| 0be7510f | 08-Sep-2023 |
Tomas Mraz |
Add CVE-2023-4807 fix to CHANGES.md and NEWS.md
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Add CVE-2023-4807 fix to CHANGES.md and NEWS.md
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22033)
show more ...
|
| 02f84b02 | 08-Sep-2023 |
Tomas Mraz |
Sync changes between 3.2 and 3.1 branches
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(
Sync changes between 3.2 and 3.1 branches
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22033)
show more ...
|
| 285eb168 | 07-Sep-2023 |
Bernd Edlinger |
Fix a possible memleak in rsa_pub_encode
That seems to be only an issue for RSA-PSS with parameters.
Spotted by code review, so it looks like there is no test coverage for this.
Fix a possible memleak in rsa_pub_encode
That seems to be only an issue for RSA-PSS with parameters.
Spotted by code review, so it looks like there is no test coverage for this.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22032)
show more ...
|
| 8ac32e1e | 07-Sep-2023 |
Dmitry Misharov |
remove unused Appveyour config
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22000) |
| e22ebb89 | 06-Aug-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Bad function definition
void f() should probably be void f(void)
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@open
Bad function definition
void f() should probably be void f(void)
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
show more ...
|
| bbaeadb0 | 16-Jul-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
"foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tom
"foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
show more ...
|
| ad31628c | 16-Jul-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Remove repeated words
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.
Remove repeated words
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
show more ...
|
| 84f371a1 | 08-Sep-2023 |
Richard Levitte |
Fix test_quic_multistream to allow multiple concurrent tests
The server port was hard coded to 8186. That could make for some
"interesting" effects if two instances of this same test wa
Fix test_quic_multistream to allow multiple concurrent tests
The server port was hard coded to 8186. That could make for some
"interesting" effects if two instances of this same test was running
on the same machine.
This change binds the server interface with port 0, and captures the
resulting random port.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22025)
show more ...
|
| 5d96106c | 08-Sep-2023 |
Matt Caswell |
Fix a build failure where recvmmsg is available but not sendmmsg
Some old glibc versions have recvmmsg but not sendmmsg. We require both to
use that functionality. Introduce a test to ch
Fix a build failure where recvmmsg is available but not sendmmsg
Some old glibc versions have recvmmsg but not sendmmsg. We require both to
use that functionality. Introduce a test to check we have a sufficiently
recent version of glibc.
Fixes #22021
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22036)
show more ...
|
| c499cbc3 | 07-Sep-2023 |
Randall S. Becker |
Prevent 80-test_cmp_http from accidentally killing perl in error.
If there is an issue with setting up the test environment in this test,
pid is not set so stop_server kills the perl pro
Prevent 80-test_cmp_http from accidentally killing perl in error.
If there is an issue with setting up the test environment in this test,
pid is not set so stop_server kills the perl process. A guard has been
added to prevent this situation.
Fixes: #22014
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22015)
show more ...
|
| 9a41a3c6 | 07-Sep-2023 |
Min Zhou |
LoongArch64 assembly pack: add ChaCha20 modules
This assembly implementation for ChaCha20 includes three code paths:
scalar path, 128-bit LSX path and 256-bit LASX path. We prefer the
LoongArch64 assembly pack: add ChaCha20 modules
This assembly implementation for ChaCha20 includes three code paths:
scalar path, 128-bit LSX path and 256-bit LASX path. We prefer the
LASX path or LSX path if the hardware and system support these
extensions.
There are 32 vector registers avaialable in the LSX and LASX
extensions. So, we can load the 16 initial states and the 16
intermediate states of ChaCha into the 32 vector registers for
calculating in the implementation. The test results on the 3A5000
and 3A6000 show that this assembly implementation significantly
improves the performance of ChaCha20 on LoongArch based machines.
The detailed test results are as following.
Test with:
$ openssl speed -evp chacha20
3A5000
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
C code 178484.53k 282789.93k 311793.70k 322234.99k 324405.93k 324659.88k
assembly code 223152.28k 407863.65k 989520.55k 2049192.96k 2127248.70k 2131749.55k
+25% +44% +217% +536% +556% +557%
3A6000
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
C code 214945.33k 310041.75k 340724.22k 349949.27k 352925.01k 353140.74k
assembly code 299151.34k 492766.34k 2070166.02k 4300909.91k 4473978.88k 4499084.63k
+39% +59% +508% +1129% +1168% +1174%
Signed-off-by: Min Zhou <zhoumin@loongson.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21998)
show more ...
|
| d30695ba | 07-Sep-2023 |
Rainer Jung |
Regexp modifier "r" needs perl 5.14; OpenSSL should build with 5.11, so do not use the "r" shortcut.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@
Regexp modifier "r" needs perl 5.14; OpenSSL should build with 5.11, so do not use the "r" shortcut.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22019)
show more ...
|
| d2873946 | 08-Sep-2023 |
Bernd Edlinger |
Fix output corruption in req command
when used in conjunction with -out and -modulus options.
