aboutsummaryrefslogtreecommitdiffstats
path: root/doc/internal
Commit message (Collapse)AuthorAgeFilesLines
* Fix new typos found by codespellDimitri Papadopoulos2023-12-291-1/+1
| | | | | | Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23133)
* Removed extra spaces in documentationslontis2023-12-121-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22968)
* rand: add callbacks to cleanup the user entropy resp. nonceMatthias St. Pierre2023-10-201-6/+17
| | | | | | | | | | | | | The `get_user_{entropy,nonce}` callbacks were add recently to the dispatch table in commit 4cde7585ce8e. Instead of adding corresponding `cleanup_user_{entropy,nonce}` callbacks, the `cleanup_{entropy,nonce}` callbacks were reused. This can cause a problem in the case where the seed source is replaced by a provider: the buffer gets allocated by the provider but cleared by the core. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22423)
* All lh_stats functions were deprecated in 3.1Tomas Mraz2023-10-041-1/+1
| | | | | | | Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22247)
* Copyright year updatesMatt Caswell2023-09-282-2/+2
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* fips: use seed source requestedPauli2023-09-271-9/+36
| | | | | | | | Fixes #21909 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21964)
* Fix typos found by codespellDimitri Papadopoulos2023-09-131-1/+1
| | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22063)
* Copyright year updatesMatt Caswell2023-09-079-9/+9
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* CMP: generalize ossl_cmp_calc_protection() to handle Edwards curves correctlyDr. David von Oheimb2023-09-051-0/+3
| | | | | | | | Fixes #21564 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21884)
* CMP: add support for genm with rootCaCert and genp with rootCaKeyUpdateDr. David von Oheimb2023-07-171-12/+27
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21129)
* doc: update ref count doc in light of refactoringPauli2023-07-051-1/+13
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/21341)
* Fix typos found by codespellDimitri Papadopoulos2023-06-151-1/+1
| | | | | | | | Typos in doc/man* will be fixed in a different commit. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20910)
* build.info: Introduce special syntax for dependencies on script modulesRichard Levitte2023-06-081-6/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The DEPEND statement, when applied on files generated with GENERATE, may be used to specify script modules that the template to be generated from depends on. In short, this sort of depend: DEPEND[generated]=util/perl/OpenSSL/something.pm ... would generate a perl run that has the inclusion directory 'util/perl/OpenSSL' and 'something' as the module to be loaded. However, the package name for this module is 'OpenSSL::something', so to load it the way it's expected, the inclusion directory should be 'util/perl', and the module to be loaded should be specified as 'OpenSSL/something' (to be massaged into a proper module name by the build file template). To allow this, we introduce a file syntax, where a single '|' is used as a directory separator, to delineate what part should be used as the inclustion directory, and which part the module name to be loaded should be derived from: DEPEND[generated]=util/perl|OpenSSL/something.pm Fixes #21112 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21117)
* CMP: add support for genm/genp messages with id-it-caCertsDr. David von Oheimb2023-06-011-3/+4
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19231)
* Don't take a write lock when freeing an EVP_PKEYMatt Caswell2023-05-291-4/+3
| | | | | | | | | | | | | | | | | | When freeing the last reference to an EVP_PKEY there is no point in taking the lock for the key. It is the last reference and is being freed so must only be being used by a single thread. This should not have been the source of any contention so its unclear to what extent this will improve performance. But we should not be locking when we don't need to. Partially fixes #20286 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20932)
* CMP client: fix checking new cert enrolled with oldcert and without private keyDr. David von Oheimb2023-05-121-3/+3
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20832)
* crypto/cmp: fix CertReqId to use in p10cr transactions acc. to RFC 4210Dr. David von Oheimb2023-04-181-4/+5
| | | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20298)
* CMP add: fix -reqin option, which requires adding ↵Dr. David von Oheimb2023-03-251-1/+5
| | | | | | | | | OSSL_CMP_MSG_update_recipNonce() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20204)
