History log of /openssl/ (Results 8001 – 8025 of 36072)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
3a111aad06-Feb-2021 FdaSilvaYY

include/internal: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from ht

include/internal: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/14096)

show more ...


include/internal/asn1.h
include/internal/bio.h
include/internal/conf.h
include/internal/constant_time.h
include/internal/core.h
include/internal/cryptlib.h
include/internal/dane.h
include/internal/deprecated.h
include/internal/dso.h
include/internal/endian.h
include/internal/err.h
include/internal/ffc.h
include/internal/ktls.h
include/internal/nelem.h
include/internal/numbers.h
include/internal/o_dir.h
include/internal/packet.h
include/internal/param_build_set.h
include/internal/passphrase.h
include/internal/property.h
include/internal/provider.h
include/internal/refcount.h
include/internal/sha3.h
include/internal/sizes.h
include/internal/sm3.h
include/internal/sockets.h
include/internal/sslconf.h
include/internal/symhacks.h
include/internal/thread_once.h
include/internal/tlsgroups.h
d59068bd06-Feb-2021 FdaSilvaYY

include/openssl: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from htt

include/openssl: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/14096)

show more ...


crypto/objects/obj_compat.h
crypto/objects/objects.pl
include/openssl/cmp_util.h
include/openssl/configuration.h.in
include/openssl/core.h
include/openssl/core_dispatch.h
include/openssl/core_names.h
include/openssl/core_object.h
include/openssl/crypto.h.in
include/openssl/ess.h.in
include/openssl/fips_names.h
include/openssl/fipskey.h.in
include/openssl/kdferr.h
include/openssl/macros.h
include/openssl/obj_mac.h
include/openssl/opensslconf.h
include/openssl/param_build.h
include/openssl/params.h
include/openssl/provider.h
include/openssl/self_test.h
include/openssl/trace.h
include/openssl/types.h
80ce21fe06-Feb-2021 FdaSilvaYY

include/crypto: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from http

include/crypto: add a few missing #pragma once directives

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/14096)

show more ...


include/crypto/aes_platform.h
include/crypto/aria.h
include/crypto/asn1.h
include/crypto/asn1_dsa.h
include/crypto/async.h
include/crypto/bn.h
include/crypto/bn_conf.h.in
include/crypto/chacha.h
include/crypto/cmll_platform.h
include/crypto/cms.h
include/crypto/cryptlib.h
include/crypto/ctype.h
include/crypto/decoder.h
include/crypto/des_platform.h
include/crypto/dh.h
include/crypto/dsa.h
include/crypto/dso_conf.h.in
include/crypto/ec.h
include/crypto/ecx.h
include/crypto/err.h
include/crypto/ess.h
include/crypto/evp.h
include/crypto/lhash.h
include/crypto/pem.h
include/crypto/pkcs7.h
include/crypto/poly1305.h
include/crypto/punycode.h
include/crypto/rand.h
include/crypto/rand_pool.h
include/crypto/rsa.h
include/crypto/security_bits.h
include/crypto/sha.h
include/crypto/siphash.h
include/crypto/sm2.h
include/crypto/sm4.h
include/crypto/sparse_array.h
include/crypto/store.h
include/crypto/x509.h
835f352609-Feb-2021 Pauli

test: turn off parallel tests in verbose mode.

The existing code prints a warning saying that verbose mode is ignored with
parallel jobs. This seems backward, more useful is disabling p

test: turn off parallel tests in verbose mode.

