History log of /openssl/ (Results 2051 – 2075 of 36054)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
1e6b4baf28-Sep-2023 Matt Caswell

Prepare for release of 3.2 alpha 2


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


CHANGES.md
NEWS.md
VERSION.dat
746b95cc28-Sep-2023 Matt Caswell

make update


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


providers/fips-sources.checksums
providers/fips.checksum
556009c528-Sep-2023 Matt Caswell

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


apps/dhparam.c
apps/gendsa.c
apps/genrsa.c
apps/progs.pl
crypto/bio/bio_addr.c
crypto/bio/bss_sock.c
crypto/cpuid.c
crypto/ec/curve448/point_448.h
crypto/ec/ecp_s390x_nistp.c
crypto/evp/e_chacha20_poly1305.c
crypto/evp/legacy_blake2.c
crypto/evp/pmeth_gn.c
crypto/initthread.c
crypto/lhash/lhash.c
crypto/o_str.c
crypto/pem/pvkfmt.c
crypto/pkcs12/p12_crt.c
crypto/rand/prov_seed.c
crypto/sha/keccak1600.c
crypto/srp/srp_vfy.c
crypto/store/store_lib.c
crypto/x509/ext_dat.h
crypto/x509/standard_exts.h
doc/internal/man3/ossl_provider_new.pod
doc/internal/man3/ossl_rand_get_entropy.pod
doc/man1/openssl-cms.pod.in
doc/man3/BIO_ADDR.pod
doc/man3/EVP_MAC.pod
doc/man3/EVP_SIGNATURE.pod
doc/man3/OSSL_CMP_validate_msg.pod
doc/man3/OSSL_STORE_open.pod
doc/man3/PKCS12_create.pod
doc/man3/PKCS12_gen_mac.pod
doc/man3/SSL_CONF_CTX_set_ssl_ctx.pod
doc/man7/EVP_KDF-PKCS12KDF.pod
doc/man7/EVP_RAND-TEST-RAND.pod
doc/man7/provider-storemgmt.pod
include/crypto/asn1.h
include/crypto/context.h
include/crypto/rand.h
include/openssl/store.h
providers/common/provider_seeding.c
providers/fips/self_test_kats.c
providers/implementations/ciphers/cipher_aes_ccm.c
providers/implementations/ciphers/cipher_aes_gcm.c
providers/implementations/ciphers/cipher_aria_ccm.c
providers/implementations/ciphers/cipher_aria_gcm.c
providers/implementations/ciphers/cipher_sm4_ccm.c
providers/implementations/ciphers/cipher_sm4_gcm.c
ssl/ssl_init.c
test/afalgtest.c
test/chacha_internal_test.c
test/drbgtest.c
test/fake_rsaprov.h
test/helpers/handshake_srp.c
test/ocspapitest.c
test/pkcs12_format_test.c
test/provider_pkey_test.c
test/recipes/15-test_genec.t
test/testutil/driver.c
test/testutil/tests.c
7f5b29c426-Sep-2023 Matt Caswell

Fix no-ssl-trace

Ensure we use OPENSSL_NO_SSL_TRACE guards where appropriate.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged

Fix no-ssl-trace

Ensure we use OPENSSL_NO_SSL_TRACE guards where appropriate.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22193)

show more ...


test/helpers/quictestlib.c
b07107e323-Sep-2023 Randall S. Becker

Move e_os2.h up in quictestlib.c to allow symbol definition consistency.

Fixes: #22178

Signed-of-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Paul Dale

Move e_os2.h up in quictestlib.c to allow symbol definition consistency.

Fixes: #22178

Signed-of-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22179)

show more ...


test/helpers/quictestlib.c
be203ea325-Sep-2023 Matt Caswell

Fix a mem leak when the FIPS provider is used in a different thread

We were neglecting to register the main thread to receive thread stop
notifications. This is important if the thread t

Fix a mem leak when the FIPS provider is used in a different thread

We were neglecting to register the main thread to receive thread stop
notifications. This is important if the thread that starts the FIPS
provider is not the same one that is used when OPENSSL_cleanup() is
called.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)

show more ...


crypto/initthread.c
include/crypto/context.h
providers/fips/fipsprov.c
1a18596121-Sep-2023 Pauli

evp_test: recondition cipher dupctx FIPS version check.

