#
59795962 |
| 08-Mar-2022 |
Matt Caswell |
Some platforms don't have pthread_atfork We've had a report of a linker failure on some platforms (this one was linux ARM) that apparently did not have pthread_atfork. It's strange that
Some platforms don't have pthread_atfork We've had a report of a linker failure on some platforms (this one was linux ARM) that apparently did not have pthread_atfork. It's strange that this has not been reported before but the simplest solution is just to remove this from the library since it isn't really used anyway. Currently it is called to set up the fork handlers OPENSSL_fork_prepare, OPENSSL_fork_parent and OPENSSL_fork_child. However all of those functions are no-ops. This is a remnant from earlier code that got removed. We can safely remove it now. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17842)
show more ...
|
#
6870c1e7 |
| 23-Jun-2021 |
Randall S. Becker |
Defined out MUTEX attributes not available on NonStop SPT Threads. Standard Posix Threads (SPT) Threads are an older separate branch of pthreads that do not support some of the capabilit
Defined out MUTEX attributes not available on NonStop SPT Threads. Standard Posix Threads (SPT) Threads are an older separate branch of pthreads that do not support some of the capabilities in the current Posix User Threads (PUT). The change also includes a rename of the close field of OSSL_STORE_LOADER which was causing preprocessor conflicts. Fixes #15885 Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15886)
show more ...
|
#
0d407456 |
| 17-Jun-2021 |
Randall S. Becker |
Add assert.h to threads_pthread.c for NonStop thread compiles. Fixes: #15809 Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Richard Levitte <levitte
Add assert.h to threads_pthread.c for NonStop thread compiles. Fixes: #15809 Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15812)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
cd3f8c1b |
| 18-Feb-2021 |
Rich Salz |
Always check CRYPTO_LOCK_{read,write}_lock Some functions that lock things are void, so we just return early. Also make ossl_namemap_empty return 0 on error. Updated the docs, and
Always check CRYPTO_LOCK_{read,write}_lock Some functions that lock things are void, so we just return early. Also make ossl_namemap_empty return 0 on error. Updated the docs, and added some code to ossl_namemap_stored() to handle the failure, and updated the tests to allow for failure. Fixes: #14230 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14238)
show more ...
|
#
3d8905f8 |
| 18-Feb-2021 |
Rich Salz |
Fix error-checking compiles for mutex Fixes: #14229 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/open
Fix error-checking compiles for mutex Fixes: #14229 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14264)
show more ...
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
e60147fe |
| 21-Jan-2021 |
Rich Salz |
Don't make pthreads mutexes recursive. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13
Don't make pthreads mutexes recursive. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13924)
show more ...
|
Revision tags: openssl-3.0.0-alpha10 |
|
#
d5e742de |
| 22-Dec-2020 |
Matt Caswell |
Add some more CRYPTO_atomic functions We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load() Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from ht
Add some more CRYPTO_atomic functions We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load() Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13733)
show more ...
|
#
c739222b |
| 09-Dec-2020 |
Matt Caswell |
Fix no-threads Make OPENSSL_fork_prepare() et al always available even in a no-threads build. These functions are no-ops anyway so this shouldn't make any difference. This f
Fix no-threads Make OPENSSL_fork_prepare() et al always available even in a no-threads build. These functions are no-ops anyway so this shouldn't make any difference. This fixes an issue where the symbol_presence test fails in a no-threads build. This is because these functions have not been marked in libcrypto.num as being dependent on thread support. Enclosing the declarations of the functions in the header with an appropriate guard does not help because we never define OPENSSL_NO_THREADS (we define the opposite OPENSSL_THREADS). This confuses the scripts which only consider OPENSSL_NO_* guards. The simplest solution is to just make them always available. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13647)
show more ...
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
9750b4d3 |
| 29-Oct-2020 |
Randall S. Becker |
Moved OPENSSL_fork_prepare,_parent,_child from init.c to threads_pthread.c. These methods should ultimately be deprecated. The move is to insulate non-UNIX platforms from these undefined
Moved OPENSSL_fork_prepare,_parent,_child from init.c to threads_pthread.c. These methods should ultimately be deprecated. The move is to insulate non-UNIX platforms from these undefined symbols. CLA: Permission is granted by the author to the OpenSSL team to use these modifications. Fixes #13273 Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13276)
show more ...