The existing code prints a warning saying that verbose mode is ignored with
parallel jobs. This seems backward, more useful is disabling parallel jobs
when verbose is enabled.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14137)

show more ...


test/run_tests.pl
dfcfd17f20-Dec-2020 Oleksandr Tymoshenko

Handle partial data re-sending on ktls/sendfile on FreeBSD

Add a handler for EBUSY sendfile error in addition to
EAGAIN. With EBUSY returned the data still can be partially
sent and

Handle partial data re-sending on ktls/sendfile on FreeBSD

Add a handler for EBUSY sendfile error in addition to
EAGAIN. With EBUSY returned the data still can be partially
sent and user code has to be notified about it, otherwise it
may try to send data multiple times.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13716)

show more ...


doc/man3/SSL_write.pod
include/internal/ktls.h
3bc0b62127-Jan-2021 Benjamin Kaduk

Remove unused 'peer_type' from SSL_SESSION

This field has not been used since #3858 was merged in 2017 when we
moved to a table-based lookup for certificate type properties instead of

Remove unused 'peer_type' from SSL_SESSION

This field has not been used since #3858 was merged in 2017 when we
moved to a table-based lookup for certificate type properties instead of
an index-based one.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/13991)

show more ...


ssl/ssl_local.h
ssl/statem/statem_clnt.c
af53092c17-Dec-2020 Shane Lontis

Replace provider digest flags with separate param fields

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)


crypto/evp/digest.c
crypto/evp/evp_lib.c
doc/man3/EVP_DigestInit.pod
doc/man7/EVP_MD-MDC2.pod
providers/implementations/digests/digestcommon.c
providers/implementations/digests/sha2_prov.c
providers/implementations/digests/sha3_prov.c
providers/implementations/include/prov/digestcommon.h
a054d15c17-Dec-2020 Shane Lontis

Replace provider cipher flags with separate param fields

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)


crypto/evp/evp_lib.c
doc/man7/provider-cipher.pod
include/openssl/core_names.h
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
providers/implementations/ciphers/cipher_aes_cts.inc
providers/implementations/ciphers/cipher_aes_siv.c
providers/implementations/ciphers/cipher_aes_siv.h
providers/implementations/ciphers/cipher_aes_wrp.c
providers/implementations/ciphers/cipher_aes_xts.c
providers/implementations/ciphers/cipher_blowfish.c
providers/implementations/ciphers/cipher_cast5.c
providers/implementations/ciphers/cipher_chacha20.c
providers/implementations/ciphers/cipher_chacha20_poly1305.c
providers/implementations/ciphers/cipher_des.c
providers/implementations/ciphers/cipher_des.h
providers/implementations/ciphers/cipher_rc2.c
providers/implementations/ciphers/cipher_rc4.c
providers/implementations/ciphers/cipher_rc4_hmac_md5.c
providers/implementations/ciphers/cipher_rc5.c
providers/implementations/ciphers/cipher_tdes.c
providers/implementations/ciphers/cipher_tdes.h
providers/implementations/ciphers/cipher_tdes_default_hw.c
providers/implementations/ciphers/cipher_tdes_wrap.c
providers/implementations/ciphers/ciphercommon.c
providers/implementations/ciphers/ciphercommon_ccm.c
providers/implementations/ciphers/ciphercommon_hw.c
providers/implementations/include/prov/ciphercommon.h
providers/implementations/include/prov/ciphercommon_aead.h
36978c1914-Dec-2020 Shane Lontis

Replace MAC flags OSSL_MAC_PARAM_FLAGS with separate param fields.

Fixes #12992

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1

Replace MAC flags OSSL_MAC_PARAM_FLAGS with separate param fields.

Fixes #12992

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)

show more ...


doc/man3/EVP_MAC.pod
doc/man7/EVP_MAC-HMAC.pod
doc/man7/provider-mac.pod
include/openssl/core_names.h
providers/implementations/macs/hmac_prov.c
8a686bdb05-Feb-2021 Shane Lontis

Change the ASN1 variant of x942kdf so that it can test acvp data.

This 'special' way of specifying the data should only be used for testing
purposes. It should not be used in production

Change the ASN1 variant of x942kdf so that it can test acvp data.

