Merge 4b788a51bc into 57bb112c07

It is not used anywhere else than in tests.

Fixes #22965

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23269)

.github/workflows/run-checker-merge.yml

@@ -35,6 +35,7 @@ jobs:
           no-ts,
           enable-weak-ssl-ciphers,
           enable-zlib,
+          enable-pie,
         ]
     runs-on: ubuntu-latest
     steps:

.github/workflows/windows.yml

@@ -66,7 +66,7 @@ jobs:
       run: nmake test VERBOSE_FAILURE=yes TESTS=-test_fuzz* HARNESS_JOBS=4
     - name: install
       # Run on 64 bit only as 32 bit is slow enough already
-      if: $${{ matrix.platform.arch == 'win64' }}
+      if: ${{ matrix.platform.arch == 'win64' }}
       run: |
         mkdir _dest
         nmake install DESTDIR=_dest

.gitignore

@@ -54,6 +54,7 @@
 /include/openssl/ui.h
 /include/openssl/x509.h
 /include/openssl/x509v3.h
+/include/openssl/x509_acert.h
 /include/openssl/x509_vfy.h
 /include/openssl/core_names.h
 /include/internal/param_names.h

CHANGES.md

@@ -59,6 +59,13 @@ OpenSSL 3.4
 
    *Damian Hobson-Garcia*
 
+ * Added support to build Position Independent Executables (PIE). Configuration
+   option `enable-pie` configures the cflag '-fPIE' and ldflag '-pie' to
+   support Address Space Layout Randomization (ASLR) in the openssl executable,
+   removes reliance on external toolchain configurations.
+
+   *Craig Lorentzen*
+
 OpenSSL 3.3
 -----------
 

Configurations/00-base-templates.conf

@@ -76,6 +76,22 @@ my %targets=(
         AR              => "ar",
         ARFLAGS         => "qc",
         CC              => "cc",
+        bin_cflags      =>
+            sub {
+                my @flags = ();
+                if (!defined($disabled{pie})) {
+                    push(@flags, "-fPIE");
+                }
+                return join(" ", @flags);
+            },
+        bin_lflags      =>
+            sub {
+                my @flags = ();
+                if (!defined($disabled{pie})) {
+                    push(@flags, "-pie");
+                }
+                return join(" ", @flags);
+            },
         lflags          =>
             sub {
                 my @libs = ();

Configurations/10-main.conf

@@ -777,7 +777,14 @@ my %targets = (
         asm_arch         => 'aarch64',
         perlasm_scheme   => "linux64",
     },
-
+    "linux-arm64ilp32-clang" => {  # clang config abi by --target
+        inherit_from     => [ "linux-generic32" ],
+        CC               => "clang",
+        CXX              => "clang++",
+        bn_ops           => "SIXTY_FOUR_BIT RC4_CHAR",
+        asm_arch         => 'aarch64',
+        perlasm_scheme   => "linux64",
+    },
     "linux-mips32" => {
         # Configure script adds minimally required -march for assembly
         # support, if no -march was specified at command line.

Configure

@@ -492,6 +492,7 @@ my @disablables = (
     "ocsp",
     "padlockeng",
     "pic",
+    "pie",
     "pinshared",
     "poly1305",
     "posix-io",
@@ -584,6 +585,7 @@ our %disabled = ( # "what"         => "comment"
                   "external-tests"      => "default",
                   "fuzz-afl"            => "default",
                   "fuzz-libfuzzer"      => "default",
+                  "pie"                 => "default",
                   "ktls"                => "default",
                   "md2"                 => "default",
                   "msan"                => "default",
@@ -943,6 +945,10 @@ while (@argvcopy)
                         {
                         delete $disabled{"brotli"};
                         }
+                elsif ($1 eq "pie")
+                        {
+                        delete $disabled{"pie"};
+                        }
                 elsif ($1 eq "zstd-dynamic")
                         {
                         delete $disabled{"zstd"};

INSTALL.md

@@ -870,6 +870,10 @@ As synonym for `no-padlockeng`.  Deprecated and should not be used.
 
 Don't build with support for Position Independent Code.
 
+### enable-pie
+
+Build with support for Position Independent Execution.
+
 ### no-pinshared
 
 Don't pin the shared libraries.

crypto/asn1/a_time.c

@@ -591,78 +591,3 @@ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b)
         return -1;
     return 0;
 }
-
-/*
- * tweak for Windows
- */
-#ifdef WIN32
-# define timezone _timezone
-#endif
-
-#if defined(__FreeBSD__) || defined(__wasi__)
-# define USE_TIMEGM
-#endif
-
-time_t ossl_asn1_string_to_time_t(const char *asn1_string)
-{
-    ASN1_TIME *timestamp_asn1 = NULL;
-    struct tm *timestamp_tm = NULL;
-#if defined(__DJGPP__)
-    char *tz = NULL;
-#elif !defined(USE_TIMEGM)
-    time_t timestamp_local;
-#endif
-    time_t timestamp_utc;
-
-    timestamp_asn1 = ASN1_TIME_new();
-    if (!ASN1_TIME_set_string(timestamp_asn1, asn1_string))
-    {
-        ASN1_TIME_free(timestamp_asn1);
-        return -1;
-    }
-
-    timestamp_tm = OPENSSL_malloc(sizeof(*timestamp_tm));
-    if (timestamp_tm == NULL) {
-        ASN1_TIME_free(timestamp_asn1);
-        return -1;
-    }
-    if (!(ASN1_TIME_to_tm(timestamp_asn1, timestamp_tm))) {
-        OPENSSL_free(timestamp_tm);
-        ASN1_TIME_free(timestamp_asn1);
-        return -1;
-    }
-    ASN1_TIME_free(timestamp_asn1);
-
-#if defined(__DJGPP__)
-    /*
-     * This is NOT thread-safe.  Do not use this method for platforms other
-     * than djgpp.
-     */
-    tz = getenv("TZ");
-    if (tz != NULL) {
-        tz = OPENSSL_strdup(tz);
-        if (tz == NULL) {
-            OPENSSL_free(timestamp_tm);
-            return -1;
-        }
-    }
-    setenv("TZ", "UTC", 1);
-
-    timestamp_utc = mktime(timestamp_tm);
-
-    if (tz != NULL) {
-        setenv("TZ", tz, 1);
-        OPENSSL_free(tz);
-    } else {
-        unsetenv("TZ");
-    }
-#elif defined(USE_TIMEGM)
-    timestamp_utc = timegm(timestamp_tm);
-#else
-    timestamp_local = mktime(timestamp_tm);
-    timestamp_utc = timestamp_local - timezone;
-#endif
-    OPENSSL_free(timestamp_tm);
-
-    return timestamp_utc;
-}