Fixes #21403
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-b
Fix output corruption in req command
when used in conjunction with -out and -modulus options.
Fixes #21403
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22026)
show more ...
|
| aff99225 | 07-Sep-2023 |
Randall S. Becker |
Exclude include of poll.h from NonStop builds - not defined on platform.
socket.h has been modified so that poll.h is omitted for OPENSSL_SYS_NONSTOP
builds. The platform configuration i
Exclude include of poll.h from NonStop builds - not defined on platform.
socket.h has been modified so that poll.h is omitted for OPENSSL_SYS_NONSTOP
builds. The platform configuration is derived from UNIX so the include is
only omitted for NonStop but kept in the OPENSSL_SYS_UNIX include block.
Fixes: #22001
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22006)
show more ...
|
| e9f8e926 | 07-Sep-2023 |
Randall S. Becker |
Modify 50-nonstop.conf to enable c99 extensions for uintptr_t.
This is done using the define __NSK_OPTIONAL_TYPES__ and is specific to the
NonStop platform builds.
Fixes: #22002
Modify 50-nonstop.conf to enable c99 extensions for uintptr_t.
This is done using the define __NSK_OPTIONAL_TYPES__ and is specific to the
NonStop platform builds.
Fixes: #22002
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22005)
show more ...
|
| 11b7d46f | 06-Sep-2023 |
Matt Caswell |
Return NULL if we fail to create a BIO in the demos/quicserver
Strictly speaking the previous code was still correct since BIO_set_fd
is tolerant of a NULL BIO. But this way is more clea
Return NULL if we fail to create a BIO in the demos/quicserver
Strictly speaking the previous code was still correct since BIO_set_fd
is tolerant of a NULL BIO. But this way is more clear.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| cdedecd5 | 06-Sep-2023 |
Matt Caswell |
Add a missing call to BIO_closesocket()
A couple of the demos missed a call to this function in an error case.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Land
Add a missing call to BIO_closesocket()
A couple of the demos missed a call to this function in an error case.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| 38c3c1db | 05-Sep-2023 |
Matt Caswell |
Expand the explanation of how to go and do useful work in non-blocking
Add additional commentary to the non-blocking examples explaining where to
add code to go and do other useful work.
Expand the explanation of how to go and do useful work in non-blocking
Add additional commentary to the non-blocking examples explaining where to
add code to go and do other useful work.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| e8a5b06b | 01-Sep-2023 |
Matt Caswell |
Add a new guide page on writing a non-blocking QUIC client
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/
Add a new guide page on writing a non-blocking QUIC client
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| 5bd2f66a | 25-Aug-2023 |
Matt Caswell |
Add a new guide page on writing a non-blocking TLS client
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/o
Add a new guide page on writing a non-blocking TLS client
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| b71784f7 | 25-Aug-2023 |
Matt Caswell |
Add a QUIC non-blocking demo
Show how to write a QUIC client using a non-blocking socket
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.or
Add a QUIC non-blocking demo
Show how to write a QUIC client using a non-blocking socket
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| 02953645 | 24-Aug-2023 |
Matt Caswell |
Add a TLS non-blocking demo
Show how to write a TLS client using a non-blocking socket
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Add a TLS non-blocking demo
Show how to write a TLS client using a non-blocking socket
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
show more ...
|
| ebce766b | 08-Sep-2023 |
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
Bump coverallsapp/github-action from 2.2.1 to 2.2.3
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.2.1 to 2.2.3.
- [Release notes](https://githu
Bump coverallsapp/github-action from 2.2.1 to 2.2.3
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/v2.2.1...v2.2.3)
---
updated-dependencies:
- dependency-name: coverallsapp/github-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22012)
show more ...
|
| 68e95f78 | 06-Sep-2023 |
Bernd Edlinger |
Fix a possible memleak in SRP_VBASE_new
In the error handling case the memory in
vb->users_pwd was accidentally not released.
Reviewed-by: Paul Dale <pauli@openssl.org>
Revi
Fix a possible memleak in SRP_VBASE_new
In the error handling case the memory in
vb->users_pwd was accidentally not released.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21981)
show more ...
|
| 17dd9a2c | 06-Sep-2023 |
Richard Levitte |
OSSL_STORE: Fix error flag clearing and setting (provider path only)
When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been re
OSSL_STORE: Fix error flag clearing and setting (provider path only)
When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been reached. This is troublesome,
as an error can very well occur during the last load before EOF is reached!
Also, the error flag was never reset, even though documentation specifies
that it should indicate an error in the last load (i.e. not the one before
that).
Fixes #21968
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21976)
show more ...
|
