mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-24 13:55:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
33,817 Commits 34 Branches 385 Tags 444 MiB
d2e9e12b23
Commit Graph

33817 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugo Landau
d2e9e12b23 QUIC APL: Allow stream origin to be queried 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
 2023-09-01 14:02:50 +01:00
Hugo Landau
8d7f034622 Minor fixes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
abeb41b42f Minor updates 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
4426c47d66 Add manpages 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
3760747ff4 Minor fixes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:36 +01:00
Hugo Landau
277880e754 QUIC DDD: Final report 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
c276217e4b QUIC DDD: ddd-02-conn-nonblocking-threads: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
1ed2d7929a QUIC DDD: ddd-02-conn-nonblocking-threads: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
74d588ca15 QUIC DDD: ddd-06-mem-uv: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
5e73999803 QUIC DDD: ddd-06-mem-uv: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
47eceab67a QUIC DDD: ddd-05-mem-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
70dc50c265 QUIC DDD: ddd-05-mem-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
92db6d6280 QUIC DDD: ddd-04-fd-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
b3e71dbf68 QUIC DDD: ddd-04-fd-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
24e583619c QUIC DDD: ddd-03-fd-blocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
43f4b8a80e QUIC DDD: ddd-03-fd-blocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
f379207659 QUIC DDD: ddd-02-conn-nonblocking: Unplanned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
e6ad003d73 QUIC DDD: ddd-02-conn-nonblocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
b96e5cc60b QUIC DDD: ddd-01-conn-blocking: Unplanned changes 
- QUIC_client_method() renamed due to namespacing
- QUIC mandates use of ALPN

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
37f12107ee QUIC DDD: ddd-01-conn-blocking: Planned changes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:35 +01:00
Hugo Landau
be4c3446a4 QUIC DDD: Update makefile 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
e1d0c930c1 QUIC DDD: Add unchanged copy of ddd-02-conn-nonblocking to serve as base for thread-assisted variant 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
30302c66bd QUIC DDD: Allow target host:port to be set from command line 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
b1cb0675e5 QUIC DDD: Fix bug in ddd-06-mem-uv 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
62665fc243 QUIC APL: Introduce addressed v. non-addressed mode handling 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
c20b78d599 BIO_s_dgram_pair: Correct implementation of BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
1bd35edc66 BIO_s_datagram: Wire capability negotiation for BIO_s_datagram 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
000ef7818b BIO: Add BIO_dgram_detect_peer_addr API 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
f3295bd80c BIO_s_datagram: Support configuring non-blocking mode 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
533254eeb3 BIO_s_connect: Support configuration of non-blocking mode in datagram mode 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
617b459ddf QUIC CHANNEL: Introduce concept of (non-)addressed mode 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
51e671e204 QUIC APL: Refactor blocking configuration to allow late blocking support detection 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
be96180aa6 QUIC CHANNEL: Cleanup poll descriptor management 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
0b8b75e242 QUIC REACTOR: Move can-poll flags into reactor 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
0818c17007 QUIC APL: Autoconfigure BIOs as non-blocking 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:34 +01:00
Hugo Landau
573f16c997 BIO_ssl: Make helper functions configure BIOs for QUIC correctly 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Hugo Landau
2e1760118b QUIC APL: Better error reporting 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Hugo Landau
549d0a700b QUIC CHANNEL: Only handle the first protocol error raised 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Hugo Landau
7841dbabec BIO_s_connect: Add support for datagram mode 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Hugo Landau
ed28cb8140 BIO_s_connect: Make internal functions static 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Hugo Landau
881e3299dc QUIC TLS: Better error message when ALPN not used 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
 2023-09-01 10:45:33 +01:00
Abhirup Manna
da57c0eaf2 Removed unnecessary brace in ktls_configure_crypto 
CLA: trivial

Fixes #21498

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21908)
 2023-09-01 11:41:16 +02:00
Kurt Roeckx
399c2da08a Update X509 fuzzer to verify a chain 
It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status

Can find CVE-2022-4203 and CVE-2023-0286

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20243)
 2023-09-01 10:11:57 +01:00
slontis
b544c72f37 Add ED25519 Signature demo. 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21883)
 2023-09-01 10:09:56 +01:00
Matt Caswell
3961991593 Remove a redundant point mul from ossl_ec_key_public_check() 
This code was added in error and is entirely redundant. It is also an
expensive operation (e.g. see #21833).

Fixes #21834

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21902)
 2023-09-01 10:08:20 +01:00
Rohan McLure
50f8b936b0 powerpc: ecc: Fix stack allocation secp384r1 asm 
Assembly acceleration secp384r1 opts to not use any callee-save VSRs, as
VSX enabled systems make extensive use of renaming, and so writebacks in
felem_{mul,square}() can be reordered for best cache effects.

Remove stack allocations. This in turn fixes unmatched push/pops in
felem_{mul,square}().

Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
 2023-09-01 10:06:54 +01:00
Rohan McLure
670e73d908 ecc: Remove extraneous parentheses in secp384r1 
Substitutions in the felem_reduce() method feature unecessary
parentheses, remove them.

Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
 2023-09-01 10:06:54 +01:00
Hugo Landau
60421893a2 QUIC: Harden ring buffer against internal misuse 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21895)
 2023-08-31 16:34:51 +01:00
Ingo Franzki
ecb6cdf02a OPENSSL_init_crypto load config into initial global default library context 
OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG must load the configuration
into the initial global default library context, not the currently set default
library context.

OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG may be called within other
OpenSSL API functions, e.g. from within EVP_PKEY_CTX_new_xxx() when initializing
a pkey context, to perform implicit initialization, if it has not been
initialized yet. This implicit initialization may happen at a time when an
application has already create its own library context and made it the default
library context. So loading the config into the current default library context
would load it into the applications library context.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21897)
 2023-08-31 17:06:51 +02:00
Tomas Mraz
305dc68add Add CHANGES.md entry for ess_cert_id_alg default change 
The default was changed in 10536b7f5b

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21845)
 2023-08-31 11:11:44 +02:00