056029036 +0200
+++ changes-12370	2020-07-15 19:22:46.952046672 +0200
@@ -1,119 +1,199 @@
++0 if their keys are equal, nonzero otherwise.
+-0 if their keys are equal, non-zero otherwise.
+-1 the shared secret is padded with zeroes up to the size of the DH prime B<p>.
++1 the shared secret is padded with zeros up to the size of the DH prime B<p>.
 +acceleration such as AES-NI (the low-level interfaces do not provide the
 -acceleration such as AES-NI (the low level interfaces do not provide the
++account for clock skew the B<maxsec> field can be set to nonzero in
+-account for clock skew the B<maxsec> field can be set to non-zero in
 +a client certificate. Therefore, merely including a client certificate
 +a client certificate. Therefore, merely including a client certificate
 -a client certificate. Therefore merely including a client certificate
 -a client certificate. Therefore merely including a client certificate
++Actually, any nonzero value means that this certificate could have been
+-Actually, any non-zero value means that this certificate could have been
++additionally store the filename and line number where
+-additionally store the file name and line number where
++adds them to the PRNG. If B<max_bytes> is nonnegative,
+-adds them to the PRNG. If B<max_bytes> is non-negative,
 +AES128-SHA based ciphers that have this capability. However, these are for
 -AES128-SHA based ciphers that have this capability. However these are for
-+    'a.k.a.'        => 'aka',
 +aka AVX512IFMA extension;
 -a.k.a. AVX512IFMA extension;
-+  * All of the low-level AES, Blowfish, Camellia, CAST, DES, IDEA, RC2,
--  * All of the low level AES, Blowfish, Camellia, CAST, DES, IDEA, RC2,
-+  * All of the low-level DH, DSA, ECDH, ECDSA and RSA public key functions
--  * All of the low level DH, DSA, ECDH, ECDSA and RSA public key functions
-+  * All of the low-level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224,
--  * All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224,
 +already operational and couldn't be successfully initialised (e.g. lack of
 -already operational and couldn't be successfully initialised (eg. lack of
-+    alternatives should be used instead: pkey, pkeyparam and genpkey.
--    alternatives should be used intead: pkey, pkeyparam and genpkey.
++also have nonblocking behaviour.
+-also have non-blocking behaviour.
 +Although low-level algorithm specific functions exist for many algorithms
 -Although low level algorithm specific functions exist for many algorithms
 +A method contains a few functions that implement the low-level of the
 -A method contains a few functions that implement the low level of the
 +and checked. However, some servers only request client authentication
 -and checked. However some servers only request client authentication
--and issue the following commands to build OpenSSL.
--and option to disable it:
++and match, both absent or present in the response only. A nonzero return
+-and match, both absent or present in the response only. A non-zero return
++and the timestamp token itself (ContentInfo), if the token generation was
+-and the time stamp token itself (ContentInfo), if the token generation was
 +an existing structure. Therefore, the following:
 -an existing structure. Therefore the following:
++a nonce value. The nonce length is given by B<15 - L> so it is 7 by default for
 +an RSA structure. However, the public key is encoded using a
 -an RSA structure. However the public key is encoded using a
++any previously specified hostname or names.  If B<name> is NULL,
+-any previously specified host name or names.  If B<name> is NULL,
 +          * anyway, e.g. the server could only possibly create 1 session
 -          * anyway, eg. the server could only possibly create 1 session
++applicable (e.g. B<X25519>) or an OpenSSL OID name (e.g. B<prime256v1>). Group
++applicable (e.g. B<X25519>) or an OpenSSL OID name (e.g. B<prime256v1>). Group
+-applicable (e.g. B<X25519>) or an OpenSSL OID name (e.g B<prime256v1>). Group
+-applicable (e.g. B<X25519>) or an OpenSSL OID name (e.g B<prime256v1>). Group
 +application), which might lead to malfunctions. Therefore, each application
 -application), which might lead to malfunctions. Therefore each application
--as an alternative to the publically known i2d and d2i functions.  It's
-+as an alternative to the publicly known i2d and d2i functions.  It's
++ASN1_TYPE_cmp() returns 0 if the types are identical and nonzero otherwise.
+-ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.
++as the return value when they differ is undefined, other than being nonzero.
+-as the return value when they differ is undefined, other than being non-zero.
++a timestamp request to the TSA and one for sending the timestamp response
++A timestamp response (TimeStampResp) consists of a response status
+-A time stamp response (TimeStampResp) consists of a response status
 +authentication, however, due to a bug only MSIE 5.0 and later support
 -authentication, however due to a bug only MSIE 5.0 and later support
++avoid the misconception that nonblocking SSL_write() behaves like
+-avoid the misconception that non-blocking SSL_write() behaves like
 +be automatically passed to the relevant BIO. However, this can cause
 -be automatically passed to the relevant BIO. However this can cause
++be interpreted primarily as a hostname or a service name in ambiguous
+-be interpreted primarily as a host name or a service name in ambiguous
 +below) and TLSv1.3. However, the RFC has this note of caution:
 +below) and TLSv1.3. However, the RFC has this note of caution:
 -below) and TLSv1.3. However the RFC has this note of caution:
 -below) and TLSv1.3. However the RFC has this note of caution:
 +be performed. However, since the chance of random data passing the test
 -be performed. However since the chance of random data passing the test
++B<FALSE>. If B<CA> is B<TRUE> then an optional B<pathlen> name followed by a
+-B<FALSE>. If B<CA> is B<TRUE> then an optional B<pathlen> name followed by an
 -BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable
 +BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt a variable
++B<hostname> on port B<port>. B<path> specifies the HTTP pathname to use
+-B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
 +B<int64_t> type. However, in many cases (for example version numbers) they
 -B<int64_t> type. However in many cases (for example version numbers) they
 +BIO_ADDR_rawmake() takes a protocol B<family>, a byte array of
 -BIO_ADDR_rawmake() takes a protocol B<family>, an byte array of
--B<q>, B<g>, and the public and and private key components.  Public keys
-+B<q>, B<g>, and the public and private key components.  Public keys
++B<name> clearing any previously specified hostname or names.  If
+-B<name> clearing any previously specified host name or names.  If
++BN_mod_add() adds I<a> to I<b> modulo I<m> and places the nonnegative
+-BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative
++BN_mod_mul() multiplies I<a> by I<b> and finds the nonnegative
+-BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative
++BN_nnmod() reduces I<a> modulo I<m> and places the nonnegative
+-BN_nnmod() reduces I<a> modulo I<m> and places the non-negative
++B<num> is too small for the pathname, an error occurs.
+-B<num> is too small for the path name, an error occurs.
++B<r> (C<r=a*2^n>). Note that B<n> must be nonnegative. BN_lshift1() shifts
+-B<r> (C<r=a*2^n>). Note that B<n> must be non-negative. BN_lshift1() shifts
++B<r> (C<r=a/2^n>). Note that B<n> must be nonnegative. BN_rshift1() shifts
+-B<r> (C<r=a/2^n>). Note that B<n> must be non-negative. BN_rshift1() shifts
+-B<to>. The result is padded with zeroes if necessary. If B<tolen> is less than
++B<to>. The result is padded with zeros if necessary. If B<tolen> is less than
++B<where> is a bit mask made up of the following bits:
+-B<where> is a bitmask made up of the following bits:
 +by the OpenSSL high-level public key API. Contexts B<MUST NOT> be shared between
 -by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
--callback multipe times (one for each capability). Capabilities can be useful for
-+callback multiple times (one for each capability). Capabilities can be useful for
 +callback. The callback is called during most high-level BIO operations. It can
 -callback. The callback is called during most high level BIO operations. It can
-+Capabilities describe some of the services that a provider can offer.
--Capabilties describe some of the services that a provider can offer.
++can be used to make sure the buffers are preallocated. This can be used to
+-can be used to make sure the buffers are pre-allocated. This can be used to
++(CBC) mode of DES.  If the I<encrypt> argument is nonzero, the
+-(CBC) mode of DES.  If the I<encrypt> argument is non-zero, the
++certificate matches a given hostname, email address, or IP address.
+-certificate matches a given host name, email address, or IP address.
 -character in big endian format, and for an UTF8String it will be in UTF8 format.
 +character in big endian format, and for a UTF8String it will be in UTF8 format.
++checks are not performed on the peer certificate.  When a nonempty
+-checks are not performed on the peer certificate.  When a non-empty
 +cleanly supported at the low-level and some operations are more efficient
 -cleanly supported at the low level and some operations are more efficient
++ command line arguments that look like filenames get translated from
+- command line arguments that look like file names get translated from
++connection, it behaves nonblocking and will return as soon as the write
+-connection, it behaves non-blocking and will return as soon as the write
++Create a timestamp request, write it to file3.tsq, send it to the server and
+-Create a time stamp request, write it to file3.tsq, send it to the server and
++create strings with the hostname and service name and give those
+-create strings with the host name and service name and give those
++creating a timestamp request based on a data file,
+-creating a time stamp request based on a data file,
++creating a timestamp response based on a request, verifying if a
+-creating a time stamp response based on a request, verifying if a
++CRYPTO_memcmp() returns 0 if the memory regions are equal and nonzero
+-CRYPTO_memcmp() returns 0 if the memory regions are equal and non-zero
 +default implementation for a given task, e.g. by ENGINE_get_default_RSA(),
 -default implementation for a given task, eg. by ENGINE_get_default_RSA(),
--Disables the KM-XTS-AES and and the KIMD-SHAKE function codes:
-+Disables the KM-XTS-AES and the KIMD-SHAKE function codes:
++description "pass phrase" and the filename "foo.key", that becomes
+-description "pass phrase" and the file name "foo.key", that becomes
++descriptors but will still populate B<*numfds>. Therefore, application code is
+-descriptors but will still populate B<*numfds>. Therefore application code is
++descriptors. Conversely, a nonzero argument enables the retention of
+-descriptors. Conversely, a non-zero argument enables the retention of
++DES_set_key_checked() if the I<DES_check_key> flag is nonzero,
+-DES_set_key_checked() if the I<DES_check_key> flag is non-zero,
++DH_set_method() returns nonzero if the provided B<meth> was successfully set as
+-DH_set_method() returns non-zero if the provided B<meth> was successfully set as
++do not print out the timezone: it either prints out "GMT" or nothing. But all
+-do not print out the time zone: it either prints out "GMT" or nothing. But all
++DSA_set_method() returns nonzero if the provided B<meth> was successfully set as
+-DSA_set_method() returns non-zero if the provided B<meth> was successfully set as
++early data setting for a server is nonzero then replay protection is
+-early data setting for a server is non-zero then replay protection is
 +ECDSA_do_sign_ex - low-level elliptic curve digital signature algorithm (ECDSA)
 -ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA)
 +(e.g. B<prime256v1>). Curve names are case sensitive.
 -(e.g B<prime256v1>). Curve names are case sensitive.
-+(e.g. B<prime256v1>). Group names are case sensitive. The list should be
--(e.g B<prime256v1>). Group names are case sensitive. The list should be
-+(e.g. B<prime256v1>). Group names are case sensitive. The list should be in
--(e.g B<prime256v1>). Group names are case sensitive. The list should be in
 +(e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore, extreme caution
 -(e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution
++ emulated filesystem name space with POSIX-y root, mount points, /dev
+- emulated file system name space with POSIX-y root, mount points, /dev
++encodings and nonzero otherwise.
+-encodings and non-zero otherwise.
 +ENGINE, i.e. the ENGINE's ctrl() handler is not used for the control command.
 -ENGINE, ie. the ENGINE's ctrl() handler is not used for the control command.
--EVP_RAND_STATE_UNINITIALISED: this DRBG is currently uninitalised.
-+EVP_RAND_STATE_UNINITIALISED: this DRBG is currently uninitialised.
--EVP_RAND_strength() returns the strenght of the random number generator in bits.
-+EVP_RAND_strength() returns the strength of the random number generator in bits.
-+  * Experimental macOS support
--  * Experimental MacOS support
-+Feature options always come in pairs, an option to enable feature
--Feature options always come in pairs, an option to enable feature `xxxx`, and
-+for more information about implicit fetches.
-+for more information about implicit fetches.
-+for more information about implicit fetches.
--for more information about implict fetches.
--for more information about implict fetches.
--for more information about implict fetches.
-+For more information about the callback data see the NOTES section.
--For more information about the the callback data see the NOTES section.
--form, this key is commonly refered to as the "origin".
-+form, this key is commonly referred to as the "origin".
++enter cacert.pem when prompted for the CA filename.
+-enter cacert.pem when prompted for the CA file name.
++example) be because of nonblocking IO, or some invalid message having been
+-example) be because of non-blocking IO, or some invalid message having been
+-Files are loaded in a single pass. This means that an variable expansion
++Files are loaded in a single pass. This means that a variable expansion
++Finally, OPENSSL_INIT_set_file_flags can be used to specify nondefault flags.
+-Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags.
++For both blocking or nonblocking sockets, the details state information
+-For both blocking or non-blocking sockets, the details state information
++for nonblocking BIOs. Call SSL_get_error() with the return value B<ret>
++for nonblocking BIOs. Call SSL_get_error() with the return value B<ret>
++for nonblocking BIOs. Call SSL_get_error() with the return value B<ret>
+-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
+-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
+-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
 +for testing any SSL/TLS code (e.g. proxies) that wish to deal with multiple
 -for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
--for the B<wbio>.
++Function and reason codes should consist of uppercase characters,
+-Function and reason codes should consist of upper case characters,
++Get a timestamp response for file1.tsq and file2.tsq over HTTP showing
+-Get a time stamp response for file1.tsq and file2.tsq over HTTP showing
++Get a timestamp response for file1.tsq over HTTP, output is written to
+-Get a time stamp response for file1.tsq over HTTP, output is written to
++Get a timestamp response for file1.tsq over HTTPS with certificate-based
+-Get a time stamp response for file1.tsq over HTTPS with certificate-based
++Get a timestamp response for file1.tsq over HTTPS without client
+-Get a time stamp response for file1.tsq over HTTPS without client
 +handshake. Therefore, just because one ticket is unacceptable it does not mean
 -handshake. Therefore just because one ticket is unacceptable it does not mean
+-HMAC_CTX_reset() zeroes an existing B<HMAC_CTX> and associated
++HMAC_CTX_reset() zeros an existing B<HMAC_CTX> and associated
 +However, a verification callback is B<not> essential and the default operation
 -However a verification callback is B<not> essential and the default operation
 +However, if the call was an SSL_write() or SSL_write_ex(), it should be called
 -However if the call was an SSL_write() or SSL_write_ex(), it should be called
-+However, in most cases OpenSSL will choose a suitable default method,
--However in most cases OpenSSL will choose a suitable default method,
-+   However, in this context it is only used for building OpenSSL.
--   However in this context it is only used for building OpenSSL.
 +However, the handshake will continue and send a warning alert instead. The value
 -However the handshake will continue and send a warning alert instead. The value
 +However, very few applications currently support the control interface and so
@@ -124,78 +204,162 @@
 -IDs (eg. with a certain prefix).
 +ids. However, OpenSSL allows two modes of ticket operation in TLSv1.3: stateful
 -ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful
-+(i.e. the prime bit size) or NULL if the arguments are not valid SRP group parameters.
--(ie. the prime bit size) or NULL if the arguments are not valid SRP group parameters.
