Move e_os2.h up in quictestlib.c to allow symbol definition consistency.
Fixes: #22178 Signed-of-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22179)
Matt Caswell [Mon, 25 Sep 2023 15:44:47 +0000 (16:44 +0100)]
Fix a mem leak when the FIPS provider is used in a different thread
We were neglecting to register the main thread to receive thread stop
notifications. This is important if the thread that starts the FIPS
provider is not the same one that is used when OPENSSL_cleanup() is
called.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
Pauli [Tue, 5 Sep 2023 00:16:49 +0000 (10:16 +1000)]
fips selftest: avoid relying on a real RNG for self tests
Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG. This leaves the DRBG setup
pristine and permits later replacement of the seed source despite
the very early running power up self tests.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21342)
Matt Caswell [Thu, 21 Sep 2023 15:28:58 +0000 (16:28 +0100)]
Add a test for BIO_ADDR_copy()
We also add a test for BIO_ADDR_dup() which was also added in 3.2
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)
Matt Caswell [Thu, 21 Sep 2023 11:16:38 +0000 (12:16 +0100)]
Clean away the test code implementation of bio_addr_copy
We now have a public function for BIO_ADDR_copy() which can be used in
preference to the test code's private implementation.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)
Matt Caswell [Thu, 21 Sep 2023 11:10:15 +0000 (12:10 +0100)]
Add documentation for the BIO_ADDR_copy() function
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)
Matt Caswell [Thu, 21 Sep 2023 10:59:58 +0000 (11:59 +0100)]
Implement a public BIO_ADDR_copy() function
We already have BIO_ADDR_dup() but in some contexts that is not sufficent.
We implement BIO_ADDR_copy() and make BIO_ADDR_dup() use it.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)
Matt Caswell [Fri, 22 Sep 2023 16:31:34 +0000 (17:31 +0100)]
Remove a spurious inclusion of the sparse array header file
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22174)
no-engine: fix signing with legacy app method based keys
Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an
`RSA` key with an application defined `RSA_METHOD`) used to work in 1.1.1.
That feature was broken in commit 60488d2434, but later on fixed by @t8m
in commit b247113c05 (see #14859).
This commit corrects a minor flaw of the fix, which affects only
`no-engine` builds: the special treatment for foreign keys is guarded
by an `OPENSSL_NO_ENGINE` check.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22163)
sparse_array.o is not needed in libssl at 3.0.x version.
Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22111)
Matt Caswell [Thu, 21 Sep 2023 09:25:00 +0000 (10:25 +0100)]
Clarify the terminology in the noisy dgram BIO
The previous terminology was quite confusing. We try to use drop, duplicate
and delay more consistently and introduce the "reinject" terminology as a
mechanism for implementing duplicates and delays.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)
Matt Caswell [Wed, 20 Sep 2023 15:25:44 +0000 (16:25 +0100)]
Ensure we free all the BIOs in a chain for QUIC like we do in TLS
An application may pass in a whole BIO chain via SSL_set_bio(). When we
free the BIO we should be using BIO_free_all() not BIO_free() like we do
with TLS.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)
Matt Caswell [Mon, 18 Sep 2023 15:55:52 +0000 (16:55 +0100)]
Add support for timeouts into quictestlib.c
Now that we have a noisy datagram BIO we cannot rely on datagrams always
reliably being delivered in the test framework. We need to start taking
notice of timeouts and handling them appropriately.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)
Matt Caswell [Thu, 14 Sep 2023 09:59:47 +0000 (10:59 +0100)]
Create a noisy dgram test
Create a noisy dgram test that can drop/duplicate/reorder UDP packets and
ensure that the QUIC connection is tolerant of this. At this stage we just
create the outline of the test. Adding in the noise will come in future
commits.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22157)
When the realloc fails in contract, this not a fatal
error, since the memory is only shrinked. It is also no
option to exit the function at this point, since that
would leave the hash table in an inconsistent state.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22154)
If an out of memory error happens when the index zero
is reserved in a newly created ip->meth stack object,
that reservation is not done in a second attempt, which makes
various X_set_ex_data overwrite the value of X_set_app_data.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22149)
doc: change name of OSSL_PROVIDER_load_ex design document
Use dashes instead of underscores, to be more consistent with
existing document names. And speaking of consistency, introduce
a consistent name transformation, which will scale better when
design documents start filling the folder ;-)
OSSL_PROVIDER_load_ex -> ossl-provider-load-ex.md
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22029)
Matt Caswell [Fri, 15 Sep 2023 13:29:05 +0000 (14:29 +0100)]
Enable the ability to seed the test RNG without randomising test ordering
Numerous tests use the test_random() function to get a random number. If a
test fails then the seed that was used for the test RNG is displayed.
