Updated with new information since des3 and dsa are not recommended
algorithms.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27343)
Jon Ericson [Thu, 10 Apr 2025 05:04:41 +0000 (22:04 -0700)]
Point to new docs location
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27331)
This commit removes the duplicate definition of cipher 0xC102 in
ssl/t1_trce.c, as reported in issue #27303.
The first definition (IANA-GOST2012-GOST8912-GOST8912) is kept as the
canonical one.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27329)
When entering the branch (pbe_nid <= 0), line 66 assigns new values to the variable of line 67 (pbe_nid = NID_id_pbkdf2).
However, it is not used anywhere in the future.
For this reason, lines 66 and 67 were removed.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27296)
David Benjamin [Mon, 7 Apr 2025 20:40:05 +0000 (16:40 -0400)]
Fix PKCS7_sign and CMS_sign default hash documentation
Fixes #27291. See issue for details.
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27292)
Updated the change log to include SSLv3 being disabled by default.
This change was implemented into version 1.1.0 and onward. The last version that had SSLv3 enabled was version 1.0.2h, which is why the addition was made where it is.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27289)
added deprecated note to OPENSSL_instrument_bus docs
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27288)
Malcolm Hogan [Fri, 7 Mar 2025 23:30:43 +0000 (18:30 -0500)]
Remove DAYS argument
This commit removes DAYS from certificate requests to avoid the warning
'Ignoring -days without -x509; not generating a certificate'
This argument is not needed with the -new argument. Additionally makes sure
$1 is handled when -nodes is not given. Preventing an uninitialized value
error when the DAYS argument is removed.
Fixes #26595
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/27277)
Fix potential NULL pointer dereference in final_maxfragmentlen()
In the final_maxfragmentlen() function, s->session is checked
for NULL after it was dereferenced earlier.
So move this NULL check to the top of the function.
CLA: trivial
Fixes: fa49560451 (Fix handling of max_fragment_length extension for PSK) Signed-off-by: Andrey Tsygunka <aitsygunka@yandex.ru> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/27272)
This fixes a couple of big-endian issues in the
assembler code of chacha, SM3 and SM4.
Fixes #27197 Tested-by: @zeldin Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27252)
Graham Leggett [Wed, 2 Apr 2025 11:08:11 +0000 (12:08 +0100)]
ssl/ssl_lib.c: Avoid crash when SSL_CONNECTION is NULL
Detection for sc == NULL is performed after sc is used. Add the
check to the correct place.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27241)
crypto/ui/ui_lib.c: Add OPENSSL_free to avoid memory leaks
Add OPENSSL_free() if general_allocate_boolean() or general_allocate_string fails to avoid memory leaks.
Fixes: a63d5eaab2 ("Add a general user interface API. This is designed to replace things like des_read_password and friends (backward compatibility functions using this new API are provided). The purpose is to remove prompting functions from the DES code section as well as provide for prompting through dialog boxes in a window system and the like.") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27218)
Tim Perry [Thu, 6 Mar 2025 13:33:17 +0000 (14:33 +0100)]
Add SSL_CTX_set_ec_point_formats() and SSL_set_ec_point_formats()
The internal fields and implementation for configuration of this
parameter already existed, but was not exposed. This change adds simple
setters to allow configuration of this field.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26990)
fangming.fang [Fri, 26 Jan 2024 10:48:17 +0000 (10:48 +0000)]
Implement AES-CBC-HMAC-SHA512 on aarch64
This is to implement #19932, it adds enc-then-mac aes-cbc-hmac-sha512 on
aarch64, aes-cbc and hmac-sha512 are interleaved to achieve better
performance.It only supports non-padding mode that means the length of
input data should be multiple of 16 bytes.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22949)
fangming.fang [Wed, 17 Jan 2024 10:48:55 +0000 (10:48 +0000)]
Implement interleaving aes-cbc-hmac-sha on aarch64
This is to implement #19932, it adds enc-then-mac aes-cbc-hmac-sha1/256,
aes-cbc and hmac-sha1/256 are interleaved to achieve better performance.
It only supports non-padding mode that means the length of input data
should be multiple of 16 bytes.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22949)
Matt Caswell [Wed, 9 Apr 2025 12:08:09 +0000 (13:08 +0100)]
Test that SSL_poll does not report a stream as writable if it isn't
We consume all the credit and check the stream is no longer writeable
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27319)
Matt Caswell [Wed, 9 Apr 2025 12:06:24 +0000 (13:06 +0100)]
Prevent SSL_poll from reporting a stream as writeable if it isn't
The CWM might prevent a stream from being writeable. We should not report
a stream as writeable if there is no credit.
