Igor Ustinov [Sun, 2 Nov 2025 16:37:00 +0000 (17:37 +0100)]
Modernize header macros for C23 compatibility
Replace old-style (int (*)()) and (char *(*)()) casts with proper typed
prototypes (i2d_of_void *, d2i_of_void *, void *(*)(void)) to comply
with stricter C23 function pointer rules.
Fixes #27938
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29048)
Richard Levitte [Mon, 27 Oct 2025 19:47:44 +0000 (20:47 +0100)]
Set the 'tmp' flag BN_FLG_FIXED_TOP in bn_mod_exp_mont_fixed_top()
If not set, bn_check_top() trips when BN_DEBUG is defined
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28801)
Richard Levitte [Thu, 9 Oct 2025 17:56:59 +0000 (19:56 +0200)]
Test BN_DEBUG in CI
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28801)
Richard Levitte [Thu, 9 Oct 2025 17:55:47 +0000 (19:55 +0200)]
Fix BN_DEBUG: ossl_assert() → assert()
ossl_assert() has been modified so much that it no longer fits the
purpose of bn_check_top() when BN_DEBUG is defined in a debug build,
which is to abort and tell where the BIGNUM is inconsistent. This
is by design.
This has remained undiscovered because no one has tried BN_DEBUG
for quite a while.
Assertions in bn_check_top() are also rearranged to better show what
the actual problem is.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28801)
Richard Levitte [Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)]
Rename SSL_CERT_LOOKUP.nid to pkey_nid
Hopefully, this will help further clarify the intent of this
SSL_CERT_LOOKUP field to future developer.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29027)
Richard Levitte [Wed, 29 Oct 2025 09:03:51 +0000 (10:03 +0100)]
Fix NID bug in SSL_CERT_LOOKUP array construction
The SSL_CERT_LOOKUP NID should be for the public key algorithm (what is
often called the "key type". Yet, when populating the SSL_CERT_LOOKUP
table with 'ssl_load_sigalgs', only the sigalg name is used to find a
NID.
This is perfectly OK to do, *if* the sigalg and the associated key type
share the same name. However, that's not always the case.
This change infers the key type name in 'ssl_load_sigalgs' the same way
as it was already done in 'add_provider_sigalgs'.
Related-to: https://github.com/openssl/openssl/pull/29019#discussion_r2472219647 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29027)
Pauli [Tue, 28 Oct 2025 05:05:59 +0000 (16:05 +1100)]
macctx: remove unused function
The `ossl_prov_macctx_load_from_params()` function is no longer used.
Since it isn't public, it can be removed.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29013)
Tomas Mraz [Mon, 20 Oct 2025 14:17:38 +0000 (16:17 +0200)]
Drop symbol numbers as we are doing a new major version
Also recreate the .num files from scratch as that makes the
symbols sorted.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28959)
Some files in @except_env_files are located in the build directory,
not the source directory.
Furthermore, because the files and directories in @except_dirs and
@except_env_files may look different than the elements in what find()
returns, realpath() must be used to ensure that file name comparison
matches when it should.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28601)
Dmitry Misharov [Mon, 27 Oct 2025 15:21:58 +0000 (16:21 +0100)]
Move CI jobs with macos large runners
Running CI jobs on MacOS large runner on each pull request
is problematic for forks. These runners are not free and require
billing to setup. Therefore it makes more sense move macos-14-large
and macos-15-large into os-zoo.yml which is scheduled to run nightly.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29007)
Neil Horman [Wed, 22 Oct 2025 14:54:15 +0000 (10:54 -0400)]
Add lock contention graph script to openssl
Add a script to use gnuplot to graph lock contention events as reported
by the REPORT_RWLOCK_CONTENTION feature vs time so we can see an
application run time based view of where lock contention occurs.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/28974)
Gleb Popov [Fri, 10 Oct 2025 13:31:47 +0000 (16:31 +0300)]
rc4: Remove the pointless if() operator, its condition is always true
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28827)
Joshua Rogers [Mon, 13 Oct 2025 23:59:04 +0000 (07:59 +0800)]
apps/s_time: reset reused SSL with SSL_clear in doConnection
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28911)
Joshua Rogers [Sun, 12 Oct 2025 13:39:42 +0000 (21:39 +0800)]
comp/zstd: make bio_zstd_read return -1 on hard errors
Split NULL out param from zero outl. Return -1 on malloc failure and
NULL parameter. Keep 0 only for outl <= 0 and clean EOF. This lets
callers distinguish errors from empty reads without inspecting the
error queue.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28908)
Richard Levitte [Wed, 8 Oct 2025 20:55:45 +0000 (22:55 +0200)]
Cleanup: Remove include/crypto/bn_conf.h.in
It turns out that this reproduces what's already done conditionally in
include/openssl/configuration.h.in. Furthermore, include/crypto/bn_conf.h
was only included in crypto/bn/bn_local.h using the same guard as the
definition in include/openssl/configuration.h, which is already included
by crypto/bn/bn_local.h anyway, via include/openssl/opensslconf.h.