++If both B<*pday> and B<*psec> are nonzero they will always have the same
+-If both B<*pday> and B<*psec> are non-zero they will always have the same
++If B<verify> is nonzero, the password will be verified as well.
+-If B<verify> is non-zero, the password will be verified as well.
 +If TCP is being used then there is no need to use SSL_stateless(). However, some
 -If TCP is being used then there is no need to use SSL_stateless(). However some
--If this fixes a github issue, make sure to have a line saying 'Fixes #XXXX' (without quotes) in the commit message.
-+If this fixes a GitHub issue, make sure to have a line saying 'Fixes #XXXX' (without quotes) in the commit message.
++If the I<encrypt> argument is nonzero (DES_ENCRYPT), the I<input>
+-If the I<encrypt> argument is non-zero (DES_ENCRYPT), the I<input>
++If the port name is supplied as part of the hostname then this will
+-If the port name is supplied as part of the host name then this will
++If the underlying accept socket is nonblocking and BIO_do_accept() is
+-If the underlying accept socket is non-blocking and BIO_do_accept() is
++If the underlying BIO is B<nonblocking>, a read function will also return when
+-If the underlying BIO is B<non-blocking>, a read function will also return when
++If the underlying BIO is B<nonblocking>, SSL_accept() will also return
+-If the underlying BIO is B<non-blocking>, SSL_accept() will also return
++If the underlying BIO is B<nonblocking>, SSL_connect() will also return
+-If the underlying BIO is B<non-blocking>, SSL_connect() will also return
++If the underlying BIO is B<nonblocking>, SSL_do_handshake() will also return
+-If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
++If the underlying BIO is B<nonblocking>, SSL_shutdown() will also return
+-If the underlying BIO is B<non-blocking>, SSL_shutdown() will also return
++If the underlying BIO is B<nonblocking> the write functions will also return
+-If the underlying BIO is B<non-blocking> the write functions will also return
 +implementations (e.g. from an ENGINE module that supports embedded
 -implementations (eg. from an ENGINE module that supports embedded
++In a nonblocking environment applications must be prepared to handle
+-In a non-blocking environment applications must be prepared to handle
 +indexed in the hash table (i.e. it is returned as "const" from
 -indexed in the hash table (ie. it is returned as "const" from
 +information. Therefore, appropriate security precautions should be taken if
 -information. Therefore appropriate security precautions should be taken if
--is consumed
++inherit the behaviour of B<fd>. If B<fd> is nonblocking, the B<ssl> will
+-inherit the behaviour of B<fd>. If B<fd> is non-blocking, the B<ssl> will
++instance of L<openssl(1)> is trying to create a timestamp
+-instance of L<openssl(1)> is trying to create a time stamp
++into lowercase and underscores changed to spaces.
+-into lower case and underscores changed to spaces.
 +is included, commonly as one of the first included headers. Therefore,
 +is included, commonly as one of the first included headers. Therefore,
 +is included, commonly as one of the first included headers. Therefore,
 -is included, commonly as one of the first included headers. Therefore
 -is included, commonly as one of the first included headers. Therefore
 -is included, commonly as one of the first included headers. Therefore
-+issue the following commands to build OpenSSL.
--It can contain the legacy form of keys -- i.e. pointers to the low
-+It can contain the legacy form of keys -- i.e. pointers to the low-level key types, such as B<RSA>, B<DSA> and B<EC> --, but also the
++It can occur if an action is needed to continue the operation for nonblocking
+-It can occur if an action is needed to continue the operation for non-blocking
 -=item -1 an error condition has occured
 -=item -1 an error condition has occured
 +=item -1 an error condition has occurred
 +=item -1 an error condition has occurred
 +keys produced and therefore, it can be assumed that the PKCS#5 v2.0
 -keys produced and Therefore it can be assumed that the PKCS#5 v2.0
-+length for the chosen cipher or an error is returned. Moreover, the
--length for the chosen cipher or an error is returned. Moreover the
--level key types, such as B<RSA>, B<DSA> and B<EC> --, but also the
--L<Text::Temlate|https://metacpan.org/pod/Text::Template>
-+L<Text::Template|https://metacpan.org/pod/Text::Template>
++last timestamp response created. This number is incremented by 1 for
+-last time stamp response created. This number is incremented by 1 for
++length parameter associated with this DH object. If the length is nonzero then
+-length parameter associated with this DH object. If the length is non-zero then
++lingual environment, encode filenames in UTF-8.
+-lingual environment, encode file names in UTF-8.
++List of files containing B<RFC 3161> DER-encoded timestamp requests. If no
+-List of files containing B<RFC 3161> DER-encoded time stamp requests. If no
++list will only contain one file descriptor. However, if multiple asynchronous
+-list will only contain one file descriptor. However if multiple asynchronous
++looks for a non-critical extension a nonzero value looks for a critical
+-looks for a non-critical extension a non-zero value looks for a critical
++many input bytes as possible (for nonblocking reads) or not. For example if
+-many input bytes as possible (for non-blocking reads) or not. For example if
 +many references being held.  Therefore, applications should
 -many references being held.  Therefore applications should
-+more information about implicit fetches.
-+more information about implicit fetches.
-+more information about implicit fetches.
--more information about implict fetches.
--more information about implict fetches.
--more information about implict fetches.
++means standard output. In case of multiple timestamp requests or the absence
+-means standard output. In case of multiple time stamp requests or the absence
+-Name (SAN) or Subject CommonName (CN) matches the specified host
++Name (SAN) or Subject CommonName (CN) matches the specified hostname, 
+-name, which must be encoded in the preferred name syntax described
 + NDK. It's available for Linux, macOS and Windows, but only Linux
 - NDK. It's available for Linux, Mac OS X and Windows, but only Linux
-+  * New 'rsautl' application, low-level RSA utility.
--  * New 'rsautl' application, low level RSA utility.
-+obtain administrative privileges depends on the operating system.
--obtain administrative privileges depends on the operating sytem.
++needed, for example when some nondefault initialisation is required. The
++needed, for example when some nondefault initialisation is required. The
+-needed, for example when some non-default initialisation is required. The
+-needed, for example when some non-default initialisation is required. The
++ - Netwide Assembler, aka NASM, available from https://www.nasm.us,
+- - Netwide Assembler, a.k.a. NASM, available from https://www.nasm.us,
++nonblocking I/O. Error conditions are not handled and must be treated
+-non-blocking I/O. Error conditions are not handled and must be treated
++nonblocking socket, nothing is to be done, but select() can be used to check
+-non-blocking socket, nothing is to be done, but select() can be used to check
++nonblocking then the B<ssl> object will also have nonblocking behaviour. This
+-non-blocking then the B<ssl> object will also have non-blocking behaviour. This
++nonblocking write().
+-non-blocking write().
+-nonce value. The nonce length is given by B<15 - L> so it is 7 by default for
++nondefault application name.
+-non-default application name.
++nondefault filename, which is copied and need not refer to persistent storage.
+-non-default filename, which is copied and need not refer to persistent storage.
++nonempty, 8-bit length-prefixed, byte strings. The length-prefix byte is not
+-non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not
++ noninteractive service applications might feel concerned about
+- non-interactive service applications might feel concerned about
++nonnegative integer representing where in the certificate chain the error
+-non-negative integer representing where in the certificate chain the error
++nonnegative result in I<r>.
+-non-negative result in I<r>.
++nonnegative value can be included.
+-non-negative value can be included.
++nonnegative value indicates the chain depth at which the TLSA record matched a
+-non-negative value indicates the chain depth at which the TLSA record matched a
++nonzero if yes it will expire or zero if not.
+-non-zero if yes it will expire or zero if not.
++nonzero otherwise.
+-non-zero otherwise.
++No support for timestamps over SMTP, though it is quite easy
+-No support for time stamps over SMTP, though it is quite easy
++    Note: on VMS, you must quote any argument that contains uppercase
+-    Note: on VMS, you must quote any argument that contains upper case
++Note that I<a> must be nonnegative and smaller than the modulus.
+-Note that I<a> must be non-negative and smaller than the modulus.
++Note: these functions provide a low-level interface to ECDSA. Most
+-Note: these functions provide a low level interface to ECDSA. Most
++objects from a repository of any kind, addressable as a filename or
+-objects from a repository of any kind, addressable as a file name or
 +occurrences is an error. Therefore, the B<idx> parameter is usually B<NULL>.
 -occurrences is an error. Therefore the B<idx> parameter is usually B<NULL>.
-+of auditing may be required. Therefore, the logging facility supports a severity
--of auditing may be required. Therefore the logging facility supports a severity
++OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and nonzero
+-OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero
++OCSP_sendreq_bio() does not support retries and so cannot handle nonblocking
+-OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking
++OCSP_sendreq_nbio() performs nonblocking I/O on the OCSP request context
+-OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context
++OCSP_single_get0_status(). If B<sec> is nonzero it indicates how many seconds
+-OCSP_single_get0_status(). If B<sec> is non-zero it indicates how many seconds
++of a timestamp response (TimeStampResp). (Optional)
++of a timestamp response (TimeStampResp). (Optional)
+-of a time stamp response (TimeStampResp). (Optional)
+-of a time stamp response (TimeStampResp). (Optional)
 +one of the first included headers. Therefore, it is defined as an
 -one of the first included headers. Therefore it is defined as an
--                   Only install the OpenSSL html documentation.
-+                   Only install the OpenSSL HTML documentation.
-+on success, or 0 on failure. An error is placed on the error stack if a
--on success, or 0 on failure. An error is placed on the the error stack if a
-+or for any other reason want to minimize the data
--or for any other reason want to to minimize the data
--OSSL_PARAM_construct_octet_ptr() is a function that constructes an OCTET string
-+OSSL_PARAM_construct_octet_ptr() is a function that constructs an OCTET string
--OSSL_PARAM_construct_utf8_ptr() is a function that constructes a UTF string
-+OSSL_PARAM_construct_utf8_ptr() is a function that constructs a UTF string
--other then one reference is consumed for the B<rbio> and one reference
-+Otherwise, the value should be a hex string to output directly, however, this
--Otherwise, the value should be a hex string to output directly, however this
++on error or when IO might otherwise block and nonblocking is being used.
+-on error or when IO might otherwise block and non-blocking is being used.
++on the 16-bit DOS platform). This should be sufficient for usual certificate
+-on the 16bit DOS platform). This should be sufficient for usual certificate
++operation from a nonblocking B<BIO>.
+-operation from a non-blocking B<BIO>.
++otherwise it is a timestamp token (ContentInfo).
+-otherwise it is a time stamp token (ContentInfo).
 +ownership of one reference. Therefore, it may be necessary to increment the
 -ownership of one reference. Therefore it may be necessary to increment the
++particular when the source/sink is nonblocking or of a certain type
+-particular when the source/sink is non-blocking or of a certain type
 +passed to an ENGINE B<before> attempting to initialise it, i.e. before
 -passed to an ENGINE B<before> attempting to initialise it, ie. before
--pointer to the associated value is is passed as the second argument.
-+pointer to the associated value is passed as the second argument.
++ [pid]:error:[error code]:[library name]:[function name]:[reason string]:[filename]:[line]:[optional text message]
+- [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
++preallocated B<BN_CTX> (to save the overhead of allocating and
+-pre-allocated B<BN_CTX> (to save the overhead of allocating and
++preallocated B<EVP_PKEY_CTX> should be assigned to the B<EVP_MD_CTX>. This is
+-pre-allocated B<EVP_PKEY_CTX> should be assigned to the B<EVP_MD_CTX>. This is
 +preference to the low-level interfaces. This is because the code then becomes
 +preference to the low-level interfaces. This is because the code then becomes
 +preference to the low-level interfaces. This is because the code then becomes
@@ -208,47 +372,124 @@
 -preference to the low level interfaces. This is because the code then becomes
 -preference to the low level interfaces. This is because the code then becomes
 -preference to the low level interfaces. This is because the code then becomes
-+reference is consumed for the B<wbio>.
-+representation. This function is used for B<X509v3> extensions.
--representation. This function is used for B<X509v3> extentions.
+-RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function
++RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of the derivation function
++random blinding factor. B<ctx> is B<NULL> or a preallocated and
+-random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
++relax the semantics of the function - if set nonzero it will only return
+-relax the semantics of the function - if set non-zero it will only return
 +request DN, however, it is good policy just having the e-mail set into
 -request DN, however it is good policy just having the e-mail set into
 +required. However, clients may have tickets containing the previously configured
 -required. However clients may have tickets containing the previously configured
++response or timestamp token based on a request and printing the
+-response or time stamp token based on a request and printing the
 +return any SCTP based addresses when calling getaddrinfo(). Therefore, if an SCTP
 -return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP
-+return no file descriptors but will still populate I<*numfds>. Therefore,
--return no file descriptors but will still populate I<*numfds>. Therefore
++return nonzero to indicate that the ENGINE is now operational and will
+-return non-zero to indicate that the ENGINE is now operational and will
++return value is nonzero. Technically if both parameters are NULL the two
+-return value is non-zero. Technically if both parameters are NULL the two
 +RSA_private_encrypt, RSA_public_decrypt - low-level signature operations
 -RSA_private_encrypt, RSA_public_decrypt - low level signature operations
+-seconds, that  need to be included in the time field. The trailing zeroes
++seconds, that  need to be included in the time field. The trailing zeros
++server is configured with a nonzero max early data value. With replay
+-server is configured with a non-zero max early data value. With replay
++server. The timestamp response will be written to the given output file. '-'
+-server. The time stamp response will be written to the given output file. '-'
 +session lookups in the external cache (i.e. for session-resume requests) would
 -session lookups in the external cache (ie. for session-resume requests) would
-+Sets the CCM nonce (IV) length. This call can only be made before specifying a 
++Sets the CCM nonce (IV) length. This call can only be made before specifying 
 -Sets the CCM nonce (IV) length. This call can only be made before specifying an
-+ Special notes for Universal Windows Platform builds, aka VC-*-UWP
-- Special notes for Universal Windows Platform builds, a.k.a. VC-*-UWP
++Sets the socket to nonblocking mode.
+-Sets the socket to non-blocking mode.
++Setting B<SSL_MODE_AUTO_RETRY> for a nonblocking B<BIO> will process
+-Setting B<SSL_MODE_AUTO_RETRY> for a non-blocking B<BIO> will process
++signs them and sends the timestamp token back to the client. By
+-signs them and sends the time stamp token back to the client. By
++specified in B<RFC 3161>, to a timestamp server over HTTP or HTTPS and storing
+-specified in B<RFC 3161>, to a time stamp server over HTTP or HTTPS and storing
++specified the output is always a timestamp response (TimeStampResp),
+-specified the output is always a time stamp response (TimeStampResp),
++Specifies a previously created timestamp response or timestamp token
+-Specifies a previously created time stamp response or time stamp token
++SSL_clear_mode() removes the mode set via bit mask in B<mode> from B<ssl>.
+-SSL_clear_mode() removes the mode set via bitmask in B<mode> from B<ssl>.
++SSL_clear_options() clears the options set via bit mask in B<options> to B<ssl>.
+-SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