Until the cipher dupctx is properly implemented in 3.1 and 3.0 the check is
wrong. This should be reverted once the implemenation

evp_test: recondition cipher dupctx FIPS version check.

Until the cipher dupctx is properly implemented in 3.1 and 3.0 the check is
wrong. This should be reverted once the implemenation has been done.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)

show more ...


test/evp_test.c
4cde758505-Sep-2023 Pauli

fips: use seed source requested

Fixes #21909

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl

fips: use seed source requested

Fixes #21909

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)

show more ...


crypto/initthread.c
crypto/provider_core.c
crypto/rand/prov_seed.c
crypto/rand/rand_lib.c
doc/internal/man3/ossl_rand_get_entropy.pod
doc/man7/EVP_RAND-TEST-RAND.pod
doc/man7/provider-base.pod
include/crypto/rand.h
include/openssl/core_dispatch.h
providers/baseprov.c
providers/common/provider_seeding.c
a9483b8a25-Sep-2023 Pauli

rand: add extra error code

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)


crypto/err/openssl.txt
crypto/rand/rand_err.c
include/crypto/randerr.h
include/openssl/randerr.h
fffa78c205-Sep-2023 Pauli

fips selftest: avoid relying on a real RNG for self tests

Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG. This leaves the DRBG setup

fips selftest: avoid relying on a real RNG for self tests

Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG. This leaves the DRBG setup
pristine and permits later replacement of the seed source despite
the very early running power up self tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)

show more ...


crypto/rand/rand_lib.c
include/crypto/rand.h
providers/fips/self_test.c
providers/fips/self_test_kats.c
providers/implementations/rands/test_rng.c
util/perl/OpenSSL/paramnames.pm
54e60d2a13-Sep-2023 Pauli

Provider cross version checks warning

Add a warning note to the provider cross version checks indicating that a
pull request branch will not be used if execution is set to on pull reques

Provider cross version checks warning

Add a warning note to the provider cross version checks indicating that a
pull request branch will not be used if execution is set to on pull request.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)

show more ...


.github/workflows/provider-compatibility.yml
6935101304-Sep-2023 Pauli

fix indentation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)


providers/implementations/rands/drbg.c
c37184f504-Sep-2023 Pauli

remove redundant free of NULL

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)


providers/fips/fipsprov.c
91bc783a01-Jul-2023 Jonathan M. Wilbur

Support all NULL-syntax X.509v3 extensions

Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space>

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@op

Support all NULL-syntax X.509v3 extensions

Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space>

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21342)

show more ...


crypto/x509/build.info
crypto/x509/ext_dat.h
crypto/x509/standard_exts.h
crypto/x509/v3_group_ac.c
crypto/x509/v3_ind_iss.c
crypto/x509/v3_no_ass.c
crypto/x509/v3_no_rev_avail.c
crypto/x509/v3_single_use.c
crypto/x509/v3_soa_id.c
test/certs/ext-groupAC.pem
test/certs/ext-indirectIssuer.pem
test/certs/ext-noAssertion.pem
test/certs/ext-noRevAvail.pem
test/certs/ext-sOAIdentifier.pem
test/certs/ext-singleUse.pem
test/recipes/25-test_x509.t
30224a2421-Sep-2023 Matt Caswell

Add a test for BIO_ADDR_copy()

We also add a test for BIO_ADDR_dup() which was also added in 3.2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl

Add a test for BIO_ADDR_copy()

We also add a test for BIO_ADDR_dup() which was also added in 3.2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)

show more ...


test/bio_addr_test.c
test/build.info
test/recipes/61-test_bio_addr.t
d058ae6e21-Sep-2023 Matt Caswell

Clean away the test code implementation of bio_addr_copy

We now have a public function for BIO_ADDR_copy() which can be used in
preference to the test code's private implementation.

