#
cd715b7e |
| 09-Nov-2022 |
Maxim Mikityanskiy |
Add support for KTLS zerocopy sendfile on Linux TLS device offload allows to perform zerocopy sendfile transmissions. FreeBSD provides this feature by default, and Linux 5.19 introduced
Add support for KTLS zerocopy sendfile on Linux TLS device offload allows to perform zerocopy sendfile transmissions. FreeBSD provides this feature by default, and Linux 5.19 introduced it as an opt-in. Zerocopy improves the TX rate significantly, but has a side effect: if the underlying file is changed while being transmitted, and a TCP retransmission happens, the receiver may get a TLS record containing both new and old data, which leads to an authentication failure and termination of connection. This effect is the reason Linux makes a copy on sendfile by default. This commit adds support for TLS zerocopy sendfile on Linux disabled by default to avoid any unlikely backward compatibility issues on Linux, although sacrificing consistency in OpenSSL's behavior on Linux and FreeBSD. A new option called KTLSTxZerocopySendfile is added to enable the new zerocopy behavior on Linux. This option should be used when the the application guarantees that the file is not modified during transmission, or it doesn't care about breaking the connection. The related documentation is also added in this commit. The unit test added doesn't test the actual functionality (it would require specific hardware and a non-local peer), but solely checks that it's possible to set the new option flag. Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com> Reviewed-by: Tariq Toukan <tariqt@nvidia.com> Reviewed-by: Boris Pismenny <borisp@nvidia.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18650)
show more ...
|
#
e0c4e43e |
| 01-Aug-2022 |
Hugo Landau |
BIO_sendmmsg/BIO_recvmmsg (API only) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/189
BIO_sendmmsg/BIO_recvmmsg (API only) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18923)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
e278f185 |
| 19-Jan-2022 |
yangyangtiantianlonglong |
Fix the same BIO_FLAGS macro definition Also add comment to the public header to avoid making another conflict in future. Fixes #17545 Reviewed-by: Paul Dale <pauli@ope
Fix the same BIO_FLAGS macro definition Also add comment to the public header to avoid making another conflict in future. Fixes #17545 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17546)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
b0ee1de9 |
| 27-Apr-2021 |
Matt Caswell |
Create libcrypto support for BIO_new_from_core_bio() Previously the concept of wrapping an OSSL_CORE_BIO in a real BIO was an internal only concept for our own providers. Since this is l
Create libcrypto support for BIO_new_from_core_bio() Previously the concept of wrapping an OSSL_CORE_BIO in a real BIO was an internal only concept for our own providers. Since this is likely to be generally useful, we make it a part of the public API. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15072)
show more ...
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
141cc94e |
| 04-Mar-2021 |
Pauli |
Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO Providers (particularly the FIPS provider) needs access to BIOs from libcrypto. Libcrypto is allowed to c
Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO Providers (particularly the FIPS provider) needs access to BIOs from libcrypto. Libcrypto is allowed to change the internal format of the BIO structure and it is still expected to work with providers that were already built. This means that the libcrypto BIO must be distinct from and not castable to the provider side OSSL_CORE_BIO. Unfortunately, this requirement was broken in both directions. This fixes things by forcing the two to be different and any casts break loudly. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14419)
show more ...
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j |
|
#
3a111aad |
| 06-Feb-2021 |
FdaSilvaYY |
include/internal: add a few missing #pragma once directives Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from ht
include/internal: add a few missing #pragma once directives Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/14096)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
ae4186b0 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in the 'include/openssl' directory), the guard names try to match the path specified in the include directives, with all letters converted to upper case and '/' and '.' replaced by '_'. For the private header files files, an extra 'OSSL_' is added as prefix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3 |
|
#
e401ef80 |
| 11-Mar-2018 |
Boris Pismenny |
bio: Linux TLS Rx Offload Add support for Linux TLS Rx offload in the BIO layer. Change-Id: I79924b25dd290a873d69f6c8d429e1f5bb2c3365 Signed-off-by: Boris Pismenny <borisp@mella
bio: Linux TLS Rx Offload Add support for Linux TLS Rx offload in the BIO layer. Change-Id: I79924b25dd290a873d69f6c8d429e1f5bb2c3365 Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7848)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
6ba76c4f |
| 01-Jun-2017 |
Boris Pismenny |
bio: Linux TLS Offload Add support for Linux TLS offload in the BIO layer and specifically in bss_sock.c. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-b
bio: Linux TLS Offload Add support for Linux TLS offload in the BIO layer and specifically in bss_sock.c. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5253)
show more ...
|
#
48f4ad77 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in include/ and crypto/include/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/77
Following the license change, modify the boilerplates in include/ and crypto/include/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7770)
show more ...
|
#
6738bf14 |
| 13-Feb-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
6dbe4dc4 |
| 10-Feb-2018 |
Rich Salz |
Copy name string in BIO_meth_new Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5318)
|
#
fce78bd4 |
| 15-Dec-2017 |
Bernd Edlinger |
Fix invalid function type casts. Rename bio_info_cb to BIO_info_cb. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4493)
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c |
|
#
42c60460 |
| 21-Oct-2016 |
Matt Caswell |
More parameter naming of BIO_read*/BIO_write* related functions Based on feedback received. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
3befffa3 |
| 20-Oct-2016 |
Matt Caswell |
Create BIO_write_ex() which handles size_t arguments Also extend BIO_METHOD to be able to supply an implementation for the new BIO_write_ex function. Reviewed-by: Richard Levitt
Create BIO_write_ex() which handles size_t arguments Also extend BIO_METHOD to be able to supply an implementation for the new BIO_write_ex function. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a |
|
#
d07aee2c |
| 05-Sep-2016 |
Matt Caswell |
Create BIO_read_ex() which handles size_t arguments Also extend BIO_METHOD to be able to supply an implementation for the new BIO_read function. Reviewed-by: Richard Levitte <le
Create BIO_read_ex() which handles size_t arguments Also extend BIO_METHOD to be able to supply an implementation for the new BIO_read function. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
#
21dcbebc |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 03/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5 |
|
#
1ee7b8b9 |
| 14-Apr-2016 |
Matt Caswell |
Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data l
Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre4 |
|
#
ff234405 |
| 11-Mar-2016 |
Matt Caswell |
Ensure all locks are properly cleaned up Some locks were not being properly cleaned up during close down. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
b3599dbb |
| 12-Apr-2016 |
Matt Caswell |
Rename int_*() functions to *_int() There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate
Rename int_*() functions to *_int() There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate internal functions and public symbols with the same name (but different case) Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
342c21cd |
| 06-Apr-2016 |
Matt Caswell |
Rename lots of *_intern or *_internal function to int_* There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by: Tim Hudson <tjh@openssl.org>
Rename lots of *_intern or *_internal function to int_* There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
62d876ad |
| 04-Apr-2016 |
Matt Caswell |
Deprecate BIO_sock_cleanup() and make it a no-op BIO_sock_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudso
Deprecate BIO_sock_cleanup() and make it a no-op BIO_sock_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
a146ae55 |
| 22-Mar-2016 |
Matt Caswell |
Make BIO opaque Move the the BIO_METHOD and BIO structures into internal header files, provide appropriate accessor methods and update all internal code to use the new accessors wher
Make BIO opaque Move the the BIO_METHOD and BIO structures into internal header files, provide appropriate accessor methods and update all internal code to use the new accessors where appropriate. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|