| #
b6a5e801 |
| 01-Dec-2023 |
Rajeev Ranjan |
Add support for integrity-only cipher suites for TLS v1.3
- add test vectors for tls1_3 integrity-only ciphers
- recmethod_local.h: add new member for MAC
- tls13_meth.c: add MAC onl
Add support for integrity-only cipher suites for TLS v1.3
- add test vectors for tls1_3 integrity-only ciphers
- recmethod_local.h: add new member for MAC
- tls13_meth.c: add MAC only to tls 1.3
- tls13_enc.c: extend function to add MAC only
- ssl_local.h: add ssl_cipher_get_evp_md_mac()
- s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
- ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it
- tls13secretstest.c: add dummy test function
- Configure: add integrity-only-ciphers option
- document the new ciphers
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22903)
show more ...
|
| #
1c4f9684 |
| 01-Apr-2024 |
Craig Lorentzen |
Security hardening: Expose Build flags for Position Independed Execution (PIE)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged fr
Security hardening: Expose Build flags for Position Independed Execution (PIE)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22596)
show more ...
|
| #
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)
Reviewed-by: Hugo Lan
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
| #
37cd49f5 |
| 14-Mar-2024 |
Neil Horman |
Fix ASLR to be smaller during asan/tsan/ubsan runs
Recently asan/tsan/ubsan runs have been failing randomly. It appears
that a recent runner update may have led to the Address Space Lay
Fix ASLR to be smaller during asan/tsan/ubsan runs
Recently asan/tsan/ubsan runs have been failing randomly. It appears
that a recent runner update may have led to the Address Space Layout
Randomization setting in the linux kernel of ubuntu-latest runner
getting set to too high a value (it defaults to 30). Such a setting
leads to the possibility that a given application will have memory
mapped to an address space that the sanitizer code typically uses to do
its job. Lowering this value allows a/t/ubsan to work consistently
again
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23842)
show more ...
|
| #
456b32ba |
| 10-Nov-2023 |
Tomas Mraz |
Rearrange some CI jobs
Those less useful should be in daily or on-push runs.
Those more likely triggering CI failure that do not
take too much time should be in main on pull req
Rearrange some CI jobs
Those less useful should be in daily or on-push runs.
Those more likely triggering CI failure that do not
take too much time should be in main on pull request CI.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22693)
show more ...
|
| #
2d374e1c |
| 28-Sep-2023 |
Dmitry Misharov |
GH action workflows: Add cpu report before 'make test'
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@op
GH action workflows: Add cpu report before 'make test'
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22232)
show more ...
|
| #
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
|
| #
d4231af6 |
| 05-Sep-2023 |
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
Bump actions/checkout from 2 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Change
Bump actions/checkout from 2 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21953)
show more ...
|
| #
6497ad58 |
| 30-Jun-2023 |
Tomas Mraz |
Reorganize runchecker jobs
Put jobs that are more likely to fail to on pull request CI.
To compensate move some less likely to fail jobs to on push and
daily CI jobs.
Review
Reorganize runchecker jobs
Put jobs that are more likely to fail to on pull request CI.
To compensate move some less likely to fail jobs to on push and
daily CI jobs.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21336)
show more ...
|
| #
4032cd9a |
| 17-Apr-2023 |
Yi Li |
configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).
Signed-off-by: Yi Li <yi
configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
show more ...
|
| #
1ac0464d |
| 05-Apr-2023 |
Tomas Mraz |
CI: Checkout submodules to make the regression fuzz tests run
Otherwise the fuzz/corpora won't be present.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul D
CI: Checkout submodules to make the regression fuzz tests run
Otherwise the fuzz/corpora won't be present.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20683)
show more ...
|
| #
1ca61aa5 |
| 09-Dec-2022 |
Tomas Mraz |
Run-checker merge CI: Memleak test does not work without ubsan
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.c
Run-checker merge CI: Memleak test does not work without ubsan
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19874)
show more ...
|
| #
b71b9534 |
| 09-Dec-2022 |
Tomas Mraz |
Revert "Run-checker merge CI: Replace no-shared with no-modules"
This reverts commit d5696547e46e9ea85fcb7581b9d49c58b7c24eeb.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewe
Revert "Run-checker merge CI: Replace no-shared with no-modules"
This reverts commit d5696547e46e9ea85fcb7581b9d49c58b7c24eeb.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19874)
show more ...
|
| #
d5696547 |
| 08-Dec-2022 |
Tomas Mraz |
Run-checker merge CI: Replace no-shared with no-modules
ASAN otherwise fails to detect memleaks.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <lev
Run-checker merge CI: Replace no-shared with no-modules
ASAN otherwise fails to detect memleaks.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19860)
show more ...
|
| #
4ff66347 |
| 02-Nov-2022 |
Tomas Mraz |
Update GitHub actions as suggested by dependabot
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/opens
Update GitHub actions as suggested by dependabot
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19581)
show more ...
|
| #
83529f07 |
| 19-Aug-2022 |
Tomas Mraz |
Always automatically add -DPEDANTIC with enable-ubsan
To avoid reports like: #19028
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(
Always automatically add -DPEDANTIC with enable-ubsan
To avoid reports like: #19028
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19029)
show more ...
|
| #
c6e7f427 |
| 09-Jul-2022 |
Varun Sharma |
ci: add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <p
ci: add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18766)
show more ...
|
| #
08d8c2d8 |
| 19-Sep-2021 |
Pauli |
ci: add copyright header to CI scripts
There is quite a bit of creative effort in these and even more trouble-
shooting effort. I.e. they are non-trivial from a copyright perspective.
ci: add copyright header to CI scripts
There is quite a bit of creative effort in these and even more trouble-
shooting effort. I.e. they are non-trivial from a copyright perspective.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16628)
show more ...
|
| #
7587b5fd |
| 04-Aug-2021 |
Pauli |
CI: remove spurious blank lines
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16174)
|
| #
7b917179 |
| 29-Jul-2021 |
Pauli |
ci: separate the config dump from the configuration command
This avoids using the shell's `&&` and shortens the lines a bit.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged
ci: separate the config dump from the configuration command
This avoids using the shell's `&&` and shortens the lines a bit.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16174)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17 |
|
| #
d0364dcc |
| 12-May-2021 |
Rich Salz |
Add --banner config option
Use it in the automated workflows.
Fixes: #15247
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@op
Add --banner config option
Use it in the automated workflows.
Fixes: #15247
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15248)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha16 |
|
| #
ab6db11e |
| 03-May-2021 |
Pauli |
Run-checker converted to GitHub Actions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15129)
|