This 'special' way of specifying the data should only be used for testing
purposes. It should not be used in production environments.
ACVP passes a blob of DER encoded data for some of the fields rather
than passing them as separate fields that need to be DER encoded.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14077)

show more ...


doc/man7/EVP_KDF-X942-ASN1.pod
include/openssl/core_names.h
providers/implementations/kdfs/x942kdf.c
test/recipes/30-test_evp_data/evpkdf_x942.txt
7e365d5106-Feb-2021 Dr. David von Oheimb

x509_vfy.c: Sort out return values 0 vs. -1 (failure/internal error)

Also simplify first part of verify_chain()

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://g

x509_vfy.c: Sort out return values 0 vs. -1 (failure/internal error)

Also simplify first part of verify_chain()

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14095)

show more ...


crypto/x509/x509_vfy.c
doc/man3/X509_verify_cert.pod
364246a908-Feb-2021 Dr. David von Oheimb

X509_get_pubkey_parameters(): Correct failure behavior and its use

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14095)


crypto/x509/x509_vfy.c
990a15fe08-Feb-2021 Dr. David von Oheimb

x509_vfy: Clarify relevance of ctx->error also on successful verification

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14127)


doc/man3/X509_STORE_CTX_get_error.pod
doc/man3/X509_verify_cert.pod
579262af08-Feb-2021 Dr. David von Oheimb

x509_vfy.c: Fix various coding style and documentation style nits

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14127)


crypto/x509/x509_vfy.c
doc/man3/X509_STORE_CTX_get_error.pod
93b39c8504-Feb-2021 Tomas Mraz

CHANGES.md: Mention RSA key generation slowdown related changes

Fixes #14068

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged fro

CHANGES.md: Mention RSA key generation slowdown related changes

Fixes #14068

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14073)

show more ...


CHANGES.md
doc/man3/BN_generate_prime.pod
4d2a615904-Feb-2021 Tomas Mraz

Deprecate BN_pseudo_rand() and BN_pseudo_rand_range()

The functions are obsolete aliases for BN_rand() and BN_rand_range()
since 1.1.0.

Reviewed-by: Dmitry Belyavskiy <beldmit@g

Deprecate BN_pseudo_rand() and BN_pseudo_rand_range()

The functions are obsolete aliases for BN_rand() and BN_rand_range()
since 1.1.0.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14080)

show more ...


CHANGES.md
crypto/bn/bn_rand.c
doc/man3/BN_rand.pod
include/openssl/bn.h
test/ec_internal_test.c
util/libcrypto.num
604b86d806-Feb-2021 Petr Gotthard

Enhanced integer parsing in OSSL_PARAM_allocate_from_text

Fixes #14041 and additional bugs discovered by the newly created
tests.

This patch:
- Introduces support for 0x pr

Enhanced integer parsing in OSSL_PARAM_allocate_from_text

Fixes #14041 and additional bugs discovered by the newly created
tests.

This patch:
- Introduces support for 0x prefixed integers
- Fixes parsing of negative integers (negative numbers were
shifted by -2)
- Fixes ability to parse maximal unsigned numbers ("too small
buffer" error used to be reported incorrectly)
- Fixes a memory leak when OSSL_PARAM_allocate_from_text fails
leaving a temporary BN allocated

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14093)

show more ...


crypto/params_from_text.c
doc/man3/OSSL_PARAM_allocate_from_text.pod
test/params_test.c
e60a748a05-Feb-2021 Richard Levitte

Configuration: ensure that 'no-tests' works correctly

'no-tests' wasn't entirely respected when specifying subdirs in the
top build.info.

Reviewed-by: Shane Lontis <shane.lontis

Configuration: ensure that 'no-tests' works correctly

'no-tests' wasn't entirely respected when specifying subdirs in the
top build.info.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14082)

show more ...


build.info
3f71add928-Jan-2021 Randall S. Becker

Enable fipsload test on NonStop x86.

CLA: Trivial

Fixes: #14005

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Shane Lontis <shane.lontis@o

Enable fipsload test on NonStop x86.

CLA: Trivial

Fixes: #14005

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14006)

show more ...


test/recipes/90-test_fipsload.t
50ccc17604-Feb-2021 Dr. David von Oheimb

mknum.pl: Exclude duplicate entries and include source file name in diagnostics

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14

mknum.pl: Exclude duplicate entries and include source file name in diagnostics

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14074)

show more ...


util/mknum.pl
util/perl/OpenSSL/Ordinals.pm
2db985b705-Feb-2021 Shane Lontis

Simplify the EVP_PKEY_XXX_fromdata_XX methods.