crypto/bn/bn_gcd.c

@@ -619,11 +619,12 @@ int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
         pow2_numbits_temp = r->d[i] | g->d[i];
         pow2_condition_mask = ((BN_ULONG)!constant_time_is_zero(pow2_flag)) & ((BN_ULONG)!constant_time_is_zero_64(pow2_numbits_temp));
         pow2_flag &= !pow2_condition_mask;
-        pow2_condition_mask = ((~pow2_condition_mask & (pow2_condition_mask - 1)) >> (BN_BITS2 - 1)) - 1; // https://github.com/openssl/openssl/blob/067fbc01b9e867b31c71091d62f0f9012dc9e41a/crypto/bn/bn_lib.c#L950C5-L950C74
-        pow2_shifts += 1 & pow2_condition_mask;
+        pow2_shifts += 1 & pow2_flag;
+        pow2_condition_mask = ((~pow2_condition_mask & (pow2_condition_mask - 1)) >> (BN_BITS2 - 1)) - 1; /* https://github.com/openssl/openssl/blob/067fbc01b9e867b31c71091d62f0f9012dc9e41a/crypto/bn/bn_lib.c#L950C5-L950C74 */
         pow2_condition_mask = (pow2_numbits ^ pow2_numbits_temp) & pow2_condition_mask;
         pow2_numbits ^= pow2_condition_mask;
     }
+    pow2_numbits = ~pow2_numbits;
     pow2_shifts *= BN_BITS2;
     pow2_flag = 1;
     for (j = 0; j < BN_BITS2; j++) {

crypto/cms/cms_asn1.c

@@ -51,6 +51,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         EVP_PKEY_free(si->pkey);
         X509_free(si->signer);
         EVP_MD_CTX_free(si->mctx);
+        EVP_PKEY_CTX_free(si->pctx);
     }
     return 1;
 }
@@ -90,11 +91,21 @@ ASN1_SEQUENCE(CMS_OriginatorInfo) = {
         ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
 } static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
 
-ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
+static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval;
+
+    if (operation == ASN1_OP_FREE_POST)
+        OPENSSL_clear_free(ec->key, ec->keylen);
+    return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_EncryptedContentInfo, cms_ec_cb) = {
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
         ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
-} static_ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_EncryptedContentInfo, CMS_EncryptedContentInfo)
 
 ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
         ASN1_EMBED(CMS_KeyTransRecipientInfo, version, INT32),
@@ -318,6 +329,10 @@ static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             return 0;
         break;
 
+    case ASN1_OP_FREE_POST:
+        OPENSSL_free(cms->ctx.propq);
+        break;
+
     }
     return 1;
 }

crypto/cms/cms_env.c

@@ -51,15 +51,6 @@ static int cms_get_enveloped_type(const CMS_ContentInfo *cms)
     return ret;
 }
 
-void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf)
-{
-    if (cms_get_enveloped_type_simple(cinf) != 0) {
-        CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cinf);
-        if (ec != NULL)
-            OPENSSL_clear_free(ec->key, ec->keylen);
-    }
-}
-
 CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms)
 {
     if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
@@ -289,8 +280,10 @@ BIO *CMS_EnvelopedData_decrypt(CMS_EnvelopedData *env, BIO *detached_data,
                       secret == NULL ? cert : NULL, detached_data, bio, flags);
 
  end:
-    if (ci != NULL)
+    if (ci != NULL) {
         ci->d.envelopedData = NULL; /* do not indirectly free |env| */
+        ci->contentType = NULL;
+    }
     CMS_ContentInfo_free(ci);
     if (!res) {
         BIO_free(bio);

crypto/cms/cms_lib.c

@@ -21,6 +21,7 @@
 static STACK_OF(CMS_CertificateChoices)
 **cms_get0_certificate_choices(CMS_ContentInfo *cms);
 
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(CMS_ContentInfo)
 IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
 CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a,
@@ -66,20 +67,6 @@ CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
     return ci;
 }
 
-CMS_ContentInfo *CMS_ContentInfo_new(void)
-{
-    return CMS_ContentInfo_new_ex(NULL, NULL);
-}
-
-void CMS_ContentInfo_free(CMS_ContentInfo *cms)
-{
-    if (cms != NULL) {
-        ossl_cms_env_enc_content_free(cms);
-        OPENSSL_free(cms->ctx.propq);
-        ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo));
-    }
-}
-
 const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms)
 {
     return cms != NULL ? &cms->ctx : NULL;

crypto/cms/cms_local.h

@@ -366,6 +366,7 @@ struct CMS_Receipt_st {
 
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
+DECLARE_ASN1_ITEM(CMS_EncryptedContentInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
 DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
 DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
@@ -447,7 +448,6 @@ BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
 int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
 BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
 int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
-void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf);
 CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
 CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
 CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);

crypto/cms/cms_sd.c

@@ -512,8 +512,12 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
                                          ossl_cms_ctx_get0_libctx(ctx),
                                          ossl_cms_ctx_get0_propq(ctx),
                                          pk, NULL) <= 0) {
+            si->pctx = NULL;
             goto err;
         }
+        else {
+            EVP_MD_CTX_set_flags(si->mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
+        }
     }
 
     if (sd->signerInfos == NULL)
@@ -758,6 +762,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
         unsigned char computed_md[EVP_MAX_MD_SIZE];
 
         pctx = si->pctx;
+        si->pctx = NULL;
         if (md == NULL) {
             if (!EVP_DigestFinal_ex(mctx, computed_md, &mdlen))
                 goto err;
@@ -851,6 +856,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
                                   ossl_cms_ctx_get0_propq(ctx), si->pkey,
                                   NULL) <= 0)
             goto err;
+        EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
         si->pctx = pctx;
     }
 
