mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-11 14:22:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
33,891 Commits 34 Branches 385 Tags 461 MiB
11b7d46fa7
Commit Graph

4706 Commits

Author SHA1 Message Date
Matt Caswell
11b7d46fa7 Return NULL if we fail to create a BIO in the demos/quicserver 
Strictly speaking the previous code was still correct since BIO_set_fd
is tolerant of a NULL BIO. But this way is more clear.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
 2023-09-08 15:44:37 +01:00
Matt Caswell
cdedecd503 Add a missing call to BIO_closesocket() 
A couple of the demos missed a call to this function in an error case.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
 2023-09-08 15:44:37 +01:00
Matt Caswell
38c3c1dbef Expand the explanation of how to go and do useful work in non-blocking 
Add additional commentary to the non-blocking examples explaining where to
add code to go and do other useful work.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
 2023-09-08 15:44:37 +01:00
Matt Caswell
e8a5b06bdc Add a new guide page on writing a non-blocking QUIC client 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
 2023-09-08 15:44:37 +01:00
Matt Caswell
5bd2f66a84 Add a new guide page on writing a non-blocking TLS client 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21950)
 2023-09-08 15:44:37 +01:00
Matt Caswell
da1c088f59 Copyright year updates 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
 2023-09-07 09:59:15 +01:00
Philip Prindeville
c1673a60e4 Per other commands, make progress dots in req only w/ -verbose 
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21937)
 2023-09-06 09:46:05 +10:00
Dr. David von Oheimb
e664ef78b9 CMP: generalize ossl_cmp_calc_protection() to handle Edwards curves correctly 
Fixes #21564

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21884)
 2023-09-05 13:25:41 +02:00
slontis
e3994583a1 Added 'saltlen' option to the OpenSSL enc command line app. 
This allows PBKDF2 to change the saltlen to something other than the
new default value of 16. Previously this app hardwired the salt length
to a maximum of 8 bytes. Non PBKDF2 mode uses EVP_BytesToKey()
internally, which is documented to only allow 8 bytes.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
 2023-09-04 14:15:34 +10:00
slontis
9f679bdc71 Added a 'saltlen' option to the openssl pkcs8 command line app. 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
 2023-09-04 14:15:34 +10:00
slontis
3859a02725 Change PBES2 KDF default salt length to 16 bytes. 
The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
 2023-09-04 14:15:34 +10:00
Sumitra Sharma
59d87f6e7e Fix typo in openssl-pkeyutl(1) 
Changed "than" to "then" for improved clarity and correctness.

CLA: trivial

Fixes #21543

Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21925)
 2023-09-02 15:29:06 +01:00
Matt Caswell
48724e8a20 Add a test for QUIC non IO retry errors 
Test that errors such as SSL_ERROR_WANT_RETRY_VERIFY are properly
handled by QUIC connections.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21922)
 2023-09-02 15:23:55 +01:00
Hugo Landau
016a80dcf4 Minor fixes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:54 +01:00
Hugo Landau
e24f784b0c QUIC: Note differences in SSL_want 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:54 +01:00
Hugo Landau
ca5b030306 QUIC: Update API overview document 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:54 +01:00
Hugo Landau
728741f588 QUIC: Note that SSL_set_shutdown is not supported 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:54 +01:00
Hugo Landau
0c125b611d QUIC: Update API table 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:54 +01:00
Hugo Landau
cf26915063 BIO: Emphasise API contract for BIO_sendmmsg/BIO_recvmmsg 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
2619d10ace BIO: Allow third parties to use integers instead of pointers for poll descriptors 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
7d9e447ab8 QUIC API: Revise SSL_get_conn_close_info to use a flags field 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
cc50b44e55 Document OSSL_get_thread_support_flags() 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
d2e9e12b23 QUIC APL: Allow stream origin to be queried 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
8d7f034622 Minor fixes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
abeb41b42f Minor updates 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
4426c47d66 Add manpages 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
277880e754 QUIC DDD: Final report 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
c276217e4b QUIC DDD: ddd-02-conn-nonblocking-threads: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
1ed2d7929a QUIC DDD: ddd-02-conn-nonblocking-threads: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
74d588ca15 QUIC DDD: ddd-06-mem-uv: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
5e73999803 QUIC DDD: ddd-06-mem-uv: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
47eceab67a QUIC DDD: ddd-05-mem-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
70dc50c265 QUIC DDD: ddd-05-mem-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
92db6d6280 QUIC DDD: ddd-04-fd-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
b3e71dbf68 QUIC DDD: ddd-04-fd-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
24e583619c QUIC DDD: ddd-03-fd-blocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
43f4b8a80e QUIC DDD: ddd-03-fd-blocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
f379207659 QUIC DDD: ddd-02-conn-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
e6ad003d73 QUIC DDD: ddd-02-conn-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
b96e5cc60b QUIC DDD: ddd-01-conn-blocking: Unplanned changes 
- QUIC_client_method() renamed due to namespacing
- QUIC mandates use of ALPN

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
37f12107ee QUIC DDD: ddd-01-conn-blocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
be4c3446a4 QUIC DDD: Update makefile 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
e1d0c930c1 QUIC DDD: Add unchanged copy of ddd-02-conn-nonblocking to serve as base for thread-assisted variant 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
30302c66bd QUIC DDD: Allow target host:port to be set from command line 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
b1cb0675e5 QUIC DDD: Fix bug in ddd-06-mem-uv 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Dmitry Belyavskiy
9f5102bffc Design document of the run-time parameters activation 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21604)
 2023-08-30 21:55:47 +02:00
Dmitry Belyavskiy
9d2f7e1f61 OSSL_PROVIDER_load_ex 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21604)
 2023-08-30 21:55:47 +02:00
Hugo Landau
84adf0764b Tweak documentation for WAIT_PEER 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
 2023-08-30 08:28:22 +01:00
Hugo Landau
7ff1696e5b Tweak documentation for WAIT_PEER 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
 2023-08-30 08:28:22 +01:00
Hugo Landau
25a0c4b907 QUIC APL: Support waiting for peer-initiated shutdown 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
 2023-08-30 08:28:22 +01:00