The existing names such as EVP_PKEY_param_fromdata_settable were a bit
confusing since the 'param' referred to key params not OSSL_PARAM. T

Simplify the EVP_PKEY_XXX_fromdata_XX methods.

The existing names such as EVP_PKEY_param_fromdata_settable were a bit
confusing since the 'param' referred to key params not OSSL_PARAM. To simplify
the interface a 'selection' parameter will be passed instead. The
changes are:

(1) EVP_PKEY_fromdata_init() replaces both EVP_PKEY_key_fromdata_init() and EVP_PKEY_param_fromdata_init().
(2) EVP_PKEY_fromdata() has an additional selection parameter.
(3) EVP_PKEY_fromdata_settable() replaces EVP_PKEY_key_fromdata_settable() and EVP_PKEY_param_fromdata_settable().
EVP_PKEY_fromdata_settable() also uses a selection parameter.

Fixes #12989

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14076)

show more ...


apps/dhparam.c
crypto/evp/p_lib.c
crypto/evp/pmeth_gn.c
doc/man3/EVP_PKEY_fromdata.pod
include/openssl/evp.h
providers/fips/self_test_kats.c
ssl/statem/statem_clnt.c
ssl/t1_lib.c
test/acvp_test.c
test/ectest.c
test/evp_extra_test.c
test/evp_pkey_provided_test.c
test/helpers/predefined_dhparams.c
test/sslapitest.c
util/libcrypto.num
64954e2f04-Feb-2021 Pauli

Fix race condition & allow operation cache to grow.

This fixes a race condition where the index to the cache location was found
under a read lock and a later write lock set the cache ent

Fix race condition & allow operation cache to grow.

This fixes a race condition where the index to the cache location was found
under a read lock and a later write lock set the cache entry. The issue being
that two threads could get the same location index and then fight each other
over writing the cache entry. The most likely outcome is a memory leak,
however it would be possible to set up an invalid cache entry.

The operation cache was a fixed sized array, once full an assertion failed.
The other fix here is to convert this to a stack. The code is simplified and
it avoids a cache overflow condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14062)

show more ...


crypto/evp/keymgmt_lib.c
crypto/evp/p_lib.c
doc/internal/man3/evp_keymgmt_util_export_to_provider.pod
include/crypto/evp.h
11ddbf8427-Jan-2021 Dr. David von Oheimb

Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default target

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14021)


crypto/x509/x509_vfy.c
doc/man3/X509_STORE_CTX_get_error.pod
doc/man3/X509_STORE_CTX_new.pod
doc/man3/X509_verify_cert.pod
include/openssl/x509.h.in
include/openssl/x509_vfy.h.in
test/danetest.c
util/libcrypto.num
2bb05a9631-Jan-2021 Richard Levitte

PROV: Fix encoding of MDWithRSAEncryption signature AlgorithmID

All {MD}WithRSAEncryption signature AlgorithmID have the parameters
being NULL, according to PKCS#1. We didn't. Now corr

PROV: Fix encoding of MDWithRSAEncryption signature AlgorithmID

All {MD}WithRSAEncryption signature AlgorithmID have the parameters
being NULL, according to PKCS#1. We didn't. Now corrected.

This bug was the topic of this thread on openssl-users@openssl.org:
https://mta.openssl.org/pipermail/openssl-users/2021-January/013416.html

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14030)

show more ...


providers/common/der/der_rsa_sig.c
5682e77d01-Feb-2021 Matt Caswell

Fix the cipher_overhead_test

Now that libssl no longer has any OPENSSL_NO_ALG guards the internal
cipher_overhead_test wasn't quite handling disabled ciphers correctly.

Reviewed

Fix the cipher_overhead_test

Now that libssl no longer has any OPENSSL_NO_ALG guards the internal
cipher_overhead_test wasn't quite handling disabled ciphers correctly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)

show more ...


test/cipher_overhead_test.c

1...<<321322323324325326327328329330>>...1443