Therefore, include/crypto/bn_conf.h.in can be removed, alongside the
construction and inclusion of include/crypto/bn_conf.h.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28794)
Simo Sorce [Thu, 2 Oct 2025 21:57:42 +0000 (17:57 -0400)]
Run on-demand self-tests when requested
The `on_demand_test` flag passed to `SELF_TEST_post` was not being honored by
the Known Answer Test (KAT) runner. Tests marked as 'deferred' were always
skipped.
This change passes the `on_demand_test` flag through to the KAT functions,
ensuring that when an on-demand test is requested, the full suite of self-
tests is executed as intended.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28725)
Simo Sorce [Tue, 30 Sep 2025 20:12:03 +0000 (16:12 -0400)]
Allow running individual FIPS self-tests
This introduces a new function, `SELF_TEST_kats_single()`, to the FIPS
provider. This allows for deferring running the Known Answer Tests (KATs)
for a specific algorithm. This is useful to avoid running
computationally costly tests upfront and instead run them only if the
algorithm is actually going to be used.
To support this, a `deferred` flag has been added to the test data
structures. The main self-test function, `SELF_TEST_kats()`, is updated to
skip tests marked for deferred execution, preserving its existing startup
behavior for all other tests.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28725)
Bob Beck [Tue, 21 Oct 2025 17:20:35 +0000 (11:20 -0600)]
Remove the hack to accept tests failing for out of range input
Now that OPENSSL_gmtime is backed by tm_to_posix and posix_to_tm
it validates the input from struct tm, so it is no longer necessary
to have hacks in place to allow for out of bound input tests to
fail.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28949)
If the call to ASN1_item_ex_d2i() from x509_pubkey_ex_d2i_ex() fails
*pval is freed by asn1_item_ex_d2i_intern()->ASN1_item_ex_free()->ossl_asn1_item_embed_free()
inside the ASN1_item_ex_d2i() function without freeing the
string buffer X509_PUBKEY::propq that was previously allocated
in x509_pubkey_ex_new_ex() and we lose the pointer to this buffer.
The function we are fixing here is one of the functions used
to define X509_PUBKEY - so any operations that work directly
on X509_PUBKEY_INTERNAL should be prevented from freeing
the structure because they don't know how to handle it.
Signed-off-by: Andrey Tsygunka <aitsygunka@yandex.ru> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27333)
Neil Horman [Wed, 8 Oct 2025 12:20:36 +0000 (08:20 -0400)]
Copy impls stack when calling ossl_method_store_do_all
PR https://github.com/openssl/openssl/pull/24782 introduced a copying of
the algs stack in ossl_method_store_do all, so that the subsequent
iteration of elements through alg_do_one could be done without a lock,
and without triggering a tsan error as reported in:
https://github.com/openssl/openssl/issues/24672
However, the problem wasn't completely fixed. Issue:
https://github.com/openssl/openssl/issues/27726
Noted that, sometimes we still get a crash when iterating over each algs
impls stack. This occurs because, even though we've cloned the algs to
a private data area, the impls stack for each alg still points to shared
data, which we are accessing without the benefit of a lock. Because of
that, if some other thread calls a function that mutates the impl stack
(say ossl_method_store_remove()), we may encounter a NULL or garbage
value in one of the impl stack values, leading to an unexpected NULL
pointer or simmilar, which in turn leads to a crash.
Unfortunately we can't use a lock to create exclusive access here, as
there are several paths that lead to a recursive mutation of the stack,
which would deadlock.
So the only way that I see to prevent this (which is admittedly ugly),
is to not only clone the alg stack, but to duplicate each algs impl
stack with the read lock held, prior to doing the iteration.
