Make CHANGES.md header more appropriate

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Make CHANGES.md header more appropriate

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22785)

(cherry picked from commit d330fef1f1446c968e31803778bc7b3d067c7e99)

show more ...

Amend NEWS.md to be more like release notes

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org

Amend NEWS.md to be more like release notes

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22785)

(cherry picked from commit 5e07ea4f82b5250d64183ddda2b56ebf37df126a)

show more ...

doc: fix description of mac "block-size" parameter

The macro for "block-size" is OSSL_MAC_PARAM_BLOCK_SIZE, and this
parameter is not settable. Refer to the "customization string" rathe

doc: fix description of mac "block-size" parameter

The macro for "block-size" is OSSL_MAC_PARAM_BLOCK_SIZE, and this
parameter is not settable. Refer to the "customization string" rather
than the "custom value" (in the Blake2 spec, this is called the
personalization string).

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22763)

show more ...

doc: better description of KECCAK-KMAC XOF

KECCAK-KMAC-128 and KECCAK-KMAC-256 are extendable output functions
that have been defined because they are convenient for implementing
KMA

doc: better description of KECCAK-KMAC XOF

KECCAK-KMAC-128 and KECCAK-KMAC-256 are extendable output functions
that have been defined because they are convenient for implementing
KMAC. Give definitions for them so that users aren't left to figure
that out themselves. KECCAK-KMAC-128 is very similar to SHAKE-128,
and KECCAK-KMAC-256 is very similar to SHAKE-256.

Related to #22619.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22755)

show more ...

Update the provider documentation

Make the documentation match reality. Add lots of missing algorithms.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mr

Update the provider documentation

Make the documentation match reality. Add lots of missing algorithms.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22694)

show more ...

Update OpenSSL logos

Add two new files

doc/images/openssl-square.svg
doc/images/openssl-square-nontransparent.png

and update the existing file

doc/images

Update OpenSSL logos

Add two new files

doc/images/openssl-square.svg
doc/images/openssl-square-nontransparent.png

and update the existing file

doc/images/openssl.svg

The "square" versions of the logo write "Open" and "SSL" on separate
lines, so that less horizontal space is used.

The png file (nontransparent, white background) can be used to update
the profile picture for the OpenSSL organization on GitHub.

For the existing logo, openssl.svg, the subtitle "Cryptography and
SSL/TLS Toolkit" has been dropped and the text-elements have been
converted to paths (so they are no longer dependent on what fonts the
renderer provides).

The svg files were provided by Anton A.

Part of https://github.com/openssl/project/issues/262

Reviewed-by: Anton Arapov <anton@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22626)

show more ...

Fix possible memleak in PKCS7_add0_attrib_signing_time

When PKCS7_add_signed_attribute fails, the ASN1_TIME
object may be leaked when it was not passed in as
input parameter.

Fix possible memleak in PKCS7_add0_attrib_signing_time

When PKCS7_add_signed_attribute fails, the ASN1_TIME
object may be leaked when it was not passed in as
input parameter.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)

show more ...

Fix a possible use-after-free in custom_exts_free

This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be cal

Fix a possible use-after-free in custom_exts_free

This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)

show more ...

Fix a possible memleak in CMS_sign_receipt

When an error happens after cms_encode_Receipt
the ASN1_OCTET_STRING object "os" may be leaked.

Reviewed-by: Shane Lontis <shane.lonti

Fix a possible memleak in CMS_sign_receipt

When an error happens after cms_encode_Receipt
the ASN1_OCTET_STRING object "os" may be leaked.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22758)

show more ...

Fix a possible memleak in PKCS7_add_attrib_smimecap

When PKCS7_add_signed_attribute fails, the ASN1_STRING
object may be leaked.

Reviewed-by: Neil Horman <nhorman@openssl.org>

Fix a possible memleak in PKCS7_add_attrib_smimecap

When PKCS7_add_signed_attribute fails, the ASN1_STRING
object may be leaked.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22744)

show more ...

Fix a possible memory leak in dane_tlsa_add

Several error cases leak either the X509 object
or the pkey or the danetls_record object.

Reviewed-by: Hugo Landau <hlandau@openssl.o

Fix a possible memory leak in dane_tlsa_add

Several error cases leak either the X509 object
or the pkey or the danetls_record object.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22743)

show more ...

Fix typo in variable name

Fix spelling $cppfags2 => $cppflags2 in file Configurations/windows-makefile.tmpl

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Re

Fix typo in variable name

Fix spelling $cppfags2 => $cppflags2 in file Configurations/windows-makefile.tmpl

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22771)

show more ...

Move freeing of an old record layer to dtls1_clear_sent_buffer

When we are clearing the sent messages queue we should ensure we free any
old write record layers that are no longer in use

Move freeing of an old record layer to dtls1_clear_sent_buffer

When we are clearing the sent messages queue we should ensure we free any
old write record layers that are no longer in use. Previously this logic
was in dtls1_hm_fragment_free() - but this can end up freeing the current
record layer under certain error conditions.

