6262ff7 | Matt Caswell | 07 September 2023, 09:00:22 UTC | Prepare for release of 3.2 alpha 1 Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes | 07 September 2023, 09:00:22 UTC |
e97c6c3 | Matt Caswell | 07 September 2023, 09:00:21 UTC | make update Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes | 07 September 2023, 09:00:21 UTC |
da1c088 | Matt Caswell | 07 September 2023, 08:59:15 UTC | Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes | 07 September 2023, 08:59:15 UTC |
025535e | Hugo Landau | 04 September 2023, 16:53:13 UTC | QUIC MULTISTREAM TEST: Add comment Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21827) | 06 September 2023, 09:32:14 UTC |
769c9b1 | Hugo Landau | 30 August 2023, 07:01:47 UTC | QUIC MULTISTREAM TEST: Adjust spin behaviour Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21827) | 06 September 2023, 09:32:14 UTC |
425a780 | Hugo Landau | 29 August 2023, 13:33:44 UTC | win32: Support condition variable broadcasting on XP Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21827) | 06 September 2023, 09:32:14 UTC |
99d6b9f | Hugo Landau | 24 August 2023, 14:19:20 UTC | QUIC MULTISTREAM TEST: Synchronize script 20 correctly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21827) | 06 September 2023, 09:32:13 UTC |
5881dd2 | Hugo Landau | 24 August 2023, 09:16:52 UTC | QUIC MULTISTREAM TEST: Run all scripts in both blocking and non-blocking modes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21827) | 06 September 2023, 09:32:13 UTC |
09d73d7 | Pauli | 05 September 2023, 01:49:38 UTC | fips compatibility: update 3.1.1 to 3.1.2 The plan at the moment is to validate 3.1.2 all going well. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21962) | 06 September 2023, 08:15:56 UTC |
c1673a6 | Philip Prindeville | 02 September 2023, 19:18:04 UTC | Per other commands, make progress dots in req only w/ -verbose Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21937) | 05 September 2023, 23:46:05 UTC |
e664ef7 | Dr. David von Oheimb | 29 August 2023, 09:09:05 UTC | CMP: generalize ossl_cmp_calc_protection() to handle Edwards curves correctly Fixes #21564 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21884) | 05 September 2023, 11:25:41 UTC |
72a0688 | Kurt Roeckx | 01 September 2023, 12:03:07 UTC | Update fuzz corpora to latest commit Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21927) | 05 September 2023, 11:24:06 UTC |
e2cf38d | Bernd Edlinger | 04 September 2023, 07:40:28 UTC | Fix internal memory leaks from OPENSSL_MALLOC_FAILURES There is a rarely used feature that can be enabled with `./config enable-crypto-mdebug` when additionally the environment variable OPENSSL_MALLOC_FAILURES is used. It turns out to be possible that CRYPTO_zalloc may create a leak when the memory is allocated and then the shouldfail happens, then the memory is lost. Likewise when OPENSSL_realloc is used with size=0, then the memory is to be free'd but here the shouldfail check is too early, and the failure may prevent the memory to be freed thus creating a bogus memory leak. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21944) | 05 September 2023, 10:52:15 UTC |
a535e5b | Tomas Mraz | 04 September 2023, 07:09:40 UTC | Test that NULL BIGNUM is supported in OSSL_PARAM_BLD_push_BN() Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21945) | 05 September 2023, 10:50:39 UTC |
2ce79d9 | Tomas Mraz | 04 September 2023, 06:59:53 UTC | OSSL_PARAM_BLD_push_BN_pad(): Allow NULL BIGNUM This was supported previously and regressed with commit 17898ec6011cc583c5af69ca8f25f5d165ff3e6a Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21945) | 05 September 2023, 10:50:39 UTC |
374945a | Dr. David von Oheimb | 04 August 2023, 17:02:28 UTC | apps/cmp.c: fix bug not allowing to reset -csr and -serial option values Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21659) | 05 September 2023, 10:47:59 UTC |
49e0973 | Dr. David von Oheimb | 04 August 2023, 06:23:58 UTC | apps.c: improve warning texts of parse_name() when skipping RDN input Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21659) | 05 September 2023, 10:47:59 UTC |
81d037b | Dr. David von Oheimb | 03 August 2023, 14:52:49 UTC | apps.c: fix error messages (newline and needless text) in load_key_certs_crls() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21659) | 05 September 2023, 10:47:59 UTC |
17a0e93 | Hugo Landau | 31 August 2023, 17:54:16 UTC | MUTEX: Assert on locking failure Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21919) | 05 September 2023, 10:45:44 UTC |
d4231af | dependabot[bot] | 05 September 2023, 07:56:28 UTC | Bump actions/checkout from 2 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21953) | 05 September 2023, 08:02:04 UTC |
e0f4976 | Richard Levitte | 04 September 2023, 20:09:27 UTC | VMS: More header inclusion compensation for VMS C compiler Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/21959) | 05 September 2023, 07:49:19 UTC |
852438a | Kai Pastor | 03 September 2023, 08:59:22 UTC | Use armv8 .quad instead of .dword Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21939) | 05 September 2023, 07:46:16 UTC |
75ac8f0 | Tomas Mraz | 04 September 2023, 19:39:30 UTC | 04-test_encoder_decoder.t: Use algorithm that is non-fips also on 3.0.0 The test encrypted RSA key with DES3 which is still allowed in the 3.0 fips provider. Instead use the traditional key format that uses MD5 to create the password based key. MD5 is disallowed in the 3.0 fips provider. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/21957) | 05 September 2023, 07:35:18 UTC |