@@ -922,9 +928,16 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
         goto err;
     }
     mctx = si->mctx;
+    if (si->pctx != NULL) {
+        EVP_PKEY_CTX_free(si->pctx);
+        si->pctx = NULL;
+    }
     if (EVP_DigestVerifyInit_ex(mctx, &si->pctx, EVP_MD_get0_name(md), libctx,
-                                propq, si->pkey, NULL) <= 0)
+                                propq, si->pkey, NULL) <= 0) {
+        si->pctx = NULL;
         goto err;
+    }
+    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
 
     if (!cms_sd_asn1_ctrl(si, 1))
         goto err;
@@ -1040,8 +1053,11 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
         if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0)
             goto err;
         si->pctx = pkctx;
-        if (!cms_sd_asn1_ctrl(si, 1))
+        if (!cms_sd_asn1_ctrl(si, 1)) {
+            si->pctx = NULL;
             goto err;
+        }
+        si->pctx = NULL;
         r = EVP_PKEY_verify(pkctx, si->signature->data,
                             si->signature->length, mval, mlen);
         if (r <= 0) {

crypto/cms/cms_smime.c

@@ -236,7 +236,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
     if (cms == NULL)
         return NULL;
     if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
-        return NULL;
+        goto err;
 
     if (!(flags & CMS_DETACHED))
         CMS_set_detached(cms, 0);
@@ -245,6 +245,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
         || CMS_final(cms, in, NULL, flags))
         return cms;
 
+ err:
     CMS_ContentInfo_free(cms);
     return NULL;
 }

doc/build.info

@@ -2747,6 +2747,10 @@ DEPEND[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
 GENERATE[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
 DEPEND[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod
 GENERATE[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod
+DEPEND[html/man3/SSL_set_session_secret_cb.html]=man3/SSL_set_session_secret_cb.pod
+GENERATE[html/man3/SSL_set_session_secret_cb.html]=man3/SSL_set_session_secret_cb.pod
+DEPEND[man/man3/SSL_set_session_secret_cb.3]=man3/SSL_set_session_secret_cb.pod
+GENERATE[man/man3/SSL_set_session_secret_cb.3]=man3/SSL_set_session_secret_cb.pod
 DEPEND[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod
 GENERATE[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod
 DEPEND[man/man3/SSL_set_shutdown.3]=man3/SSL_set_shutdown.pod
@@ -3650,6 +3654,7 @@ html/man3/SSL_set_fd.html \
 html/man3/SSL_set_incoming_stream_policy.html \
 html/man3/SSL_set_retry_verify.html \
 html/man3/SSL_set_session.html \
+html/man3/SSL_set_session_secret_cb.html \
 html/man3/SSL_set_shutdown.html \
 html/man3/SSL_set_verify_result.html \
 html/man3/SSL_shutdown.html \
@@ -4303,6 +4308,7 @@ man/man3/SSL_set_fd.3 \
 man/man3/SSL_set_incoming_stream_policy.3 \
 man/man3/SSL_set_retry_verify.3 \
 man/man3/SSL_set_session.3 \
+man/man3/SSL_set_session_secret_cb.3 \
 man/man3/SSL_set_shutdown.3 \
 man/man3/SSL_set_verify_result.3 \
 man/man3/SSL_shutdown.3 \

doc/man3/SSL_set_session_secret_cb.pod

@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+SSL_set_session_secret_cb, tls_session_secret_cb_fn
+- set the session secret callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
+                                         STACK_OF(SSL_CIPHER) *peer_ciphers,
+                                         const SSL_CIPHER **cipher, void *arg);
+
+ int SSL_set_session_secret_cb(SSL *s,
+                               tls_session_secret_cb_fn session_secret_cb,
+                               void *arg);
+
+=head1 DESCRIPTION
+
+SSL_set_session_secret_cb() sets the session secret callback to be used
+(I<session_secret_cb>), and an optional argument (I<arg>) to be passed to that
+callback when it is called. This is only useful for an implementation of
+EAP-FAST (RFC4851). The presence of the callback also modifies the internal
+OpenSSL TLS state machine to match the modified TLS behaviour as described in
+RFC4851. Therefore this callback should not be used except when implementing
+EAP-FAST.
+
+The callback is expected to set the master secret to be used by filling in the
+data pointed to by I<*secret>. The size of the secret buffer is initially
+available in I<*secret_len> and may be updated by the callback (but must not be
+larger than the initial value).
+
+On the server side the set of ciphersuites offered by the peer is provided in
+the I<peer_ciphers> stack. Optionally the callback may select the preferred
+ciphersuite by setting it in I<*cipher>.
+
+On the client side the I<peer_ciphers> stack will always be NULL. The callback
+may specify the preferred cipher in I<*cipher> and this will be associated with
+the B<SSL_SESSION> - but it does not affect the ciphersuite selected by the
+server.
+
+The callback is also supplied with an additional argument in I<arg> which is the
+argument that was provided to the original SSL_set_session_secret_cb() call.
+
+=head1 RETURN VALUES
+
+SSL_set_session_secret_cb() returns 1 on success and 0 on failure.
+
+If the callback returns 1 then this indicates it has successfully set the
+secret. A return value of 0 indicates that the secret has not been set. On the
+client this will cause an immediate abort of the handshake.
+
+=head1 SEE ALSO
+
+L<ssl(7)>,
+L<SSL_get_session(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut

include/crypto/asn1.h

@@ -147,7 +147,6 @@ EVP_PKEY *ossl_d2i_PrivateKey_legacy(int keytype, EVP_PKEY **a,
                                      OSSL_LIB_CTX *libctx, const char *propq);
 X509_ALGOR *ossl_X509_ALGOR_from_nid(int nid, int ptype, void *pval);
 