Fixes #22664

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22679)

show more ...

zero data in hm_fragment on alloc

if we allocate a new hm_frament in dtls1_buffer_message with
dtls1_hm_fragment_new, the returned fragment contains uninitalized data in the
msg_head

zero data in hm_fragment on alloc

if we allocate a new hm_frament in dtls1_buffer_message with
dtls1_hm_fragment_new, the returned fragment contains uninitalized data in the
msg_header field. If an error then occurs, and we free the fragment,
dtls_hm_fragment_free interrogates the msg_header field (which is garbage), and
potentially references undefined values, or worse, accidentally references
available memory that is not owned, leading to various corruptions.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22679)

show more ...

augment quic demos to support ipv4/6 connections

Because the quicserver utility supports expressly listening in ipv4/6
mode, its possible/likely that the server will listen on an ipv4

augment quic demos to support ipv4/6 connections

Because the quicserver utility supports expressly listening in ipv4/6
mode, its possible/likely that the server will listen on an ipv4
address, while the clients will connect via ipv6, leading to connection
failures.

Augment quic demo clients to afford them the same -6 option that the
server has so that connection family can be co-ordinated

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22577)

show more ...

NOTES-WINDOWS: fix named anchor links in table of contents

Those links were probably broken by some changes to the sanitizer
of the [github/markup] module.

[github/markup]: http

NOTES-WINDOWS: fix named anchor links in table of contents

Those links were probably broken by some changes to the sanitizer
of the [github/markup] module.

[github/markup]: https://github.com/github/markup/#github-markup

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22725)

show more ...

Bump actions/github-script from 6 to 7

Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/rel

Bump actions/github-script from 6 to 7

Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22730)

show more ...

Configure: do not check for an absolute prefix in cross-builds

The check is always made according to the host platform's rules, which may
not be true for true when the target platform is

Configure: do not check for an absolute prefix in cross-builds

The check is always made according to the host platform's rules, which may
not be true for true when the target platform is different, e.g. when
cross-building for Windows on a Linux machine. So skip this check when
used together with the `--cross-compile-prefix=` option.

Fixes https://github.com/openssl/openssl/issues/9520

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22723)

show more ...

Update ci and ABI xml files to validate function parameters

libabigail is currenly only validating symbol presence and version
information in ci. We should also be validating function p

Update ci and ABI xml files to validate function parameters

libabigail is currenly only validating symbol presence and version
information in ci. We should also be validating function parameters,
types, etc. To do this we need to build the library with -g so the
dwarf information is available for libabigail to interrogate

while we're at it, also add a script to re-generate the xml that abidiff
uses for comparison during ci runs, to make updates easier

Fixes #22712

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22713)

show more ...

Correct tag len check when determining how much space we have in the pkt

If the available space is equal to the tag length then we have no available
space for plaintext data.

Fi

Correct tag len check when determining how much space we have in the pkt

If the available space is equal to the tag length then we have no available
space for plaintext data.

Fixes #22699

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22715)

show more ...

Add some additional tests for the new fc "consumed" params

Check that the "consumed" parameter is working as expected.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by

Add some additional tests for the new fc "consumed" params

Check that the "consumed" parameter is working as expected.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22718)

show more ...

Keep track of connection credit as we add stream data

If a single packet contains data from multiple streams we need to keep track
of the cummulative connection level credit consumed acr

Keep track of connection credit as we add stream data

If a single packet contains data from multiple streams we need to keep track
of the cummulative connection level credit consumed across all of the
streams. Once the connection level credit has been consumed we must stop
adding stream data.

Fixes #22706

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22718)

show more ...

Fix SHA3_squeeze on armv4.

For armv4 - Only the first 4 parameters can be passed via registers
(r0..r3).

As all of the general registers are already used,
r11 was used to st

Fix SHA3_squeeze on armv4.

For armv4 - Only the first 4 parameters can be passed via registers
(r0..r3).

As all of the general registers are already used,
r11 was used to store the 'next' param.
R11 is now pushed/poped on entry/exit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22719)

show more ...

demos: tidy up makefiles, fix warnings

Update makefiles so that consistent patterns are used. Object files
are compiled from source using an implicit rule (but using our
CFLAGS); fo

demos: tidy up makefiles, fix warnings

Update makefiles so that consistent patterns are used. Object files
are compiled from source using an implicit rule (but using our
CFLAGS); for linking, we give an explicit rule. Ensure that "make
test" works in each subdirectory (even if it does not actually run any
applications). The top-level demo makefile now works.

The makefiles are not make-agnostic. e.g. they use the variable $(RM)
in "clean" recipes, which is defined in gnu-make but may not be
defined in others.

Part of #17806

Testing:

$ cd demo
$ make test

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22698)

show more ...

Import repro from #22708 as a test case

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22

Import repro from #22708 as a test case

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22710)

show more ...