History log of /openssl/ (Results 4501 – 4525 of 36054)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
df274c3327-Jul-2022 GregoryTrzonkowski

Correction: uncompressed is the default value

CLA: trivial

The description was incorrect. The uncompressed is the default value.

Reviewed-by: Tomas Mraz <tomas@openssl.org>

Correction: uncompressed is the default value

CLA: trivial

The description was incorrect. The uncompressed is the default value.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18889)

show more ...


doc/man1/openssl-ec.pod.in
186be8ed28-Jul-2022 Tomas Mraz

Fix regression from GCM mode refactoring

Fixes #18896

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/

Fix regression from GCM mode refactoring

Fixes #18896

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18903)

show more ...


crypto/modes/gcm128.c
7e32ca7928-Jul-2022 Tomas Mraz

test_external_oqsprovider: Use working checkout of liboqs

Fixes #18898

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merge

test_external_oqsprovider: Use working checkout of liboqs

Fixes #18898

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18899)

show more ...


test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
709651c926-Jul-2022 Richard Levitte

Fix quotes install_fips in Configurations/windows-makefile.tmpl

Directories and file names with spaces require quoting... again

Fixes #18880

Reviewed-by: Tomas Mraz <tomas

Fix quotes install_fips in Configurations/windows-makefile.tmpl

Directories and file names with spaces require quoting... again

Fixes #18880

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18881)

show more ...


Configurations/windows-makefile.tmpl
67c0460b26-Jul-2022 Alon Bar-Lev

Handle SMIME_crlf_copy return code

Currently the SMIME_crlf_copy result is ignored in all usages. It does
return failure when memory allocation fails.

This patch handles the SMI

Handle SMIME_crlf_copy return code

Currently the SMIME_crlf_copy result is ignored in all usages. It does
return failure when memory allocation fails.

This patch handles the SMIME_crlf_copy return code in all occurrences.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18876)

show more ...


crypto/asn1/asn_mime.c
crypto/cms/cms_smime.c
crypto/pkcs7/pk7_smime.c
b037561326-Jul-2022 Alon Bar-Lev

REGRESSION: CMS_final: do not ignore CMS_dataFinal result

The CMS_dataFinal result is important as signature may fail, however, it
is ignored while returning success from CMS_final.

REGRESSION: CMS_final: do not ignore CMS_dataFinal result

The CMS_dataFinal result is important as signature may fail, however, it
is ignored while returning success from CMS_final.

The SMIME_crlf_copy result is returned while it is ignored in the rest
of the openssl code.

Prefer the CMS_dataFinal result.

This is regression from openssl-1.

Blame finds c1669f41ei as root cause of regression.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18876)

show more ...


crypto/cms/cms_smime.c
38b051a120-Jun-2022 Tomas Mraz

SSL object refactoring using SSL_CONNECTION object

Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented

SSL object refactoring using SSL_CONNECTION object

Make the SSL object polymorphic based on whether this is
a traditional SSL connection, QUIC connection, or later
to be implemented a QUIC stream.

It requires adding if after every SSL_CONNECTION_FROM_SSL() call
which itself has to be added to almost every public SSL_ API call.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18612)

show more ...


ssl/bio_ssl.c
ssl/d1_lib.c
ssl/d1_msg.c
ssl/d1_srtp.c
ssl/ktls.c
ssl/priority_queue.c
ssl/quic/quic_impl.c
ssl/quic/quic_local.h
ssl/record/dtls1_bitmap.c
ssl/record/rec_layer_d1.c
ssl/record/rec_layer_s3.c
ssl/record/record.h
ssl/record/record_local.h
ssl/record/ssl3_buffer.c
ssl/record/ssl3_record.c
ssl/record/ssl3_record_tls13.c
ssl/s3_enc.c
ssl/s3_lib.c
ssl/s3_msg.c
ssl/ssl_cert.c
ssl/ssl_ciph.c
ssl/ssl_conf.c
ssl/ssl_lib.c
ssl/ssl_local.h
ssl/ssl_rsa.c
ssl/ssl_sess.c
ssl/ssl_stat.c
ssl/statem/extensions.c
ssl/statem/extensions_clnt.c
ssl/statem/extensions_cust.c
ssl/statem/extensions_srvr.c
ssl/statem/statem.c
ssl/statem/statem.h
ssl/statem/statem_clnt.c
ssl/statem/statem_dtls.c
ssl/statem/statem_lib.c
ssl/statem/statem_local.h
ssl/statem/statem_srvr.c
ssl/t1_enc.c
ssl/t1_lib.c
ssl/t1_trce.c
ssl/tls13_enc.c
ssl/tls_depr.c
ssl/tls_srp.c
test/dtls_mtu_test.c
test/helpers/handshake.c
test/sslapitest.c
test/tls13encryptiontest.c
test/tls13secretstest.c
ce602bb016-Jun-2022 Matt Caswell

Add some documentation for the BIO_s_mem() datagram capability

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.

