3bfc58ad | 16-Jun-2022 |
Matt Caswell |
Add a test for BIO_s_mem() when using datagrams The previous commit added support to BIO_s_mem() for using datagrams. We now add tests for that functionality. Reviewed-by: Tomas
Add a test for BIO_s_mem() when using datagrams The previous commit added support to BIO_s_mem() for using datagrams. We now add tests for that functionality. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18596)
show more ...
|
5a4ba72f | 16-Jun-2022 |
Matt Caswell |
Give BIO_s_mem() the ability to support datagrams We introduce a new BIO ctrl that switches a BIO_s_mem() into datagram mode. Packet boundaries are respected. Reviewed-by: Tomas
Give BIO_s_mem() the ability to support datagrams We introduce a new BIO ctrl that switches a BIO_s_mem() into datagram mode. Packet boundaries are respected. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18596)
show more ...
|
08c00377 | 26-Jul-2022 |
Joachim Vandersmissen |
Update EVP_KDF-X942-ASN1.pod Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks like
Update EVP_KDF-X942-ASN1.pod Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks like a fallback). Fixed name for OSSL_KDF_PARAM_X942_USE_KEYBITS. CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18878)
show more ...
|
3ebcb2ff | 25-Jul-2022 |
Pauli |
GCM: record limit counter gets reset on AAD changes It shouldn't be. This moves the reset to the init function instead and only does the reset on a key change. Reviewed-by: Hug
GCM: record limit counter gets reset on AAD changes It shouldn't be. This moves the reset to the init function instead and only does the reset on a key change. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18860)
show more ...
|
5f18dc7f | 25-Jul-2022 |
Slanterns |
Remove `no-{ssl|tls|tls1_3|dtls}-method` in INSTALL.md CLA: trivial Actually there is no option called `no-{ssl|tls|tls1_3|dtls}-method`. Reviewed-by: Hugo Landau <hlandau@
Remove `no-{ssl|tls|tls1_3|dtls}-method` in INSTALL.md CLA: trivial Actually there is no option called `no-{ssl|tls|tls1_3|dtls}-method`. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18872)
show more ...
|
c34e7876 | 20-Jul-2022 |
Dr. David von Oheimb |
x509_lu.c and x509_vfy.c: improve coding style, comments, and related doc Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Davi
x509_lu.c and x509_vfy.c: improve coding style, comments, and related doc Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18840)
show more ...
|
affc070a | 25-Jul-2022 |
Juergen Christ |
s390x: Optimize kmac Use hardware acceleration for kmac on s390x. Since klmd does not support kmac, perform padding of the last block by hand and use kimd. Yields a performance imp
s390x: Optimize kmac Use hardware acceleration for kmac on s390x. Since klmd does not support kmac, perform padding of the last block by hand and use kimd. Yields a performance improvement of between 2x and 3x. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18863)
show more ...
|
7a86cb69 | 24-Jul-2022 |
Dr. David von Oheimb |
80-test_cmp_http.t: fix adaption of plan on 'certstatus' aspect of Mock server Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by:
80-test_cmp_http.t: fix adaption of plan on 'certstatus' aspect of Mock server Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18858)
show more ...
|
ff1efe6e | 14-May-2022 |
Charles Milette |
Fix UWP builds by defining VirtualLock Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull
Fix UWP builds by defining VirtualLock Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18311)
show more ...
|
9c90a073 | 25-Jul-2022 |
Richard Levitte |
Configurations/10-main.conf: In the VC-common target, unquote $(CC) Some of the VC-common attributes have values that use `$(CC)`, wrapped with quotes. However, `Configurations/windows-
Configurations/10-main.conf: In the VC-common target, unquote $(CC) Some of the VC-common attributes have values that use `$(CC)`, wrapped with quotes. However, `Configurations/windows-makefile.tmpl` already quotes the `CC` value, like this: CC="{- $config{CC} -}" The interaction between that makefile variable and the attributes using `$(CC)` wrapped with quotes is a command line with the quotes doubled. For example, the value of `$(CPP)` becomes `""cl""`. Strangely enough, this appears to be tolerated, at least on some versions of Windows. However, this has been reported not to be the case. This is fixed by removing the quotes in `Configurations/10-main.conf`, making `Configurations/windows-makefile.tmpl` responsible for proper quoting. Fixes #18823 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18861) (cherry picked from commit c04b8819161de007cee831dd9e58dde52268da18)
show more ...
