aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* test/recipes/01-test_symbol_presence.t: Ignore symbols starting with '__'Richard Levitte2023-12-041-1/+7
| | | | | | | | | | | | | | On some platforms, the compiler may add symbols that aren't ours and that we should ignore. They are generally expected to start with a double underscore, and thereby easy to detect. Fixes #22869 (partially) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22880)
* Add a test for X509_load_cert_file()olszomal2023-12-043-1/+70
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22885)
* Fix loading more than one certificate in PEM format in X509_load_cert_file_ex()olszomal2023-12-041-0/+11
| | | | | | | | Fixes #22895 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22885)
* Test various combinations of `SSL_OP_ALLOW_NO_DHE_KEX` and ↵Markus Minichmayr2023-12-041-0/+116
| | | | | | | | `SSL_OP_PREFER_NO_DHE_KEX` Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22883)
* Fix detection on HP-UX (IA64)Michael Osipov2023-12-041-1/+2
| | | | | | | | | | | HPE has a weird preference to prefix letters and zero-padding. Properly trim them before processing. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22891)
* doc: improve display of KECCAK-KMAC128, KECCAK-KMAC256 defsJames Muir2023-12-041-2/+2
| | | | | | | | Do not allow mid-expression line breaks. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22814)
* exporters/cmake/OpenSSLConfig.cmake.in: Detect missing ↵Richard Levitte2023-12-021-2/+4
| | | | | | | | | | | `platform->sharedlib_import` Some platform implementations are without `sharedlib_import()`, so we need to check that it exists before using it. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22789)
* Remove the source directory .num targetsRichard Levitte2023-12-021-4/+2
| | | | | | | | | | | | | | | | | | | | | $(SRCDIR)/util/libcrypto.num and $(SRCDIR)/util/libssl.num were made their own targets to have 'make ordinals' reproduce them (run mknum.pl) only if needed. Unfortunately, because the shared library linker scripts depend on these .num files, we suddenly have mknum.pl run at random times when building. Furthermore, this created a diamond dependency, which disturbs parallell building because multiple mknum.pl on the same file could run at the same time. This reverts commit 0e55c3ab8d702ffc897c9beb51d19b14b7896182. Fixes #21999 Partially fixes #22841 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22890)
* Don't free aliased pointers in ctx cmp_ctx testsNeil Horman2023-12-011-0/+3
| | | | | | | | | | | | Coverity recorded issues 1551739 and 1551737, a potential double free in the tests. It occurs when the DUP operation fails in such a way val3_read is returned as the same pointer as val2_read. Ideally it should never happen, but resetting val3_read to 0 should satisfy coverity that there is no issue here Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22800)
* Add locking to CRYPTO_secure_usedNeil Horman2023-12-011-3/+9
| | | | | | | | | Coverity issue 1551719 noted CRYPTO_secure_used referenced a shared variable without taking the appropriate read lock. Add that. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/22802)
* evp-cmac: do not seg-fault when getting mac-size before initJames Muir2023-12-012-2/+27
| | | | | | | | | | | | | | | | Add null check to cmac_size(). This avoids a seg-fault encountered with cmac when EVP_MAC_CTX_get_mac_size() is called before init. Extend mac testing in evp_test.c to check that the sizes returned by EVP_MAC_CTX_get_mac_size() before and after init make sense (this also ensures that we no longer seg-fault). Fixes #22842 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22858)
* Fix a possible memory leak in make_receipt_requestBernd Edlinger2023-12-011-2/+7
| | | | | | | | | | When the CMS_ReceiptRequest cannot be created, the rct_to and rct_from may be leaked. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22742)
* Fix a possible use after free in X509v3_asid_add_id_or_rangeBernd Edlinger2023-12-011-4/+13
| | | | | | | | | | | And clean up partially created choice objects, which have still the default type = -1 from ASIdentifierChoice_new(). Fixes #22700 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22745)
* rsa-doc: fix typoJames Muir2023-12-011-1/+1
| | | | | | | | "d_i in RFC8017" -> "d_i" in RFC8017 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22868)
* doc: Minor typo in SSL_CTX_set_tmp_dh_callback docs.Sean Bright2023-11-301-1/+1
| | | | | | | | | | well know -> well known CLA: trivial Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22778)
* Initialize dstctx->mgf1_md to NULL in rsa_dupctx functionlan11202023-11-301-0/+1
| | | | | | | | Signed-off-by: lan1120 <lanming@huawei.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22795)
* bn_nist: Fix strict-aliasing violations in little-endian optimizationsXi Ruoyao2023-11-301-52/+74