-time_t ossl_asn1_string_to_time_t(const char *asn1_string);
 void ossl_asn1_string_set_bits_left(ASN1_STRING *str, unsigned int num);
 
 #endif /* ndef OSSL_CRYPTO_ASN1_H */

ssl/ssl_sess.c

@@ -907,8 +907,9 @@ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
       return 0;
     }
     s->session_id_length = sid_len;
-    if (sid != s->session_id)
+    if (sid != s->session_id && sid_len > 0)
         memcpy(s->session_id, sid, sid_len);
+
     return 1;
 }
 

ssl/statem/statem_srvr.c

@@ -1959,6 +1959,11 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s)
         }
     }
 
+    if (!s->hit && !tls1_set_server_sigalgs(s)) {
+        /* SSLfatal() already called */
+        goto err;
+    }
+
     if (!s->hit
             && s->version >= TLS1_VERSION
             && !SSL_CONNECTION_IS_TLS13(s)
@@ -2110,10 +2115,6 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s)
 #else
         s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
 #endif
-        if (!tls1_set_server_sigalgs(s)) {
-            /* SSLfatal() already called */
-            goto err;
-        }
     }
 
     sk_SSL_CIPHER_free(ciphers);

test/asn1_time_test.c

@@ -434,10 +434,10 @@ static int convert_asn1_to_time_t(int idx)
 {
     time_t testdateutc;
 
-    testdateutc = ossl_asn1_string_to_time_t(asn1_to_utc[idx].input);
+    testdateutc = test_asn1_string_to_time_t(asn1_to_utc[idx].input);
 
     if (!TEST_time_t_eq(testdateutc, asn1_to_utc[idx].expected)) {
-        TEST_info("ossl_asn1_string_to_time_t (%s) failed: expected %lli, got %lli\n",
+        TEST_info("test_asn1_string_to_time_t (%s) failed: expected %lli, got %lli\n",
                   asn1_to_utc[idx].input,
                   (long long int)asn1_to_utc[idx].expected,
                   (long long int)testdateutc);

test/build.info

@@ -26,7 +26,7 @@ IF[{- !$disabled{tests} -}]
           testutil/format_output.c testutil/load.c testutil/fake_random.c \
           testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
           testutil/options.c testutil/test_options.c testutil/provider.c \
-          testutil/apps_shims.c testutil/random.c $LIBAPPSSRC
+          testutil/apps_shims.c testutil/random.c testutil/helper.c $LIBAPPSSRC
   INCLUDE[libtestutil.a]=../include ../apps/include ..
   DEPEND[libtestutil.a]=../libcrypto
 

test/ca_internals_test.c

@@ -47,7 +47,7 @@ static int test_do_updatedb(void)
     }
 
     testdate = test_get_argument(2);
-    testdateutc = ossl_asn1_string_to_time_t(testdate);
+    testdateutc = test_asn1_string_to_time_t(testdate);
     if (TEST_time_t_lt(testdateutc, 0)) {
         return 0;
     }

test/evp_test.c

@@ -75,6 +75,7 @@ typedef enum OPTION_choice {
     OPT_IN_PLACE,
     OPT_PROVIDER_NAME,
     OPT_PROV_PROPQUERY,
+    OPT_DATA_CHUNK,
     OPT_TEST_ENUM
 } OPTION_CHOICE;
 
@@ -88,6 +89,8 @@ static KEY_LIST *public_keys;
 
 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
+static int parse_bin_chunk(const char *value, size_t offset, size_t max,
+                           unsigned char **buf, size_t *buflen, size_t *out_offset);
 static int is_digest_disabled(const char *name);
 static int is_pkey_disabled(const char *name);
 static int is_mac_disabled(const char *name);
@@ -118,6 +121,7 @@ static int memory_err_compare(EVP_TEST *t, const char *err,
 /* Option specific for evp test */
 static int process_mode_in_place;
 static const char *propquery = NULL;
+static int data_chunk_size;
 
 static int evp_test_process_mode(char *mode)
 {
@@ -148,23 +152,42 @@ static void evp_test_buffer_free(EVP_TEST_BUFFER *db)
 }
 
 /* append buffer to a list */
-static int evp_test_buffer_append(const char *value,
+static int evp_test_buffer_append(const char *value, size_t max_len,
                                   STACK_OF(EVP_TEST_BUFFER) **sk)
 {
     EVP_TEST_BUFFER *db = NULL;
-
-    if (!TEST_ptr(db = OPENSSL_malloc(sizeof(*db))))
-        goto err;
-
-    if (!parse_bin(value, &db->buf, &db->buflen))
-        goto err;
-    db->count = 1;
-    db->count_set = 0;
+    int rv = 0;
+    size_t offset = 0;
 
     if (*sk == NULL && !TEST_ptr(*sk = sk_EVP_TEST_BUFFER_new_null()))
         goto err;
-    if (!sk_EVP_TEST_BUFFER_push(*sk, db))
-        goto err;
+
+    do {
+        if (!TEST_ptr(db = OPENSSL_zalloc(sizeof(*db))))
+            goto err;
+        if (max_len == 0) {
+            /* parse all in one shot */
+            if ((rv = parse_bin(value, &db->buf, &db->buflen)) != 1)
+                goto err;
+        } else {
+            /* parse in chunks */
+            size_t new_offset = 0;
+
+            if ((rv = parse_bin_chunk(value, offset, max_len, &db->buf,
+                                      &db->buflen, &new_offset)) == -1)
+                goto err;
+            offset = new_offset;
+        }
+
+        db->count = 1;
+        db->count_set = 0;
+
+        if (db->buf == NULL)
+            evp_test_buffer_free(db);
+        else if (db->buf != NULL && !sk_EVP_TEST_BUFFER_push(*sk, db))
+            goto err;
+        /* if processing by chunks, continue until the whole value is parsed */
+    } while (rv == 1 && max_len != 0);
 
     return 1;
 