Clean away the test code implementation of bio_addr_copy

We now have a public function for BIO_ADDR_copy() which can be used in
preference to the test code's private implementation.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)

show more ...


test/helpers/quictestlib.c
test/helpers/quictestlib.h
e55843ab21-Sep-2023 Matt Caswell

Add documentation for the BIO_ADDR_copy() function

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>

Add documentation for the BIO_ADDR_copy() function

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)

show more ...


doc/man3/BIO_ADDR.pod
a18c9f8021-Sep-2023 Matt Caswell

Implement a public BIO_ADDR_copy() function

We already have BIO_ADDR_dup() but in some contexts that is not sufficent.
We implement BIO_ADDR_copy() and make BIO_ADDR_dup() use it.

Implement a public BIO_ADDR_copy() function

We already have BIO_ADDR_dup() but in some contexts that is not sufficent.
We implement BIO_ADDR_copy() and make BIO_ADDR_dup() use it.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)

show more ...


crypto/bio/bio_addr.c
include/openssl/bio.h.in
util/libcrypto.num
442d08f222-Sep-2023 Matt Caswell

Remove a spurious inclusion of the sparse array header file

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pau

Remove a spurious inclusion of the sparse array header file

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22174)

show more ...


ssl/event_queue.c
6c03fa2122-Sep-2023 Michael Baentsch <57787676+baentsch@users.noreply.github.com>

adding -outpubkey option to genpkey

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pul

adding -outpubkey option to genpkey

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22173)

show more ...


apps/genpkey.c
doc/man1/openssl-genpkey.pod.in
test/recipes/15-test_genec.t
1acc3e8c21-Sep-2023 Matthias St. Pierre

no-engine: fix signing with legacy app method based keys

Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an
`RSA` key with an application defined `RSA_METHOD`) used

no-engine: fix signing with legacy app method based keys

Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an
`RSA` key with an application defined `RSA_METHOD`) used to work in 1.1.1.
That feature was broken in commit 60488d2434, but later on fixed by @t8m
in commit b247113c05 (see #14859).

This commit corrects a minor flaw of the fix, which affects only
`no-engine` builds: the special treatment for foreign keys is guarded
by an `OPENSSL_NO_ENGINE` check.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22163)

show more ...


crypto/evp/pmeth_lib.c
34d36cdc14-Sep-2023 Huiyue Xu

Do not include sparse_array.o in libssl

sparse_array.o is not needed in libssl at 3.0.x version.

Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com>

Reviewed-by: Matt Caswell <m

Do not include sparse_array.o in libssl

sparse_array.o is not needed in libssl at 3.0.x version.

Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22111)

(cherry picked from commit a31cd07af1ca34cdbbd2b077a933208d447ed0b2)

show more ...


crypto/build.info
523c5a0621-Sep-2023 Matt Caswell

Clarify the terminology in the noisy dgram BIO

The previous terminology was quite confusing. We try to use drop, duplicate
and delay more consistently and introduce the "reinject" termin

Clarify the terminology in the noisy dgram BIO

The previous terminology was quite confusing. We try to use drop, duplicate
and delay more consistently and introduce the "reinject" terminology as a
mechanism for implementing duplicates and delays.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)

show more ...


test/helpers/noisydgrambio.c
18fd0ea020-Sep-2023 Matt Caswell

Ensure we free all the BIOs in a chain for QUIC like we do in TLS

An application may pass in a whole BIO chain via SSL_set_bio(). When we
free the BIO we should be using BIO_free_all() n

Ensure we free all the BIOs in a chain for QUIC like we do in TLS

An application may pass in a whole BIO chain via SSL_set_bio(). When we
free the BIO we should be using BIO_free_all() not BIO_free() like we do
with TLS.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)

show more ...


ssl/quic/quic_impl.c
ssl/quic/quic_tserver.c
test/quic_multistream_test.c
f13f9b7120-Sep-2023 Matt Caswell

Ensure we up-ref the sbio before passing it to tserver

We are actually passing two references to sbio: one as part of a BIO chain
and one stand alone. Therefore we need two references.

Ensure we up-ref the sbio before passing it to tserver

We are actually passing two references to sbio: one as part of a BIO chain
and one stand alone. Therefore we need two references.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)

show more ...


test/helpers/quictestlib.c

1...<<81828384858687888990>>...1443