Further, we've been unable to test this, as the problem is rare, and we
don't have a solid reproducer for the issue, but visual inspection
suggests this should fix that. Hopefully:
Fixes #27726
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28783)
Tomas Mraz [Wed, 22 Oct 2025 13:07:10 +0000 (15:07 +0200)]
Disable also argon2, scrypt and slh-dsa with no-bulk
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/28970)
Tomas Mraz [Wed, 22 Oct 2025 13:03:24 +0000 (15:03 +0200)]
scrypt.c: Do not include the param with OPENSSL_NO_SCRYPT
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/28970)
Simo Sorce [Mon, 28 Jul 2025 19:32:06 +0000 (15:32 -0400)]
Clear keymgmt params containing sensitive data
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28108)
Simo Sorce [Mon, 28 Jul 2025 14:59:54 +0000 (10:59 -0400)]
Test OSSL_PARAM_clear_free()
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28108)
Simo Sorce [Mon, 28 Jul 2025 12:32:54 +0000 (08:32 -0400)]
Add a way to cleanse params arrays
This uses the return_size field of the last terminating parameter
similaraly to how secure memory uses the data and data_size fields,
to hold the total size of memory allocated for params.
This is then used to be able to call OPENSSL_cleanse on the params
fields via the new OSSL_PARAM_clear_free() call.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28108)
Bernd Edlinger [Tue, 21 Oct 2025 11:42:00 +0000 (13:42 +0200)]
Fix heap-buffer-overflow in CI fuzzing tests
The ASN1_STRING is not supposed to be used as a
zero-terminated string. Therefore we need to check
the string length explicitly and use memcmp instead of
strcmp in ossl_x509_check_cert_time.
Fixes a regression introduced by #28623
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28962)
Bob Beck [Sat, 4 Oct 2025 13:34:11 +0000 (07:34 -0600)]
Adapt the tests to not care about failures from platform gmtime()
Now that we don't use gmtime, timegm and friends from the platform
we should be able to handle all values the same on any platform
with no concerns other than what the platform has decided to use
for time_t.
The hpux #ifdef is removed, as looking at f5e3115361f shows this
was added due to a gmtime() failure on the platform.
This then clears out all the platform specific chaos in helper.c
as an example of why the public API being added is actually
generally useful, as it has been noticed that users of OpenSSL
frequently end up dealing with the same issues in the same really
awful ways in their own software as were were doing in that file
in the tests.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28748)
Bob Beck [Fri, 3 Oct 2025 12:16:33 +0000 (06:16 -0600)]
Bring in posix time conversion functions, originally from BoringSSL
This is effectively a Julien date computation, but done as seconds since
the POSIX epoch, all checked for overflow and limited to dates from year
0000 to 9999.
This is advantageous as it removed the need to use the operating system provided
timegm() and gmtime() functions which are only semi-standardized in any case and
when they aren't there or don't work other nastiness needs to be tried to do
the same thing. Even when they are there, you need to worry about the size of
time_t and if the bad idea bears of unsigned time_t have visited this platform.
By simply doing the conversion ourselves, to and from and int64, this can be
done the same everywhere, and bounds checked when being put into a time_t.
This adds public API that is already added in libre and boring in
<openssl/posix_time.h>:
These are added in the forks due to noticing a fair bit of software needing
to perform similar error-prone conversions themselves when dealing with
ASN1 times (such as what we have to do in the tests). While I intend to
use some of this API for further simplification in a follow on changes in
several places (such as ocsp and X509) For now we only use it to simplify
the test helpers and clean that up a bunch
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28748)
Nikola Pajkovsky [Thu, 16 Oct 2025 06:25:06 +0000 (08:25 +0200)]
provider: reduce lock contention in ossl_provider_find
There's really no point to always take write lock, and sort the
store->providers every time. Instead, check if store->providers is
sorted, and if not, then upgrade to the write lock, otherwise use read
lock.
Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28927)
Nikola Pajkovsky [Wed, 15 Oct 2025 10:48:06 +0000 (12:48 +0200)]
clang deprecates sprintf on macos
test/threadstest.c:1376:9: error: 'sprintf' is deprecated.
The same issues is in the ossl-nghttp3-demo.
Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28903)
Simo Sorce [Thu, 16 Oct 2025 19:48:09 +0000 (15:48 -0400)]
signature: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:09 +0000 (15:48 -0400)]
rands: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:08 +0000 (15:48 -0400)]
macs: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:08 +0000 (15:48 -0400)]
keymgmt: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Fri, 17 Oct 2025 02:57:36 +0000 (22:57 -0400)]
Fix handling of include files in libtemplate
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:08 +0000 (15:48 -0400)]
kem: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:07 +0000 (15:48 -0400)]
kdfs: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:07 +0000 (15:48 -0400)]
exchange: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:07 +0000 (15:48 -0400)]
encode_decode: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:07 +0000 (15:48 -0400)]
digests: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:06 +0000 (15:48 -0400)]
ciphers: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Fri, 17 Oct 2025 02:26:33 +0000 (22:26 -0400)]
Fix handling of include files in libcommon
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Thu, 16 Oct 2025 19:48:06 +0000 (15:48 -0400)]
asymciphers: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Mon, 13 Oct 2025 21:48:54 +0000 (17:48 -0400)]
storemgmt: Use include file for generated code
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Simo Sorce [Fri, 10 Oct 2025 20:32:27 +0000 (16:32 -0400)]
Move generic skeymgmt param decoder to .inc file
The Perl-generated code for the generic symmetric key import parameter decoder
is extracted from `generic.c.in` into a new `generic.inc.in` template.
The main `generic.c` file now includes the generated `generic.inc` file. This
change separates the auto-generated code from the handwritten C code,
improving modularity and readability.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28838)
Joshua Rogers [Fri, 10 Oct 2025 22:57:01 +0000 (06:57 +0800)]
CMP client: fix three memory leaks in error handling of the polling mechanism added in 3.3
These are in poll_for_response(), OSSL_CMP_try_certreq(), and OSSL_CMP_exec_certreq().
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/28840)
Fixes for NonStop builds on 3.5 to handle OS platform header file changes.
This changes handles the introduction of _POSIX_VERSION into the NonStop x86
header files that tricks OpenSSL into thinking that ucontext.h is available.
Fixes #28498
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28769)
Joshua Rogers [Sat, 11 Oct 2025 12:10:48 +0000 (20:10 +0800)]
SMIME_text() and SMIME_crlf_copy() small refactoring
When out is NULL, SMIME_text() now skips BIO_write entirely and continues
to return success based on the read loop result. This matches existing
and expected semantics while avoiding a pointless write and any error masking.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28879)
Joshua Rogers [Sat, 11 Oct 2025 06:11:07 +0000 (14:11 +0800)]
freebsd ktls: avoid unaligned 16 bit length store in ktls_read_record
This prevents SIGBUS on strict alignment architectures when p+3 is not aligned
for 16 bit access. Behavior is unchanged on x86 and matches the Linux path.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28860)
Joshua Rogers [Fri, 10 Oct 2025 16:48:52 +0000 (00:48 +0800)]
ssl/statem: write 16-bit ECDHE group id in SKE
tls_construct_server_key_exchange wrote the named group as two u8 bytes with the high byte set to 0. TLS requires a 16-bit NamedGroup. Use WPACKET_put_bytes_u16(curve_id) so ids >= 256 are encoded correctly. No change for groups < 256.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28835)
Joshua Rogers [Fri, 10 Oct 2025 12:36:31 +0000 (20:36 +0800)]
Resetting the cookie_len should set the cookie_len to 0.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28817)
Joshua Rogers [Fri, 10 Oct 2025 11:55:31 +0000 (19:55 +0800)]
Fix off-by-one overflow in the AST resubmit
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28811)
Joshua Rogers [Wed, 8 Oct 2025 07:31:18 +0000 (15:31 +0800)]
Disallow Message sequence number 2 in DTLSv1_listen
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28788)
Joshua Rogers [Wed, 8 Oct 2025 22:14:15 +0000 (06:14 +0800)]
ssl: fix OOB write in SSL_get_shared_ciphers when no shared ciphers
When no cipher names are appended, p remains at buf and the unconditional
p[-1] = '\0' underflows. Only NUL-terminate if at least one cipher was written;
otherwise return an empty string safely.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28785)
* Adding missing periods.
* Consistently using "OpenSSL" as the project's name.
* Fixing the "`EVP_SKEY`" formatting reverted by a merge resolution
in f815ee19e066 "Harden RSA public encrypt".
* Fitting the lines in 80 characters, do a bit more semantic line breaks.
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28734)
Joshua Rogers [Wed, 8 Oct 2025 07:37:35 +0000 (15:37 +0800)]
APPS/cmp: fix wrong CLI option reference for -ref_cert
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28786)
projects / thirdparty / openssl.git / log
