openssl.git - rhe's working repository

	Commit message (Collapse)	Author	Age	Files	Lines
*	open brace '{' following struct go on the same line	Dimitri Papadopoulos	2024-07-22	1	-2/+1
\| \| \| \| \| \| \| \| \|	Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22097)
*	Remove trailing whitespace	Dimitri Papadopoulos	2024-07-22	3	-4/+4
\| \| \| \| \| \| \| \| \|	Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22097)
*	Add FIPS indicator callback.	slontis	2024-07-11	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add a FIPS indicator callback that can be set via OSSL_INDICATOR_set_callback(). This callback is intended to be run whenever a non approved algorithm check has occurred and strict checking has been disabled.The callback may be used to log non approved algorithms. The callback is passed a type and description string as well as the cbarg specified in OSSL_INDICATOR_set_callback. The return value can be either 0 or 1. A value of 0 can be used for testing purposes to force an error to occur from the algorithm that called the callback. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
*	Add defaults api to openssl build	Neil Horman	2024-07-09	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Build time defaults aren't great for windows, in which various macros (like OPENSSLDIR) are selected at build time, but may be selected differently at install time. Add an internal defaults api to return the build time constants on unix systems, but instead query registry keys for the form: HLKM\SOFTWARE\OpenSSL-{version}-{wininstallcontext} Such that each built version of openssl may maintain its own set of registry keys to identify these locations, and be set administratiely as appropriate at install or run time Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24450)
*	CMP: add support for requesting cert template using genm/genp	Rajeev Ranjan	2024-06-20	1	-0/+51
\| \| \| \| \| \|	Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24409)
*	Move stack of compression methods from libssl to OSSL_LIB_CTX	sashan	2024-05-28	2	-2/+15
\| \| \| \| \| \| \| \| \| \| \|	The compression methods are now a global variable in libssl. This change moves it into OSSL library context. It is necessary to eliminate atexit call from libssl. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24414)
*	Optimizated calculation of shared power of 2 in bn_gcd	Andrew Golovashevich	2024-05-15	1	-0/+18
\| \| \| \| \| \| \|	Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24332)
*	Intentionally break EVP_DigestFinal for SHAKE128 and SHAKE256	Tomas Mraz	2024-05-15	1	-2/+2
\| \| \| \| \| \| \| \|	It will work only if OSSL_DIGEST_PARAM_XOFLEN is set. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24105)
*	Typo fixes	willmafh	2024-05-13	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	and an addition of an empty line to follow the code style CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23721)
*	Make ossl_gen_deterministic_nonce_rfc6979() constant time	Tomas Mraz	2024-05-02	1	-0/+11
\| \| \| \| \| \|	Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24265)
*	Make BN_generate_dsa_nonce() constant time and non-biased	Tomas Mraz	2024-05-02	1	-0/+12
\| \| \| \| \| \| \| \|	Co-authored-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24265)
*	Remove all references to FLOSS for NonStop Builds.	Randall S. Becker	2024-04-24	1	-8/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	FLOSS is no longer a dependency for NonStop as of the deprecation of the SPT thread model builds. Fixes: #24214 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24217)
*	Introduce new internal hashtable implementation	Neil Horman	2024-04-24	1	-0/+332
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Create a new hashtable that is more efficient than the existing LHASH_OF implementation. the new ossl_ht api offers several new features that improve performance opportunistically * A more generalized hash function. Currently using fnv1a, provides a more general hash function, but can still be overridden where needed * Improved locking and reference counting. This hash table is internally locked with an RCU lock, and optionally reference counts elements, allowing for users to not have to create and manage their own read/write locks * Lockless operation. The hash table can be configured to operate locklessly on the read side, improving performance, at the sacrifice of the ability to grow the hash table or delete elements from it * A filter function allowing for the retrieval of several elements at a time matching a given criteria without having to hold a lock permanently * a doall_until iterator variant, that allows callers which need to iterate over the entire hash table until a given condition is met (as defined by the return value of the iterator callback). This allows for callers attempting to do expensive cache searches for a small number of elements to terminate the iteration early, saving cpu cycles * Dynamic type safety. The hash table provides operations to set and get data of a specific type without having to define a type at the instatiation point * Multiple data type storage. The hash table can store multiple data types allowing for more flexible usage * Ubsan safety. Because the API deals with concrete single types (HT_KEY and HT_VALUE), leaving specific type casting to the call recipient with dynamic type validation, this implementation is safe from the ubsan undefined behavior warnings that require additional thunking on callbacks. Testing of this new hashtable with an equivalent hash function, I can observe approximately a 6% performance improvement in the lhash_test Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23671)