* cmp_client_test.c: add tests for errors reported by server on subsequent ↵Dr. David von Oheimb2023-02-081-3/+5
| | | | | | | | requests in a transaction Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20190)
* ossl_cmp_mock_srv_new.pod: correct/update names of internal test support ↵Dr. David von Oheimb2023-02-081-10/+9
| | | | | | | | functions Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20190)
* Add more punycode tests and remove ossl_a2ucompare()slontis2023-02-081-9/+1
| | | | | | | | | The unused and untested internal function ossl_a2ucompare() has been removed. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/20177)
* Fixed typos in documentation and commentsSemen Zhydenko2023-01-041-1/+1
| | | | | | | | | | | | | | | | Fixed typo: accomodate -> accommodate Fixed typo: analagous -> analogous Fixed typo: auxilliary -> auxiliary Fixed typo: eigth -> eighth Fixed typo: explotation -> exploitation Fixed typo: originaly -> originally Fixed typo: simplier -> simpler Fixed typo: sucessful -> successful Fixed typo: recievers -> receivers Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19977)
* Replace some boldened types with a corresponding man page linkRichard Levitte2022-12-081-1/+1
| | | | | | | | | | The types OSSL_DISPATCH, OSSL_ITEM, OSSL_ALGORITHM, OSSL_PARAM, OSSL_CALLBACK, and OSSL_PASSPHRASE_CALLBACK are described in their own manual page, so we change every mention of them to links to those pages. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19842)
* Fix documenation mistakesPauli2022-11-161-19/+19
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19377)
* list: add an is empty functionPauli2022-11-161-1/+13
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19377)
* Update documentation for keymgmt export utilsSimo Sorce2022-11-151-4/+11
| | | | | | | | | | | Change function prototypes and explain how to use the selection argument. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19648)
* punycode: update to use WPACKET instead of using custom range checkingPauli2022-11-111-6/+5
| | | | | | | | | | | | | | Add test for `.' overflows, remove the output size argument from ossl_a2ulabel() since it was never used and greatly complicated the code. Convert ossl_a2ulabel() to use WPACKET for building the output string. Update the documentation to match the new definition of ossl_a2ulabel(). x509: let punycode handle the '\0' string termination. Saves a memset(3) and some size fiddling. Also update to deal with the modified parameters. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/19591)
* apps & al : Fix various typos, repeated words, align some spelling to LDP.FdaSilvaYY2022-10-121-2/+2
| | | | | | | | | | | | Mostly revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - host name -> hostname - ipv6 -> IPv6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059)
* Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branchRichard Levitte2022-10-076-6/+6
| | | | | | | | | | 3.1 has been decided to be a FIPS 140-3 release, springing from the branch openssl-3.0, and the master branch to continue with the development of OpenSSL 3.2. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19350)
* time: add some additional utilities and document everythingPauli2022-09-131-12/+67
| | | | | | | | | | | Some of the recently added functions were not documents. This has been addressed. Also added utility functions for conversions between time_t, seconds and struct timeval to/from OSSL_TIME. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19082)
* list: add a doubly linked list type.Pauli2022-09-051-0/+126
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These list can be embedded into structures and structures can be members of multiple lists. Moreover, this is done without dynamic memory allocation. That is, this is legal: typedef struct item_st ITEM; struct item_st { ... OSSL_LIST_MEMBER(new_items, ITEM); OSSL_LIST_MEMBER(failed_items, ITEM); ... }; DEFINE_LIST_OF(new_items, TESTL); DEFINE_LIST_OF(failed_items, TESTL); struct { ... OSSL_LIST(new_items) new; OSSL_LIST(failed_items) failed; ... } *st; ITEM *p; for (p = ossl_list_new_items_head(&st->new); p != NULL; p = ossl_list_new_items_next(p)) /* do something */ Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19115)
* QUIC ACK Manager, Statistics Manager and Congestion Control APIHugo Landau2022-08-241-2/+32
| | | | | | | | | | | | | | | | | This is the initial implementation of the ACK Manager for OpenSSL's QUIC support, with supporting design documentation and tests. Because the ACK Manager also depends on the Statistics Manager, it is also implemented here. The Statistics Manager is quite simple, so this does not amount to a large amount of extra code. Because the ACK Manager depends on a congestion controller, it adds a no-op congestion controller, which uses the previously workshopped congestion control API. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18676)