b12c07c | Tomas Mraz | 04 September 2023, 19:50:18 UTC | quicserver.c: Fix build with no-ssl-trace Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21958) | 04 September 2023, 23:42:08 UTC |
09a4b4b | Richard Levitte | 04 September 2023, 15:54:22 UTC | internal/numbers.h: Add fallback implementation for UINT32_C and UINT64_C Other similar macros can be implemented later. Right now, this are the most likely to be actually useful Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21951) | 04 September 2023, 16:27:21 UTC |
cfbdc5d | Richard Levitte | 04 September 2023, 14:24:05 UTC | Include #include "internal/numbers.h" in ssl/quic/quic_cfq.c It's needed for platforms that don't define UINT64_MAX and similar macros Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21951) | 04 September 2023, 16:27:21 UTC |
3ae4686 | Richard Levitte | 04 September 2023, 14:23:05 UTC | VMS: Add a fallback definition of socklen_t It is not present in current VMS C headers... Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21951) | 04 September 2023, 16:27:21 UTC |
d94bee8 | Richard Levitte | 04 September 2023, 14:22:10 UTC | VMS: More header inclusion compensation for VMS C compiler Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21951) | 04 September 2023, 16:27:21 UTC |
e399458 | slontis | 31 August 2023, 07:51:46 UTC | Added 'saltlen' option to the OpenSSL enc command line app. This allows PBKDF2 to change the saltlen to something other than the new default value of 16. Previously this app hardwired the salt length to a maximum of 8 bytes. Non PBKDF2 mode uses EVP_BytesToKey() internally, which is documented to only allow 8 bytes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21858) | 04 September 2023, 04:15:34 UTC |
9f679bd | slontis | 31 August 2023, 07:49:55 UTC | Added a 'saltlen' option to the openssl pkcs8 command line app. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21858) | 04 September 2023, 04:15:34 UTC |
3859a02 | slontis | 28 August 2023, 02:47:51 UTC | Change PBES2 KDF default salt length to 16 bytes. The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2 requires a salt length of 128 bits. This affects OpenSSL command line applications such as "genrsa" and "pkcs8" and API's such as PEM_write_bio_PrivateKey() that are reliant on the default salt length. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21858) | 04 September 2023, 04:15:34 UTC |
61cfc22 | Neil Horman | 28 August 2023, 16:07:16 UTC | Implement dupctx for chacha20 cipher Implement the dupctx method for the chacha20 cipher, so that EVP_PKEY_CTX_copy works Its pretty straightforward, its basically just a memdup. Checking the pointers that might need fixing up: in PROV_CHACHA20_CTX all members are statically declared, so memduping should be fine in PROV_CHACHA20_CTX->base (PROV_CIPHER_CTX): Non statically declared members: *tlsmac needs to get memduped to avoid double free conditions, but only if base.alloced is set *hw pointer is always assigned to the chacha20_hw global variable, so can be left alone *libctx can be left alone as provctx is always NULL in chacha20_newctx *ks appears unused by chacha20, so can be ignored Fixes #20978 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21878) | 04 September 2023, 00:15:58 UTC |
12d08fe | Tom Cosgrove | 01 September 2023, 07:41:11 UTC | Move ALIGN32 and ALIGN64 into common.h, and fix for clang-cl.exe clang-cl.exe defines __clang__ and _MSC_VER but not __GNUC__, so a clang- specific guard is needed to get the correct ALIGNxx versions. Fixes #21914 Change-Id: Icdc047b182ad1ba61c7b1b06a1e951eda1a0c33d Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21921) | 03 September 2023, 22:44:21 UTC |
5318c01 | Sumitra Sharma | 01 September 2023, 07:10:49 UTC | Replace ssl3_get_message() with tls_get_message_header() and/or tls_get_message_body() Update commit messages that previously used ssl3_get_message() to now use tls_get_message_header() and tls_get_message_body() due to the split in OpenSSL 1.1.0. CLA: trivial Fixes #21582 Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21886) | 02 September 2023, 14:30:01 UTC |
59d87f6 | Sumitra Sharma | 01 September 2023, 10:22:47 UTC | Fix typo in openssl-pkeyutl(1) Changed "than" to "then" for improved clarity and correctness. CLA: trivial Fixes #21543 Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/21925) | 02 September 2023, 14:29:06 UTC |
48724e8 | Matt Caswell | 31 August 2023, 15:18:28 UTC | Add a test for QUIC non IO retry errors Test that errors such as SSL_ERROR_WANT_RETRY_VERIFY are properly handled by QUIC connections. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21922) | 02 September 2023, 14:23:55 UTC |
3a0012c | Matt Caswell | 31 August 2023, 14:31:42 UTC | Handle non IO based retry errors in QUIC SSL_get_error() may respond with some retry errors that are not IO related. In particular SSL_ERROR_WANT_RETRY_VERIFY and SSL_ERROR_WANT_X509_LOOKUP. These can occur during a TLS handshake. If they occur when a QUIC Connection is performing a TLS handshake then we need to propagate these up to the QCSO. We also handle SSL_ERROR_WANT_CLIENT_HELLO_CB. This one will only ever occur on the server side which we don't currently support. However adding the handling for it now is identical to all the other handling so including it is no cost, and will be needed when we do add server support. We are not concerned with SSL_ERROR_WANT_ASYNC or SSL_ERROR_WANT_ASYNC_JOB since we do not support async operation with QUIC. Fixes openssl/project#199 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21922) | 02 September 2023, 14:23:47 UTC |