Setting the seed to the same value in a future run is supposed to cause the
same random numbers to be generated again.
The way to set the RNG seed again is to use the `OPENSSL_TEST_RAND_ORDER`
environment variable. However setting this environment variable *also*
randomises the test ordering as well as seeding the RNG. This in itself
calls test_random() so, in fact, when the test finally runs it gets
different random numbers to when it originally run (defeating the
repeatability objective).
This means that only way repeatability can be obtained is if the test was
originally run with `OPENSSL_TEST_RAND_ORDER` set to 0. If that wasn't done
then the seed printed when the test failed is not useful.
We introduce a new environment variable `OPENSSL_TEST_RAND_SEED` which can
be used to independently seed the test RNG without randomising the test
ordering. This can be used to get repeatability in cases where test ordering
randomisation was not done in the first place.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22118)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/22138)
Hugo Landau [Thu, 14 Sep 2023 07:40:14 +0000 (08:40 +0100)]
BIO: Wire poll descriptor functions in BIO_s_sock
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21979)
Hugo Landau [Wed, 13 Sep 2023 12:47:13 +0000 (13:47 +0100)]
SSL: Test SSL_get_[rw]poll_descriptor, SSL_net_(read|write)_desired
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21979)
Hugo Landau [Wed, 13 Sep 2023 12:46:44 +0000 (13:46 +0100)]
QUIC: Update documentation for SSL_get_[rw]poll_descriptor, SSL_net_(read|write)_desired
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21979)
Hugo Landau [Wed, 13 Sep 2023 12:46:27 +0000 (13:46 +0100)]
QUIC APL: Wire SSL_get_[rw]poll_descriptor for TLS/DTLS
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21979)
Hugo Landau [Wed, 6 Sep 2023 07:04:17 +0000 (08:04 +0100)]
QUIC: Wire SSL_net_(read|write)_desired for TLS/DTLS
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21979)
Add documentation for the function SSL_CONF_CTX_finish.
Add documentation for the function SSL_CONF_CTX_finish() in man3.
Fixes #22084
Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22128)
Signed-off-by: Mathieu Tortuyaux <mathieu.tortuyaux@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22134)
Simo Sorce [Thu, 14 Sep 2023 20:55:32 +0000 (16:55 -0400)]
Add provider documentation for the new open_ex
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)
Simo Sorce [Thu, 14 Sep 2023 13:25:30 +0000 (09:25 -0400)]
Add Test to verify open_ex password checking works
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)
Simo Sorce [Mon, 23 Jan 2023 22:28:21 +0000 (17:28 -0500)]
Allow to pass a passprase callback at store open
Some PKCS11 modules require authentication early on to be able to
preload objects, which we want to do to avoid costly roundtrips when the
HSM is actually reached over a network (Cloud HSM).
Unfortunately at open time we can't interact with the user becaue the
callbacks are only passed at object load time. later on.
This patch corrects this issue by providing a more feature rich open
call for providers.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)
Enhance code safety and readability in SSL_get_shared_ciphers()
This commit introduces two key improvements:
1. Improve code safety by replacing the conditional statement with
`if (n >= size)` and using OPENSSL_strnlen() instead of strlen().
This change ensures proper buffer size handling and adheres to
secure coding practices.
2. Enhance code readability by substituting `strcpy(p, c->name)` with
`memcpy(p, c->name, n)`. This adjustment prioritizes code clarity and
maintenance, even while mitigating a minimal buffer overflow risk.
These enhancements bolster the code's robustness and comprehensibility,
aligning with secure coding principles and best practices.
Fixes #19837
Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21934)
APPS: remove duplicate definition of `trace_data_stack`
Note: It seems like the C compiler doesn't care about the duplicate.