| | | | | | | | | | | | | | | | | | | | | | | | | The little-endian optimization is doing some type-punning in a way violating the C standard aliasing rule by loading or storing through a lvalue with type "unsigned int" but the memory location has effective type "unsigned long" or "unsigned long long" (BN_ULONG). Convert these accesses to use memcpy instead, as memcpy is defined as-is "accessing through the lvalues with type char" and char is aliasing with all types. GCC does a good job to optimize away the temporary copies introduced with the change. Ideally copying to a temporary unsigned int array, doing the calculation, and then copying back to `r_d` will make the code look better, but unfortunately GCC would fail to optimize away this temporary array then. I've not touched the LE optimization in BN_nist_mod_224 because it's guarded by BN_BITS2!=64, then BN_BITS2 must be 32 and BN_ULONG must be unsigned int, thus there is no aliasing issue in BN_nist_mod_224. Fixes #12247. Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22816)
* Fix implementation of `PreferNoDHEKEX` option.Markus Minichmayr2023-11-302-29/+25
| | | | | | | | | | `tls_parse_ctos_key_share()` didn't properly handle the option. Avoid the need to deal with the option in multiple places by properly handling it in `tls_parse_ctos_psk_kex_modes()`. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22844)
* Fix EVP_RAND-SEED-SRC documentation exampleJamie Cui2023-11-301-1/+2
| | | | | | | | Fixes #22810 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22857)
* Add self-hosted runnersDmitry Misharov2023-11-302-0/+38
| | | | | | | | | Added self-hosted runners for freebsd-x86_64 and ubuntu-aarch64. Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Anton Arapov <anton@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22804)
* Optimize AES-CTR for ARM Neoverse V1 and V2.fisher.yu2023-11-297-6/+815
| | | | | | | | | | | | | | | | | | Unroll AES-CTR loops to a maximum 12 blocks for ARM Neoverse V1 and V2, to fully utilize their AES pipeline resources. Improvement on ARM Neoverse V1. Package Size(Bytes) 16 32 64 128 256 1024 Improvement(%) 3.93 -0.45 11.30 4.31 12.48 37.66 Package Size(Bytes) 1500 8192 16384 61440 65536 Improvement(%) 37.16 38.90 39.89 40.55 40.41 Change-Id: Ifb8fad9af22476259b9ba75132bc3d8010a7fdbd Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22733)
* Add last missing TLSA usage/selector/mtype test caseViktor Dukhovni2023-11-291-23/+56
| | | | | | | | | | | | | | | | | | There were no PKIX-TA(0) SPKI(1) Full(0) (i.e. "0 1 0") test cases in "danetest.in". There is now at least a success case, which will exercise freeing the public key after it is sanity checked, since with PKIX-TA(0) there's nothing we can do with just the raw public key, a full chain to a local trust anchor is in any case required. The failure (to match) code path is already well oiled, but failure to decode while adding malfored TLSA records could still use some additional tests... Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22821)
* Fix freshly introduced double-free.Viktor Dukhovni2023-11-292-49/+156
| | | | | | | | | | | | | | | | We don't need the decoded X.509 Full(0) certificate for the EE usages 1 and 3, because the leaf certificate is always part of the presented chain, so the certificate is only validated as well-formed, and then discarded, but the TLSA record is of course still used after the validation step. Added DANE test cases for: 3 0 0, 3 1 0, 1 0 0, and 1 1 0 Reported by Claus Assmann. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22821)
* Remove mention of NEWS.md in CONTRIBUTING.mdHugo Landau2023-11-291-9/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22774)
* Add known issues sectionHugo Landau2023-11-291-0/+16
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22774)
* Add proposed editorial conventions for NEWS.mdHugo Landau2023-11-291-0/+193
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22774)
* Fix a possible memory leak in ct_move_sctsBernd Edlinger2023-11-281-3/+4
| | | | | | | | | | | Instead of trying to move the doomed sct back to the src stack, which may fail as well, simply free the sct object, as the src list will be deleted anyway. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22762)
* Do not define L_ENDIAN (for now) when we guessed linux64-loongarch64Xi Ruoyao2023-11-281-1/+0
| | | | | | | | | | | | | | | | | | | In 160f48941d14 I made L_ENDIAN defined when the system is guessed to be linux64-loongarch64. Unfortunately now I found it problematic: 1. This should be added into Configurations/10-main.conf, not here. Having it here causes a different configuration when linux64-loongarch64 is explicitly specified than guessed. 2. With LTO enabled, this causes many test failures on linux64-loongarch64 due to #12247. So I think we should remove it for now (master and 3.2 branch), and reintroduce it to Configurations/10-main.conf when we finally sort out #12247. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22812)
* QUIC TSERVER: Fix erroneously static variableHugo Landau2023-11-271-1/+1
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)
* Make scsv read-onlyHugo Landau2023-11-271-2/+2
