| 420037c8 | 30-Oct-2023 |
Matt Caswell |
Update the QUIC demos to accept hostname/port on the command line
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte
Update the QUIC demos to accept hostname/port on the command line
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
show more ...
|
| a2b82473 | 30-Oct-2023 |
Matt Caswell |
Extend the README to describe how to run the TLS demos
We also supply some test certificates for use with the demos.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Toma
Extend the README to describe how to run the TLS demos
We also supply some test certificates for use with the demos.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
show more ...
|
| 2ec4e73c | 30-Oct-2023 |
Matt Caswell |
Amend the TLS demos to accept hostname/port as an argument
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitt
Amend the TLS demos to accept hostname/port as an argument
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)
show more ...
|
| 660718ee | 31-Oct-2023 |
Hugo Landau |
QUIC MULTISTREAM TEST: Ensure frames are only injected into correct packet types
Although the previous commit is enough to fix the immediate cause of the
stochastic failure on Windows, t
QUIC MULTISTREAM TEST: Ensure frames are only injected into correct packet types
Although the previous commit is enough to fix the immediate cause of the
stochastic failure on Windows, this is a more resilient fix; make sure
we only inject a given frame into the correct packet type for our
various injection functions.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22578)
show more ...
|
| a6eb287a | 31-Oct-2023 |
Hugo Landau |
QUIC MULTISTREAM TEST: Fix script 38 stochastic failure on Windows
The QUIC fault injector frame injection functionality injects injected
frames on whatever EL we happen to be using to g
QUIC MULTISTREAM TEST: Fix script 38 stochastic failure on Windows
The QUIC fault injector frame injection functionality injects injected
frames on whatever EL we happen to be using to generate a packet in.
This means we sometimes inject the frame into a packet type it is not
allowed to be in, causing a different error code to be generated.
Fix this by making sure the connection is fully established before
trying to generate the frame in question.
Fixes #22348.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22578)
show more ...
|
| d13488b9 | 31-Oct-2023 |
Matt Caswell |
Don't create an ack frame if one isn't wanted for this pn_space
The txp->want_ack value has different bit values for different pn_space
values. Make sure we take that into account when w
Don't create an ack frame if one isn't wanted for this pn_space
The txp->want_ack value has different bit values for different pn_space
values. Make sure we take that into account when we read it.
Fixes #22568
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22579)
show more ...
|
| 3ffc6c64 | 31-Oct-2023 |
Christian Schmidt |
Correct comment in crypto/ec/curve448/ed448.h
Obvious Copy&Paste¬ edit error.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hla
Correct comment in crypto/ec/curve448/ed448.h
Obvious Copy&Paste¬ edit error.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22573)
show more ...
|
| d1338fcf | 26-Oct-2023 |
James Muir |
quic ddd demos: update makefile and demo sources
Update makefile and fix some signedness issues in the demo sources.
Drop stray "\n" in the host-port format string that prevented ddd-01
quic ddd demos: update makefile and demo sources
Update makefile and fix some signedness issues in the demo sources.
Drop stray "\n" in the host-port format string that prevented ddd-01
from working (this was also noticed by Neil H). Also, determine the
length of the message we are sending and send that many bytes (rather
than send sizeof the buffer storing the message).
These changes are part of https://github.com/openssl/project/issues/253
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22542)
show more ...
|
| bcc04ab2 | 27-Oct-2023 |
James Muir |
quic docs: update ddd README.md
Minor edits (expand MVP acronym, suggest how to install "libuv")
These changes are part of
https://github.com/openssl/project/issues/253
quic docs: update ddd README.md
Minor edits (expand MVP acronym, suggest how to install "libuv")
These changes are part of
https://github.com/openssl/project/issues/253
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22543)
show more ...
|
| b119f8b8 | 30-Oct-2023 |
Hugo Landau |
QUIC APL: Optimise write buffer sizes automatically
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org
QUIC APL: Optimise write buffer sizes automatically
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22569)
show more ...
|
| 26652896 | 30-Oct-2023 |
Hugo Landau |
QUIC TXP: Fix drainage calculation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged fro
QUIC TXP: Fix drainage calculation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22569)
show more ...
|
| 796e5f96 | 23-Oct-2023 |
Neil Horman |
Create a rudimentary symbol scanning script
We would like to be able to log and audit the symbols we use in openssl
so that we might catch when a new platform symbols is referecned
Create a rudimentary symbol scanning script
We would like to be able to log and audit the symbols we use in openssl
so that we might catch when a new platform symbols is referecned
Add such a script (just on unix platforms for now) that gathers the used
symbols not belonging to libcrypto or libssl, and compare it to a prior
known set of used symbols. Error out if a new symbol is found
Add this script to the ci workflow in CI to capture newly
introduced platform symbols
Fixes #22330
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22478)
show more ...
|
| bdcaa80f | 31-Oct-2023 |
Sam James |
CI: add Clang 17
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Pau
CI: add Clang 17
Signed-off-by: Sam James <sam@gentoo.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22570)
show more ...
|
| ddf84fc4 | 30-Oct-2023 |
Matt Caswell |
Stop the quicserver if the handshake or receiving the request fails
Previously we entered an infinite loop if these things failed.
