|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
| #
d5e742de |
| 22-Dec-2020 |
Matt Caswell |
Add some more CRYPTO_atomic functions
We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load()
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from ht
Add some more CRYPTO_atomic functions
We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load()
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
show more ...
|
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
| #
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
|
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
| #
7da7b27e |
| 16-Mar-2020 |
Kochise |
Windows: Add type casting in CRYPTO_atomic_add to remove warning
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Windows: Add type casting in CRYPTO_atomic_add to remove warning
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11337)
show more ...
|
|
Revision tags: OpenSSL_1_0_2u |
|
| #
7f0a8dc7 |
| 11-Sep-2019 |
Dr. Matthias St. Pierre |
crypto/threads_win.c: fix preprocessor indentation
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9832)
|
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
| #
84952925 |
| 27-May-2019 |
Dr. Matthias St. Pierre |
drbg: ensure fork-safety without using a pthread_atfork handler
When the new OpenSSL CSPRNG was introduced in version 1.1.1,
it was announced in the release notes that it would be fork-s
drbg: ensure fork-safety without using a pthread_atfork handler
When the new OpenSSL CSPRNG was introduced in version 1.1.1,
it was announced in the release notes that it would be fork-safe,
which the old CSPRNG hadn't been.
The fork-safety was implemented using a fork count, which was
incremented by a pthread_atfork handler. Initially, this handler
was enabled by default. Unfortunately, the default behaviour
had to be changed for other reasons in commit b5319bdbd095, so
the new OpenSSL CSPRNG failed to keep its promise.
This commit restores the fork-safety using a different approach.
It replaces the fork count by a fork id, which coincides with
the process id on UNIX-like operating systems and is zero on other
operating systems. It is used to detect when an automatic reseed
after a fork is necessary.
To prevent a future regression, it also adds a test to verify that
the child reseeds after fork.
CVE-2019-1549
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9832)
show more ...
|
| #
09305a7d |
| 27-Mar-2019 |
Soujyu Tanaka |
Avoid linking error for InitializeCriticalSectionAndSpinCount().
Replace it with InitializeCriticalSection()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Casw
Avoid linking error for InitializeCriticalSectionAndSpinCount().
Replace it with InitializeCriticalSection()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8596)
show more ...
|
|
Revision tags: OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
0e9725bc |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7827)
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i |
|
| #
d2b86364 |
| 13-Aug-2018 |
Andy Polyakov |
crypto/threads_*: remove CRYPTO_atomic_{read|write}.
CRYPTO_atomic_read was added with intention to read statistics counters,
but readings are effectively indistinguishable from regular
crypto/threads_*: remove CRYPTO_atomic_{read|write}.
CRYPTO_atomic_read was added with intention to read statistics counters,
but readings are effectively indistinguishable from regular load (even
in non-lock-free case). This is because you can get out-dated value in
both cases. CRYPTO_atomic_write was added for symmetry and was never used.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6883)
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7 |
|
| #
2de108df |
| 20-May-2018 |
David Benjamin |
Save and restore the Windows error around TlsGetValue.
TlsGetValue clears the last error even on success, so that callers may
distinguish it successfully returning NULL or failing. This
Save and restore the Windows error around TlsGetValue.
TlsGetValue clears the last error even on success, so that callers may
distinguish it successfully returning NULL or failing. This error-mangling
behavior interferes with the caller's use of GetLastError. In particular
SSL_get_error queries the error queue to determine whether the caller should
look at the OS's errors. To avoid destroying state, save and restore the
Windows error.
Fixes #6299.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6316)
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5 |
|
| #
28428130 |
| 17-Apr-2018 |
Richard Levitte |
Update copyright year
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5990)
|
| #
7de2b9c4 |
| 05-Apr-2018 |
Rich Salz |
Set error code if alloc returns NULL
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5886)
|
|
Revision tags: OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
| #
f49452c2 |
| 10-Oct-2017 |
Pauli |
Return a value from atomic read on Windows.
Use a read lock when reading using pthreads.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pu
Return a value from atomic read on Windows.