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
c57a59b1 |
| 25-Sep-2020 |
Pauli |
todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Fixes #12984 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/opens
todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Fixes #12984 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12997)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
08073700 |
| 06-Sep-2020 |
Randall S. Becker |
NonStop port updates for 3.0.0. HPE NonStop Port Changes for 3.0.0 Includes unthreaded, PUT, and SPT for OSS. The port changes include wrapping where necessary for FLOSS and ap
NonStop port updates for 3.0.0. HPE NonStop Port Changes for 3.0.0 Includes unthreaded, PUT, and SPT for OSS. The port changes include wrapping where necessary for FLOSS and appropriate configuration changes to support that. Two tests are excluded as being inappropriate for the platform. The changes are: * Added /usr/local/include to nonstop-nsx_spt_floss to load floss.h * Added SPT Floss variant for NonStop * Wrapped FLOSS definitions in OPENSSL_TANDEM_FLOSS to allow selective enablement. * SPT build configuration for NonStop * Skip tests not relevant for NonStop * PUT configuration changes required for NonStop platforms * Configurations/50-nonstop.conf: updates for TNS/X platform. * FLOSS instrumentation for HPE NonStop TNS/X and TNS/E platforms. * Configurations/50-nonstop.conf: modifications for non-PUT TNS/E platform b * Fix use of DELAY in ssltestlib.c for HPNS. * Fixed commit merge issues and added floss to http_server.c CLA: Permission is granted by the author to the OpenSSL team to use these modifications. Fixes #5087. Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12800)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2 |
|
#
454afd98 |
| 15-May-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11839)
|
Revision tags: openssl-3.0.0-alpha1, OpenSSL_1_1_1g |
|
#
f844f9eb |
| 13-Apr-2020 |
Richard Levitte |
Rename FIPS_MODE to FIPS_MODULE This macro is used to determine if certain pieces of code should become part of the FIPS module or not. The old name was confusing. Fixes #11538
Rename FIPS_MODE to FIPS_MODULE This macro is used to determine if certain pieces of code should become part of the FIPS module or not. The old name was confusing. Fixes #11538 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11539)
show more ...
|
Revision tags: OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
#
84952925 |
| 27-May-2019 |
Dr. Matthias St. Pierre |
drbg: ensure fork-safety without using a pthread_atfork handler When the new OpenSSL CSPRNG was introduced in version 1.1.1, it was announced in the release notes that it would be fork-s
drbg: ensure fork-safety without using a pthread_atfork handler When the new OpenSSL CSPRNG was introduced in version 1.1.1, it was announced in the release notes that it would be fork-safe, which the old CSPRNG hadn't been. The fork-safety was implemented using a fork count, which was incremented by a pthread_atfork handler. Initially, this handler was enabled by default. Unfortunately, the default behaviour had to be changed for other reasons in commit b5319bdbd095, so the new OpenSSL CSPRNG failed to keep its promise. This commit restores the fork-safety using a different approach. It replaces the fork count by a fork id, which coincides with the process id on UNIX-like operating systems and is zero on other operating systems. It is used to detect when an automatic reseed after a fork is necessary. To prevent a future regression, it also adds a test to verify that the child reseeds after fork. CVE-2019-1549 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9832)
show more ...
|
#
d6dda392 |
| 21-Jun-2019 |
Vladimir Kotal |
use native atomic increment function on Solaris Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/ope
use native atomic increment function on Solaris Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9215)
show more ...
|
#
3593266d |
| 10-Apr-2019 |
Matt Caswell |
Make core code available within the FIPS module Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8728)
|
Revision tags: OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
0e9725bc |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7827)
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i |
|
#
d2b86364 |
| 13-Aug-2018 |
Andy Polyakov |
crypto/threads_*: remove CRYPTO_atomic_{read|write}. CRYPTO_atomic_read was added with intention to read statistics counters, but readings are effectively indistinguishable from regular
crypto/threads_*: remove CRYPTO_atomic_{read|write}. CRYPTO_atomic_read was added with intention to read statistics counters, but readings are effectively indistinguishable from regular load (even in non-lock-free case). This is because you can get out-dated value in both cases. CRYPTO_atomic_write was added for symmetry and was never used. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6883)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5 |
|
#
28428130 |
| 17-Apr-2018 |
Richard Levitte |
Update copyright year Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5990)
|
#
7de2b9c4 |
| 05-Apr-2018 |
Rich Salz |
Set error code if alloc returns NULL Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5886)
|
Revision tags: OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
f49452c2 |
| 10-Oct-2017 |
Pauli |
Return a value from atomic read on Windows. Use a read lock when reading using pthreads. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pu
Return a value from atomic read on Windows. Use a read lock when reading using pthreads. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4517)
show more ...
|
#
30ff41be |
| 09-Oct-2017 |
Pauli |
Add atomic write call Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4414)
|
#
94683b7a |
| 25-Sep-2017 |
Pauli |
Add a CRYPTO_atomic_read call which allows an int variable to be read in an atomic fashion. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl
Add a CRYPTO_atomic_read call which allows an int variable to be read in an atomic fashion. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4414)
show more ...
|
#
b842fcbb |
| 18-Aug-2017 |
Rich Salz |
Put thread-fork-init inside a run-once guard Thanks to Christian Heimes for pointing this out. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/ope
Put thread-fork-init inside a run-once guard Thanks to Christian Heimes for pointing this out. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4191)
show more ...
|