++SSL_CTX_clear_mode() removes the mode set via bit mask in B<mode> from B<ctx>.
+-SSL_CTX_clear_mode() removes the mode set via bitmask in B<mode> from B<ctx>.
++SSL_CTX_clear_options() and SSL_clear_options() return the new options bit mask
+-SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
++SSL_CTX_clear_options() clears the options set via bit mask in B<options>
+-SSL_CTX_clear_options() clears the options set via bitmask in B<options>
++SSL_CTX_get_mode() and SSL_get_mode() return the current bit mask.
+-SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.
++SSL_CTX_get_options() and SSL_get_options() return the current bit mask.
+-SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
++SSL_CTX_set_mode() adds the mode set via bit mask in B<mode> to B<ctx>.
+-SSL_CTX_set_mode() adds the mode set via bitmask in B<mode> to B<ctx>.
++SSL_CTX_set_mode() and SSL_set_mode() return the new mode bit mask
+-SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask
++SSL_CTX_set_options() adds the options set via bit mask in B<options> to B<ctx>.
+-SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
++SSL_CTX_set_options() and SSL_set_options() return the new options bit mask
+-SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
 + SSL_operations(); /* e.g. SSL_read and SSL_write */
 - SSL_operations(); /* e.g SSL_read and SSL_write */
++SSL_set_mode() adds the mode set via bit mask in B<mode> to B<ssl>.
+-SSL_set_mode() adds the mode set via bitmask in B<mode> to B<ssl>.
++SSL_set_options() adds the options set via bit mask in B<options> to B<ssl>.
+-SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
+-stamp request to the TSA and one for sending the time stamp response
+-stamp token is valid and matches a particular time stamp request or
 +successfully initialise - i.e. to assume that this corresponds to
 -successfully initialise - ie. to assume that this corresponds to
++successful. The B<-reply> command is for creating a timestamp
+-successful. The B<-reply> command is for creating a time stamp
 +supports certain specific commands it might want to use (e.g. application "foo"
 -supports certain specific commands it might want to use (eg. application "foo"
++Tests nonblocking I/O
+-Tests non-blocking I/O
 +than the current time. However, since the signing time is supplied by the
 +than the current time. However, since the signing time is supplied by the
 -than the current time. However since the signing time is supplied by the
 -than the current time. However since the signing time is supplied by the
--That is, the B<NUL> character and and of C<()*>.
-+That is, the B<NUL> character and of C<()*>.
++that parameter. EVP_PKEY_CTX_gen_keygen_info() with a nonnegative value for
+-that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
++that the input is a DER encoded timestamp token (ContentInfo) instead
++that the input is a DER encoded timestamp token (ContentInfo) instead
+-that the input is a DER encoded time stamp token (ContentInfo) instead
+-that the input is a DER encoded time stamp token (ContentInfo) instead
++The action depends on the underlying BIO. When using a nonblocking socket,
++The action depends on the underlying BIO. When using a nonblocking socket,
++The action depends on the underlying BIO. When using a nonblocking socket,
++The action depends on the underlying BIO. When using a nonblocking socket,
+-The action depends on the underlying BIO. When using a non-blocking socket,
+-The action depends on the underlying BIO. When using a non-blocking socket,
+-The action depends on the underlying BIO. When using a non-blocking socket,
+-The action depends on the underlying BIO. When using a non-blocking socket,
 +The B<cleanup_entropy>() callback is called from the B<drbg> to clear and
 -The B<cleanup_entropy>() callback is called from the B<drbg> to to clear and
 +The B<EVP_PKEY>I<XXX> functions provide a high-level interface to
 -The B<EVP_PKEY>I<XXX> functions provide a high level interface to
-+the B<I<TYPE>> part of B<PEM_write_bio_I<TYPE>> functions as well
--the B<I<TYPE>> part of of B<PEM_write_bio_I<TYPE>> functions as well
++The B<flags> argument is a bit mask of the features to enable or disable.
+-The B<flags> argument is a bitmask of the features to enable or disable.
++The B<pkeyutl> command can be used to perform low-level public key operations
+-The B<pkeyutl> command can be used to perform low level public key operations
++The B<-query> switch can be used for creating and printing a timestamp
+-The B<-query> switch can be used for creating and printing a time stamp
++The B<tsget> command can be used for sending a timestamp request, as
+-The B<tsget> command can be used for sending a time stamp request, as
++The B<-verify> command is for verifying if a timestamp response or 
+-The B<-verify> command is for verifying if a time stamp response or time
 +The context can then be reused with a new call to X509_STORE_CTX_init().
 -The context can then be reused with an new call to X509_STORE_CTX_init().
-+The default value used if this is not set is the maximum value of
--The default valure used if this is not set is the maximum value of
++The data file for which the timestamp request needs to be
+-The data file for which the time stamp request needs to be
+-The encoded data is in binary form and may contain embedded zeroes.
++The encoded data is in binary form and may contain embedded zeros.
 +The EVP cipher routines are a high-level interface to certain
 -The EVP cipher routines are a high level interface to certain
 +The EVP digest routines are a high-level interface to message digests,
@@ -259,10 +500,6 @@
 +The EVP envelope routines are a high-level interface to envelope
 -The EVP envelope routines are a high level interface to envelope
 -The EVP envelope routines are a high level interface to envelope
-+The EVP KDF routines are a high-level interface to Key Derivation Function
--The EVP KDF routines are a high level interface to Key Derivation Function
-+The EVP RAND routines are a high-level interface to random number generators
--The EVP RAND routines are a high level interface to random number generators
 +The EVP signature routines are a high-level interface to digital
 -The EVP signature routines are a high level interface to digital
 +The EVP signature routines are a high-level interface to digital signatures.
@@ -271,72 +508,137 @@
 -The EVP signature routines are a high level interface to digital signatures.
 +The EVP signature verification routines are a high-level interface to digital
 -The EVP signature verification routines are a high level interface to digital
-+the list will only contain one file descriptor. However, if multiple asynchronous
--the list will only contain one file descriptor. However if multiple asynchronous
++the input is a token and the output is a timestamp response a default
+-the input is a token and the output is a time stamp response a default
++The name of the file containing a DER encoded timestamp request. (Optional)
+-The name of the file containing a DER encoded time stamp request. (Optional)
++The options are coded as bit masks and can be combined by a bitwise B<or>
+-The options are coded as bitmasks and can be combined by a bitwise B<or>
++The original timestamp request in DER format. The B<-data> and B<-digest>
+-The original time stamp request in DER format. The B<-data> and B<-digest>
++The output is a timestamp token (ContentInfo) instead of timestamp
+-The output is a time stamp token (ContentInfo) instead of time stamp
 +Therefore, any FILE pointers or BIOs should be opened in binary mode.
 -Therefore any FILE pointers or BIOs should be opened in binary mode.
 +Therefore, data that was not retrieved at the last read call can still be
 -Therefore data that was not retrieved at the last read call can still be
-+Therefore, the client offers the possibility to read
--Therefore the client offers the possibility to read
-+Therefore, the function should return 1 on success and 0 on failure.
--Therefore the function should return 1 on success and 0 on failure.
++Therefore, in order to perform nondefault initialisation,
++Therefore, in order to perform nondefault initialisation,
+-Therefore, in order to perform non-default initialisation,
+-Therefore, in order to perform non-default initialisation,
 +Therefore, there will either be three or five bits set dependent on whether the
 -Therefore there will either be three or five bits set dependent on whether the
-+Therefore, these credentials are easily recovered by anyone able to sniff/trace
--Therefore these credentials are easily recovered by anyone able to sniff/trace
++There is one DER encoded protocol data unit defined for transporting 
+-There is one DER encoded protocol data unit defined for transporting a time
 +there will only ever be two possible values for y. Therefore, a point can be set
 -there will only ever be two possible values for y. Therefore a point can be set
 +these functions do not perform a digest of the data to be signed. Therefore,
 -these functions do not perform a digest of the data to be signed. Therefore
 +These functions handle RSA signatures at a low-level.
 -These functions handle RSA signatures at a low level.
-+These functions use an B<EVP_PKEY_CTX> context, which should primarily
--These functions use an B<EVP_PKEY_CTX> context, which should primarly
-+this by default.  However, if on a platform where this is not the case then this
--this by default.  However if on a platform where this is not the case then this
-+This command can be used to perform low-level public key
--This command can be used to perform low level public key
--to each
-+to each other, then one reference is consumed for the B<rbio> and one 
++The shutdown state of an ssl connection is a bit mask of:
+-The shutdown state of an ssl connection is a bitmask of:
++the timestamp response in a file. This tool cannot be used for creating the
+-the time stamp response in a file. This tool cannot be used for creating the
++The timestamp response that needs to be verified in DER format. (Mandatory)
+-The time stamp response that needs to be verified in DER format. (Mandatory)
++The tool sends the following HTTP request for each timestamp request:
+-The tool sends the following HTTP request for each time stamp request:
++The TSA client receives the timestamp token and verifies the
+-The TSA client receives the time stamp token and verifies the
++The URL of the HTTP/HTTPS server listening for timestamp requests.
+-The URL of the HTTP/HTTPS server listening for time stamp requests.
++The value is a filename.
+-The value is a file name.
++they are identical and nonzero otherwise.
+-they are identical and non-zero otherwise.
++This option specifies a previously created timestamp request in DER
+-This option specifies a previously created time stamp request in DER
++timestamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
+-time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
++timestamp token. Either the dotted OID notation or OID names defined
+-time stamp token. Either the dotted OID notation or OID names defined
++timestamp token is valid and matches a particular timestamp request or
++To add 'granted' status info to a timestamp token thereby creating a
+-To add 'granted' status info to a time stamp token thereby creating a
++to a nonblocking B<BIO> and it was unable to sent all data to the B<BIO>.
+-to a non-blocking B<BIO> and it was unable to sent all data to the B<BIO>.
++To create a similar timestamp request with specifying the message imprint
+-To create a similar time stamp request with specifying the message imprint
++To create a timestamp request for design1.txt with SHA-1
+-To create a time stamp request for design1.txt with SHA-1
++To create a timestamp request which includes the MD-5 digest
+-To create a time stamp request which includes the MD-5 digest
++To create a timestamp response for a request:
+-To create a time stamp response for a request:
++To create a timestamp token instead of timestamp response:
+-To create a time stamp token instead of time stamp response:
++To extract the timestamp token from a response:
+-To extract the time stamp token from a response:
++token or you want to extract the timestamp token from a response. If
+-token or you want to extract the time stamp token from a response. If
++To print a timestamp reply to stdout in human readable format:
+-To print a time stamp reply to stdout in human readable format:
++To print a timestamp token to stdout in human readable format:
+-To print a time stamp token to stdout in human readable format:
++To verify a timestamp reply against a request:
+-To verify a time stamp reply against a request:
++To verify a timestamp reply that includes the certificate chain:
+-To verify a time stamp reply that includes the certificate chain:
++To verify a timestamp token against a message imprint:
+-To verify a time stamp token against a message imprint:
++To verify a timestamp token against the original data file:
+-To verify a time stamp token against the original data file:
 +treated as handles - i.e. not only as pointers, but also as references to
 -treated as handles - ie. not only as pointers, but also as references to
++Turns on nonblocking I/O
+-Turns on non-blocking I/O
 +types could be absent OPTIONAL fields and so should match, however, passing
 -types could be absent OPTIONAL fields and so should match, however passing
-+unique integer NID value. However, support for some groups may be added by
--unique integer NID value. However support for some groups may be added by
 +using the high-level interface.
 -using the high level interface.
++value under BER can have any nonzero encoding but ASN1_TYPE_cmp() will
+-value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will
++value will be used as the seed filename.
+-value will be used as the seed file name.
++verification, therefore, this description applies to these verify operations
+-verification, therefore this description applies to these verify operations
 +versions of new algorithms cannot be accessed using the low-level functions.
 -versions of new algorithms cannot be accessed using the low level functions.
 + version was actually tested. There is no reason to believe that macOS
 - version was actually tested. There is no reason to believe that Mac OS X
 +viewed and checked. However, some servers only request client authentication
 -viewed and checked. However some servers only request client authentication
-+ Visual C++ native builds, aka VC-*
-- Visual C++ native builds, a.k.a. VC-*
++ Visual C++ builds, aka VC-*
+- Visual C++ builds, a.k.a. VC-*
 + We have only tested with DEC C (aka HP VMS C / VSI C) and require
 - We have only tested with DEC C (a.k.a HP VMS C / VSI C) and require
 +When a default ENGINE is requested for a given abstraction/algorithm/mode, (e.g.
 -When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg.
 +When the B<BIO> is writable again, the same function can be called again.
 -When the B<BIO> is writeable again, the same function can be called again.
++When the return value is nonnegative, the storage pointed to by the B<usage>,
+-When the return value is non-negative, the storage pointed to by the B<usage>,
++When using a nonblocking socket, nothing is to be done, but select() can be
+-When using a non-blocking socket, nothing is to be done, but select() can be
++When using nonblocking sockets, the function call performing the handshake
+-When using non-blocking sockets, the function call performing the handshake
++whether initialisation has been completed for this BIO or not. A nonzero value
+-whether initialisation has been completed for this BIO or not. A non-zero value
++which must be encoded in the preferred name syntax described
 +will ignore them. Therefore, it is possible for no more bytes to be readable from
 -will ignore them. Therefore it is possible for no more bytes to be readable from
 +with a dot (e.g. ".example.com"), it will be matched by a certificate
 -with a dot (e.g ".example.com"), it will be matched by a certificate
--With the DER library, this is the correspoding code, given two OpenSSL
-+With the DER library, this is the corresponding code, given two OpenSSL
-+    won't resume sessions. Fixed in 1.0.0n-dev
--    wont resume sessions. Fixed in 1.0.0n-dev
++with a filename of the form I<hash>.I<N> for a certificate, or
+-with a file name of the form I<hash>.I<N> for a certificate, or
 +work with certain DSA_METHOD implementations (e.g. from an ENGINE module
 -work with certain DSA_METHOD implementations (eg. from an ENGINE module
 +work with certain RSA_METHOD implementations (e.g. from an ENGINE module
 -work with certain RSA_METHOD implementations (eg. from an ENGINE module
--"x448" repsectively for those algorithms. This is only present for consistency
-+"x448" respectively for those algorithms. This is only present for consistency
 -X509_STORE_CTX_get0_chain() returns a the internal pointer used by the
 +X509_STORE_CTX_get0_chain() returns the internal pointer used by the
-+X509_STORE_CTX_new() returns a newly allocates context or B<NULL> is an
++X509_STORE_CTX_get_error_depth() returns a nonnegative error depth.
+-X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
++X509_STORE_CTX_new() returns a newly allocated context or B<NULL> if an
 -X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
-+`xxxx`, and an option to disable it:

gustafn · 2020-07-15T19:18:03Z

Some of these replacements seem ok, they preexisted on master (like time stamp -> timestamp), but others, most notably the changes non-blocking -> nonblocking and non-negative -> nonnegative appear to be new.

As indicated in the commit message, i have additionally introduced changes are due to the conventions of the Linux man page project [1]. The change non-blocking -> nonblocking is explicitly mentioned in the section "Hyphenation with multi, non, pre, re, sub, and so on". I was just restricting the changes to the one explicitly mentioned. One more of frequent change was from zeroes -> zeros.

I am in not way religious on these topics. I had the impression that OpenSSL is trying to follow the rules of the Linux man project. If you prefer some of the rules left out, just let me know, and i will undo it. It would certainly make sense to document the agreed on rule set somewhere (maybe in "find-doc-nits").

it seems like you made the corrections in the doc directory only, but there are also some misspellings in source code comments.

Of course, there are many. I have not worked on the source files yet. My goal was first to get a deeper understanding of what's wanted and what's not (e.g. by this pull request) before I dig into this (on the master branch).

[1] https://man7.org/linux/man-pages/man7/man-pages.7.html

richsalz · 2020-07-15T19:32:47Z

It would be nice if you considered updating find-doc-nits to capture the preferred spelling of things you changed.

gustafn · 2020-07-15T20:18:01Z

update find-doc-nits
I can do so for the common changes (you might have notices, i've done so already for "aka" on master). When i do so, there will be no guarantees on false-positive changes that the script will find.