Fixes #27312
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27319)
cmp_client_test.c: relax tight timeout value in test_exec_IR_ses_poll_no_timeout()
Fixes #27165
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27249)
Neil Horman [Mon, 7 Apr 2025 13:09:09 +0000 (09:09 -0400)]
Add known issues to NEWS.md for 3.5.0
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27287)
The QUIC protocol is also supported on server side.
Update the README file accordingly.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27258)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27264)
Fix SSL_new() with QUIC_server_method and improve formatting (Fixes #27255)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27264)
Matt Caswell [Fri, 4 Apr 2025 09:12:46 +0000 (10:12 +0100)]
Fix a reference in the OpenSSL guide to QUIC for servers
One part of the OpenSSL guide suggests we only support clients for QUIC
which is no longer true.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27265)
Neil Horman [Thu, 3 Apr 2025 14:47:28 +0000 (10:47 -0400)]
Disable stringop-overflow warnings on s390
Recently ci on master has been failing:
https://github.com/openssl/openssl/actions/runs/14234051502/job/39919663876
Its occuring because the s390 gcc compiler is complaining about various
functions attempting to write past the end of an array.
However, I can find no case in which we actually do so in this case.
The problem resolves when we either:
1) Disable the stringop-overflow warning
or
2) disable all loop unrolling optimizations with fno-loop-nest-optimize
Given that asan doesn't report any out of bounds errors on s390 when
built with case (1), and case (2) can be a significant performance hit,
coupled with the fact that gcc on any other platform avoids the same
issue (s390 is stuck on gcc 12, instead of gcc 16 where the other
platforms are), I think the right thing to do is just disable the
warning here
Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27253)
Update README-QUIC.md with server-side QUIC support information
- Add information about OpenSSL 3.5 server-side QUIC support
- Include specific command instructions for running the QUIC server example
- Explicitly note that s_server does NOT support QUIC
- Fix documentation formatting (trailing spaces and blank lines around code blocks)
Signed-off-by: Samson S. Kolge <eglok1980@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27230)
Richard Hughes [Thu, 21 Nov 2024 11:10:11 +0000 (11:10 +0000)]
Add a SBOM template in CycloneDX format
Improve supply chain security by including a SBOM file with substituted values.
This will be used to construct a composite platform SBOM.
Signed-off-by: Richard Hughes <rhughes@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26020)
Stanciu, Adrian [Tue, 11 Feb 2025 21:14:55 +0000 (13:14 -0800)]
Enable x86-64 SHA-512 family optimizations with SHA512 ISA extension
The SHA-256 (SZ=4) and SHA-512 (SZ=8) dispatcher paths have been
separated while keeping the SHA-256 path unmodified.
Due to early constraints in register availability, two 32-bit
`OPENSSL_ia32cap_P` reads have been coalesced into one. As a
consequence, several bit positions used in feature checks have gained a
32 bits offset.
Replaced `test` with `bt` to allow use of 64-bit immediate indices in
CPUID feature checks.
Split the SHA512 BMI2+AVX2+BMI1 dispatcher branch into:
- AVX2+SHA512: high priority, with SHA512 ISA extension
- AVX2+BMI2+BMI1: fallback
The added implementation has its own copy of `K512` without duplicated
elements every 16 bytes. Shuffle indices have been reused from `K512`.
Added binary translators for `vsha512msg1`, `vsha512msg2`,
`vsha512rnds2` for older assemblers.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26147)
Elizarova, Alina [Tue, 11 Feb 2025 14:10:00 +0000 (06:10 -0800)]
Enable x86-64 SM3 optimizations with SM3 ISA extension
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26196)
Enable x86-64 SM4 optimizations with SM4 ISA extension
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26664)
Bernd Edlinger [Fri, 21 Mar 2025 19:58:57 +0000 (20:58 +0100)]
Fix a visual glitch in test_cmp_http.t
Kill the shell process after the Mock server is running,
to prevent the shell from printing an error message when
the Mock server is finally killed.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27144)
Matt Caswell [Tue, 1 Apr 2025 09:32:00 +0000 (10:32 +0100)]
Detect segfault in the pkeyutl test
Some tests are expected to fail in the pkeyutl test. However, if a segfault
occurs then that counts as a failure and the test passes. A segfault should
never be a "pass".
