db302550 | 28-Jun-2022 |
Dr. David von Oheimb |
app_http_tls_cb() and tls_error_hint(): code cleanup Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.o
app_http_tls_cb() and tls_error_hint(): code cleanup Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18675)
show more ...
|
d040a1b9 | 11-May-2021 |
Dr. David von Oheimb |
Makefile: Generate crypto objects only as far as needed Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <
Makefile: Generate crypto objects only as far as needed Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/15224)
show more ...
|
0e55c3ab | 11-May-2021 |
Dr. David von Oheimb |
Makefile: Call mknum.pl on 'make ordinals' only if needed Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb
Makefile: Call mknum.pl on 'make ordinals' only if needed Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/15224)
show more ...
|
08ae9fa6 | 18-Jul-2022 |
K1 |
Support decode SM2 parameters Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18819) |
c92c3dfb | 16-Aug-2022 |
Ryan Kelley |
Moving notify check after the no time check CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.c
Moving notify check after the no time check CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19007)
show more ...
|
c63e8637 | 21-Dec-2021 |
Dmitry Belyavskiy |
openssl speed fails in FIPS mode ...because it uses md5 for HMAC tests. Skip md5 in case of its unavailability. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim
openssl speed fails in FIPS mode ...because it uses md5 for HMAC tests. Skip md5 in case of its unavailability. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17331)
show more ...
|
4c100990 | 20-Aug-2022 |
Tobias Nießen |
Fix typo in migration guide Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19032) |
83529f07 | 19-Aug-2022 |
Tomas Mraz |
Always automatically add -DPEDANTIC with enable-ubsan To avoid reports like: #19028 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (
Always automatically add -DPEDANTIC with enable-ubsan To avoid reports like: #19028 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19029)
show more ...
|
a148f864 | 22-Aug-2022 |
Todd Short |
Fix doc-nits PR #19031 updated options that that were listed as commands, these options were already in openssl-list.pod.in, so they are redundant in openssl.pod. Reviewed-b
Fix doc-nits PR #19031 updated options that that were listed as commands, these options were already in openssl-list.pod.in, so they are redundant in openssl.pod. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19044)
show more ...
|
b134300a | 30-Aug-2021 |
Tianjia Zhang |
evp: Use functions instead of direct structure field references AES and chacha20poly1305 also have some codes that directly reference the fields in the EVP_CIPHER_CTX structure, such as
evp: Use functions instead of direct structure field references AES and chacha20poly1305 also have some codes that directly reference the fields in the EVP_CIPHER_CTX structure, such as 'ctx->buf' and 'ctx->encrypt', in order to make the code style uniform, use the corresponding interface API instead of direct field references. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16465)
show more ...
|
e6b1c22b | 30-Aug-2021 |
Tianjia Zhang |
evp: Simplify ARIA aead cipher definition Remove fixed macro variables, only keep the cipher mode name and key length. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.
evp: Simplify ARIA aead cipher definition Remove fixed macro variables, only keep the cipher mode name and key length. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16465)
show more ...
|
a9389c0b | 29-Jul-2022 |
Piotr Kubaj |
Add BSD-armv4 target based on linux-armv4 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
Add BSD-armv4 target based on linux-armv4 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18910)
show more ...
|
63b94b3f | 19-Aug-2022 |
Jeff Croxell |
Clarify dashes are required for openssl list command Fixes #19013 CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
Clarify dashes are required for openssl list command Fixes #19013 CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19031)
show more ...
|
6a925505 | 18-Aug-2022 |
Todd Short |
Update gitignore Add test/timing_load_creds Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.or
Update gitignore Add test/timing_load_creds Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19021)
show more ...
|
e0c4e43e | 01-Aug-2022 |
Hugo Landau |
BIO_sendmmsg/BIO_recvmmsg (API only) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/189
BIO_sendmmsg/BIO_recvmmsg (API only) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18923)
show more ...