Does this still make sense for the OpenSSL_1_1_1-stable branch?

richsalz · 2020-07-15T20:25:36Z

any effort to prevent "backsliding" is good, thanks.

mspncp · 2020-07-15T20:56:38Z

I am in not way religious on these topics.

Sorry, maybe my statement was a bit misunderstandable: I am not opposed to your suggested changes and you gave a good reason for making them. I was just a little bit irritated by the fact that your backport introduces new corrections which are not on master (yet). So if you don't mind the effort, I would be happy to see a pull request on master which applies the same corrections, too.

gustafn · 2020-07-15T22:57:21Z

I've applied the changes as suggested by the Linux Documentation Project to the master branch and updated the doc-nits, .... after rebasing my fork to the current version, but strangely enough, GitHub has greyed out the "create pull" request button.

Maybe it is too late already for me to see the obvious. The easiest is probably to delete my fork and apply the changes to a fresh fork, but i am afraid, that will kill the current pull request for the 1.1.1 branch, which is still open..... or i can create another for another organization. Any quick recommendation?

mspncp · 2020-07-16T05:00:49Z

I'm not sure. But maybe it's because your gustafn-master branch (see below) contains merge commits.

~/src/openssl$ git fetch https://github.com/gustafn/openssl.git master
remote: Enumerating objects: 250, done.
remote: Counting objects: 100% (211/211), done.
remote: Compressing objects: 100% (18/18), done.
remote: Total 109 (delta 98), reused 102 (delta 91), pack-reused 0
Receiving objects: 100% (109/109), 14.73 KiB | 4.91 MiB/s, done.
Resolving deltas: 100% (98/98), completed with 79 local objects.
From https://github.com/gustafn/openssl
 * branch                  master     -> FETCH_HEAD

~/src/openssl$ git checkout -b gustafn-master FETCH_HEAD
Switched to a new branch 'gustafn-master'

~/src/openssl$ git log --oneline gustafn-master master   

41bd6bc060 (HEAD -> gustafn-master) Align documentation with recommendation of the Linux Documentation Project
e8e6fa4d9c Merge branch 'master' of https://github.com/gustafn/openssl
252d52c63b revised version for pull request
5ff9aa2b70 fixed typos and repeated words CLA: trivial
c565301dca Merge remote-tracking branch 'upstream/master'
55affcadbe (origin/master, origin/HEAD, github/master, github/gh-2067, master) Configure: fix minor typo in apitable comment

mspncp · 2020-07-16T05:04:30Z

Also, I would recommend to always create a dedicated topic branch for every pull request, instead of reusing your master or OpenSSL_1_1_1-stable branch. This might be another reason why GitHub might be confused.

gustafn · 2020-07-16T08:26:57Z

yes, you are right. Created a new branch and added an additional pull request (#12460)

mspncp

LGTM

This change applies the recommendation of the Linux Documentation Project to the documentation files of OpenSSL. Additionally, util/find-doc-nits was updated accordingly. The change follows a suggestion of mspncp on openssl#12370 and incoporates the requested changes on the pull request

mspncp · 2020-07-20T20:26:20Z

@gustafn since your CLA has now been filed, I amended your commit to remove the 'CLA: trivial' tag from the commit message (see 0642972) and force-pushed the commit without tree changes. (No further action from you is required, the pull request is simply waiting for a second approval.)

This change applies the recommendation of the Linux Documentation Project to the documentation files of OpenSSL. Additionally, util/find-doc-nits was updated accordingly. The change follows a suggestion of mspncp on #12370 and incoporates the requested changes on the pull request Reviewed-by: Shane Lontis <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from #12460)

mspncp · 2020-07-23T05:51:42Z

ping

paulidale

Look good!

openssl-machine · 2020-07-24T07:00:17Z

This pull request is ready to merge

Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from #12370)

mspncp · 2020-07-24T19:08:15Z

Merged to 1.1.1. in 6328d36, thank you!