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27228)
Matt Caswell [Tue, 1 Apr 2025 09:31:33 +0000 (10:31 +0100)]
Fix a segfault in the pkeyutl command line app
Don't attempt to deref a pkey that is NULL
Fixes #27156
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27228)
Neil Horman [Tue, 1 Apr 2025 17:16:04 +0000 (13:16 -0400)]
Temporarily disable gost-engine tests in ci
We need to temporarily disable this as we have a build break in CI:
https://github.com/openssl/openssl/actions/runs/14192630435
Its occuring because gost-engine depends on libprov, which requires a
minimum version cmake-3.0. The update of github runners to cmake-4.0
causes a bail out as cmake 4.0 no longers supports cmake 3.0 syntax.
Libprov is fixed now, but gost-engine needs to update its libprov
submodule, and then we need to update the gost-engine submodule. Until
thats done (which may take days), we should disable the gost-engine
external tests
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27234)
Matt Caswell [Mon, 31 Mar 2025 14:51:14 +0000 (15:51 +0100)]
Link SSL_get_negotiated_group() and SSL_get0_group_name() in the docs
If you are intereseted in one you might be interested in the other.
Fixes #27137
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27210)
dare3path [Fri, 28 Mar 2025 06:54:55 +0000 (07:54 +0100)]
move BIO_err_is_non_fatal() to bio_lib.c
done this without running mkerr.pl otherwise
this is what mkerr.pl would do:
* remove BIO_err_is_non_fatal from bio_err.c
* remove duplicate BIO_R_PORT_MISMATCH
* reorder/sort 3 things
* update copyright year from 2022 to 2025
see #27183
CLA: trivial
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27191)
Benjamin Kaduk [Fri, 14 Jun 2024 21:10:39 +0000 (14:10 -0700)]
statem: always save sigalgs during PHA
We use the same extension-parsing function on server and client
for convenience, but while the server might worry about tracking
what was previously received and not overwriting it, on the client
receiving a request for post-handshake authentication, we always
want to use the values from the current extension (and should
always have a new session object that we are free to mutate).
It is somewhat unclear whether the server also needs the check
for a resumed connection; it appears to have been added back in
2015 in commit 062178678f5374b09f00d70796f6e692e8775aca as part
of a broad pass to handle extensions on resumption, but without
specific documentation of each extension's handling.
Fixes: #10370 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24651)
Pauli [Mon, 31 Mar 2025 01:30:45 +0000 (12:30 +1100)]
ci: strict warnings the default
Make building with --strict-warnings the default for most builds.
Move this option to immediately after the ./config command so its presence
is clearer.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27204)
Pauli [Mon, 31 Mar 2025 02:01:22 +0000 (13:01 +1100)]
rand: avoid unused function warning for FreeBSD and NetBSD.
The existing checks were not sufficiently version specific.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27204)
Pauli [Mon, 31 Mar 2025 01:18:01 +0000 (12:18 +1100)]
ci: remove unnecessary -Wall and -Werror options
The oprion --strict-warnings automatically turns on -Wall and -Werror so there
is no requirement to specify the latter two separately.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27204)
Neil Horman [Sat, 29 Mar 2025 21:52:20 +0000 (17:52 -0400)]
Fix more quic_multistream test formatting
We encountered another failure in the quic_multistream_test:
https://github.com/openssl/openssl/actions/runs/14127125173/job/39578660601#step:9:1005
It appears we still occasionally get empty frames in our qlog, with the
validate-qlog.py scripts properly bails out on. In the above case, the
offending frame entry looked like this:
{
"name": "transport:packet_received",
"data": {
"header": {
"packet_type": "initial",
"packet_number": 4,
"dcid": "",
"scid": "6217813c336a012a"
},
"datagram_id": 6,
"frames": [
{
"frame_type": "new_token",
"token": {
"raw": {
"data": "44801add5794"
}
},
"length": 8
},
{
"frame_type": "stream",
"stream_id": 15897,
"offset": 625652585,
"payload_length": 11,
"explicit_length": true,
"fin": true,
"length": 8
},
{} <= NOTE EMPTY FRAME HERE
]
},
"time": 0
}
I think we're still missing some frame formatting cases in
script_21_inject_plain(), which can format potentially any of the frames
listed in the forbidden_frame_types array when running the
test_dyn_frame_types test.
I think we need to enumerate all of those frame types in the case
statement we have there. Fortunately we generally don't have to provide
sane values, and most of the cases fall into 4 categories (those that
need a 64 bit data value, and those that require 1, 2 or 3 variable
integers). There are two special cases, NEW_TOKEN, and NEW_CONNECTION,
but those just need a mix of fixed and variable width data.