*	Make rcu_thread_key context-aware	Neil Horman	2024-04-19	2	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Currently, rcu has a global bit of data, the CRYPTO_THREAD_LOCAL object to store per thread data. This works in some cases, but fails in FIPS, becuase it contains its own copy of the global key. So 1) Make the rcu_thr_key a per-context variable, and force ossl_rcu_lock_new to be context aware 2) Store a pointer to the context in the lock object 3) Use the context to get the global thread key on read/write lock 4) Use ossl_thread_start_init to properly register a cleanup on thread exit 5) Fix up missed calls to OSSL_thread_stop() in our tests Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24162)
*	Change approach to SSL_pending API	Hugo Landau	2024-04-10	1	-5/+6
\| \| \| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24040) (cherry picked from commit 5a13d35f243be66f6ad914aefe99fb708812dff1)
*	QUIC QSM: Add function to determine if data is waiting	Hugo Landau	2024-04-10	1	-0/+34
\| \| \| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24040) (cherry picked from commit 3c2bc702eb9287b84e8584ad427e72da0ab21ec1)
*	Copyright year updates	Richard Levitte	2024-04-09	23	-23/+23
\| \| \| \| \| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
*	apps/x509.c: No warning reading from stdin if redirected	Tomas Mraz	2024-03-15	1	-0/+1
\| \| \| \| \| \| \| \| \|	Fixes #22893 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23526)
*	QUIC: Make QUIC transport error codes public	Hugo Landau	2024-03-07	1	-34/+9
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23598)
*	QUIC TXP: Allow QLOG instance retrieval via callback	Hugo Landau	2024-02-19	1	-4/+6
\| \| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
*	QUIC QTX: Allow QLOG instance retrieval via callback	Hugo Landau	2024-02-19	1	-4/+6
\| \| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
*	QUIC FIFD: Allow QLOG instance retrieval via callback	Hugo Landau	2024-02-19	1	-3/+6
\| \| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
*	Fix new typos found by codespell	Dimitri Papadopoulos	2024-02-14	1	-1/+1
\| \| \| \| \| \|	Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23545)
*	QUIC POLLING: Implement autotick	Hugo Landau	2024-02-10	1	-1/+2
\| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
*	QUIC APL: Implement SSL_poll backend	Hugo Landau	2024-02-10	1	-0/+3
\| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
*	QUIC QSM: Allow bidi and uni incoming streams to be tracked separately	Hugo Landau	2024-02-10	1	-3/+6
\| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
*	THREADING: Make CRYPTO_MUTEX and CRYPTO_CONDVAR typesafe	Hugo Landau	2024-02-09	2	-3/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	There was really no need for this to be void and it made bugs very easy to introduce accidentally, especially given that the free functions needed to be passed a pointer to the pointer. Also fix some bugs in the QUIC code detected immediately by this change. . Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23519)
*	QUIC APL: Add feature query implementation	Hugo Landau	2024-02-08	1	-0/+4
\| \| \| \| \| \| \| \| \| \|	Fixes https://github.com/openssl/project/issues/412 Fixes https://github.com/openssl/project/issues/415 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
*	QUIC CHANNEL: Add idle timeout configuration and stream count APIs	Hugo Landau	2024-02-08	1	-0/+23
\| \| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
*	QUIC RXFC: Add accessor for credit	Hugo Landau	2024-02-08	1	-3/+9
\| \| \| \| \| \| \|	Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
*	QUIC QLOG: Use set0	Hugo Landau	2024-02-02	3	-4/+4
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC QLOG: Minor doc updates	Hugo Landau	2024-02-02	1	-1/+1
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC QLOG: Record implementation version	Hugo Landau	2024-02-02	1	-0/+1
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC QLOG: Allow PID to be overridden	Hugo Landau	2024-02-02	1	-0/+1
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC TXP: Allow QLOG instance to be changed after instantiation	Hugo Landau	2024-02-02	1	-0/+6
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC QTX: Allow QLOG instance to be changed after instantiation	Hugo Landau	2024-02-02	1	-0/+3
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QUIC FIFD: Allow QLOG instance to be changed after instantiation	Hugo Landau	2024-02-02	1	-0/+2
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Editorial fixes (QLOG is spelled 'qlog')	Hugo Landau	2024-02-02	3	-4/+4
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	JSON_ENC: Minor tweaks	Hugo Landau	2024-02-02	1	-3/+3
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Remove vestigial abort code	Hugo Landau	2024-02-02	1	-2/+0
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Minor updates	Hugo Landau	2024-02-02	1	-1/+0
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: JSON Encoder: Rename JSON_ENC	Hugo Landau	2024-02-02	1	-40/+41
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Events: Implement transport:packet_received	Hugo Landau	2024-02-02	2	-0/+9
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Events: Implement transport:packet_sent	Hugo Landau	2024-02-02	2	-0/+11
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Wiring: QUIC QTX	Hugo Landau	2024-02-02	1	-0/+4
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Wire title-setting code to QUIC_CHANNEL and SSL_CTX	Hugo Landau	2024-02-02	1	-0/+9
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: QUIC CHANNEL: Allow a log title to be specified	Hugo Landau	2024-02-02	1	-0/+3
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Events: Implement recovery:packet_lost	Hugo Landau	2024-02-02	2	-0/+6
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Wiring: QUIC TXPIM: Record the packet type	Hugo Landau	2024-02-02	1	-0/+3
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
*	QLOG: Wiring: QUIC FIFD	Hugo Landau	2024-02-02	2	-1/+6
\| \| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)