|
709d4be7 | 15-Aug-2022 |
Pauli |
Limit the size of various MAXCHUNK definitions The current code has issues when sizeof(long) <> sizeof(size_t). The two types are assumed to be interchangeable and them being different
Limit the size of various MAXCHUNK definitions The current code has issues when sizeof(long) <> sizeof(size_t). The two types are assumed to be interchangeable and them being different will cause crashes and endless loops. This fix limits the maximum chunk size for many of the symmetric ciphers to 2^30 bytes. This chunk size limits the amount of data that will be encrypted/decrypted in one lump. The code internally handles block of data later than the chunk limit, so this will present no difference to the caller. Any loss of efficiency due to limiting the chunking to 1Gbyte rather than more should be insignificant. Fixes Coverity issues: 1508498, 1508500 - 1508505, 1508507 - 1508527, 1508529 - 1508533, 1508535 - 1508537, 1508539, 1508541 - 1508549, 1508551 - 1508569 & 1508571 - 1508582. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18997)
show more ...
|
e8a557dc | 16-Aug-2022 |
Pauli |
Coverity: misuses of time_t Coverity 1508506: Fixes a bug in the cookie code which would have caused problems for ten minutes before and after the lower 32 bits of time_
Coverity: misuses of time_t Coverity 1508506: Fixes a bug in the cookie code which would have caused problems for ten minutes before and after the lower 32 bits of time_t rolled over. Coverity 1508534 & 1508540: Avoid problems when the lower 32 bits of time_t roll over by delaying the cast to integer until after the time delta has been computed. Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19004)
show more ...
|
b85ebc4b | 09-Aug-2022 |
Matt Caswell |
Check record layer callbacks are non-null The current libssl code always ensures that the callbacks are non-null. However, the record layer itself wasn't checkthing this. We ensure it do
Check record layer callbacks are non-null The current libssl code always ensures that the callbacks are non-null. However, the record layer itself wasn't checkthing this. We ensure it does. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
1704961c | 27-Jul-2022 |
Matt Caswell |
Formatting cleanups Some minor formatting cleanups and other minor tweaks. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged
Formatting cleanups Some minor formatting cleanups and other minor tweaks. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
7f7b0be8 | 27-Jul-2022 |
Matt Caswell |
Remove redefinition of macros Some macros were redefined in ssl3_cbc.c. We remove the redefinitions Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas
Remove redefinition of macros Some macros were redefined in ssl3_cbc.c. We remove the redefinitions Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
226ed5fb | 27-Jul-2022 |
Matt Caswell |
Remove redefinition of SSL_AD_NO_ALERT The SSL_AD_NO_ALERT value was defined in two places. We centralise its definition. Reviewed-by: Hugo Landau <hlandau@openssl.org> Revi
Remove redefinition of SSL_AD_NO_ALERT The SSL_AD_NO_ALERT value was defined in two places. We centralise its definition. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
efc84eac | 27-Jul-2022 |
Matt Caswell |
Ensure the rrl object is set to NULL after it is freed Once we free the rrl object we should NULL it to prevent a dangling ref to it. Otherwise we could get a double free. Revie
Ensure the rrl object is set to NULL after it is freed Once we free the rrl object we should NULL it to prevent a dangling ref to it. Otherwise we could get a double free. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
9b7fb65e | 27-Jul-2022 |
Matt Caswell |
Rename some functions to be more consistent Some functions in the record layer were called rlayer_*, but most were called tls_*. We standardise on the latter. Reviewed-by: Hugo
Rename some functions to be more consistent Some functions in the record layer were called rlayer_*, but most were called tls_*. We standardise on the latter. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
f6aab7b1 | 27-Jul-2022 |
Matt Caswell |
Rename DTLS1_BITMAP to DTLS_BITMAP The 1 in DTLS1 is confusing and is removed. We also tweak the structure to always be able to track 64 packets regardless of whether we are on a 32
Rename DTLS1_BITMAP to DTLS_BITMAP The 1 in DTLS1 is confusing and is removed. We also tweak the structure to always be able to track 64 packets regardless of whether we are on a 32 bit or 64 bit system. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|
df609825 | 27-Jul-2022 |
Matt Caswell |
Remove ssl/record/README.md This file contains design details for the old record layer and is no longer relevant for the new design. Reviewed-by: Hugo Landau <hlandau@openssl.or
Remove ssl/record/README.md This file contains design details for the old record layer and is no longer relevant for the new design. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
show more ...
|