* Make OSSL_TIME a structurePauli2022-08-121-9/+31
| | | | | | | | This prevents misuses creeping in. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18882)
* doc: document the event queue internal APIPauli2022-07-061-0/+201
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18345)
* CMP: introduce version 3, while version 2 stays the defaultDr. David von Oheimb2022-07-011-1/+1
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18294)
* der_writer: Use uint32_t instead of long.Daniel Fiala2022-06-272-4/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18615)
* Add deprecation macro for 3.1 and deprecate OPENSSL_LH_statsHugo Landau2022-06-221-0/+1
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17937)
* doc: document the new internal time APIPauli2022-06-221-0/+96
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
* doc: priority queue documentationPauli2022-06-221-0/+125
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
* Drop ossl_namemap_add_name_n() and simplify ossl_namemap_add_names()Tomas Mraz2022-05-211-9/+6
| | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18341)
* Remove the _fetch_by_number functionsPauli2022-05-061-18/+1
| | | | | | | | | | | | These functions are unused and untested. They are also implemented rather inefficiently. If we ever needed them in the future, they'd almost surely need to be rewritten more efficiently. Fixes #18227 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18237)
* Make it possible to remove methods by the provider that provides themRichard Levitte2022-05-051-2/+10
| | | | | | | | | | | | | | | | | | | | | This adds ossl_method_store_remove_all_provided(), which selectively removes methods from the given store that are provided by the given provider. This also adds the EVP specific evp_method_store_remove_all_provided(), which matches ossl_method_store_remove_all_provided() but can also retrieve the correct store to manipulate for EVP functions. This allows us to modify ossl_provider_self_test() to do the job it's supposed to do, but through clearly defined functions instead of a cache flushing call that previously did more than that. ossl_provider_deactivate() is also modified to remove methods associated with the deactivated provider, and not just clearing the cache. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18151)
* Don't empty the method store when flushing the query cacheRichard Levitte2022-05-051-4/+4
| | | | | | | | | | | | | | | | | | When evp_method_store_flush() flushed the query cache, it also freed all methods in the EVP method store, through an unfortunate call of ossl_method_store_flush_cache() with an argument saying that all methods should indeed be dropped. To undo some of the confusion, ossl_method_store_flush_cache() is renamed to ossl_method_store_cache_flush_all(), and limited to do only that. Some if the items in the internal ALGORITHM structure are also renamed and commented to clarify what they are for. Fixes #18150 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18151)
* Drop ossl_provider_clear_all_operation_bits() and all uses of itRichard Levitte2022-05-051-7/+1
| | | | | | | | | | | | This is a misused function, as it was called during query cache flush, when the provider operation bits were meant to record if methods for a certain operation has already been added to the method store. Fixes #18150 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18151)
* Update copyright yearMatt Caswell2022-05-037-7/+7
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATAHugo Landau2022-04-011-69/+12
| | | | | | | | | | | | | This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized eagerly rather than lazily, which avoids the need for locking on access in most cases. Fixes #17116. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17881)
* document the safe_div_round_up_TYPE functionsPauli2022-03-301-1/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17884)
* fetch: convert a NULL property query to ""Pauli2022-02-281-0/+6
| | | | | | | | | | | | | Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
* Fix typosDimitris Apostolou2022-01-053-3/+3
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
* CMP mock server: add -ref_cert option and corresponding ↵Dr. David von Oheimb2022-01-041-1/+9
| | | | | | | | | ossl_cmp_mock_srv_set1_refCert() Fixes #16041 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16050)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-07 03:47:30 +0000