#
293d0a00 |
| 01-Aug-2024 |
Matt Caswell |
Check that a supported_versions extension is present in an HRR If an HRR is sent then it MUST contain supported_versions according to the RFC. We were sanity checking any supported_versi
Check that a supported_versions extension is present in an HRR If an HRR is sent then it MUST contain supported_versions according to the RFC. We were sanity checking any supported_versions extension that was sent but failed to verify that it was actually present. Fixes #25041 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25068)
show more ...
|
#
a401aaf9 |
| 06-May-2024 |
Jacob Champion |
Add reason codes with the correct offset for two alerts Fixes #24300. The current values of SSL_R_NO_APPLICATION_PROTOCOL and SSL_R_PSK_IDENTITY_NOT_FOUND don't allow for a correct looku
Add reason codes with the correct offset for two alerts Fixes #24300. The current values of SSL_R_NO_APPLICATION_PROTOCOL and SSL_R_PSK_IDENTITY_NOT_FOUND don't allow for a correct lookup of the corresponding reason strings. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24351)
show more ...
|
#
21819f78 |
| 26-Apr-2024 |
Tomas Mraz |
Make conf_diagnostics apply also to the SSL conf errors Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/opens
Make conf_diagnostics apply also to the SSL conf errors Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24275)
show more ...
|
#
f945986a |
| 02-Feb-2024 |
Hugo Landau |
make update Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
|
#
2a5ee0a0 |
| 31-Jan-2024 |
Hugo Landau |
QUIC: Add polling API Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
|
#
07e66f3c |
| 30-Jan-2024 |
Hugo Landau |
Fix error code collision Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from http
Fix error code collision Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
show more ...
|
#
e203d1b5 |
| 22-Jan-2024 |
Hugo Landau |
QUIC: Add new error codes for tuning API Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (
QUIC: Add new error codes for tuning API Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
show more ...
|
#
113be15a |
| 19-Jan-2024 |
Hugo Landau |
QUIC APL: Implement optimised FIN API Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull
QUIC APL: Implement optimised FIN API Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23343)
show more ...
|
#
ade3baa6 |
| 24-Aug-2023 |
Hugo Landau |
make update Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
|
#
96fe5e5f |
| 22-Aug-2023 |
Hugo Landau |
QUIC APL: Implement backpressure on stream creation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/o
QUIC APL: Implement backpressure on stream creation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
show more ...
|
#
7a5f58b2 |
| 24-Aug-2023 |
Hugo Landau |
QUIC APL: Fix stream backpressure conditions to use non-I/O errors Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://githu
QUIC APL: Fix stream backpressure conditions to use non-I/O errors Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
show more ...
|
#
9d6bd3d3 |
| 22-Aug-2023 |
Hugo Landau |
QUIC APL: Implement backpressure on stream creation Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/o
QUIC APL: Implement backpressure on stream creation Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
show more ...
|
#
cb19528b |
| 09-Aug-2023 |
Tomas Mraz |
QUIC: Add ERR_raise() calls for EVP call failures This improves tracking where the failure was triggered. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswel
QUIC: Add ERR_raise() calls for EVP call failures This improves tracking where the failure was triggered. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
show more ...
|
#
7a2bb210 |
| 03-Aug-2023 |
Hugo Landau |
QUIC TLS: Rethink error handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
|
#
741170be |
| 28-Jul-2023 |
Hugo Landau |
QUIC CHANNEL: Improve error reporting Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21
QUIC CHANNEL: Improve error reporting Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
show more ...
|
#
2b8126d8 |
| 17-Jul-2023 |
Tomas Mraz |
Raise SSL_R_QUIC_PROTOCOL_ERROR on any QUIC protocol error QUIC error code, frame type and reason is in error data Fixes #21337 Reviewed-by: Hugo Landau <hlandau@openssl.or
Raise SSL_R_QUIC_PROTOCOL_ERROR on any QUIC protocol error QUIC error code, frame type and reason is in error data Fixes #21337 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21476)
show more ...
|
#
bac3f4da |
| 06-Jun-2023 |
Hugo Landau |
make update Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/op
make update Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
abfe3d51 |
| 06-Jun-2023 |
Hugo Landau |
QUIC APL: Validate send stream state Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged f
QUIC APL: Validate send stream state Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
show more ...
|
#
71e55512 |
| 18-Apr-2023 |
Hugo Landau |
QUIC MSST: make update Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20765)
|
#
8b7be3aa |
| 18-Apr-2023 |
Hugo Landau |
QUIC DISPATCH/APL: Implement SSL_set_default_stream_mode, default XSO refactor Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from h
QUIC DISPATCH/APL: Implement SSL_set_default_stream_mode, default XSO refactor Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20765)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
3c95ef22 |
| 27-Jan-2021 |
Todd Short |
RFC7250 (RPK) support Add support for the RFC7250 certificate-type extensions. Alows the use of only private keys for connection (i.e. certs not needed). Add APIs Add unit t
RFC7250 (RPK) support Add support for the RFC7250 certificate-type extensions. Alows the use of only private keys for connection (i.e. certs not needed). Add APIs Add unit tests Add documentation Add s_client/s_server support Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18185)
show more ...
|
#
44a1ac5d |
| 10-Mar-2023 |
Matt Caswell |
Provide better errors for some QUIC failures For example if would be helpful if we got more useful information if the caller forgot to set the peer address. Reviewed-by: Tomas M
Provide better errors for some QUIC failures For example if would be helpful if we got more useful information if the caller forgot to set the peer address. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20514)
show more ...
|
#
97b8db1a |
| 09-Dec-2022 |
Tomas Mraz |
Make error reason for disallowed legacy sigalg more specific The internal error reason is confusing and indicating an error in OpenSSL and not a configuration problem. Fixes #19
Make error reason for disallowed legacy sigalg more specific The internal error reason is confusing and indicating an error in OpenSSL and not a configuration problem. Fixes #19867 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19875)
show more ...
|
#
3c153d87 |
| 20-Oct-2022 |
Matt Caswell |
Fix make update The recent DTLS write record layer code and the certificate compression code both added new SSL_R_ reason codes. The numbers are conflicting due to rebase issues and
Fix make update The recent DTLS write record layer code and the certificate compression code both added new SSL_R_ reason codes. The numbers are conflicting due to rebase issues and causing make update to fail. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19457)
show more ...
|
#
bed07b18 |
| 17-Oct-2022 |
Matt Caswell |
Consolidate sequence counter incrementing code The sequence counter was incremented in numerous different ways in numerous different locations. We introduce a single function to do this
Consolidate sequence counter incrementing code The sequence counter was incremented in numerous different ways in numerous different locations. We introduce a single function to do this inside the record layer. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19424)
show more ...
|