mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
33,064 Commits 34 Branches 385 Tags 513 MiB
eff046524b
Commit Graph

33064 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tomas Mraz
eff046524b Add minimal handling of NEW_CONNECTION_ID frames 
We actively use only the latest DCID received. And retire only
DCIDs requested by the peer to be retired.

Also changed the active_conn_id_limit to 2 as the minimum value allowed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
 2023-05-17 14:04:18 +01:00
Tomas Mraz
dbca844cb3 quic_txp_test.c: Cleanup use of WPACKET 
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
 2023-05-17 14:04:17 +01:00
Hugo Landau
4b4e246ccb QUIC Documentation: update man(7) for multi-stream 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19899)
 2023-05-17 11:10:45 +01:00
Hugo Landau
f89c2a9926 QUIC man(7) Documentation 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19899)
 2023-05-17 11:10:45 +01:00
Bernd Edlinger
a64c48cff8 Fix stack corruption in ui_read 
This is an alternative to #20893

Additionally this fixes also a possible issue in UI_UTIL_read_pw:

When UI_new returns NULL, the result code would still be zero
as if UI_UTIL_read_pw succeeded, but the password buffer is left
uninitialized, with subsequent possible stack corruption or worse.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20957)
 2023-05-17 12:07:02 +02:00
Yuan, Shuai
43d5dac9d0 Fixed EVP_PKEY_CTX_set_ec_paramgen_curve_nid() for SM2 in ENGINEs 
The CTRL translation is missing for SM2 key types.

Fixes #20899
Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20900)
 2023-05-15 12:04:55 +02:00
Hugo Landau
2b5a546ce1 QUIC: Documentation fix 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
de521629c1 QUIC APL: De-publicise SSL_attach_stream/SSL_detach_stream 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
5da3e02c5e QUIC: Fix CRYPTO_GET_REF 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
83df44ae53 QUIC MSST: Rename SSL_set_incoming_stream_reject_policy 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
bb9b8a333f QUIC MSST: Revise SSL_get_conn_close_info API (char) 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
5fc256cd6b QUIC MSST: Documentation fixes 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
4f2d32d6b6 QUIC MSST: Fix test on macOS 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:15 +01:00
Hugo Landau
5e125829c0 QUIC MSST: Further documentation fixes 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
3a61a96c1e QUIC MSST: Clarify default XSO transitions 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
47238a3d3f QUIC MSST: Documentation fixes 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
433d107a9b QUIC APL: Fix a bug where avail could be used uninitialized 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
97f30fd5d8 QUIC MSST: Test that SSL_free works in either order 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
9cab4bd523 QUIC APL: Handle reference for multiple streams counting correctly 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
008a61a544 REFCOUNT: Add support for querying refcount 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
59c5c016e5 QUIC APL: Fix logic of SSL_get_stream_type 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
22b1a96ff7 QUIC MSST: Minor fixes and cleanups 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
496b8162b6 QUIC MSST: Documentation updates 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
9715e3aacf QUIC MSST: Fix tests on platforms with non-deterministic loopback interface behaviour (Apple) 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
93651dc245 QUIC QRX: Fix a list usage bug 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:14 +01:00
Hugo Landau
571aff4bfa Minor fixups 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
ed835673ae QUIC MSST: Tests 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
acc6fde0d4 QUIC APL: Fix a bug where incoming unidirectional streams weren't detected 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
f0e22d1be8 QUIC TSERVER: Allow STOP_SENDING/RESET_STREAM to be queried 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
2289401685 QUIC TSERVER: Handle FINs correctly if ossl_quic_tserver_read is not called first 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
8b5278942b QUIC QSM: Minor bugfixes 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
71e5551263 QUIC MSST: make update 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
1e4a9d882f QUIC MSST: Add documentation for new APIs 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
9aaafc26e0 QUIC APL: Send STOP_SENDING/RESET_STREAM when XSO is freed 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
0847e63ee5 QUIC QSM: Stream garbage collection 
This allows QUIC_STREAM objects to be deleted when they are no longer
needed.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
9cacba434b QUIC FIFD: Add support for callback on frame ACK 
We need to get acknowledgement notifications for our STOP_SENDING and
STREAM_RESET frames as this information is needed to know when we can
delete a QUIC_STREAM object.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
c3a04ea2fd QUIC DISPATCH/APL: Add SSL_stream_reset and status query APIs 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
b6fc2294a1 QUIC RXDP: Record STOP_SENDING/RESET_STREAM event AEC codes consistently 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:13 +01:00
Hugo Landau
e8b9f63235 QUIC QSM: Clean up SEND_STREAM/RECV_STREAM handling 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
723cbe8a73 QUIC CHANNEL: Do not copy terminate cause as it is not modified after termination 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
b89c81e43b QUIC QSM: Handle STOP_SENDING correctly 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
90cecc406f QUIC RXDP/QSM: Enforce MAX_STREAMS 
Also use accept queue popping by the application as the retirement
event, i.e., as the cue to increase the limit.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
a6b6ea1737 QUIC TXP/CHANNEL: Generate MAX_STREAMS using RXFC 
Though the RXFC was designed for stream flow control, its logic
is generic enough to use to control MAX_STREAMS generation.

Control of when _we_ can open streams is already done in a bespoke
fashion and doesn't use a TXFC, however (see
ossl_quic_stream_map_update_state).

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
5bd9ddd86e QUIC FC: Modify RXFC to support use for enforcing MAX_STREAMS 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
999e13f40e QUIC CHANNEL: Incoming streams implicitly create lower-numbered streams 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
9caf981237 QUIC: Update faults test to use streams correctly 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
5d27e7e9ae QUIC FIFD: Ensure QUIC_STREAM is updated after QUIC_SSTREAM loss 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
13ac037d01 QUIC APL: Fix locking in XSO code and fix tests 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
995ff28210 QUIC CHANNEL, APL: Reject policy handling 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00
Hugo Landau
cb68ce9fa7 QUIC DISPATCH/APL: SSL_accept_stream, SSL_get_accept_queue_len 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
 2023-05-12 14:47:12 +01:00