Use a read lock when reading using pthreads.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4517)
show more ...
|
| #
30ff41be |
| 09-Oct-2017 |
Pauli |
Add atomic write call
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4414)
|
| #
94683b7a |
| 25-Sep-2017 |
Pauli |
Add a CRYPTO_atomic_read call which allows an int variable to be read
in an atomic fashion.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl
Add a CRYPTO_atomic_read call which allows an int variable to be read
in an atomic fashion.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4414)
show more ...
|
| #
2915fe19 |
| 22-Jun-2017 |
Rich Salz |
Add fork handlers, based on pthread_atfork
Only for Unix platforms
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3754)
|
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14 |
|
| #
1fda5bc4 |
| 14-Nov-2016 |
Matt Caswell |
Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows"
This reverts commit 349d1cfddcfa33d352240582a3803f2eba39d9a0.
The proposed fix is incorrect. It marks the "run_once" co
Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows"
This reverts commit 349d1cfddcfa33d352240582a3803f2eba39d9a0.
The proposed fix is incorrect. It marks the "run_once" code as having
finished before it has. The intended semantics of run_once is that no
threads should proceed until the code has run exactly once. With this
change the "second" thread will think the run_once code has already been
run and will continue, even though it is still in progress. This could
result in a crash or other incorrect behaviour.
Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
| #
349d1cfd |
| 13-Nov-2016 |
DK |
Fixed deadlock in CRYPTO_THREAD_run_once for Windows
Fixed deadlock in CRYPTO_THREAD_run_once() if call to init() is causing
a recursive call to CRYPTO_THREAD_run_once() again that is ca
Fixed deadlock in CRYPTO_THREAD_run_once for Windows
Fixed deadlock in CRYPTO_THREAD_run_once() if call to init() is causing
a recursive call to CRYPTO_THREAD_run_once() again that is causing a hot
deadloop inside do { } while (result == ONCE_ININIT); section.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1913)
show more ...
|
|
Revision tags: OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6 |
|
| #
f1f5ee17 |
| 26-Jun-2016 |
Andy Polyakov |
include/openssl: don't include <windows.h> in public headers.
If application uses any of Windows-specific interfaces, make it
application developer's respondibility to include <windows.h
include/openssl: don't include <windows.h> in public headers.
If application uses any of Windows-specific interfaces, make it
application developer's respondibility to include <windows.h>.
Rationale is that <windows.h> is quite "toxic" and is sensitive
to inclusion order (most notably in relation to <winsock2.h>).
It's only natural to give complete control to the application developer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_13 |
|
| #
fcb318c6 |
| 19-May-2016 |
Matt Caswell |
Fix Windows 64 bit crashes
The function InitOnceExceuteOnce is the best way to support the
implementation of CRYPTO_THREAD_run_once() on Windows. Unfortunately
WinXP doesn't have it.
Fix Windows 64 bit crashes
The function InitOnceExceuteOnce is the best way to support the
implementation of CRYPTO_THREAD_run_once() on Windows. Unfortunately
WinXP doesn't have it. To get around that we had two different
implementations: one for WinXP and one for later versions. Which one was
used was based on the value of _WIN32_WINNT.
This approach was starting to cause problems though because other parts of
OpenSSL assume _WIN32_WINNT is going to be 0x0501 and crashes were
occurring dependant on include file ordering. In addition a conditional
based on _WIN32_WINNT had made its way into a public header file through
commit 5c4328f. This is problematic because the value of this macro can
vary between OpenSSL build time and application build time.
The simplest solution to this mess is just to always use the WinXP version
of CRYPTO_THREAD_run_once(). Its perhaps slightly sub-optimal but probably
not noticably.
GitHub Issue #1086
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
aa6bb135 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 05/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
5c4328f0 |
| 15-May-2016 |
Viktor Dukhovni |
Fold threads.h into crypto.h making API public
Document thread-safe lock creation
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5 |
|
| #
6b888643 |
| 01-Apr-2016 |
Mat |
Fix: CRYPTO_THREAD_run_once
InitOnceExecuteOnce returns nonzero on success:
MSDN: "If the function succeeds, the return value is nonzero."
So return 1 if it is nonzero, 0 others
Fix: CRYPTO_THREAD_run_once
InitOnceExecuteOnce returns nonzero on success:
MSDN: "If the function succeeds, the return value is nonzero."
So return 1 if it is nonzero, 0 others.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_0-pre4 |
|
| #
64256510 |
| 10-Mar-2016 |
Mat |
Fix return type for CRYPTO_THREAD_run_once
return type should be int and not void
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
0b2fc928 |
| 01-Mar-2016 |
FdaSilvaYY |
GH773: Possible leak on CRYPTO_THREAD_lock_new failure
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2, OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e |
|
| #
71a04cfc |
| 25-Oct-2015 |
Alessandro Ghedini |
Implement new multi-threading API
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