* Update external/openssl from branch 'build-tools' to 8c346234bb495fdae254bfdd46e6e267624d404c - Merge "Merge tag 'OpenSSL_1_1_1i' for Python and cmdline tool" into build-tools - Merge tag 'OpenSSL_1_1_1i' for Python and cmdline tool Upstream python does not support boringssl, so bring back openssl, but only for host python. See https://www.python.org/dev/peps/pep-0644/ for some discussion upstream. Secondarily, the build system also uses the `openssl` command line tool during some actions, so this will allow us to use a prebuilt for that rather than an arbitrary version from the host. Boringssl does not provide a command line tool. Actual build rules will follow in another CL. Bug: 173151817 Change-Id: Idf1a125071c422b2f18d085eb73d01fc40ac17f2 - Prepare for 1.1.1i release Reviewed-by: Richard Levitte <[email protected]> - Update copyright year Reviewed-by: Richard Levitte <[email protected]> - Update CHANGES and NEWS for new release Reviewed-by: Richard Levitte <[email protected]> - Add a test for encoding/decoding using an invalid ASN.1 Template If you have a CHOICE type that it must use explicit tagging - otherwise the template is invalid. We add tests for this. Reviewed-by: Tomas Mraz <[email protected]> - Add a test for GENERAL_NAME_cmp Based on a boringssl test contributed by David Benjamin Reviewed-by: Tomas Mraz <[email protected]> - Complain if we are attempting to encode with an invalid ASN.1 template It never makes sense for multi-string or CHOICE types to have implicit tagging. If we have a template that uses the in this way then we should immediately fail. Thanks to David Benjamin from Google for reporting this issue. Reviewed-by: Tomas Mraz <[email protected]> - Check that multi-strings/CHOICE types don't use implicit tagging It never makes sense for multi-string or CHOICE types to use implicit tagging since the content would be ambiguous. It is an error in the template if this ever happens. If we detect it we should stop parsing. Thanks to David Benjamin from Google for reporting this issue. Reviewed-by: Tomas Mraz <[email protected]> - Correctly compare EdiPartyName in GENERAL_NAME_cmp() If a GENERAL_NAME field contained EdiPartyName data then it was incorrectly being handled as type "other". This could lead to a segmentation fault. Many thanks to David Benjamin from Google for reporting this issue. CVE-2020-1971 Reviewed-by: Tomas Mraz <[email protected]> - DirectoryString is a CHOICE type and therefore uses explicit tagging EDIPartyName has 2 fields that use a DirectoryString. However they were marked as implicit tagging - which is not correct for a CHOICE type. Additionally the partyName field was marked as Optional when, according to RFC5280 it is not. Many thanks to github user @filipnavara for reporting this issue. Also to David Benjamin from Google who independently identified and reported it. Fixes #6859 Reviewed-by: Tomas Mraz <[email protected]> - CHANGES: Move misplaced change item Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13605) - x509_vfy.c: Restore rejection of expired trusted (root) certificate The certificate path validation procedure specified in RFC 5280 does not include checking the validity period of the trusted (root) certificate. Still it is common good practice to perform this check. Also OpenSSL did this until version 1.1.1h, yet commit e2590c3a162eb118c36b09c2168164283aa099b4 accidentally killed it. The current commit restores the previous behavior. It also removes the cause of that bug, namely counter-intuitive design of the internal function check_issued(), which was complicated by checks that actually belong to some other internal function, namely find_issuer(). Moreover, this commit adds a regression check and proper documentation of the root cert validity period check feature, which had been missing so far. Fixes #13471 Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13585) - Configuration: darwin64-arm64-cc for Apple silicon Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tim Hudson <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12369) - Fix comment in do_dtls1_write() This code started off as a copy of ssl3_write_bytes(), and the comment was not updated with the implementation. Reported by yangyangtiantianlonglong in #13518 Reviewed-by: Shane Lontis <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13566) (cherry picked from commit 70cae332a2c200087605f94cdccfee80c9380fbf) - Turn on Github CI - backport improved ci.yml to 1.1.1 Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13586) - aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode ARM Cortex-A57 and Cortex-A72 cores running in 32-bit mode are affected by silicon errata #1742098 [0] and #1655431 [1], respectively, where the second instruction of a AES instruction pair may execute twice if an interrupt is taken right after the first instruction consumes an input register of which a single 32-bit lane has been updated the last time it was modified. This is not such a rare occurrence as it may seem: in counter mode, only the least significant 32-bit word is incremented in the absence of a carry, which makes our counter mode implementation susceptible to these errata. So let's shuffle the counter assignments around a bit so that the most recent updates when the AES instruction pair executes are 128-bit wide. [0] ARM-EPM-049219 v23 Cortex-A57 MPCore Software Developers Errata Notice [1] ARM-EPM-012079 v11.0 Cortex-A72 MPCore Software Developers Errata Notice Signed-off-by: Ard Biesheuvel <[email protected]> Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13571) (cherry picked from commit 26217510d21cd4d5928db8bff41c6756a7c7a636) - Update bio_ok.c CLA: trivial Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13515) (cherry picked from commit a614af95531dd9f168aa4b71bd1195b4fdfe1794) - rsa_test: add return value check Fixes #13361 Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13362) (cherry picked from commit 93c87f745d5694b829d5b52d371d478b063a1fba) - Verification zero-length content in S/MIME format Fixes #13082 Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13106) - Correct description of BN_mask_bits CLA: trivial Correct right shift to left shift. Pseudo code `a&=~((~0)>>n)` means "get higher n-bits of a", but actually crypto lib gives lower n-bits. Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12727) (cherry picked from commit b6ef3c7089e887427cde8c550e28211dc0c22dd1) - Unify ssl3_get_cipher_by_std_name() implementation The handling for the SCSVs was the same as for regular ciphers; just merge them into the same table-driven handler. Reviewed-by: Paul Dale <[email protected]> (cherry picked from commit 231849bc9ca69dfd3adf40821421d8e2d804d8e8) (Merged from https://github.com/openssl/openssl/pull/13280) - optimise ssl3_get_cipher_by_std_name() Return immediately on matched cipher. Without this patch the code only breaks out of the inner for loop, meaning for a matched TLS13 cipher the code will still loop through 160ish SSL3 ciphers. CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (cherry picked from commit d93bded6aa2852e681de2ed76fb43c415687af68) Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13280) - crypto/poly1305/asm: fix armv8 pointer authentication PAC pointer authentication signs the return address against the value of the stack pointer, to prevent stack overrun exploits from corrupting the control flow. However, this requires that the AUTIASP is issued with SP holding the same value as it held when the PAC value was generated. The Poly1305 armv8 code got this wrong, resulting in crashes on PAC capable hardware. Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13256) (cherry picked from commit fcf6e9d056162d5af64c6f7209388a5c3be2ce57) - Ensure we raise SSLfatal on error We were missing a call to SSLfatal. A comment claimed that we had already called it - but that is incorrect. Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13230) - Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE This unifies the behaviour of a single certificate with an unknown CA certificate with a self-signed certificate. The user callback can mask that error to retrieve additional error information. So the user application can decide to abort the connection instead to be forced by openssl. This change in behaviour is backward compatible as user callbacks who don't want to ignore UNABLE_TO_VERIFY_LEAF_SIGNATURE will still abort the connection by default. CLA: trivial Fixes #11297 Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11359) - Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) Cherry-pick of https://github.com/openssl/openssl/pull/13056 for branch 1.1.1. Tested against the release 1.1.1h Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13218) - Fix AES-GCM bug on aarch64 BigEndian Fixes #10638 Fixes #13188 Fixes a bug for aarch64 bigendian with instructions 'st1' and 'ld1' on AES-GCM mode. CLA: trivial (cherry picked from commit bc8b648f744566031ce84d77333dbbcb9689e975) Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13193) - resolve defects: reverse_inull; row[DB_exp_date] referenced before checking Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13170) (cherry picked from commit 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a) - Avoid potential doublefree on dh object assigned to EVP_PKEY Fixes regression from 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13194) - Add a CHANGES entry for the SSL_SECOP_TMP_DH change Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13136) - Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback The security operation SSL_SECOP_TMP_DH is defined to take an EVP_PKEY in the "other" parameter: /* Temporary DH key */ # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY) In most places this is what is passed. All these places occur server side. However there is one client side call of this security operation and it passes a DH object instead. This is incorrect according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all of the other locations. Our own default security callback, and the debug callback in the apps, never look at this value and therefore this issue was never noticed previously. In theory a client side application could be relying on this behaviour and could be broken by this change. This is probably fairly unlikely but can't be ruled out. Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13136) - Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE CLA: trivial Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13062) (cherry picked from commit 796948cd733d2bd0d8acbaf2354c718bcd4352a6) - syscall_random(): don't fail if the getentropy() function is a dummy Several embedded toolchains may provide dummy implemented getentropy() function which always returns -1 and sets errno to the ENOSYS. As a result the function SSL_CTX_new() fails to create a new context. Fixes #13002 Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13112) - Fixed typo in ssl_lib.c orignal -> original CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13111) (cherry picked from commit 9f7505ab6a1ce76497654ea8cf6a74307da78989) - Avoid memory leak of parent on allocation failure for child structure Reviewed-by: Ben Kaduk <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13055) (cherry picked from commit a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd) - Use size of target buffer for allocation Reviewed-by: Ben Kaduk <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13055) (cherry picked from commit 8ad369171fc2b435c0ca427111481da4d4c3c1ce) - Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only if suitable feature test macros are defined, namely: _GNU_SOURCE, _DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE (before glibc 2.19), see GETNAMEINFO(3). CLA: trivial Fixes #13049 Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/13054) (cherry picked from commit 99501e817cbc4f11cc045dbaa7a81854d4349335) - Prepare for 1.1.1i-dev Reviewed-by: Matthias St. Pierre <[email protected]> - Prepare for 1.1.1h release Reviewed-by: Matthias St. Pierre <[email protected]> - Update copyright year Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12949) - Updates CHANGES and NEWS for the new release Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12949) - Add const to 'ppin' function parameter CLA: trivial Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Matt Caswell <[email protected]> GH: #12205 (cherry picked from commit 434343f896a2bb3e5857cc9831c38f8cd1cceec1) - Support keys with RSA_METHOD_FLAG_NO_CHECK with OCSP sign OCSP_basic_sign_ctx() in ocsp_srv.c , does not check for RSA_METHOD_FLAG_NO_CHECK. If a key has RSA_METHOD_FLAG_NO_CHECK set, OCSP sign operations can fail because the X509_check_private_key() can fail. The check for the RSA_METHOD_FLAG_NO_CHECK was moved to crypto/rsa/rsa_ameth.c as a common place to check. Checks in ssl_rsa.c were removed. Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tim Hudson <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12419) - Disallow certs with explicit curve in verification chain The check is applied only with X509_V_FLAG_X509_STRICT. Fixes #12139 Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Nicola Tuveri <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12909) - EC_KEY: add EC_KEY_decoded_from_explicit_params() The function returns 1 when the encoding of a decoded EC key used explicit encoding of the curve parameters. Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Nicola Tuveri <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12909) - Fix: ecp_nistz256-armv4.S bad arguments Fix this error: crypto/ec/ecp_nistz256-armv4.S:3853: Error: bad arguments to instruction -- `orr r11,r10' crypto/ec/ecp_nistz256-armv4.S:3854: Error: bad arguments to instruction -- `orr r11,r12' crypto/ec/ecp_nistz256-armv4.S:3855: Error: bad arguments to instruction -- `orrs r11,r14' CLA: trivial Fixes #12848 Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Kurt Roeckx <[email protected]> GH: #12854 (cherry picked from commit b5f82567afa820bac55b7dd7eb9dd510c32c3ef6) - Revert two renamings backported from master The original names were more intuitive: the generate_counter counts the number of generate requests, and the reseed_counter counts the number of reseedings (of the principal DRBG). reseed_gen_counter -> generate_counter reseed_prop_counter -> reseed_counter This partially reverts commit 35a34508ef4d649ace4e373e1d019192b7e38c36. Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12759) - Fix the DRBG seed propagation In a nutshell, reseed propagation is a compatibility feature with the sole purpose to support the traditional way of (re-)seeding manually by calling 'RAND_add()' before 'RAND_bytes(). It ensures that the former has an immediate effect on the latter *within the same thread*, but it does not care about immediate reseed propagation to other threads. The implementation is lock-free, i.e., it works without taking the lock of the primary DRBG. Pull request #7399 not only fixed the data race issue #7394 but also changed the original implementation of the seed propagation unnecessarily. This commit reverts most of the changes of commit 1f98527659b8 and intends to fix the data race while retaining the original simplicity of the seed propagation. - use atomics with relaxed semantics to load and store the seed counter - add a new member drbg->enable_reseed_propagation to simplify the overflow treatment of the seed propagation counter - don't handle races between different threads This partially reverts commit 1f98527659b8290d442c4e1532452b9ba6463f1e. Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12759) - Fix memory leaks in conf_def.c Fixes #12471 CLA: trivial Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Shane Lontis <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12533) (cherry picked from commit 4348995b0d818203f37ffa51c9bdf4488cf24bad) - Coverity Fixes x_algor.c: Explicit null dereferenced cms_sd.c: Resource leak ts_rsp_sign.c Resource Leak extensions_srvr.c: Resourse Leak v3_alt.c: Resourse Leak pcy_data.c: Resource Leak cms_lib.c: Resource Leak drbg_lib.c: Unchecked return code Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Shane Lontis <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12531) - Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8 PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the actual encoding to DER. However, i2d_PrivateKey() is a generic function that will do what it can to produce output according to what the associated EVP_PKEY_ASN1_METHOD offers. If that method offers a function 'old_priv_encode', which is expected to produce the "traditional" encoded form, then i2d_PrivateKey() uses that. If not, i2d_PrivateKey() will go on and used more modern methods, which are all expected to produce PKCS#8. To ensure that PEM_write_bio_PrivateKey_traditional() never produces more modern encoded forms, an extra check that 'old_priv_encode' is non-NULL is added. If it is NULL, an error is returned. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12729) - Ignore vendor name in Clang version number. For example, FreeBSD prepends "FreeBSD" to version string, e.g., FreeBSD clang version 11.0.0 ([email protected]:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86) Target: x86_64-unknown-freebsd13.0 Thread model: posix InstalledDir: /usr/bin This prevented us from properly detecting AVX support, etc. CLA: trivial Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12725) (cherry picked from commit cd84d8832d274357a5ba5433640d7ef76691b1ac) - sslapitest: Add test for premature call of SSL_export_keying_material Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12594) (cherry picked from commit ea9f6890eb54e4b9e8b81cc1318ca3a6fc0c8356) - Avoid segfault in SSL_export_keying_material if there is no session Fixes #12588 Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12594) (cherry picked from commit dffeec1c10a874d7c7b83c221dbbce82f755edb1) - Fix a test_verify failure A recently added certificate in test/certs expired causing test_verify to fail. This add a replacement certificate with a long expiry date. Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12561) - Fix typos and repeated words Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12370) - Update EVP_EncodeInit.pod Fix EVP_EncodeBlock description using incorrect parameter name for encoding length CLA: trivial Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12518) (cherry picked from commit 1660c8fa6be2d7c4587e490c88a44a870e9b4298) - test/drbgtest.c: Fix error check test The condition in test_error_checks() was inverted, so the test succeeded as long as error_check() failed. Incidently, error_check() contained several bugs that assured it always failed, thus giving overall drbg test success. Remove the broken explicit zero check. RAND_DRBG_uninstantiate() cleanses the data via drbg_ctr_uninstantiate(), but right after that it resets drbg->data.ctr using RAND_DRBG_set(), so TEST_mem_eq(zero, sizeof(drbg->data)) always failed. (backport from https://github.com/openssl/openssl/pull/11195) Signed-off-by: Vitezslav Cizek <[email protected]> Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12517) - fixed swapped parameters descriptions for x509 CLA: trivial Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12505) - Avoid errors with a priori inapplicable protocol bounds The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configurign DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options. Expected to resolve #12394 Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matt Caswell <[email protected]> GH: #12507 - man3: Drop warning about using security levels higher than 1. Today, majority of web-browsers reject communication as allowed by the security level 1. Instead key sizes and algorithms from security level 2 are required. Thus remove the now obsolete warning against using security levels higher than 1. For example Ubuntu, compiles OpenSSL with security level set to 2, and further restricts algorithm versions available at that security level. Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12444) (cherry picked from commit 02e14a65fd6cc63204b43a79d510e95a63bdd901) - doc: Fix documentation of EVP_EncryptUpdate(). The documentation was off by one for the length this function could return. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12435) (cherry picked from commit 3fc164e8d18dcdef57d297956debf8d966e7fbef) - x509_vfy.c: Improve key usage checks in internal_verify() of cert chains If a presumably self-signed cert is last in chain we verify its signature only if X509_V_FLAG_CHECK_SS_SIGNATURE is set. Upon this request we do the signature verification, but not in case it is a (non-conforming) self-issued CA certificate with a key usage extension that does not include keyCertSign. Make clear when we must verify the signature of a certificate and when we must adhere to key usage restrictions of the 'issuing' cert. Add some comments for making internal_verify() easier to understand. Update the documentation of X509_V_FLAG_CHECK_SS_SIGNATURE accordingly. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12357) - Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued() Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix. As prerequisites, this adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). This is a backport of the core of PR #10587. Fixes #1418 Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12357) - Enable WinCE build without deceiving _MSC_VER. Reviewed-by: Mark J. Cox <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11526) (cherry picked from commit c35b8535768e22cd3b7743f4887a72e53a621a5f) - To generate makefile with correct parameters for WinCE. Reviewed-by: Mark J. Cox <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11526) (cherry picked from commit a1736f37aee855fecf463b9f15519e12c333ecfc) - Disable optimiization of BN_num_bits_word() for VS2005 ARM compiler due to its miscompilation of the function. https://mta.openssl.org/pipermail/openssl-users/2018-August/008465.html Reviewed-by: Mark J. Cox <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11526) (cherry picked from commit 7a09fab2b3d201062a2cc07c1a40d09d61ea31bd) - Changed uintptr_t to size_t. WinCE6 doesn't seem it have the definition. Reviewed-by: Mark J. Cox <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11526) (cherry picked from commit 6c2a56beec847da18e5ac60a30219f0dea39baf9) - [1.1.1][test] Avoid missing EC_GROUP wrappers Backport of https://github.com/openssl/openssl/pull/12096 to 1.1.1 broke the build as the following functions are missing: const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group); int EC_GROUP_get_field_type(const EC_GROUP *group); Turns out that for the purposes of the test code, we don't really need to differentiate between prime and binary fields, and we can directly use the existing `EC_GROUP_get_degree()` in the same fashion as was being done for binary fields also for prime fields. Fixes https://github.com/openssl/openssl/issues/12432 Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12433) - [test] ectest: check custom generators Reviewed-by: Nicola Tuveri <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12096) (cherry picked from commit a01cae99ac384cb6a74b46ccdc90736fe0754958) - improve SSL_CTX_set_tlsext_ticket_key_cb ref impl improve reference implementation code in SSL_CTX_set_tlsext_ticket_key_cb man page change EVP_aes_128_cbc() to EVP_aes_256_cbc(), with the implication of requiring longer keys. Updating this code brings the reference implementation in line with implementation in openssl committed in 2016: commit 05df5c20 Use AES256 for the default encryption algorithm for TLS session tickets add comments where user-implementation is needed to complete code (backport from https://github.com/openssl/openssl/pull/12063) Reviewed-by: Ben Kaduk <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12391) - [test][15-test_genec] Improve EC tests with genpkey Test separately EC parameters and EC key generation. Some curves only support explicit params encoding. For some curves we have had cases in which generating the parameters under certain conditions failed, while generating and serializing a key under the same conditions did not. See <https://github.com/openssl/openssl/issues/12306> for more details. Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12308) - [apps/genpkey] exit status should not be 0 on output errors If the key is to be serialized or printed as text and the framework returns an error, the app should signal the failure to the user using a non-zero exit status. Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12305) (cherry picked from commit 466d30c0d7fa861a5fcbaebd2e2010a8c2aea322) - [EC][ASN1] Detect missing OID when serializing EC parameters and keys The following built-in curves do not have an assigned OID: - Oakley-EC2N-3 - Oakley-EC2N-4 In general we shouldn't assume that an OID is always available. This commit detects such cases, raises an error and returns appropriate return values so that the condition can be detected and correctly handled by the callers, when serializing EC parameters or EC keys with the default `ec_param_enc:named_curve`. Fixes #12306 Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12312) - Configure: Check source and build dir equality a little more thoroughly 'absolutedir' does a thorough job ensuring that we have a "real" path to both source and build directory, unencumbered by symbolic links. However, that isn't enough on case insensitive file systems on Unix flavored platforms, where it's possible to stand in, for example, /PATH/TO/Work/openssl, and then do this: perl ../../work/openssl/Configure ... and thereby having it look like the source directory and the build directory aren't the same. We solve this by having a closer look at the computed source and build directories, and making sure they are exactly the same strings if they are in fact the same directory. This is especially important when making symbolic links based on this directories, but may have other ramifications as well. Fixes #12323 Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12337) (cherry picked from commit 610e2b3b7019b11d97f1dcda13575254a2c65c3d) - Free pre_proc_exts in SSL_free() Usually it will be freed in tls_early_post_process_client_hello(). However if a ClientHello callback will be used and will return SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello() may never come to the point where pre_proc_exts is freed. Fixes #12194 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12330) (cherry picked from commit 94941cada25433a7dca35b5b9f8cbb751ab65ab3) - doc: remove reference to the predecessor of SHA-1. Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12322) (cherry picked from commit 69f982679ec0c8887a4324d8518a33808fee1cd7) - Fix a typo on the SSL_dup page Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12245) - Add an SSL_dup test Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12245) - Don't attempt to duplicate the BIO state in SSL_dup SSL_dup attempted to duplicate the BIO state if the source SSL had BIOs configured for it. This did not work. Firstly the SSL_dup code was passing a BIO ** as the destination argument for BIO_dup_state. However BIO_dup_state expects a BIO * for that parameter. Any attempt to use this will either (1) fail silently, (2) crash or fail in some other strange way. Secondly many BIOs do not implement the BIO_CTRL_DUP ctrl required to make this work. Thirdly, if rbio == wbio in the original SSL object, then an attempt is made to up-ref the BIO in the new SSL object - even though it hasn't been set yet and is NULL. This results in a crash. This appears to have been broken for a very long time with at least some of the problems described above coming from SSLeay. The simplest approach is to just remove this capability from the function. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12245) - Update the SSL_dup documentation to match reality Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12245) - Ensure that SSL_dup copies the min/max protocol version With thanks to Rebekah Johnson for reporting this issue. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12245) - Force ssl/tls protocol flags to use stream sockets Prior to this patch doing something like openssl s_client -dtls1 -tls1 ... could cause s_client to speak TLS on a UDP socket which does not normally make much sense. Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12266) (cherry picked from commit 2c9ba46c90e9d25040260bbdc43e87921f08c788) - Configuration: do not overwrite BASE_unix ex_libs in AIX BASE_unix sets ex_libs to `-lz` based the on zlib linking. AIX platforms overwrote this instead of adding to it. CLA: Trivial Signed-off-by: Attila Szakacs <[email protected]> Reviewed-by: Shane Lontis <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12271) (cherry picked from commit b1f9db698011e5a178d53483eccfd0a44f132baf) - doc/man3: fix types taken by HMAC(), HMAC_Update() HMAC() and HMAC_Update() take size_t for 'n' and 'len' respectively. CLA: trivial Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12264) (cherry picked from commit cc63865f336e0144f8501aa0a862ba0247a50622) - Fix wrong return value check of mmap function The mmap function never returns NULL. If an error occurs, the function returns MAP_FAILED. CLA: trivial Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12187) (cherry picked from commit 1d78129dd205e3e85083a91c33540a70c51b0a23) - Refactor BN_R_NO_INVERSE logic in internal functions Closes #12129 As described in https://github.com/openssl/openssl/issues/12129 the readability of the internal functions providing the two alternative implementations for `BN_mod_inverse()` is a bit lacking. Both these functions are now completely internal, so we have the flexibility needed to slightly improve readability and remove unnecessary NULL checks. The main changes here are: - rename `BN_mod_inverse_no_branch()` as `bn_mod_inverse_no_branch()`: this function is `static` so it is not even visible within the rest of libcrypto. By convention upcase prefixes are reserved for public functions. - remove `if (pnoinv == NULL)` checks in `int_bn_mod_inverse()`: this function is internal to the BN module and we can guarantee that all callers pass non-NULL arguments. - `bn_mod_inverse_no_branch()` takes an extra `int *pnoinv` argument, so that it can signal if no inverse exists for the given inputs: in this way the caller is in charge of raising `BN_R_NO_INVERSE` as it is the case for the non-consttime implementation of `int_bn_mod_inverse()`. - `BN_mod_inverse()` is a public function and must guarantee that the internal functions providing the actual implementation receive valid arguments. If the caller passes a NULL `BN_CTX` we create a temporary one for internal use. - reorder function definitions in `crypto/bn/bn_gcd.c` to avoid forward declaration of `static` functions (in preparation for inlining) - inline `bn_mod_inverse_no_branch()`. (Backport to 1.1.1 from https://github.com/openssl/openssl/pull/12142) (cherry picked from commit 5d8b3a3ef2941b8822523742a0408ca6896aa65d) Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12169) - Make it clear that you can't use all ciphers for CMAC Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12107) - Add a CMAC test We did not have a test of the low level CMAC APIs so we add one. This is heavily based on the HMAC test. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12107) - Correctly handle the return value from EVP_Cipher() in the CMAC code EVP_Cipher() is a very low level routine that directly calls the underlying cipher function. It's return value semantics are very odd. Depending on the type of cipher 0 or -1 is returned on error. We should just check for <=0 for a failure. Fixes #11957 Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12107) - Ensure we never use a partially initialised CMAC_CTX If the CMAC_CTX is partially initialised then we make a note of this so that future operations will fail if the initialisation has not been completed. Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12107) - use safe primes in ssl_get_auto_dh() DH_get_1024_160() and DH_get_2048_224() return parameters from RFC5114. Those parameters include primes with known small subgroups, making them unsafe. Change the code to use parameters from RFC 2409 and RFC 3526 instead (group 2 and 14 respectively). This patch also adds automatic selection of 4096 bit params for 4096 bit RSA keys backport of 7646610 Signed-off-by: Hubert Kario <[email protected]> Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12160) - CMS_get0_signers() description CLA: trivial Reviewed-by: Shane Lontis <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12055) (cherry picked from commit 9ac916c7529a21cd01d1b539362abf8402719e30) - EVP: allow empty strings to EVP_Decode* functions This is a simple check order correction. Fixes #12143 Reviewed-by: Ben Kaduk <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12144) (cherry picked from commit 0800288e6e1d9f44d471043a970ba57743ca8f4c) - doc: Random spellchecking A little spell checking. Backport of commit af0d413654d19 ("doc: Random spellchecking") Signed-off-by: Sebastian Andrzej Siewior <[email protected]> Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Paul Dale <[email protected]> GH: #12075 - Do not allow dropping Extended Master Secret extension on renegotiaton Abort renegotiation if server receives client hello with Extended Master Secret extension dropped in comparison to the initial session. Fixes #9754 Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12099) - Test genpkey app for EC keygen with various args This commit adds a new recipe to test EC key generation with the `genpkey` CLI app. For each built-in curve, it tests key generation with text output, in PEM and in DER format, using `explicit` and `named_curve` for parameters encoding. The list of built-in curves is static at the moment, as this allows to differentiate between prime curves and binary curves to avoid failing when ec2m is disabled. Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12085) - Silence gcc false positive warning on alpn_protos_len in test/handshake_helper.c Fixes #12033 Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12041) - Silence gcc false positive warning on refdatalen in test/tls13encryptiontest.c Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12041) - Fix err checking and mem leaks of BIO_set_conn_port and BIO_set_conn_address Reviewed-by: Bernd Edlinger <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12036) - Replace BUF_strdup() call by OPENSSL_strdup() adding failure check in bss_acpt.c Add OPENSSL_strdup failure check to cpt_ctrl() in bss_acpt.c Reviewed-by: Bernd Edlinger <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12036) - [crypto/ec] Remove unreachable AVX2 code in NISTZ256 implementation `crypto/ec/ecp_nistz256.c` contained code sections guarded by a `ECP_NISTZ256_AVX2` define. The relevant comment read: > /* > * Note that by default ECP_NISTZ256_AVX2 is undefined. While it's great > * code processing 4 points in parallel, corresponding serial operation > * is several times slower, because it uses 29x29=58-bit multiplication > * as opposite to 64x64=128-bit in integer-only scalar case. As result > * it doesn't provide *significant* performance improvement. Note that > * just defining ECP_NISTZ256_AVX2 is not sufficient to make it work, > * you'd need to compile even asm/ecp_nistz256-avx.pl module. > */ Without diminishing the quality of the original submission, it's evident that this code has been basically unreachable without modifications to the library source code and is under-tested. This commit removes these sections from the codebase. (cherry picked from commit 00da0f69890874feaa555fafb99b967b861e9118 , backported from https://github.com/openssl/openssl/pull/12019 ) Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12046) - Fix a typo in SSL_CTX_set_session_ticket_cb.pod "SSL" takes two esses, not three. [skip ci] Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12038) (cherry picked from commit 09527c493596060544bda92ecd0d8ef40a366c5e) - enable DECLARE_DEPRECATED macro for Oracle Developer Studio compiler Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/9575) - Fix a buffer overflow in drbg_ctr_generate This can happen if the 32-bit counter overflows and the last block is not a multiple of 16 bytes. Fixes #12012 [extended tests] Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Patrick Steuer <[email protected]> Reviewed-by: Kurt Roeckx <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12016) (cherry picked from commit 42fa3e66697baa121220b4eacf03607280e4ff89) - fix a docs typo Correct "EC_KEY_point2buf" to "EC_POINT_point2buf". The former does not exist. CLA: trivial Reviewed-by: Ben Kaduk <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11988) (cherry picked from commit a5a87011baeef71c86938a2bae54f89fbe99e5dc) - Prevent extended tests run unexpectedly in appveyor Reason turns out that "git log -2" is picking up a merge commit and a random commit message from the master branch. Restore the expected behavior by using git log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11981) (cherry picked from commit d805b83166538907535862372c16ff6ceb648b21) - Revert the check for NaN in %f format Unfortunately -Ofast seems to break that check. Fixes #11994 Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/12003) (cherry picked from commit 41dccd68b9b9b7622b26d264c5fa190aa5bd4201) - Make BIO_do_connect() and friends handle multiple IP addresses Backport of #11971 Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11989) - bio printf: Avoid using rounding errors in range check There is a problem casting ULONG_MAX to double which clang-10 is warning about. ULONG_MAX typically cannot be exactly represented as a double. ULONG_MAX + 1 can be and this fix uses the latter, however since ULONG_MAX cannot be represented exactly as a double number we subtract 65535 from this number, and the result has at most 48 leading one bits, and can therefore be represented as a double integer without rounding error. By adding 65536.0 to this number we achive the correct result, which should avoid the warning. The addresses a symptom of the underlying problem: we print doubles via an unsigned long integer. Doubles have a far greater range and should be printed better. Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11955) (cherry picked from commit 082c041b4233b17b80129d4ac6b33a28014442b0) - EVP_EncryptInit.pod: fix example Signed-off-by: Patrick Steuer <[email protected]> Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11976) (cherry picked from commit d561b84143f5e7956454090e15de0c5e1425ceac) - AES CTR-DRGB: performance improvement Optimize the the AES-based implementation of the CTR_DRBG construction, see 10.2.1 in [1]. Due to the optimizations, the code may deviate (more) from the pseudocode in [1], but it is functional equivalence being decisive for compliance: "All DRBG mechanisms and algorithms are described in this document in pseudocode, which is intended to explain functionality. The pseudocode is not intended to constrain real-world implementations." [9 in [1]]. The following optimizations are done: - Replace multiple plain AES encryptions by a single AES-ECB encryption of a corresponding pre-initialized buffer, where possible. This allows platform-specific AES-ECB support to be used and reduces the overhead of multiple EVP calls. - Replace the generate operation loop (which is a counter increment followed by a plain AES encryption) by a loop which does a plain AES encryption followed by a counter increment. The latter loop is just a description of AES-CTR, so we replace it by a single AES-CTR encryption. This allows for platform-specific AES-CTR support to be used and reduces the overhead of multiple EVP calls. This change, that is, going from a pre- to a post- counter increment, requires the counter in the internal state to be kept at "+1" (compared to the pseudocode in [1]) such that it is in the correct state, when a generate operation is called. That in turn also requires all other operations to be changed from pre- to post-increment to keep functional equivalence. [1] NIST SP 800-90A Revision 1 Signed-off-by: Patrick Steuer <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (cherry picked from commit 28bdbe1aaa474ae8cd83e520d02e463e46ce89d9) Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11968) - Avoid undefined behavior with unaligned accesses Fixes: #4983 [extended tests] Reviewed-by: Nicola Tuveri <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11781) - More testing for CLI usage of Ed25519 and Ed448 keys Add testing for the `req` app and explicit conversion tests similar to what is done for ECDSA keys. The included test keys for Ed25519 are from the examples in RFC 8410 (Sec. 10) The key for Ed448 is derived from the first of the test vectors in RFC 8032 (Sec. 7.4) using OpenSSL to encode it into PEM format. (cherry picked from commit 81722fdf2e01cfa71c46abbcc19e65aa003e083f) This is originally a cherry-pick from https://github.com/openssl/openssl/pull/10410, with trivial changes from the original commit to account for the differences in 1.1.1. Fixes #10687 Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11939) - More testing for sign/verify through `dgst` Add tests for signature generation and verification with `dgst` CLI for common key types: - RSA - DSA - ECDSA (cherry picked from commit ef1e59ed833e8ed1d5f4de5b0c734da8561890e3) This is a backport from https://github.com/openssl/openssl/pull/10410. Support for testing EdDSA through `pkeyutl` was dropped as the required `-rawin` option is not supported in 1.1.1. Fixes #10687 Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11939) - Coverity 1463830: Resource leaks (RESOURCE_LEAK) Reviewed-by: Tim Hudson <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11941) (cherry picked from commit bbc3c22c0e2b3b4b6f069712dc8322a48506b775) - Fix B<..> vs. I<..> and add two remarks in OSSL_STORE_open.pod Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11912) - Allow NULL arg to OSSL_STORE_close() Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11912) - There is no -signreq option in CA.pl CLA: trivial Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11897) - Prevent use after free of global_engine_lock If buggy application calls engine functions after cleanup of engines already happened the global_engine_lock will be used although already freed. See for example: https://bugzilla.redhat.com/show_bug.cgi?id=1831086 Reviewed-by: Bernd Edlinger <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11896) (cherry picked from commit e12813d0d31f4f7be2ccc592d382ef3e94bdb842) - STORE: Make try_decode_PrivateKey() ENGINE aware This function only considered the built-in and application EVP_PKEY_ASN1_METHODs, and is now amended with a loop that goes through all loaded engines, using whatever table of methods they each have. Fixes #11861 (cherry picked from commit b84439b06a1b9a7bfb47e230b70a6d3ee46e8a19) Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11887) - Fix d2i_PrivateKey() to work as documented d2i_PrivateKey() is documented to return keys of the type given as first argument |type|, unconditionally. Most specifically, the manual says this: > An error occurs if the decoded key does not match type. However, when faced of a PKCS#8 wrapped key, |type| was ignored, which may lead to unexpected results. (cherry picked from commit b2952366dd0248bf35c83e1736cd203033a22378) Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11888) - t1_trce: Fix remaining places where the 24 bit shift overflow happens [extended tests] Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11857) (cherry picked from commit 7486c718e54cc762edc5f1c7c526ab83d0f97ef7) - Avoid potential overflow to the sign bit when shifting left 24 places Although there are platforms where int is 64 bit, 2GiB large BIGNUMs instead of 4GiB should be "big enough for everybody". Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11857) (cherry picked from commit 1d05eb55caa8965a151360c2469c463ecd990987) - Cast the unsigned char to unsigned int before shifting left This is needed to avoid automatic promotion to signed int. Fixes #11853 [extended tests] Reviewed-by: Richard Levitte <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11857) (cherry picked from commit cbeb0bfa961412eebfbdf1e72900f05527e81e15) - Fix egd and devrandom source configs ./config --with-rand-seed=egd need to defines OPENSSL_RAND_SEED_EGD and OPENSSL_NO_EGD so get rid of OPENSSL_NO_EGD (compiles but I did not really test EGD) ./config --with-rand-seed=devrandom does not work since wait_random_seeded works under the assumption that OPENSSL_RAND_SEED_GETRANDOM is supposed to be enabled as well, that is usually the case, but not when only devrandom is enabled. Skip the wait code in this special case. Reviewed-by: Paul Dale <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11848) (cherry picked from commit ddec332f329a432a45c0131d83f3bfb46114532b) - Update early data exchange scenarios in doc Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11816) (cherry picked from commit b2a5001d954e81e2a582f2a935212ab554a3cbbe) - Update limitation of psk_client_cb and psk_server_cb in usage with TLSv1.3 Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11816) (cherry picked from commit e0bcb4f97f7496af032013ead15b7472b60e85fa) - Fix some places where X509_up_ref is used without error handling. This takes up the ball from #11278 without trying to solve everything at once. [extended tests] Reviewed-by: Kurt Roeckx <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11852) - TTY_get() in crypto/ui/ui_openssl.c open_console() can also return errno 1 (EPERM, Linux) Signed-off-by: Maxim Zakharov <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11767) (cherry picked from commit 082394839ea32386abc7ee33aaa9da864287064c) - Test TLSv1.3 out-of-band PSK with all 5 ciphersuites Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11809) - Fix crash in early data send with out-of-band PSK using AES CCM Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11809) - If SOURCE_DATE_EPOCH is defined, use it for copyright year Using the date from SOURCE_DATE_EPOCH instead of the current date makes it possible to reproduce a build that was built on a different year: https://reproducible-builds.org/specs/source-date-epoch/ This is fixing an issue we had while building Tor Browser: https://trac.torproject.org/projects/tor/ticket/33535 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11296) (cherry picked from commit 11d7d903447ab866d037fb8bba4ceb49c7d89191) - Correct alignment calculation in ssl3_setup_write The alignment calculation in ssl3_setup_write incorrectly results in an alignment allowance of (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1) bytes. This equals 3 in almost all cases. The maximum alignment actually used in do_ssl3_write is (SSL3_ALIGN_PAYLOAD - 1). This equals 7 bytes in almost all cases. So there is a potential to overrun the buffer by up to 4 bytes. Fortunately, the encryption overhead allowed for is 80 bytes which consists of 16 bytes for the cipher block size and 64 bytes for the MAC output. However the biggest MAC that we ever produce is HMAC-384 which is 48 bytes - so we have a headroom of 16 bytes (i.e. more than the 4 bytes of potential overrun). Thanks to Nagesh Hegde for reporting this. Fixes #11766 Reviewed-by: Ben Kaduk <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11768) (cherry picked from commit d30ef639647ad263d09740c931a5bfb5a8b6a5f6) - Configure: Avoid SIXTY_FOUR_BIT for linux-mips64 This is a 32-bit ABI build (as opposed to linux64-mips64). Setting SIXTY_FOUR_BIT breaks hardware optimizations, at least on octeon processors. Reviewed-by: Richard Levitte <[email protected]> Reviewed-by: Matt Caswell <[email protected]> (Merged from https://github.com/openssl/openssl/pull/11154) - Fix rsa8192.pem Q: How did I do that? A: That's a long story. Precondition: I used sage 8.1 for the math, it could probably done with simple python as well…