Add some documentation for the BIO_s_mem() datagram capability

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18596)

show more ...


CHANGES.md
doc/man3/BIO_s_mem.pod
3bfc58ad16-Jun-2022 Matt Caswell

Add a test for BIO_s_mem() when using datagrams

The previous commit added support to BIO_s_mem() for using datagrams. We
now add tests for that functionality.

Reviewed-by: Tomas

Add a test for BIO_s_mem() when using datagrams

The previous commit added support to BIO_s_mem() for using datagrams. We
now add tests for that functionality.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18596)

show more ...


test/build.info
test/membio_test.c
test/recipes/04-test_membio.t
5a4ba72f16-Jun-2022 Matt Caswell

Give BIO_s_mem() the ability to support datagrams

We introduce a new BIO ctrl that switches a BIO_s_mem() into datagram
mode. Packet boundaries are respected.

Reviewed-by: Tomas

Give BIO_s_mem() the ability to support datagrams

We introduce a new BIO ctrl that switches a BIO_s_mem() into datagram
mode. Packet boundaries are respected.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18596)

show more ...


crypto/bio/bss_mem.c
include/openssl/bio.h.in
util/libcrypto.num
08c0037726-Jul-2022 Joachim Vandersmissen

Update EVP_KDF-X942-ASN1.pod

Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks like

Update EVP_KDF-X942-ASN1.pod

Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks like a fallback).
Fixed name for OSSL_KDF_PARAM_X942_USE_KEYBITS.

CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18878)

show more ...


doc/man7/EVP_KDF-X942-ASN1.pod
3ebcb2ff25-Jul-2022 Pauli

GCM: record limit counter gets reset on AAD changes

It shouldn't be. This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hug

GCM: record limit counter gets reset on AAD changes

It shouldn't be. This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18860)

show more ...


providers/implementations/ciphers/ciphercommon_gcm.c
5f18dc7f25-Jul-2022 Slanterns

Remove `no-{ssl|tls|tls1_3|dtls}-method` in INSTALL.md

CLA: trivial

Actually there is no option called `no-{ssl|tls|tls1_3|dtls}-method`.

Reviewed-by: Hugo Landau <hlandau@

Remove `no-{ssl|tls|tls1_3|dtls}-method` in INSTALL.md

CLA: trivial

Actually there is no option called `no-{ssl|tls|tls1_3|dtls}-method`.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18872)

show more ...


INSTALL.md
c34e787620-Jul-2022 Dr. David von Oheimb

x509_lu.c and x509_vfy.c: improve coding style, comments, and related doc

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Davi

x509_lu.c and x509_vfy.c: improve coding style, comments, and related doc

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18840)

show more ...


crypto/x509/x509_lu.c
crypto/x509/x509_vfy.c
doc/man3/X509_STORE_CTX_new.pod
doc/man3/X509_STORE_add_cert.pod
doc/man3/X509_STORE_get0_param.pod
doc/man3/X509_STORE_new.pod
doc/man3/X509_STORE_set_verify_cb_func.pod
include/openssl/x509_vfy.h.in
affc070a25-Jul-2022 Juergen Christ

s390x: Optimize kmac

Use hardware acceleration for kmac on s390x. Since klmd does not support
kmac, perform padding of the last block by hand and use kimd. Yields a
performance imp

s390x: Optimize kmac

Use hardware acceleration for kmac on s390x. Since klmd does not support
kmac, perform padding of the last block by hand and use kimd. Yields a
performance improvement of between 2x and 3x.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18863)

show more ...


providers/implementations/digests/sha3_prov.c
7a86cb6924-Jul-2022 Dr. David von Oheimb

80-test_cmp_http.t: fix adaption of plan on 'certstatus' aspect of Mock server

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by:

80-test_cmp_http.t: fix adaption of plan on 'certstatus' aspect of Mock server

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18858)

show more ...


test/recipes/80-test_cmp_http.t
ff1efe6e14-May-2022 Charles Milette

Fix UWP builds by defining VirtualLock

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull

Fix UWP builds by defining VirtualLock

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18311)

show more ...


