aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* Define KU_ constants via corresponding X509v3_KU_Viktor Dukhovni2024-04-172-19/+28
| | | | | | | | | | Also wrap X509v3_KU_UNDEF in `#ifndef OPENSSL_NO_DEPRECATED_3_4`. Fixes #22955 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24138)
* Change approach to SSL_pending APIHugo Landau2024-04-101-5/+6
| | | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24040) (cherry picked from commit 5a13d35f243be66f6ad914aefe99fb708812dff1)
* QUIC QSM: Add function to determine if data is waitingHugo Landau2024-04-101-0/+34
| | | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24040) (cherry picked from commit 3c2bc702eb9287b84e8584ad427e72da0ab21ec1)
* Copyright year updatesRichard Levitte2024-04-0940-40/+40
| | | | | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
* Add Content Type OID for id-ct-rpkiSignedPrefixListJob Snijders2024-03-151-1/+5
| | | | | | | | | | | | References: draft-ietf-sidrops-rpki-prefixlist Title: "A profile for Signed Prefix Lists for Use in the Resource Public Key Infrastructure (RPKI)" OID assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23426)
* apps/x509.c: No warning reading from stdin if redirectedTomas Mraz2024-03-151-0/+1
| | | | | | | | | Fixes #22893 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23526)
* Implement KAT for KBKDF with KMAC128Joachim Vandersmissen2024-03-131-0/+1
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23745)
* Limit the number of http headers when receiving the http responseAlexandr Nedvedicky2024-03-123-2/+10
| | | | | | | | | | | | | | Change introduces a default limit on HTTP headers we expect to receive from server to 256. If limit is exceeded http client library indicates HTTP_R_RESPONSE_TOO_MANY_HDRLINES error. Application can use OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines() to change default. Setting limit to 0 implies no limit (current behavior). Fixes #22264 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23781)
* Fix BIO_get_new_index() to return an error when it is exhausted.slontis2024-03-111-0/+3
| | | | | | | | | | | | | | | Fixes #23655 BIO_get_new_index() returns a range of 129..255. It is set to BIO_TYPE_START (128) initially and is incremented on each call. >= 256 is reserved for the class type flags (BIO_TYPE_DESCRIPTOR) so it should error if it reaches the upper bound. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23732)
* QUIC: Add stream write buffer queriesHugo Landau2024-03-091-0/+13
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23584)
* QUIC: Define error code for stateless resetHugo Landau2024-03-071-0/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23598)
* QUIC: Make QUIC transport error codes publicHugo Landau2024-03-072-34/+38
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23598)
* crypto/cmp: add OSSL_CMP_MSG_get0_certreq_publickey(); fix coding style nitDr. David von Oheimb2024-03-061-0/+1
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21660)
* cmperr.h: use free reason value 106 rather than 197 for CMP_R_UNEXPECTED_SENDERDr. David von Oheimb2024-03-061-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/21660)
* Implement PCT for EDDSApohsingwu2024-03-011-0/+1
| | | | | | | | | | | | | | | | | According to FIPS 140-3 IG 10.3.A Additonal Comment 1, a PCT shall be performed consistent with the intended use of the keys. This commit implements PCT for EDDSA via performing sign and verify operations after key generated. Also use the same pairwise test logic in EVP_PKEY_keygen and EVP_PKEY_pairwise_check for EDDSA in FIPS_MODULE. Add OSSL_SELF_TEST_DESC_PCT_EDDSA to OSSL_PROVIDER-FIPS page. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23408)
* Add appropriate lower bound checks for GeneralizedTime and UTCTimeJob Snijders2024-02-251-0/+2
| | | | | | | | | | | | | | | ITU-T X.690 / ISO/IEC 8825-1 section 11.7 and section 11.8 impose specific constraints on how GeneralizedTime and UTCTime can be encoded in BER/CER/DER. Following from these constraints a minimum length can be derived. Checking the length in this context can potentially help prevent applications from interpreting an invalid GeneralizedTime as a valid UTCTime. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23483)
* Extended SSL_SESSION functions using time_tIjtaba Hussain2024-02-211-0/+3
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21206)
* QUIC TXP: Allow QLOG instance retrieval via callbackHugo Landau2024-02-191-4/+6
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
* QUIC QTX: Allow QLOG instance retrieval via callbackHugo Landau2024-02-191-4/+6