So lets fully enumerate those and hopefully put this to bed.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/27200)
slontis [Sun, 30 Mar 2025 22:42:59 +0000 (09:42 +1100)]
Fix Strict c issue in aes_gcm for armv8
Reported by David Makepeace
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27203)
Vavroch [Sun, 30 Mar 2025 07:49:59 +0000 (09:49 +0200)]
Added 3.5 to coveralls.yml
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Dmitry Misharov <dmitry@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27202)
Viktor Dukhovni [Wed, 26 Mar 2025 10:36:08 +0000 (21:36 +1100)]
Fix sigalg corner cases
- Tolerate RSA PKCS#1 *certificate* signatures when
the peer sigals include RSA PSS with the same digest.
Now that we're more strict about not sending sigalgs that are out of
protocol range, when the client supports TLS 1.3 only, we might refuse
to return an RSA PKCS#1-signed cert.
- Don't send TLS 1.3 sigalgs when requesting client certs from
a TLS 1.2 client.
Fixes: #1144 Fixes: #25277 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27166)
Branden Clark [Tue, 28 Jan 2025 15:50:10 +0000 (16:50 +0100)]
Fix probing the registry for configuration
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26566)
crypto: windows: use LPCTSTR for the temp registry buffer
mingw-w64 only defines LPCTCH when UNICODE isn't defined
crypto/defaults.c: In function 'get_windows_regdirs':
crypto/defaults.c:72:5: error: unknown type name 'LPCTCH'; did you mean 'LPTCH'?
72 | LPCTCH tempstr = NULL;
| ^~~~~~
| LPTCH
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26566)
String litteral don't need the '##' operator, which causes build
failures:
crypto/defaults.c:kepi:23: error: pasting ""SOFTWARE\\WOW6432Node\\OpenSSL"" and ""-"" does not give a valid preprocessing token
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26566)
Viktor Dukhovni [Thu, 27 Mar 2025 01:34:50 +0000 (12:34 +1100)]
Avoid potential double-free with duplicated hybrid ML-KEM keys
Issue reported by Apple Inc on 2025-03-26.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27173)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27176)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27176)
JiashengJiang [Wed, 26 Mar 2025 21:40:16 +0000 (17:40 -0400)]
apps/lib/apps.c: Add a check for OPENSSL_strdup()
Add a check for the return value of OPENSSL_strdup() to guarantee the success of allocation, similar to the other call sites.
Fixes: c7d5ea2670 ("Prepare to detect index changes in OCSP responder.") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27172)
Viktor Dukhovni [Thu, 27 Mar 2025 07:58:37 +0000 (18:58 +1100)]
Fix goto label indents to match style
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27175)
Julian Zhu [Thu, 27 Feb 2025 08:55:53 +0000 (16:55 +0800)]
RISC-V: Provide optimized SHA-256 implementation using Zbb extension
Signed-off-by: Julian Zhu <julian.oerv@isrc.iscas.ac.cn> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27011)
Julian Zhu [Thu, 27 Feb 2025 09:10:18 +0000 (17:10 +0800)]
RISC-V: Provide optimized SHA-512 implementation using Zbb extension
Signed-off-by: Julian Zhu <julian.oerv@isrc.iscas.ac.cn> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27161)
Julian Zhu [Thu, 27 Feb 2025 09:08:39 +0000 (17:08 +0800)]
RISC-V: Add Zbb rori opcode in riscv.pm
Signed-off-by: Julian Zhu <julian.oerv@isrc.iscas.ac.cn> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27161)
Bernd Edlinger [Tue, 25 Mar 2025 15:57:32 +0000 (16:57 +0100)]
Fix quic_multistream_test: correct more frame types
There are a few more critical frame injections that
previously created an out-of-diskspace problem
and now only a CI test failure. The pattern
in the qlog files is always similar to this:
sashan [Wed, 26 Mar 2025 08:37:01 +0000 (09:37 +0100)]
Use OPENSSL_strdup() for strings freed by OPENSSL_free()
Things can get messy when application decides to use it's own memory
allocation functions using CRYPTO_set_mem_functions(3ossl)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27163)
Used RAND_priv_bytes_ex instead of RAND_bytes_ex to guarantee higher isolation
for cryptographic keys.