crypto/mem_sec.c
9c90a07325-Jul-2022 Richard Levitte

Configurations/10-main.conf: In the VC-common target, unquote $(CC)

Some of the VC-common attributes have values that use `$(CC)`, wrapped with
quotes. However, `Configurations/windows-

Configurations/10-main.conf: In the VC-common target, unquote $(CC)

Some of the VC-common attributes have values that use `$(CC)`, wrapped with
quotes. However, `Configurations/windows-makefile.tmpl` already quotes the
`CC` value, like this:

CC="{- $config{CC} -}"

The interaction between that makefile variable and the attributes using
`$(CC)` wrapped with quotes is a command line with the quotes doubled. For
example, the value of `$(CPP)` becomes `""cl""`.

Strangely enough, this appears to be tolerated, at least on some versions of
Windows. However, this has been reported not to be the case.

This is fixed by removing the quotes in `Configurations/10-main.conf`,
making `Configurations/windows-makefile.tmpl` responsible for proper
quoting.

Fixes #18823

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18861)

(cherry picked from commit c04b8819161de007cee831dd9e58dde52268da18)

show more ...


Configurations/10-main.conf
48e35b9925-Jul-2022 Juergen Christ

s390x: Fix GCM setup

Rework of GCM code did not include s390x causing NULL pointer dereferences on
GCM operations other than AES-GCM on platforms that support kma. Fix this by
a pro

s390x: Fix GCM setup

Rework of GCM code did not include s390x causing NULL pointer dereferences on
GCM operations other than AES-GCM on platforms that support kma. Fix this by
a proper setup of the function pointers.

Fixes: 92c9086e5c2b ("Use separate function to get GCM functions")

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18862)

show more ...


crypto/modes/gcm128.c
316fad6425-Jul-2022 Pauli

Fix error in LHASH documentation

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pu

Fix error in LHASH documentation

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18859)

show more ...


doc/man3/OPENSSL_LH_COMPFUNC.pod
a6843e6a22-Jul-2022 Matt Caswell

Fix no-dtls1_2

dtlstest.c needs some adjusting to handle no-dtls1_2 since commit
7bf2e4d7f0c banned DTLSv1 at the default security level - causing the
test to fail.

Reviewed

Fix no-dtls1_2

dtlstest.c needs some adjusting to handle no-dtls1_2 since commit
7bf2e4d7f0c banned DTLSv1 at the default security level - causing the
test to fail.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18848)

show more ...


test/dtlstest.c
54a84f0220-Jul-2022 Richard Levitte

Don't try to make configuration leaner

This partially reverts Github PR #16378:
commit 764cf5b26306a8712e8b3d41599c44dc5ed07a25, titled "Configuration:
only produce a new configdata.

Don't try to make configuration leaner

This partially reverts Github PR #16378:
commit 764cf5b26306a8712e8b3d41599c44dc5ed07a25, titled "Configuration:
only produce a new configdata.pm if it has changed contents"

Unfortunately, the attempt to make configuration leaner didn't take
into account all the files that may or may not affect the outcome of
`configdata.pm`, and most of all, didn't take into account that `Makefile`
has clauses of its own to determined when a reconfiguration is needed, all
based on time stamps.

Something as simple as a changed `Configurations/10-main.conf`, where the
change doesn't affect the resulting `configdata.pm` gets `make` into a
reconfiguration loop, because `configdata.pm` is older than `10-main.conf`.

The lesson to remember is not to try to outsmart `make` in cases like this.

We retain the other parts of the PR mentioned, as they are still valid.

needed to be taken into account (all the Configurations/*.conf
as well as all the build.info)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18832)

show more ...


Configure
cbb1cda620-Jul-2022 Dr. David von Oheimb

CHANGES.md: Add entries for contributions to 3.1 by DDvO

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@open

CHANGES.md: Add entries for contributions to 3.1 by DDvO

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18833)

show more ...


CHANGES.md
29fcd2e721-Jul-2022 Todd Short

Add test from "Fix re-signing certificates with different key sizes"

Tests for #16080 and #18836

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@open

Add test from "Fix re-signing certificates with different key sizes"

Tests for #16080 and #18836

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18841)

show more ...


test/recipes/25-test_x509.t
93429fc021-Jul-2022 Pauli

Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/open

Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18837)

show more ...


crypto/sparse_array.c

1...<<181182183184185186187188189190>>...1443