Commit Graph

75 Commits

Author SHA1 Message Date
Matt Caswell
b5e2b1d844 Prepare for 3.0 beta 3
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-07-29 15:50:46 +01:00
Matt Caswell
9f551541e8 Prepare for release of 3.0 beta 2
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-07-29 15:50:29 +01:00
Matt Caswell
52e6c77ebc Prepare for 3.0 beta 2
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-06-17 14:03:53 +01:00
Matt Caswell
f9bfdc3aa9 Prepare for release of 3.0 beta 1
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-06-17 14:03:42 +01:00
Pauli
42cf25fcb6 new: update NEWS.md so it is correct.
- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)
2021-06-16 08:49:17 +10:00
Pauli
8b29badad1 new: update NEWS.md so it is correct.
- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)
2021-06-16 08:49:17 +10:00
Matt Caswell
c6bf8bb859 Prepare for 3.0 beta 1
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-05-20 14:30:39 +01:00
Matt Caswell
036f8e71e3 Prepare for release of 3.0 alpha 17
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-05-20 14:30:20 +01:00
Shane Lontis
b7140b0604 Add migration guide for 3.0
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14710)
2021-05-20 08:44:08 +01:00
Matt Caswell
f5680cd0eb Add a CHANGES entry for fully pluggable groups
Fixes #12283

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15282)
2021-05-17 09:54:30 +10:00
Dr. David von Oheimb
829902879e HTTP client API: Generalize to arbitrary request and response contents
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
2021-05-14 19:24:42 +02:00
Dr. David von Oheimb
f925315203 Add convenience functions and macros for asymmetric key generation
Add EVP_PKEY_gen(), EVP_PKEY_Q_gen(), EVP_RSA_gen(), and EVP_EC_gen().
Also export auxiliary function OSSL_EC_curve_nid2name()
and improve deprecation info on RSA and EC key generation/management functions.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14695)
2021-05-11 12:46:42 +02:00
Matt Caswell
4c8e6f7d20 Prepare for 3.0 alpha 17
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-05-06 13:15:11 +01:00
Matt Caswell
d0c041b13a Prepare for release of 3.0 alpha 16
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-05-06 13:15:03 +01:00
Matt Caswell
ed82976b43 Prepare for 3.0 alpha 16
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-04-22 14:44:22 +01:00
Matt Caswell
b07412ef80 Prepare for release of 3.0 alpha 15
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-04-22 14:44:12 +01:00
Matt Caswell
6878f43002 Update KTLS documentation
KTLS support has been changed to be off by default, and configuration is
via a single "option" rather two "modes". Documentation is updated
accordingly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14799)
2021-04-12 11:32:05 +01:00
Matt Caswell
2f8fca79a1 Prepare for 3.0 alpha 15
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-04-08 13:15:59 +01:00
Matt Caswell
f510d614a7 Prepare for release of 3.0 alpha 14
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-04-08 13:15:48 +01:00
Matt Caswell
468d9d5564 Update CHANGES.md and NEWS.md for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-03-25 13:12:42 +00:00
Matt Caswell
e66682a838 Prepare for 3.0 alpha 14
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-03-11 13:47:21 +00:00
Matt Caswell
88df2c0b3d Prepare for release of 3.0 alpha 13
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-03-11 13:47:12 +00:00
Matt Caswell
18fdebf174 Mention the change of licence in NEWS.md
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)
2021-03-10 16:02:35 +00:00
Matt Caswell
c7d4d032a1 Add a missing CHANGES.md entry for the legacy provider
Numerous ciphers and digests have been moved to the legacy provider.
There should be a CHANGES.md entry pointing this out.