|
48e35b99 | 25-Jul-2022 |
Juergen Christ |
s390x: Fix GCM setup Rework of GCM code did not include s390x causing NULL pointer dereferences on GCM operations other than AES-GCM on platforms that support kma. Fix this by a pro
s390x: Fix GCM setup Rework of GCM code did not include s390x causing NULL pointer dereferences on GCM operations other than AES-GCM on platforms that support kma. Fix this by a proper setup of the function pointers. Fixes: 92c9086e5c2b ("Use separate function to get GCM functions") Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18862)
show more ...
|
316fad64 | 25-Jul-2022 |
Pauli |
Fix error in LHASH documentation Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pu
Fix error in LHASH documentation Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/18859)
show more ...
|
a6843e6a | 22-Jul-2022 |
Matt Caswell |
Fix no-dtls1_2 dtlstest.c needs some adjusting to handle no-dtls1_2 since commit 7bf2e4d7f0c banned DTLSv1 at the default security level - causing the test to fail. Reviewed
Fix no-dtls1_2 dtlstest.c needs some adjusting to handle no-dtls1_2 since commit 7bf2e4d7f0c banned DTLSv1 at the default security level - causing the test to fail. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18848)
show more ...
|
54a84f02 | 20-Jul-2022 |
Richard Levitte |
Don't try to make configuration leaner This partially reverts Github PR #16378: commit 764cf5b26306a8712e8b3d41599c44dc5ed07a25, titled "Configuration: only produce a new configdata.
Don't try to make configuration leaner This partially reverts Github PR #16378: commit 764cf5b26306a8712e8b3d41599c44dc5ed07a25, titled "Configuration: only produce a new configdata.pm if it has changed contents" Unfortunately, the attempt to make configuration leaner didn't take into account all the files that may or may not affect the outcome of `configdata.pm`, and most of all, didn't take into account that `Makefile` has clauses of its own to determined when a reconfiguration is needed, all based on time stamps. Something as simple as a changed `Configurations/10-main.conf`, where the change doesn't affect the resulting `configdata.pm` gets `make` into a reconfiguration loop, because `configdata.pm` is older than `10-main.conf`. The lesson to remember is not to try to outsmart `make` in cases like this. We retain the other parts of the PR mentioned, as they are still valid. needed to be taken into account (all the Configurations/*.conf as well as all the build.info) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18832)
show more ...
|
cbb1cda6 | 20-Jul-2022 |
Dr. David von Oheimb |
CHANGES.md: Add entries for contributions to 3.1 by DDvO Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@open
CHANGES.md: Add entries for contributions to 3.1 by DDvO Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18833)
show more ...
|
29fcd2e7 | 21-Jul-2022 |
Todd Short |
Add test from "Fix re-signing certificates with different key sizes" Tests for #16080 and #18836 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@open
Add test from "Fix re-signing certificates with different key sizes" Tests for #16080 and #18836 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18841)
show more ...
|
93429fc0 | 21-Jul-2022 |
Pauli |
Coverity 1507376: Dereference after null check Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/open
Coverity 1507376: Dereference after null check Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18837)
show more ...
|
d50e0934 | 20-Jul-2022 |
Todd Short |
Clean up GCM_MUL and remove GCM_FUNCREF_4BIT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pu
Clean up GCM_MUL and remove GCM_FUNCREF_4BIT Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835)
show more ...
|
95201ef4 | 20-Jul-2022 |
Todd Short |
Clean up use of GHASH macro Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835) |
92c9086e | 20-Jul-2022 |
Todd Short |
Use separate function to get GCM functions Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull
Use separate function to get GCM functions Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835)
show more ...
|
7da952bc | 20-Jul-2022 |
Todd Short |
Remove some unused 4bit GCM code Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835) |
7b6e19fc | 20-Jul-2022 |
Todd Short |
Remove unused 1bit GCM implementation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1883
Remove unused 1bit GCM implementation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835)
show more ...
|
a8b5128f | 20-Jul-2022 |
Todd Short |
Remove unused 8bit GCM implementation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1883
Remove unused 8bit GCM implementation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18835)
show more ...
|
b91ad3c6 | 10-Jun-2022 |
Matt Caswell |
Fix a crash in v2i_IPAddrBlocks() If an IP address prefix value is supplied that is too large then a crash can result. v2i_IPAddrBlocks() should sanity check the prefix value, as sho
Fix a crash in v2i_IPAddrBlocks() If an IP address prefix value is supplied that is too large then a crash can result. v2i_IPAddrBlocks() should sanity check the prefix value, as should X509v3_addr_add_prefix(). Reported by Theo Buehler (@botovq) Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18523)
show more ...
|
2752ab2e | 20-Jul-2022 |
Pauli |
Fix error in example. Fixes #18828 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl
Fix error in example. Fixes #18828 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18829)
show more ...
|