list: add debug sanity checks

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

list: add an is empty function

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/1937

list: add an is empty function

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

list: rename internal fields

This makes conversion to using list.h easier because the compiler will error
on an unknown field name rather than accepting `head` and `tail` and missing

list: rename internal fields

This makes conversion to using list.h easier because the compiler will error
on an unknown field name rather than accepting `head` and `tail` and missing
some changes.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

QUIC: use list.h

The demux and record RX implemented lists internally. This changes them over
to using list.h.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane

QUIC: use list.h

The demux and record RX implemented lists internally. This changes them over
to using list.h.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

QUIC ackm: use list.h

Instead of implementing a list internally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from h

QUIC ackm: use list.h

Instead of implementing a list internally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

QUIC tx record layer: use list.h

As opposed to implementing a linked list explicitly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.co

QUIC tx record layer: use list.h

As opposed to implementing a linked list explicitly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

uint_set: convert uint_set to use the list data type

This is instead of re-implementing a linked list itself.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis

uint_set: convert uint_set to use the list data type

This is instead of re-implementing a linked list itself.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19377)

show more ...

Add documentation for CPUID bit #64+17

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com

Add documentation for CPUID bit #64+17

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19670)

show more ...

gcm_get_funcs(): Add missing fallback for ghash on x86_64

Fixes #19673

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from

gcm_get_funcs(): Add missing fallback for ghash on x86_64

Fixes #19673

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19674)

show more ...

test: fix typo in test description

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19666)

test: add two comparision options to fips version test utility code

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://gith

test: add two comparision options to fips version test utility code

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19666)

show more ...

Add test for EVP_PKEY_eq

This tests that the comparison work even if a provider can only return
a public key.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: D

Add test for EVP_PKEY_eq

This tests that the comparison work even if a provider can only return
a public key.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19648)

show more ...

Update documentation for keymgmt export utils

Change function prototypes and explain how to use the selection
argument.

Signed-off-by: Simo Sorce <simo@redhat.com>

Revi

Update documentation for keymgmt export utils

Change function prototypes and explain how to use the selection
argument.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19648)

show more ...

Propagate selection all the way on key export

EVP_PKEY_eq() is used to check, among other things, if a certificate
public key corresponds to a private key. When the private key belongs t

Propagate selection all the way on key export

EVP_PKEY_eq() is used to check, among other things, if a certificate
public key corresponds to a private key. When the private key belongs to
a provider that does not allow to export private keys this currently
fails as the internal functions used to import/export keys ignored the
selection given (which specifies that only the public key needs to be
considered) and instead tries to export everything.

This patch allows to propagate the selection all the way down including
adding it in the cache so that a following operation actually looking
for other selection parameters does not mistakenly pick up an export
containing only partial information.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19648)

show more ...

apps/ocsp.c: Add missing test if make_ocsp_response failed

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merge

apps/ocsp.c: Add missing test if make_ocsp_response failed

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19660)

show more ...

apps/speed.c: add verifying if fdopen returns NULL

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/ope

apps/speed.c: add verifying if fdopen returns NULL

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19651)

show more ...

Add thread pool design document (phase 1)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/

Add thread pool design document (phase 1)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19455)

show more ...

Test SSL_shutdown() with async writes

As well as SSL_shutdown() itself this excercises the async write paths
in ssl3_dispatch_alert().

Reviewed-by: Hugo Landau <hlandau@openssl.

Test SSL_shutdown() with async writes

As well as SSL_shutdown() itself this excercises the async write paths
in ssl3_dispatch_alert().

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19550)

show more ...

Resolve a TODO in ssl3_dispatch_alert

Properly handle the case where there is pending write data and we want
to send an alert.

Reviewed-by: Hugo Landau <hlandau@openssl.org>

Resolve a TODO in ssl3_dispatch_alert

Properly handle the case where there is pending write data and we want
to send an alert.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19550)

show more ...

Update Stream Receive Buffers design document with implementation details

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from htt

Update Stream Receive Buffers design document with implementation details

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19351)

show more ...

Plug the QUIC_RSTREAM to the RX depacketizer

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/opens

Plug the QUIC_RSTREAM to the RX depacketizer

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19351)

show more ...

QUIC Receive Stream Management: Call QUIC flow control

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/ope

QUIC Receive Stream Management: Call QUIC flow control

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19351)

show more ...

QUIC Receive Stream Management

Added SFRAME_LIST structure and QUIC_RSTREAM object to
manage received stream data.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by:

QUIC Receive Stream Management

Added SFRAME_LIST structure and QUIC_RSTREAM object to
manage received stream data.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19351)

show more ...

COMP_expand_block: spelling (algorithm)


CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <h

COMP_expand_block: spelling (algorithm)


CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19509)

show more ...

Fix memory leak when freeing the DTLS record layer

We need to check whether the sent_messages has actually buffered any
messages in it. If not we won't free the old record layer later wh

Fix memory leak when freeing the DTLS record layer

We need to check whether the sent_messages has actually buffered any
messages in it. If not we won't free the old record layer later when we
clear out the old buffered messages and a memory leak will result.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19586)

show more ...