Fixes #14441

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)
2021-03-10 16:02:35 +00:00
Matt Caswell
937984efc6 Prepare for 3.0 alpha 13
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-02-18 15:09:04 +00:00
Matt Caswell
b467d394eb Prepare for release of 3.0 alpha 12
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-02-18 15:08:53 +00:00
Matt Caswell
c913dbd716 Update CHANGES and NEWS for new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-02-16 12:33:13 +00:00
Richard Levitte
302e63cbe5 Prepare for 3.0 alpha 12
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-01-28 14:08:31 +01:00
Richard Levitte
31a89254d8 Prepare for release of 3.0 alpha 11
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-01-28 14:07:51 +01:00
Richard Levitte
92bc61e467 Update NEWS.md before alpha11 release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13996)
2021-01-28 11:03:12 +01:00
Matt Caswell
a86add03ab Prepare for 3.0 alpha 11
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2021-01-07 13:48:32 +00:00
Matt Caswell
cae118f938 Prepare for release of 3.0 alpha 10
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2021-01-07 13:48:10 +00:00
Pauli
ea7808143d dsa: add additional deprecated functions to CHANGES entry.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
2020-12-17 21:09:54 +01:00
Matt Caswell
1e13198fa7 Update CHANGES and NEWS for new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-12-08 11:45:55 +00:00
Richard Levitte
af2f14ace5 ERR: Drop or deprecate dangerous or overly confusing functions
ERR_get_error_line() is deprecated, and ERR_get_error_func() and
ERR_get_error_data() are removed in favor of ERR_get_error_all(),
since they pop the error record, leaving the caller with only partial
error record data and no way to get the rest if the wish.

If it's desirable to retrieve data piecemeal, the caller should
consider using the diverse ERR_peek functions and finish off with
ERR_get_error().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13466)
2020-11-28 15:28:46 +10:00
Matt Caswell
e3197e5ab2 Prepare for 3.0 alpha 10
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-26 14:53:26 +00:00
Matt Caswell
68ec3d4730 Prepare for release of 3.0 alpha 9
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-26 14:53:04 +00:00
Richard Levitte
f5a46ed7fe Modify the ERR init functions to use the internal ERR string loaders
This deprecates all the ERR_load_ functions, and moves their definition to
separate C source files that can easily be removed when those functions are
finally removed.

This also reduces include/openssl/kdferr.h to include cryptoerr_legacy.h,
moves the declaration of ERR_load_ERR_strings() from include/openssl/err.h
to include/openssl/cryptoerr_legacy.h, and finally removes the declaration
of ERR_load_DSO_strings(), which was entirely internal anyway.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13390)
2020-11-24 15:21:44 +01:00
Matt Caswell
ecabd00644 Prepare for 3.0 alpha 9
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-05 14:04:11 +00:00
Matt Caswell
20d7295cb0 Prepare for release of 3.0 alpha 8
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-11-05 14:03:50 +00:00
Matt Caswell
e8dca211b4 Prepare for 3.0 alpha 8
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2020-10-15 14:16:19 +01:00
Matt Caswell
f9a5682e5c Prepare for release of 3.0 alpha 7
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2020-10-15 14:15:55 +01:00
Dr. Matthias St. Pierre
b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 11:59:53 +01:00
Dr. Matthias St. Pierre
d8dc853825 Change CVE link style in CHANGES and NEWS
Replace [collapsed reference links][] for the CVEs by
[shortcut reference links], in order to to improve the
readability of the raw markdown text.

Consistently add parentheses around the CVE links at the
end of the CVE descriptions. (The NEWS file already had
the parentheses, in the CHANGES file they where missing.)

[collapsed reference links]:
  https://github.github.com/gfm/#collapsed-reference-link

[shortcut reference links]:
  https://github.github.com/gfm/#shortcut-reference-link

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12967)
2020-10-06 19:35:46 +02:00
Dr. Matthias St. Pierre
6ffc312776 Update CHANGES and NEWS for 1.1.1h release
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12967)
2020-10-06 19:35:46 +02:00
Richard Levitte
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
Fixes #12455

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
2020-08-21 09:23:58 +02:00
Pauli
7d615e2178 rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).

Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.

Other related changes:

Use RNG instead of DRBG in EVP_RAND documentation.  The documentation was
using DRBG in places where it should have been RNG or CSRNG.

Move the RAND_DRBG(7) documentation to EVP_RAND(7).

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
2020-08-07 14:16:47 +10:00
Matt Caswell
1b2873e4a1 Prepare for 3.0 alpha 7
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-08-06 14:02:31 +01:00
Matt Caswell
e3ec8020b4 Prepare for release of 3.0 alpha 6
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-08-06 14:00:13 +01:00
Dr. David von Oheimb
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270)
2020-07-20 11:17:34 +02:00