Reviewed-by: Paul Dale <pauli@openssl.org>
Rev
Stop the quicserver if the handshake or receiving the request fails
Previously we entered an infinite loop if these things failed.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22557)
show more ...
|
| dfb26e03 | 31-Oct-2023 |
Pauli |
rand uniform: add comments outlining the algorithm
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas
rand uniform: add comments outlining the algorithm
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
show more ...
|
| d05e0e40 | 28-Oct-2023 |
Pauli |
Add test case for uniform random generators
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <
Add test case for uniform random generators
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
show more ...
|
| 55755fbf | 25-Oct-2023 |
Pauli |
rand: implement an unbiased random integer from a range
Refer: https://github.com/apple/swift/pull/39143 for a description
of the algorithm.
It is optimal in the sense of having
rand: implement an unbiased random integer from a range
Refer: https://github.com/apple/swift/pull/39143 for a description
of the algorithm.
It is optimal in the sense of having:
* no divisions
* minimal number of blocks of random bits from the generator
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22499)
show more ...
|
| 74ff15e1 | 30-Oct-2023 |
Matt Caswell |
Don't error if s_client receives exactly BUFSIZZ data
We should accept that many bytes without failing
Fixes #22551
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Revie
Don't error if s_client receives exactly BUFSIZZ data
We should accept that many bytes without failing
Fixes #22551
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22558)
show more ...
|
| d030bac5 | 30-Oct-2023 |
Dmitry Misharov |
remove setup-perl actiond from windows jobs
Windows runner have Perl preinstalled.
https://github.com/actions/runner-images/blob/main/images/win/Windows2022-Readme.md
Reviewed-b
remove setup-perl actiond from windows jobs
Windows runner have Perl preinstalled.
https://github.com/actions/runner-images/blob/main/images/win/Windows2022-Readme.md
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22555)
show more ...
|
| 8d13d9e7 | 27-Oct-2023 |
Matt Caswell |
Check for NULL when freeing the QUIC_TLS object
Free functions are expected to be tolerant of a NULL pointer being passed.
Fixes the problem in
https://github.com/openssl/openss
Check for NULL when freeing the QUIC_TLS object
Free functions are expected to be tolerant of a NULL pointer being passed.
Fixes the problem in
https://github.com/openssl/openssl/pull/21668#issuecomment-1782718328
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22536)
show more ...
|
| 497a7810 | 26-Oct-2023 |
Tomas Mraz |
evp_test.c: There are now 3 parameters possible for digests
In digest_test_run() there are now 3 parameters possible plus
the sentinel value. In reality we will never use all three
a
evp_test.c: There are now 3 parameters possible for digests
In digest_test_run() there are now 3 parameters possible plus
the sentinel value. In reality we will never use all three
at once but Coverity rightfully complains that it is possible
to overflow the params array.
Fixes Coverity 1548054
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22521)
show more ...
|
| 758e9b53 | 27-Oct-2023 |
Hugo Landau |
QUIC CHANNEL: Make ping deadline and idle deadline calculation consistent
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https:/
QUIC CHANNEL: Make ping deadline and idle deadline calculation consistent
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22533)
show more ...
|
| 10dfd796 | 27-Oct-2023 |
Matt Caswell |
If the loss detection timer has fired we may not have lost packets
We calculate the delay from the point that a packet arrives until it will
be counted as lost based on rtt info. Looking
If the loss detection timer has fired we may not have lost packets
We calculate the delay from the point that a packet arrives until it will
be counted as lost based on rtt info. Looking at all the packets we can
then calculate the earliest time that a packet will be counted as lost.
When that timer fires the latest rtt info may have changed and therefore
the packet may no longer be counted as lost yet.
We should not assume that just because the ackm timeout has fired that
there will definitely be lost packets.
Fixes #22538
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22541)
show more ...
|
| 3a29ac26 | 27-Oct-2023 |
Kurt Roeckx |
Create a fuzz introspector exclude config file
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/ope
Create a fuzz introspector exclude config file
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22532)
show more ...
|
| 83efd717 | 25-Oct-2023 |
James Muir |
free oaep label-octet-string on error
When successful, ossl_X509_ALGOR_from_nid() returns a pointer to an
X509_ALGOR object. Inside ossl_X509_ALGOR_from_nid(),
X509_ALGOR_set0() is
free oaep label-octet-string on error
When successful, ossl_X509_ALGOR_from_nid() returns a pointer to an
X509_ALGOR object. Inside ossl_X509_ALGOR_from_nid(),
X509_ALGOR_set0() is called, and this passes ownership of the ASN1
object "los" (label octet string) to the X509_ALGOR object. When
ossl_X509_ALGOR_from_nid() fails, ownership has not been passed on and
we need to free "los".
Change the scope of "los" and ensure it is freed on failure (on
success, set it to NULL so it is not freed inside the function).
Fixes #22336
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22495)
show more ...
|
