TEST: Display the correct shared library name

In test/recipes/01-test_symbol_presence.t

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>

TEST: Display the correct shared library name

In test/recipes/01-test_symbol_presence.t

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15776)

show more ...

new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are inc

new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)

show more ...

new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are inc

new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)

show more ...

Disabling Encrypt-then-MAC extension in s_client/s_server

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/opens

Disabling Encrypt-then-MAC extension in s_client/s_server

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15735)

show more ...

TEST: Make test/recipes/01-test_symbol_presence.t more platform agnostic

Assuming ".so" as shared library ending is faulty on MacOS, where the
normal shared library extension is ".dylib"

TEST: Make test/recipes/01-test_symbol_presence.t more platform agnostic

Assuming ".so" as shared library ending is faulty on MacOS, where the
normal shared library extension is ".dylib".

We use the platform module to get the same extension as the build process.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15771)

show more ...

Refactor OSSL_STORE_LOADER_do_all_provided() to behave like OSSL_STORE_LOADER_fetch()

This is refactored to use inner_loader_fetch() without any given name,
which is just there to ensure

Refactor OSSL_STORE_LOADER_do_all_provided() to behave like OSSL_STORE_LOADER_fetch()

This is refactored to use inner_loader_fetch() without any given name,
which is just there to ensure all decoder implementations are made
into methods, and then use ossl_method_store_do_all() to list them
all.

This also adds the internal ossl_store_loader_do_all_prefetched(),
which can be used if pre-fetching needs to be done separately from
listing all the decoder implementations, or if listing may happen
multiple times.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

test/evp_extra_test.c: Peek at the error instead of getting it.

If there is an error report, we want to get it printed too.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed

test/evp_extra_test.c: Peek at the error instead of getting it.

If there is an error report, we want to get it printed too.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

DECODER & ENCODER: Add better tracing

Now that we have functions to get the name and properties of the
diverse implementations, we can as well display them for clarity.

Reviewed

DECODER & ENCODER: Add better tracing

Now that we have functions to get the name and properties of the
diverse implementations, we can as well display them for clarity.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

Adapt all public EVP_XXX_do_all_provided() for the changed evp_generic_do_all()

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mra

Adapt all public EVP_XXX_do_all_provided() for the changed evp_generic_do_all()

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

Refactor evp_generic_do_all() to behave like evp_generic_fetch()

This is refactored to use inner_evp_generic_fetch() without any given
name, which is just there to ensure all decoder imp

Refactor evp_generic_do_all() to behave like evp_generic_fetch()

This is refactored to use inner_evp_generic_fetch() without any given
name, which is just there to ensure all decoder implementations are
made into methods, and then use ossl_method_store_do_all() to list
them all.

This also adds the internal evp_generic_do_all_prefetched(), which
can be used if pre-fetching needs to be done separately from listing
all the decoder implementations, or if listing may happen multiple
times.

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

Refactor OSSL_ENCODER_do_all_provided() to behave like OSSL_ENCODER_fetch()

This is refactored to use inner_ossl_encoder_fetch() without any given
name, which is just there to ensure all

Refactor OSSL_ENCODER_do_all_provided() to behave like OSSL_ENCODER_fetch()

This is refactored to use inner_ossl_encoder_fetch() without any given
name, which is just there to ensure all encoder implementations are
made into methods, and then use ossl_method_store_do_all() to list
them all.

This also adds the internal ossl_encoder_do_all_prefetched(), which
can be used if pre-fetching needs to be done separately from listing
all the encoder implementations, or if listing may happen multiple
times.

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

Refactor OSSL_DECODER_do_all_provided() to behave like OSSL_DECODER_fetch()

This is refactored to use inner_ossl_decoder_fetch() without any given
name, which is just there to ensure all

Refactor OSSL_DECODER_do_all_provided() to behave like OSSL_DECODER_fetch()

This is refactored to use inner_ossl_decoder_fetch() without any given
name, which is just there to ensure all decoder implementations are
made into methods, and then use ossl_method_store_do_all() to list
them all.

This also adds the internal ossl_decoder_do_all_prefetched(), which
can be used if pre-fetching needs to be done separately from listing
all the decoder implementations, or if listing may happen multiple
times.

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

Add the internal function ossl_method_store_do_all()

It will simply call the given callback for every method found in the
given store.

Fixes #15538
Fixes #14837

Rev

Add the internal function ossl_method_store_do_all()

It will simply call the given callback for every method found in the
given store.

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

show more ...

s_server: make -rev option easier to find (mention echo)

Since the service is echo-like (see TCP port 7 from RFC 862 or
gnutls-serv --echo), make it easier to find by mentioning "echo" i

s_server: make -rev option easier to find (mention echo)

Since the service is echo-like (see TCP port 7 from RFC 862 or
gnutls-serv --echo), make it easier to find by mentioning "echo" in
the description of it in the help message an man page

Also fixes the man page inconsistency ("sends it back to the server")

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15739)

show more ...

CORE: Move away the allocation of the temporary no_cache method store

The responsibility for managing the temporary store for methods from
algorithm implementations flaged "no_store" is

CORE: Move away the allocation of the temporary no_cache method store

The responsibility for managing the temporary store for methods from
algorithm implementations flaged "no_store" is moved up to the diverse
method fetching functions. This allows them to allocate it "just in
time", or in other words not at all if there is not such algorithm
implementation.

This makes this temporary store more flexible if it's needed outside
of the core fetching functionality, and slightly faster when this
temporary store isn't necessary at all.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15737)

show more ...

ASN1_parse_dump(): allow NULL BIO input, to simplify applications not needing output

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1572

ASN1_parse_dump(): allow NULL BIO input, to simplify applications not needing output

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

show more ...

BIO_write_ex(): Make handing of BIO b == NULL and dlen == 0 less redundant

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

BIO: Make source file names in crypto/bio/ consistent

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

BIO_dum_indent_cb(): Fix handling of cb return value

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

fuzz/asn1parse.c: Clean up non-portable code and catch malloc failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

BIO: prevent crash on NULL BIO for prefix_ctrl() and thus for BIO_set_prefix(), BIO_set_indent(), etc.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl

BIO: prevent crash on NULL BIO for prefix_ctrl() and thus for BIO_set_prefix(), BIO_set_indent(), etc.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

show more ...

ASN1: rename asn1_par.c to asn1_parse.c for clarity; simplify asn1_parse2()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15722)

Use getauxval on Android with API level > 18

We received analytics that devices of the device family Oppo A37x
are crashing with SIGILL when trying to load libcrypto.so.
These crashe

Use getauxval on Android with API level > 18

We received analytics that devices of the device family Oppo A37x
are crashing with SIGILL when trying to load libcrypto.so.
These crashes were fixed by using the system-supplied getauxval function.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11257)

show more ...

Remove "-immedate_renegotiation" option

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

Remove "-immedate_renegotiation" option

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15415)

show more ...

Move AllowClientRenegotiation tests

Move them from test_renegotiation to renegotiation in ssl_new

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@opens

Move AllowClientRenegotiation tests

Move them from test_renegotiation to renegotiation in ssl_new

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15415)

show more ...