(The first definition is eight lines above.) The C++ compiler however
didn't like it when I reused the tracing code snippets elsewhere.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22117)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22098)
Tomas Mraz [Thu, 14 Sep 2023 14:59:47 +0000 (16:59 +0200)]
coveralls.yml: Improve coverage mapping and remove 1.1.1
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22104)
Neil Horman [Tue, 12 Sep 2023 21:09:06 +0000 (17:09 -0400)]
Fix a key repointing in various ciphers
In the dupctx fixups I missed a pointer that needed to be repointed to
the surrounding structures AES_KEY structure for the sm4/aes/aria
ccm/gcm variants. This caused a colliding use of the key and possible
use after free issues.
Fixes #22076
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22102)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
Matt Caswell [Wed, 13 Sep 2023 09:31:46 +0000 (10:31 +0100)]
Remove use of _Static_assert
We had some use of the C11 _Static_assert feature which can cause some
problems on some platforms. Everywhere we were using it, it is not really
required so remove it.
Fixes #22017
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22091)
Tomas Mraz [Wed, 13 Sep 2023 06:29:17 +0000 (08:29 +0200)]
Fix build of SHA3 on ARM64 with no-asm
Fixes #22089
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22090)
Richard Levitte [Tue, 12 Sep 2023 12:58:03 +0000 (14:58 +0200)]
Have legacy blake2 EVP structure use base blake2 implementation
For some reason, the code here was made to got through the provider
specific init functions. This is very very dangerous if the provider
specific functions were to change in any way (such as changes to the
implementation context structure).
Instead, use the init functions from the base blake2 implementations
directly.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22079)
Richard Levitte [Tue, 12 Sep 2023 13:07:29 +0000 (15:07 +0200)]
Fix test/quic_tserver_test.c for slow machines
OSSL_sleep(1) isn't enough of a wait for threads to process the next QUIC
tick, so it gets increased to OSSL_sleep(100). This may be a tad much,
perhaps, but for now, it gives a good margin.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22075)
If SSL_CTX_set0_tmp_dh_pkey rejects the temp dh key
due to security restrictions (even when @SECLEVEL=0 is used!)
then the caller has to delete the PKEY object.
That is different to how the deprecated
SSL_CTX_set_tmp_dh_pkey was designed to work.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22060)
Matt Caswell [Tue, 12 Sep 2023 09:39:51 +0000 (10:39 +0100)]
Further fix in bio_dgram_test for BIO_s_dgram_mem()
When setting an explicit buffer size using BIO_s_dgram_mem() make sure we
take into account the size of the header (which may be large on NonStop)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22058)
Matt Caswell [Mon, 11 Sep 2023 09:03:22 +0000 (10:03 +0100)]
Fix a failure in bio_dgram_test on the NonStop platform
The size of the datagram header is significantly larger that we might
expect on NonStop (probably driven by sizeof(BIO_ADDR)). We adjust the
size of the default buffer to take into account the header size and the
mtu.
Fixes #22013
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22058)
Matt Caswell [Mon, 11 Sep 2023 12:55:41 +0000 (13:55 +0100)]
Ensure QUIC-TLS errors raised during channel start are available to caller
TLS misconfiguration errors should be shown to the application to enable
diagnosis of the problem. Otherwise you just get a generical "internal
error" message.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22066)
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22063)
This affects only RSA-PSS keys with params using
negative salt legth, or in case of out of memory.
This fixes a memory leak reported in #22049.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22061)
Neil Horman [Fri, 1 Sep 2023 13:10:35 +0000 (09:10 -0400)]
Add dupctx support to aead ciphers
Add dupctx method support to to ciphers implemented with IMPLEMENT_aead_cipher
This includes:
aes-<kbits>-gcm
aria-<kbits>-ccm
aria-<kbits>-gcm
sm4-<kibs>-gcm
Fixes #21887
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)
Matt Caswell [Fri, 8 Sep 2023 10:22:36 +0000 (11:22 +0100)]
Add a test for SSL_CIPHER_find() when used with a QUIC SSL object
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22011)
Matt Caswell [Thu, 7 Sep 2023 16:45:49 +0000 (17:45 +0100)]
Fix the SSL_CIPHER_find() function when used with a QCSO
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22011)
Matt Caswell [Thu, 7 Sep 2023 16:36:13 +0000 (17:36 +0100)]
Add a test for using a PSK with QUIC
Check that we can set and use a PSK when establishing a QUIC connection.
Fixes openssl/project#83
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22011)
projects / thirdparty / openssl.git / log