@@ -338,6 +361,66 @@ static int parse_bin(const char *value, unsigned char **buf, size_t *buflen)
     return 1;
 }
 
+/*
+ * Convert at maximum "max" bytes to a binary allocated buffer.
+ * Return 1 on success, -1 on failure or 0 for end of value string.
+ */
+static int parse_bin_chunk(const char *value, size_t offset, size_t max,
+                           unsigned char **buf, size_t *buflen, size_t *out_offset)
+{
+    size_t vlen;
+    size_t chunk_len;
+    const char *value_str = value[0] == '"' ? value + offset + 1 : value + offset;
+
+    if (max < 1)
+        return -1;
+
+    if (*value == '\0' || strcmp(value, "\"\"") == 0) {
+        *buf = OPENSSL_malloc(1);
+        if (*buf == NULL)
+            return 0;
+        **buf = 0;
+        *buflen = 0;
+        return 0;
+    }
+
+    if (*value_str == '\0')
+        return 0;
+
+    vlen = strlen(value_str);
+    if (value[0] == '"') {
+        /* Parse string literal */
+        if (vlen == 1 && value_str[0] != '"')
+            /* Missing ending quotation mark */
+            return -1;
+        if (vlen == 1 && value_str[0] == '"')
+            /* End of value */
+            return 0;
+        vlen--;
+        chunk_len = max > vlen ? vlen : max;
+        if ((*buf = unescape(value_str, chunk_len, buflen)) == NULL)
+            return -1;
+    } else {
+        /* Parse hex string chunk */
+        long len;
+        char *chunk = NULL;
+
+        chunk_len = 2 * max > vlen ? vlen : 2 * max;
+        chunk = OPENSSL_strndup(value_str, chunk_len);
+        if (chunk == NULL)
+            return -1;
+        if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(chunk, &len))) {
+            OPENSSL_free(chunk);
+            TEST_info("Can't convert chunk %s", chunk);
+            TEST_openssl_errors();
+            return -1;
+        }
+        *buflen = len;
+    }
+    *out_offset = value[0] == '"' ? offset + (*buflen) : offset + 2 * (*buflen);
+    return 1;
+}
+
 /**
  **  MESSAGE DIGEST TESTS
  **/
@@ -401,7 +484,7 @@ static int digest_test_parse(EVP_TEST *t,
     DIGEST_DATA *mdata = t->data;
 
     if (strcmp(keyword, "Input") == 0)
-        return evp_test_buffer_append(value, &mdata->input);
+        return evp_test_buffer_append(value, data_chunk_size, &mdata->input);
     if (strcmp(keyword, "Output") == 0)
         return parse_bin(value, &mdata->output, &mdata->output_len);
     if (strcmp(keyword, "Count") == 0)
@@ -599,6 +682,24 @@ typedef struct cipher_data_st {
     const char *xts_standard;
 } CIPHER_DATA;
 
+
+/*
+ * XTS, SIV, CCM, stitched ciphers and Wrap modes have special
+ * requirements about input lengths so we don't fragment for those
+ */
+static int cipher_test_valid_fragmentation(CIPHER_DATA *cdat)
+{
+    return (cdat->aead == EVP_CIPH_CCM_MODE
+            || cdat->aead == EVP_CIPH_CBC_MODE
+            || (cdat->aead == -1
+                && EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_STREAM_CIPHER)
+            || ((EVP_CIPHER_get_flags(cdat->cipher) & EVP_CIPH_FLAG_CTS) != 0)
+            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_SIV_MODE
+            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_GCM_SIV_MODE
+            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
+            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) ? 0 : 1;
+}
+
 static int cipher_test_init(EVP_TEST *t, const char *alg)
 {
     const EVP_CIPHER *cipher;
@@ -639,6 +740,13 @@ static int cipher_test_init(EVP_TEST *t, const char *alg)
     else
         cdat->aead = 0;
 
+    if (data_chunk_size != 0 && !cipher_test_valid_fragmentation(cdat)) {
+        ERR_pop_to_mark();
+        t->skip = 1;
+        TEST_info("skipping, '%s' does not support fragmentation", alg);
+        return 1;
+    }
+
     t->data = cdat;
     if (fetched_cipher != NULL)
         TEST_info("%s is fetched", alg);
@@ -946,15 +1054,26 @@ static int cipher_test_enc(EVP_TEST *t, int enc, size_t out_misalign,
     if (expected->aad[0] != NULL && !expected->tls_aad) {
         t->err = "AAD_SET_ERROR";
         if (!frag) {
+            /* Supply the data all in one go or according to data_chunk_size */
             for (i = 0; expected->aad[i] != NULL; i++) {
-                if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad[i],
-                                      expected->aad_len[i]))
-                    goto err;
+                size_t aad_len = expected->aad_len[i];
+                donelen = 0;
+
+                do {
+                    size_t current_aad_len = (size_t) data_chunk_size;
+
+                    if (data_chunk_size == 0 || (size_t) data_chunk_size > aad_len)
+                        current_aad_len = aad_len;
+                    if (!EVP_CipherUpdate(ctx, NULL, &chunklen,
+                                          expected->aad[i] + donelen,
+                                          current_aad_len))
+                        goto err;
+                    donelen += current_aad_len;
+                    aad_len -= current_aad_len;
+                } while (aad_len > 0);
             }
         } else {
-            /*
-             * Supply the AAD in chunks less than the block size where possible
-             */
+            /* Supply the AAD in chunks less than the block size where possible */
             for (i = 0; expected->aad[i] != NULL; i++) {
                 if (expected->aad_len[i] > 0) {
                     if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad[i], 1))
@@ -1018,9 +1137,19 @@ static int cipher_test_enc(EVP_TEST *t, int enc, size_t out_misalign,
     t->err = "CIPHERUPDATE_ERROR";
     tmplen = 0;
     if (!frag) {
-        /* We supply the data all in one go */
-        if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
-            goto err;
+        do {
+            /* Supply the data all in one go or according to data_chunk_size */
+            size_t current_in_len = (size_t) data_chunk_size;
+
+            if (data_chunk_size == 0 || (size_t) data_chunk_size > in_len)
+                current_in_len = in_len;
+            if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
+                                  in, current_in_len))
+                goto err;
+            tmplen += chunklen;
+            in += current_in_len;
+            in_len -= current_in_len;
+        } while (in_len > 0);
     } else {
         /* Supply the data in chunks less than the block size where possible */
         if (in_len > 0) {
@@ -1103,23 +1232,6 @@ static int cipher_test_enc(EVP_TEST *t, int enc, size_t out_misalign,
     return ok;
 }
 
