#
b2feb9f0 |
| 14-Jun-2022 |
Jiasheng Jiang |
test/ssl_old_test.c: Add check for OPENSSL_malloc As the potential failure of the OPENSSL_malloc(), it should be better to add the check and return error if fails. Signed-of
test/ssl_old_test.c: Add check for OPENSSL_malloc As the potential failure of the OPENSSL_malloc(), it should be better to add the check and return error if fails. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18555)
show more ...
|
#
4f4942a1 |
| 14-Jun-2022 |
Jiasheng Jiang |
test/ssl_old_test.c: Add check for OPENSSL_zalloc As the potential failure of the OPENSSL_zalloc(), it should be better to add the check and return error if fails. Signed-of
test/ssl_old_test.c: Add check for OPENSSL_zalloc As the potential failure of the OPENSSL_zalloc(), it should be better to add the check and return error if fails. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18552)
show more ...
|
#
598bd774 |
| 16-May-2022 |
Bernd Edlinger |
Fix KTLS with BIO_new_connect When a socket connection is done using BIO_new_connect, the ktls_enable is done too early, and fails with ENOTCONN. Therefore the KLTS ioctl will fail l
Fix KTLS with BIO_new_connect When a socket connection is done using BIO_new_connect, the ktls_enable is done too early, and fails with ENOTCONN. Therefore the KLTS ioctl will fail later with ENOPROTOOPT. Fix that by doing the ktls_enable after the connection succeeded, not when the socket is created as that will always fail. One example where this happens is doit_localhost in test/ssl_old_test.c, and therefore, contrary to the expectation the -client_ktls option did never enable the client KTLS connection, but this was not noticed, because there was no diagnostic output, and it was only visible with strace output. Also enhanced the ssl_old_test -client_ktls/-server_ktls options together with -v option to print a summary line if and how KTLS was negotiated in server and client. While I am already there adjusted the usage info of the -s_cert, -s_key commands, and allow -time to print the timings of ktls connections. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18318)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
fba140c7 |
| 12-Apr-2022 |
Dmitry Belyavskiy |
str[n]casecmp => OPENSSL_strncasecmp Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
|
#
d71151ae |
| 23-Feb-2022 |
Nicola Tuveri |
[ssl] Add tests for Perfect Forward Secrecy criteria on SECLEVEL >= 3 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas
[ssl] Add tests for Perfect Forward Secrecy criteria on SECLEVEL >= 3 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
show more ...
|
#
8fff986d |
| 14-Jan-2022 |
Bernd Edlinger |
Cleanup record length checks for KTLS In some corner cases the check for packets which exceed the allowed record length was missing when KTLS is initially enabled, when some unpr
Cleanup record length checks for KTLS In some corner cases the check for packets which exceed the allowed record length was missing when KTLS is initially enabled, when some unprocessed packets are still pending. Add at least some tests for KTLS, since we have currently not very much test coverage for KTLS. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17504)
show more ...
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
2ff286c2 |
| 21-Jun-2021 |
Dr. David von Oheimb |
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15847)
show more ...
|
#
1287dabd |
| 26-Oct-2021 |
x2018 |
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16918)
show more ...
|
#
8c590a21 |
| 26-Oct-2021 |
Jiasheng Jiang |
test/ssl_old_test.c: Do NULL pointer check before its use In openssl-3.0.0 and system provided, it is not reasonable to check null pointer after use. The order was accidentally reversed.
test/ssl_old_test.c: Do NULL pointer check before its use In openssl-3.0.0 and system provided, it is not reasonable to check null pointer after use. The order was accidentally reversed. Therefore, it is better to correct it. CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16915)
show more ...
|
#
34563be5 |
| 12-Oct-2021 |
Peiwei Hu |
test/ssl_old_test.c: Fix potential leak Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/168
test/ssl_old_test.c: Fix potential leak Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16806)
show more ...
|
#
fd009d76 |
| 31-May-2021 |
Pauli |
test: remove TODOs Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
a763ca11 |
| 14-Jan-2021 |
Matt Caswell |
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provid
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provider. Fixes #13767 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
show more ...
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
#
59b64259 |
| 21-Jan-2021 |
Tomas Mraz |
ssl_old_test.c: Replace use of deprecated EC functions Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
5b5eea4b |
| 15-Oct-2020 |
Shane Lontis |
Deprecate EC_KEY + Update ec apps to use EVP_PKEY Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@open
Deprecate EC_KEY + Update ec apps to use EVP_PKEY Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
show more ...
|
#
3a1ee3c1 |
| 17-Dec-2020 |
Richard Levitte |
Drop OPENSSL_NO_RSA everywhere The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so this is simply a cleanup of the remains. Reviewed-by: Tomas Mraz <tmraz@fedor
Drop OPENSSL_NO_RSA everywhere The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so this is simply a cleanup of the remains. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13700)
show more ...
|
#
bca7ad6e |
| 26-Sep-2020 |
Dr. David von Oheimb |
Use adapted test_get_libctx() for simpler test setup and better error reporting Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13001)
|
#
20f8bc72 |
| 29-Nov-2020 |
Dr. David von Oheimb |
test cleanup: move helper .c and .h files to test/helpers/ Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13568)
|