7b8e27b | Bernd Edlinger | 22 August 2023, 14:07:30 UTC | Avoid clobbering non-volatile XMM registers This affects some Poly1305 assembler functions which are only used for certain CPU types. Remove those functions for Windows targets, as a simple interim solution. Fixes #21522 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21808) | 02 September 2023, 08:23:57 UTC |
9ff8161 | Hugo Landau | 31 August 2023, 10:53:47 UTC | QUIC MULTISTREAM TEST: Test SSL_want for consistency with SSL_get_error Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915) | 01 September 2023, 13:44:47 UTC |
5debf07 | Hugo Landau | 31 August 2023, 10:53:32 UTC | QUIC APL: Implement SSL_want Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915) | 01 September 2023, 13:44:47 UTC |
72ca0b8 | Hugo Landau | 31 August 2023, 10:53:07 UTC | QUIC APL: Revise I/O error setting so that the last error is set on success Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915) | 01 September 2023, 13:44:47 UTC |
56df4cf | Hugo Landau | 31 August 2023, 10:52:38 UTC | QUIC APL: Adjust expect_quic_conn_only Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915) | 01 September 2023, 13:44:46 UTC |
8c792b0 | Hugo Landau | 31 August 2023, 12:28:34 UTC | QUIC RXDP: Reuse allocations between ACK frame processing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917) | 01 September 2023, 13:06:18 UTC |
a31601c | Hugo Landau | 31 August 2023, 12:20:05 UTC | QUIC WIRE: When peeking at number of ACK ranges, ensure enough data is available Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917) | 01 September 2023, 13:06:18 UTC |
d5c3f4b | Hugo Landau | 31 August 2023, 11:47:25 UTC | Comment on internal flag Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
016a80d | Hugo Landau | 30 August 2023, 16:42:04 UTC | Minor fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
7b1ca59 | Hugo Landau | 30 August 2023, 15:48:45 UTC | Fix after rebase Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
e24f784 | Hugo Landau | 30 August 2023, 15:36:11 UTC | QUIC: Note differences in SSL_want Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
ca5b030 | Hugo Landau | 30 August 2023, 15:22:27 UTC | QUIC: Update API overview document Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
728741f | Hugo Landau | 30 August 2023, 15:19:05 UTC | QUIC: Note that SSL_set_shutdown is not supported Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
b139f7a | Hugo Landau | 30 August 2023, 15:18:50 UTC | QUIC APL: Report that we do not support SSL_clear correctly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
0c125b6 | Hugo Landau | 30 August 2023, 15:18:39 UTC | QUIC: Update API table Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:54 UTC |
cf26915 | Hugo Landau | 30 August 2023, 13:00:14 UTC | BIO: Emphasise API contract for BIO_sendmmsg/BIO_recvmmsg Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
2619d10 | Hugo Landau | 30 August 2023, 12:45:40 UTC | BIO: Allow third parties to use integers instead of pointers for poll descriptors Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
d492e34 | Hugo Landau | 30 August 2023, 12:43:35 UTC | QUIC: Make TLS1_FLAGS_QUIC private Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
7d9e447 | Hugo Landau | 30 August 2023, 12:41:39 UTC | QUIC API: Revise SSL_get_conn_close_info to use a flags field Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
cc50b44 | Hugo Landau | 30 August 2023, 12:19:40 UTC | Document OSSL_get_thread_support_flags() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
d2e9e12 | Hugo Landau | 30 August 2023, 12:09:13 UTC | QUIC APL: Allow stream origin to be queried Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905) | 01 September 2023, 13:02:50 UTC |
8d7f034 | Hugo Landau | 30 August 2023, 16:00:16 UTC | Minor fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:36 UTC |
abeb41b | Hugo Landau | 18 August 2023, 11:06:10 UTC | Minor updates Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:36 UTC |
4426c47 | Hugo Landau | 10 August 2023, 18:49:17 UTC | Add manpages Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:36 UTC |
3760747 | Hugo Landau | 10 August 2023, 18:29:27 UTC | Minor fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:36 UTC |
277880e | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: Final report Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
c276217 | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: ddd-02-conn-nonblocking-threads: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
1ed2d79 | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: ddd-02-conn-nonblocking-threads: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
74d588c | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: ddd-06-mem-uv: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
5e73999 | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: ddd-06-mem-uv: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
47eceab | Hugo Landau | 09 August 2023, 16:46:34 UTC | QUIC DDD: ddd-05-mem-nonblocking: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