-/*
- * XTS, SIV, CCM, stitched ciphers and Wrap modes have special
- * requirements about input lengths so we don't fragment for those
- */
-static int cipher_test_valid_fragmentation(CIPHER_DATA *cdat)
-{
-    return (cdat->aead == EVP_CIPH_CCM_MODE
-            || cdat->aead == EVP_CIPH_CBC_MODE
-            || (cdat->aead == -1
-                && EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_STREAM_CIPHER)
-            || ((EVP_CIPHER_get_flags(cdat->cipher) & EVP_CIPH_FLAG_CTS) != 0)
-            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_SIV_MODE
-            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_GCM_SIV_MODE
-            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
-            || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) ? 0 : 1;
-}
-
 static int cipher_test_run(EVP_TEST *t)
 {
     CIPHER_DATA *cdat = t->data;
@@ -1153,6 +1265,8 @@ static int cipher_test_run(EVP_TEST *t)
             break;
 
         for (frag = 0; frag <= fragmax; frag++) {
+            if (frag == 1 && data_chunk_size != 0)
+                break;
             for (out_misalign = 0; out_misalign <= 1; out_misalign++) {
                 for (inp_misalign = 0; inp_misalign <= 1; inp_misalign++) {
                     /* Skip input misalign tests for in-place processing */
@@ -1410,6 +1524,7 @@ static int mac_test_run_pkey(EVP_TEST *t)
     unsigned char *got = NULL;
     size_t got_len;
     int i;
+    size_t input_len, donelen;
 
     /* We don't do XOF mode via PKEY */
     if (expected->xof)
@@ -1479,10 +1594,21 @@ static int mac_test_run_pkey(EVP_TEST *t)
             t->err = "EVPPKEYCTXCTRL_ERROR";
             goto err;
         }
-    if (!EVP_DigestSignUpdate(mctx, expected->input, expected->input_len)) {
-        t->err = "DIGESTSIGNUPDATE_ERROR";
-        goto err;
-    }
+    input_len = expected->input_len;
+    donelen = 0;
+    do {
+        size_t current_len = (size_t) data_chunk_size;
+
+        if (data_chunk_size == 0 || (size_t) data_chunk_size > input_len)
+            current_len = input_len;
+        if (!EVP_DigestSignUpdate(mctx, expected->input + donelen, current_len)) {
+            t->err = "DIGESTSIGNUPDATE_ERROR";
+            goto err;
+        }
+        donelen += current_len;
+        input_len -= current_len;
+    } while (input_len > 0);
+
     if (!EVP_DigestSignFinal(mctx, NULL, &got_len)) {
         t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
         goto err;
@@ -1523,6 +1649,7 @@ static int mac_test_run_mac(EVP_TEST *t)
         EVP_MAC_settable_ctx_params(expected->mac);
     int xof;
     int reinit = 1;
+    size_t input_len, donelen ;
 
     if (expected->alg == NULL)
         TEST_info("Trying the EVP_MAC %s test", expected->mac_name);
@@ -1669,10 +1796,21 @@ static int mac_test_run_mac(EVP_TEST *t)
         }
     }
  retry:
-    if (!EVP_MAC_update(ctx, expected->input, expected->input_len)) {
-        t->err = "MAC_UPDATE_ERROR";
-        goto err;
-    }
+    input_len = expected->input_len;
+    donelen = 0;
+    do {
+        size_t current_len = (size_t) data_chunk_size;
+
+        if (data_chunk_size == 0 || (size_t) data_chunk_size > input_len)
+            current_len = input_len;
+        if (!EVP_MAC_update(ctx, expected->input + donelen, current_len)) {
+            t->err = "MAC_UPDATE_ERROR";
+            goto err;
+        }
+        donelen += current_len;
+        input_len -= current_len;
+    } while (input_len > 0);
+
     xof = expected->xof;
     if (xof) {
         if (!TEST_ptr(got = OPENSSL_malloc(expected->output_len))) {
@@ -2438,6 +2576,7 @@ static int encode_test_run(EVP_TEST *t)
     unsigned char *encode_out = NULL, *decode_out = NULL;
     int output_len, chunk_len;
     EVP_ENCODE_CTX *decode_ctx = NULL, *encode_ctx = NULL;
+    size_t input_len, donelen;
 
     if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
         t->err = "INTERNAL_ERROR";
@@ -2452,13 +2591,25 @@ static int encode_test_run(EVP_TEST *t)
             goto err;
 
         EVP_EncodeInit(encode_ctx);
-        if (!TEST_true(EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
-                                        expected->input, expected->input_len)))
-            goto err;
 
-        output_len = chunk_len;
+        input_len = expected->input_len;
+        donelen = 0;
+        output_len = 0;
+        do {
+            size_t current_len = (size_t) data_chunk_size;
 
-        EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
+            if (data_chunk_size == 0 || (size_t) data_chunk_size > input_len)
+                current_len = input_len;
+            if (!TEST_true(EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
+                                            expected->input + donelen,
+                                            current_len)))
+                goto err;
+            donelen += current_len;
+            input_len -= current_len;
+            output_len += chunk_len;
+        } while (input_len > 0);
+
+        EVP_EncodeFinal(encode_ctx, encode_out + output_len, &chunk_len);
         output_len += chunk_len;
 
         if (!memory_err_compare(t, "BAD_ENCODING",
@@ -2471,15 +2622,27 @@ static int encode_test_run(EVP_TEST *t)
                 OPENSSL_malloc(EVP_DECODE_LENGTH(expected->output_len))))
         goto err;
 