gustafn mentioned this pull request Jul 4, 2020

improved and standardised spelling #12320

Closed

mspncp self-requested a review July 4, 2020 23:52

InfoHunter reviewed Jul 13, 2020

View reviewed changes

gustafn mentioned this pull request Jul 16, 2020

Align documentation with recommendation of Linux Documentation Project #12460

Closed

1 task

mspncp approved these changes Jul 16, 2020

View reviewed changes

mspncp added approval: review pending This pull request needs review by a committer branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL) labels Jul 16, 2020

Fix typos and repeated words

0642972

mspncp force-pushed the OpenSSL_1_1_1-stable branch from af31b65 to 0642972 Compare July 20, 2020 20:20

paulidale approved these changes Jul 23, 2020

View reviewed changes

mspncp added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jul 23, 2020

openssl-machine removed the approval: done This pull request has the required number of approvals label Jul 24, 2020

openssl-machine added the approval: ready to merge The 24 hour grace period has passed, ready to merge label Jul 24, 2020

openssl-machine pushed a commit that referenced this pull request Jul 24, 2020

Fix typos and repeated words

6328d36

Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Matthias St. Pierre <[email protected]> (Merged from #12370)

mspncp closed this Jul 24, 2020

Uh oh!

Comments

Conversation

gustafn commented Jul 4, 2020

Checklist

Uh oh!

InfoHunter Jul 13, 2020

Choose a reason for hiding this comment

Uh oh!

gustafn Jul 13, 2020

Choose a reason for hiding this comment

Uh oh!

mspncp commented Jul 15, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

gustafn commented Jul 15, 2020

Uh oh!

richsalz commented Jul 15, 2020

Uh oh!

gustafn commented Jul 15, 2020

Uh oh!

richsalz commented Jul 15, 2020

Uh oh!

mspncp commented Jul 15, 2020

Uh oh!

gustafn commented Jul 15, 2020

Uh oh!

mspncp commented Jul 16, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

mspncp commented Jul 16, 2020

Uh oh!

gustafn commented Jul 16, 2020

Uh oh!

mspncp left a comment

Choose a reason for hiding this comment

Uh oh!

mspncp commented Jul 20, 2020

Uh oh!

mspncp commented Jul 23, 2020

Uh oh!

paulidale left a comment

Choose a reason for hiding this comment

Uh oh!

openssl-machine commented Jul 24, 2020

Uh oh!

mspncp commented Jul 24, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

mspncp commented Jul 15, 2020 •

edited

Loading

mspncp commented Jul 16, 2020 •

edited

Loading