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)
* Make nid_to_group read-onlyHugo Landau2023-11-271-1/+1
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)
* Make bitmask table read onlyHugo Landau2023-11-271-2/+2
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)
* Make ssl_cert_info read-onlyHugo Landau2023-11-274-9/+9
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/22828)
* Only include winsock2.h for struct timeval if neededHugo Landau2023-11-271-1/+9
| | | | | | | | | | | Fixes #22811 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/22813) (cherry picked from commit ba58e9f1e22dd9ee2e37078640dcbe9f520a555d)
* QUIC SRT GEN: Minor updatesHugo Landau2023-11-252-3/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22599)
* QUIC SRT GEN: Add SRT generatorHugo Landau2023-11-256-2/+248
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22599)
* x86_64-xlate.pl: Fix build with icx and nvc compilersTomas Mraz2023-11-241-1/+6
| | | | | | | | Fixes #22594 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22714)
* PreferNoDHEKEX changelog and history anticipating inclusion in OpenSSL ↵Markus Minichmayr2023-11-242-0/+8
| | | | | | | | version 3.3. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22794)
* Document `SSL_OP_PREFER_NO_DHE_KEX` option.Markus Minichmayr2023-11-245-1/+22
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22794)
* Add option `SSL_OP_PREFER_NO_DHE_KEX`, allowing the server to prefer non-dhe ↵Markus Minichmayr2023-11-246-19/+81
| | | | | | | | psk key exchange over psk with dhe (config file option `PreferNoDHEKEX`, server option `prefer_no_dhe_kex`). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22794)
* When abidiff fails print out the XML diffTomas Mraz2023-11-241-3/+11
| | | | | | | | | | | This can be useful for fixing the CI if needed without the necessity to run abidw locally. Also rename the CI job to make its purpose clearer. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22689)
* openssl-speed: support KMAC128 & KMAC256, refactor mac setup/teardownJames Muir2023-11-241-49/+117
| | | | | | | | | | | | | | | | | | | | | | | | Add ability to measure performance of the two kmac algorithms, and reduce code duplication in mac testing by introducing mac_setup() and mac_teardown(). Also, start accepting "cmac" as an algorithm string (similar to how "hmac" is accepted). We can now compare the performance of KMAC128, KMAC256 (mac algs) to KECCAK-KMAC128, KECCAK-KMAC256 (digest/xof algs). Fixes #22619 Testing: $ LD_LIBRARY_PATH=. ./apps/openssl speed kmac cmac hmac $ LD_LIBRARY_PATH=. ./apps/openssl speed kmac256 $ LD_LIBRARY_PATH=. ./apps/openssl speed -evp KECCAK-KMAC256 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22764)
* IANA has assigned numbers for 2 hybrid PQ KEX widely used in testsDmitry Belyavskiy2023-11-241-0/+2
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22803)
* SHA3_squeeze(): The next argument is intTomas Mraz2023-11-233-3/+3
| | | | | | | | | Amend the assembler so it uses only 32bit value. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22750)
* keccak1600-armv4.pl: Further fix for the DigestSqueeze() supportTomas Mraz2023-11-232-7/+8
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22750)
* Cross Compiles CI: Run evp tests on pull requestsTomas Mraz2023-11-231-3/+9
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22750)
* contributing-doc: give example commit message with "CLA: trivial"James Muir2023-11-231-5/+16
| | | | | | | | | | | The text "CLA: trivial" should go at the bottom of the commit message. Also, update the force-push command to include the repository and branch, which can avoid unexpected force-push results. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22775)
* Adapt C compiler detection for VSI C on x86_64Richard Levitte2023-11-231-2/+9
| | | | | | | | | | | | | | | | | | | | VSI C on OpenVMS for x86_64 has a bit more information than on other hardware. This is no doubt because it's based on LLVM which leaves an opening for cross compilation. VSI C on Itanium: $ CC/VERSION VSI C V7.4-001 on OpenVMS IA64 V8.4-2L3 VSI C on x86_64: $ CC/VERSION VSI C x86-64 X7.4-843 (GEM 50XB9) on OpenVMS x86_64 V9.2-1 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22792)
* speed: make hmac(sha256) the default hmacJames Muir2023-11-232-4/+9
| | | | | | | | | | prefer hmac(sha256) rather than hmac(md5). Also, drop the "skip_hmac" label. If we are supposed to do hmac(hash_func) and hash_func cannot be found, then error out immediately. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22793)
* Fix a possible memory leak in SM2 providerHuiyue Xu2023-11-231-0/+9
| | | | | | | | | | | | | | | ctx->propq that strdup from input parameter propq in sm2sig_newctx, is not released. It should be released in sm2sig_freectx and copied to dstctx in sm2sig_dupctx. And dstctx->id and dstctx->propq should be set NULL to avoid releasing id/propq of srcctx when err occurs. Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22796)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 08:37:58 +0000