+    output_len = 0;
     EVP_DecodeInit(decode_ctx);
-    if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, expected->output,
-                         expected->output_len) < 0) {
-        t->err = "DECODE_ERROR";
-        goto err;
-    }
-    output_len = chunk_len;
 
-    if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
+    input_len = expected->output_len;
+    donelen = 0;
+    do {
+        size_t current_len = (size_t) data_chunk_size;
+
+        if (data_chunk_size == 0 || (size_t) data_chunk_size > input_len)
+            current_len = input_len;
+        if (EVP_DecodeUpdate(decode_ctx, decode_out + output_len, &chunk_len,
+                                expected->output + donelen, current_len) < 0) {
+            t->err = "DECODE_ERROR";
+            goto err;
+        }
+        donelen += current_len;
+        input_len -= current_len;
+        output_len += chunk_len;
+    } while (input_len > 0);
+
+    if (EVP_DecodeFinal(decode_ctx, decode_out + output_len, &chunk_len) != 1) {
         t->err = "DECODE_ERROR";
         goto err;
     }
@@ -3449,12 +3612,12 @@ static int digestsigver_test_parse(EVP_TEST *t,
     if (strcmp(keyword, "Input") == 0) {
         if (mdata->is_oneshot)
             return parse_bin(value, &mdata->osin, &mdata->osin_len);
-        return evp_test_buffer_append(value, &mdata->input);
+        return evp_test_buffer_append(value, data_chunk_size, &mdata->input);
     }
     if (strcmp(keyword, "Output") == 0)
         return parse_bin(value, &mdata->output, &mdata->output_len);
 
-    if (!mdata->is_oneshot) {
+    if (!mdata->is_oneshot && data_chunk_size == 0) {
         if (strcmp(keyword, "Count") == 0)
             return evp_test_buffer_set_count(value, mdata->input);
         if (strcmp(keyword, "Ncopy") == 0)
@@ -4161,6 +4324,7 @@ const OPTIONS *test_get_options(void)
           "The provider to load (when no configuration file, the default value is 'default')" },
         { "propquery", OPT_PROV_PROPQUERY, 's',
           "Property query used when fetching algorithms" },
+        { "chunk", OPT_DATA_CHUNK, 'N', "Size of data chunks to be processed, 0 for default size"},
         { OPT_HELP_STR, 1, '-', "file\tFile to run tests on.\n" },
         { NULL }
     };
@@ -4182,6 +4346,8 @@ int setup_tests(void)
             break;
         case OPT_IN_PLACE:
             if ((process_mode_in_place = evp_test_process_mode(opt_arg())) == -1)
+        case OPT_DATA_CHUNK:
+            if (!opt_int(opt_arg(), &data_chunk_size))
                 return 0;
             break;
         case OPT_PROVIDER_NAME:

test/recipes/80-test_cms.t

@@ -394,6 +394,13 @@ my @smime_cms_tests = (
         "-out", "{output}.txt" ],
       \&final_compare
     ],
+
+    [ "encrypted content test streaming PEM format -noout, 128 bit AES key",
+      [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
+	"-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
+	"-stream", "-noout" ],
+      [ "{cmd2}", @prov, "-help" ]
+    ],
 );
 
 my @smime_cms_cades_tests = (

test/sslapitest.c

@@ -10121,6 +10121,94 @@ static int test_ssl_dup(void)
     return testresult;
 }
 
+static int secret_cb(SSL *s, void *secretin, int *secret_len,
+                     STACK_OF(SSL_CIPHER) *peer_ciphers,
+                     const SSL_CIPHER **cipher, void *arg)
+{
+    int i;
+    unsigned char *secret = secretin;
+
+    /* Just use a fixed master secret */
+    for (i = 0; i < *secret_len; i++)
+        secret[i] = 0xff;
+
+    /* We don't set a preferred cipher */
+
+    return 1;
+}
+
+/*
+ * Test the session_secret_cb which is designed for use with EAP-FAST
+ */
+static int test_session_secret_cb(void)
+{
+    SSL_CTX *cctx = NULL, *sctx = NULL;
+    SSL *clientssl = NULL, *serverssl = NULL;
+    SSL_SESSION *secret_sess = NULL;
+    int testresult = 0;
+
+    if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+                                       TLS_client_method(),
+                                       0,
+                                       0,
+                                       &sctx, &cctx, cert, privkey)))
+        goto end;
+
+    /* Create an initial connection and save the session */
+    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+                                      NULL, NULL)))
+        goto end;
+
+    /* session_secret_cb does not support TLSv1.3 */
+    if (!TEST_true(SSL_set_min_proto_version(clientssl, TLS1_2_VERSION))
+            || !TEST_true(SSL_set_max_proto_version(serverssl, TLS1_2_VERSION)))
+        goto end;
+
+    if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
+        goto end;
+
+    if (!TEST_ptr(secret_sess = SSL_get1_session(clientssl)))
+        goto end;
+
+    shutdown_ssl_connection(serverssl, clientssl);
+    serverssl = clientssl = NULL;
+
+    /* Resume the earlier session */
+    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+                                      NULL, NULL)))
+        goto end;
+
+    /*
+     * No session ids for EAP-FAST - otherwise the state machine gets very
+     * confused.
+     */
+    if (!TEST_true(SSL_SESSION_set1_id(secret_sess, NULL, 0)))
+        goto end;
+
+    if (!TEST_true(SSL_set_min_proto_version(clientssl, TLS1_2_VERSION))
+            || !TEST_true(SSL_set_max_proto_version(serverssl, TLS1_2_VERSION))
+            || !TEST_true(SSL_set_session_secret_cb(serverssl, secret_cb,
+                                                    NULL))
+            || !TEST_true(SSL_set_session_secret_cb(clientssl, secret_cb,
+                                                    NULL))
+            || !TEST_true(SSL_set_session(clientssl, secret_sess)))
+        goto end;
+
+    if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
+        goto end;
+
+    testresult = 1;
+
+ end:
+    SSL_SESSION_free(secret_sess);
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+
+    return testresult;
+}
+
 # ifndef OPENSSL_NO_DH
 