Replaced OPENSSL_free with OPENSSL_clear_free to wipe sensitive data and free
it.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/27029)
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27098)
Neil Horman [Wed, 26 Mar 2025 15:17:31 +0000 (11:17 -0400)]
Extend backoff period in noisydgram BIO users
Initially tests that were written which make use of the noisy dgram BIO,
were done under the assumption that, despite any packet mangling done by
the noisy dgram bio, the connection would still be established. This
was initiall guaranteed by configuring the BIO to avoid
corrupting/dropping/duplicating/re-injecting the first packet received,
thus ensuring that the client and server hello frames would make it to
the peer successfully.
This implicitly made the assumption that the client and server hellos
were contained within a single datagram, which until recently was true.
However, with the introduction of ML-KEM keyshares, the above assumption
no longer holds. Large ML-KEM keyshares generally expand these TLS
messages accross multiple datagrams, and so it is now possible that
those initial records can become corrupted/lost etc, leading to
unexpected connection failures.
Lets fix it by restoring the guarantee that these tests were written
under by making the backoff time configurable to a number of frames, and
configuring the quic connection objects used in the test to not drop the
first two initial frames, once again guaranteeing that the client and
server hello arrive at the peer uncorrupted, so that we get a good
connection established.
Fixes #27103
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27169)
Neil Horman [Sun, 16 Mar 2025 15:34:14 +0000 (11:34 -0400)]
Update dead links and e-mails our sources
http://www.openssl.org/~appro/cryptogams/ is 404, update to
https://github.com/dot-asm/cryptogams/
And clean up the boiler plate text around it.
Replace stray usage of appro@openssl.org with github url. The email in
question here is no longer valid, replace it with the corresponding
github id for the user.
Replace <appro\@fy.chalmers.se> with <https://github.com/dot-asm>
Fix lots more dead emails addresses that we missed
Remove reference urls that no longer exist. Just delete urls that
404 now, and have no obvious new link.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/27073)
Chase Killorin [Wed, 5 Mar 2025 19:44:58 +0000 (14:44 -0500)]
Removed duplicates in some man pages
Fixes openssl/openssl#11748
find-doc-nits: Check for duplicate options
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27088)
Andrey Tsygunka [Thu, 20 Mar 2025 14:45:23 +0000 (17:45 +0300)]
Fix return value of the i2d_ASN1_bio_stream() call
If the flags argument does not contain the SMIME_STREAM bit,
the i2d_ASN1_bio_stream() function always returns 1,
ignoring the result of the ASN1_item_i2d_bio() call.
Fix the return value to the result of the ASN1_item_i2d_bio()
call for this case.
CLA: trivial
Signed-off-by: Andrey Tsygunka <aitsygunka@yandex.ru> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27106)
Viktor Dukhovni [Sun, 23 Mar 2025 13:29:38 +0000 (00:29 +1100)]
In s_client report 'long' certificate sigalg name
This matches the sigalg output format of X509_signature_print(3).
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27130)
Tomas Mraz [Tue, 25 Mar 2025 09:16:30 +0000 (10:16 +0100)]
Update provider compatibility CI to run on 3.5 branch
Also drop 3.1 development branch as it is out of public support now.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27149)
Richard Levitte [Mon, 24 Mar 2025 05:25:01 +0000 (06:25 +0100)]
In doc/man7/provider-{en,de}coder.pod, clarify where properties are defined
Fixes #27126
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27132)
Bernd Edlinger [Mon, 24 Mar 2025 22:03:16 +0000 (23:03 +0100)]
Fix a visual glitch in test_cms.t
the newline in the newly added subtest names somehow
creates another small visual glitch in the test output,
that looks like:
80-test_cms.t .. 30/?
80-test_cms.t .. ok
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/27145)
jay9827342 [Fri, 21 Mar 2025 09:39:49 +0000 (09:39 +0000)]
Memory leak fix ktls_meth.c
The OSSL_RECORD_LAYER needs to be properly freed when return code isnt success.
Memory leak fix
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27111)
Viktor Dukhovni [Sun, 23 Mar 2025 07:50:39 +0000 (18:50 +1100)]
Report IANA sigalg name in s_client
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27128)
Andrey Tsygunka [Wed, 19 Mar 2025 11:53:02 +0000 (14:53 +0300)]
Fix NULL pointer dereference in `asn1_ex_i2c()`, crypto/asn1/tasn_enc.c
Adds handling of V_ASN1_UNDEF to avoid NULL dereference
in case ASN1 structure contains an element of type ASN1_TYPE
without initializing its value (i.e. default constructed)
CLA: trivial
Signed-off-by: Andrey Tsygunka <aitsygunka@yandex.ru> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27100)
projects / thirdparty / openssl.git / log