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
* QUIC FIFD: Allow QLOG instance retrieval via callbackHugo Landau2024-02-191-3/+6
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
* QUIC: Add API for SSL_VALUE_EVENT_HANDLING_MODEHugo Landau2024-02-191-0/+12
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
* OpenSSL License is applied for some source files, change to Apache 2Shakti Shah2024-02-191-1/+1
| | | | | | | | | | | | | | | | The following files include/openssl/hpke.h crypto/hpke/hpke.c crypto/ec/asm/ecp_sm2p256-armv8.pl crypto/chacha/asm/chacha-loongarch64.pl still seem to be released under the OpenSSL License instead of the Apache 2 license. Fixes #23570 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23576)
* Fix new typos found by codespellDimitri Papadopoulos2024-02-142-2/+2
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23545)
* QUIC POLLING: Implement autotickHugo Landau2024-02-101-1/+2
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* make updateHugo Landau2024-02-101-1/+1
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* QUIC APL: Implement SSL_poll backendHugo Landau2024-02-101-0/+3
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* QUIC QSM: Allow bidi and uni incoming streams to be tracked separatelyHugo Landau2024-02-101-3/+6
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* QUIC: Add polling APIHugo Landau2024-02-102-0/+53
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* BIO: Add SSL poll descriptor typeHugo Landau2024-02-101-0/+2
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* THREADING: Make CRYPTO_MUTEX and CRYPTO_CONDVAR typesafeHugo Landau2024-02-092-3/+4
| | | | | | | | | | | | | | There was really no need for this to be void and it made bugs very easy to introduce accidentally, especially given that the free functions needed to be passed a pointer to the pointer. Also fix some bugs in the QUIC code detected immediately by this change. . Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23519)
* Minor updatesHugo Landau2024-02-081-1/+1
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* Fix error code collisionHugo Landau2024-02-081-1/+1
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QUIC APL: Add feature query implementationHugo Landau2024-02-081-0/+4
| | | | | | | | | | Fixes https://github.com/openssl/project/issues/412 Fixes https://github.com/openssl/project/issues/415 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QUIC CHANNEL: Add idle timeout configuration and stream count APIsHugo Landau2024-02-081-0/+23
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QUIC RXFC: Add accessor for creditHugo Landau2024-02-081-3/+9
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QUIC: Add new error codes for tuning APIHugo Landau2024-02-081-0/+5
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QUIC: Add documentation for tuning APIHugo Landau2024-02-081-0/+41
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* s390x: Fix build on s390x with 'disable-asm'Ingo Franzki2024-02-061-1/+2
| | | | | | | | | | | Do not define S390X_MOD_EXP for a NO_ASM build, this would result in unresolved externals for s390x_mod_exp and s390x_crt. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23458)
* QUIC QLOG: Use set0Hugo Landau2024-02-023-4/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC QLOG: Minor doc updatesHugo Landau2024-02-021-1/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC QLOG: Record implementation versionHugo Landau2024-02-021-0/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC QLOG: Allow PID to be overriddenHugo Landau2024-02-021-0/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC TXP: Allow QLOG instance to be changed after instantiationHugo Landau2024-02-021-0/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC QTX: Allow QLOG instance to be changed after instantiationHugo Landau2024-02-021-0/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QUIC FIFD: Allow QLOG instance to be changed after instantiationHugo Landau2024-02-021-0/+2
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: Editorial fixes (QLOG is spelled 'qlog')Hugo Landau2024-02-023-4/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* JSON_ENC: Minor tweaksHugo Landau2024-02-021-3/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: Remove vestigial abort codeHugo Landau2024-02-021-2/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: Minor updatesHugo Landau2024-02-021-1/+0
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: JSON Encoder: Rename JSON_ENCHugo Landau2024-02-021-40/+41
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-19 10:04:26 +0000