 static EVP_PKEY *tmp_dh_params = NULL;
@@ -12144,6 +12232,7 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_TLS1_2
     ADD_TEST(test_ssl_dup);
+    ADD_TEST(test_session_secret_cb);
 # ifndef OPENSSL_NO_DH
     ADD_ALL_TESTS(test_set_tmp_dh, 11);
     ADD_ALL_TESTS(test_dh_auto, 7);

test/testutil.h

@@ -648,5 +648,5 @@ X509 *load_cert_pem(const char *file, OSSL_LIB_CTX *libctx);
 X509 *load_cert_der(const unsigned char *bytes, int len);
 STACK_OF(X509) *load_certs_pem(const char *file);
 X509_REQ *load_csr_der(const char *file, OSSL_LIB_CTX *libctx);
-
+time_t test_asn1_string_to_time_t(const char *asn1_string);
 #endif                          /* OSSL_TESTUTIL_H */

test/testutil/helper.c

@@ -0,0 +1,90 @@
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <openssl/asn1t.h>
+#include "../testutil.h"
+
+/*
+ * tweak for Windows
+ */
+#ifdef WIN32
+# define timezone _timezone
+#endif
+
+#if defined(__FreeBSD__) || defined(__wasi__)
+# define USE_TIMEGM
+#endif
+
+time_t test_asn1_string_to_time_t(const char *asn1_string)
+{
+    ASN1_TIME *timestamp_asn1 = NULL;
+    struct tm *timestamp_tm = NULL;
+#if defined(__DJGPP__)
+    char *tz = NULL;
+#elif !defined(USE_TIMEGM)
+    time_t timestamp_local;
+#endif
+    time_t timestamp_utc;
+
+    timestamp_asn1 = ASN1_TIME_new();
+    if(timestamp_asn1 == NULL)
+        return -1;
+    if (!ASN1_TIME_set_string(timestamp_asn1, asn1_string))
+    {
+        ASN1_TIME_free(timestamp_asn1);
+        return -1;
+    }
+
+    timestamp_tm = OPENSSL_malloc(sizeof(*timestamp_tm));
+    if (timestamp_tm == NULL) {
+        ASN1_TIME_free(timestamp_asn1);
+        return -1;
+    }
+    if (!(ASN1_TIME_to_tm(timestamp_asn1, timestamp_tm))) {
+        OPENSSL_free(timestamp_tm);
+        ASN1_TIME_free(timestamp_asn1);
+        return -1;
+    }
+    ASN1_TIME_free(timestamp_asn1);
+
+#if defined(__DJGPP__)
+    /*
+     * This is NOT thread-safe.  Do not use this method for platforms other
+     * than djgpp.
+     */
+    tz = getenv("TZ");
+    if (tz != NULL) {
+        tz = OPENSSL_strdup(tz);
+        if (tz == NULL) {
+            OPENSSL_free(timestamp_tm);
+            return -1;
+        }
+    }
+    setenv("TZ", "UTC", 1);
+
+    timestamp_utc = mktime(timestamp_tm);
+
+    if (tz != NULL) {
+        setenv("TZ", tz, 1);
+        OPENSSL_free(tz);
+    } else {
+        unsetenv("TZ");
+    }
+#elif defined(USE_TIMEGM)
+    timestamp_utc = timegm(timestamp_tm);
+#else
+    timestamp_local = mktime(timestamp_tm);
+    timestamp_utc = timestamp_local - timezone;
+#endif
+    OPENSSL_free(timestamp_tm);
+
+    return timestamp_utc;
+}

test/threadstest.c

@@ -90,6 +90,9 @@ static int test_lock(void)
     CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
     int res;
 
+    if (!TEST_ptr(lock))
+        return 0;
+
     res = TEST_true(CRYPTO_THREAD_read_lock(lock))
           && TEST_true(CRYPTO_THREAD_unlock(lock))
           && TEST_true(CRYPTO_THREAD_write_lock(lock))
@@ -225,6 +228,9 @@ static int _torture_rw(void)
 
     rwtorturelock = CRYPTO_THREAD_lock_new();
     atomiclock = CRYPTO_THREAD_lock_new();
+    if (!TEST_ptr(rwtorturelock) || !TEST_ptr(atomiclock))
+        goto out;
+
     rwwriter1_iterations = 0;
     rwwriter2_iterations = 0;
     rwreader1_iterations = 0;
@@ -413,6 +419,9 @@ static int _torture_rcu(void)
     int rc = 0;
 
     atomiclock = CRYPTO_THREAD_lock_new();
+    if (!TEST_ptr(atomiclock))
+        goto out;
+
     memset(&writer1, 0, sizeof(thread_t));
     memset(&writer2, 0, sizeof(thread_t));
     memset(&reader1, 0, sizeof(thread_t));
@@ -427,6 +436,8 @@ static int _torture_rcu(void)
     rcu_torture_result = 1;
 
     rcu_lock = ossl_rcu_lock_new(1, NULL);
+    if (!rcu_lock)
+        goto out;
 
     TEST_info("Staring rcu torture");
     t1 = ossl_time_now();

util/missingssl.txt

@@ -25,7 +25,6 @@ SSL_get_peer_finished(3)
 SSL_set_SSL_CTX(3)
 SSL_set_debug(3)
 SSL_set_not_resumable_session_callback(3)
-SSL_set_session_secret_cb(3)
 SSL_set_session_ticket_ext(3)
 SSL_set_session_ticket_ext_cb(3)
 SSL_srp_server_param_with_username(3)

util/other.syms

@@ -145,6 +145,7 @@ custom_ext_free_cb                      datatype
 custom_ext_parse_cb                     datatype
 pem_password_cb                         datatype
 ssl_ct_validation_cb                    datatype
+tls_session_secret_cb_fn                datatype
 ASYNC_stack_alloc_fn                    datatype
 ASYNC_stack_free_fn                     datatype
 PKCS12_create_cb                        datatype