70dc50c | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-05-mem-nonblocking: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
92db6d6 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-04-fd-nonblocking: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
b3e71db | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-04-fd-nonblocking: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
24e5836 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-03-fd-blocking: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
43f4b8a | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-03-fd-blocking: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
f379207 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-02-conn-nonblocking: Unplanned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
e6ad003 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-02-conn-nonblocking: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
b96e5cc | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-01-conn-blocking: Unplanned changes - QUIC_client_method() renamed due to namespacing - QUIC mandates use of ALPN Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
37f1210 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: ddd-01-conn-blocking: Planned changes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:35 UTC |
be4c344 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: Update makefile Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
e1d0c93 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: Add unchanged copy of ddd-02-conn-nonblocking to serve as base for thread-assisted variant Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
30302c6 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: Allow target host:port to be set from command line Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
b1cb067 | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC DDD: Fix bug in ddd-06-mem-uv Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
62665fc | Hugo Landau | 09 August 2023, 16:46:33 UTC | QUIC APL: Introduce addressed v. non-addressed mode handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
c20b78d | Hugo Landau | 09 August 2023, 16:46:33 UTC | BIO_s_dgram_pair: Correct implementation of BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
1bd35ed | Hugo Landau | 09 August 2023, 16:46:33 UTC | BIO_s_datagram: Wire capability negotiation for BIO_s_datagram Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
000ef78 | Hugo Landau | 09 August 2023, 16:46:33 UTC | BIO: Add BIO_dgram_detect_peer_addr API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
f3295bd | Hugo Landau | 09 August 2023, 16:46:32 UTC | BIO_s_datagram: Support configuring non-blocking mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
533254e | Hugo Landau | 09 August 2023, 16:46:32 UTC | BIO_s_connect: Support configuration of non-blocking mode in datagram mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
617b459 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC CHANNEL: Introduce concept of (non-)addressed mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
51e671e | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC APL: Refactor blocking configuration to allow late blocking support detection Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
be96180 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC CHANNEL: Cleanup poll descriptor management Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
0b8b75e | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC REACTOR: Move can-poll flags into reactor Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
0818c17 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC APL: Autoconfigure BIOs as non-blocking Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:34 UTC |
573f16c | Hugo Landau | 09 August 2023, 16:46:32 UTC | BIO_ssl: Make helper functions configure BIOs for QUIC correctly Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
2e17601 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC APL: Better error reporting Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
549d0a7 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC CHANNEL: Only handle the first protocol error raised Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
7841dba | Hugo Landau | 09 August 2023, 16:46:32 UTC | BIO_s_connect: Add support for datagram mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
ed28cb8 | Hugo Landau | 09 August 2023, 16:46:32 UTC | BIO_s_connect: Make internal functions static Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
881e329 | Hugo Landau | 09 August 2023, 16:46:32 UTC | QUIC TLS: Better error message when ALPN not used Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715) | 01 September 2023, 09:45:33 UTC |
da57c0e | Abhirup Manna | 30 August 2023, 16:53:20 UTC | Removed unnecessary brace in ktls_configure_crypto CLA: trivial Fixes #21498 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21908) | 01 September 2023, 09:41:16 UTC |
399c2da | Kurt Roeckx | 18 December 2022, 19:54:15 UTC | Update X509 fuzzer to verify a chain It add supports for verifying that it's been signed by a CA, and checks the CRL and OCSP status Can find CVE-2022-4203 and CVE-2023-0286 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20243) | 01 September 2023, 09:11:57 UTC |