use '__builtin_expect' to improve EVP_EncryptUpdate performance for gcc/clang.
Signed-off-by: Liu-ErMeng <liuermeng2@huawei.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21425)
EVP_PKEY_{en,de}capsulate.pod: fix glitches and add some detail and hints
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21397)
Matt Caswell [Tue, 4 Jul 2023 15:28:41 +0000 (16:28 +0100)]
Add an SSL BIO test for QUIC
We create an SSL BIO using a QUIC based SSL_CTX and then use that BIO
to create a connection and read/write data from streams.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21367)
Matt Caswell [Mon, 10 Jul 2023 10:12:50 +0000 (11:12 +0100)]
Fix test_quic_write_read()
Fix the "test 2" case of test_quic_write_read(). It is intended to be run
in blocking mode.
The result of a bad interaction between #21087 and #21332
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21409)
CMP: support specifying certificate to be revoked via issuer and serial number
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21116)
Hugo Landau [Thu, 6 Jul 2023 19:25:26 +0000 (20:25 +0100)]
QUIC APL: Tick on SSL_read failure in non-blocking mode
...
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21381)
Tomas Mraz [Fri, 7 Jul 2023 11:53:58 +0000 (13:53 +0200)]
Edit question template to direct users to GH Discussions
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21393)
Tomas Mraz [Wed, 31 May 2023 20:03:03 +0000 (22:03 +0200)]
QUIC err handling: Add multi-stream test
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
Tomas Mraz [Wed, 31 May 2023 18:27:29 +0000 (20:27 +0200)]
Test OSSL_ERR_STATE_save/restore()
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
Tomas Mraz [Tue, 30 May 2023 20:14:58 +0000 (22:14 +0200)]
QUIC err handling: Save and restore error state
We save the error state from the thread that encountered
a permanent error condition caused by system or internal
error to the QUIC_CHANNEL.
Then we restore it whenever we are returning to a user
call when protocol is shutdown.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
Tomas Mraz [Fri, 26 May 2023 13:54:56 +0000 (15:54 +0200)]
QUIC err handling: Properly report network errors
We return SSL_ERROR_SYSCALL when network error is encountered.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
Matt Caswell [Thu, 6 Jul 2023 10:20:36 +0000 (11:20 +0100)]
Don't build the QUIC ssl trace when DH is disabled
The test assumes certain options are on/off. DH must be on for this test.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21373)
Matt Caswell [Thu, 6 Jul 2023 09:15:25 +0000 (10:15 +0100)]
Don't run the ssl trace test if no-ecx
no-ecx causes SSL_trace to give different output. The test compares
the output to a reference sample - so we disable it in the case of no-ecx.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21372)
Matt Caswell [Thu, 6 Jul 2023 09:05:50 +0000 (10:05 +0100)]
Fix a no-ecx failure in test_tls13hrr
In the case of no-ecx test 3 in test_tls13hrr was failing because it was
setting the server side support groups to on P-256 in order to induce an
HRR. However with no-ecx the client insteads issues an initial key share
using P-256 anyway and so an HRR is not used. We swap to use P-384 instead.
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21372)
Matt Caswell [Mon, 3 Jul 2023 15:58:46 +0000 (16:58 +0100)]
Allow qtestlib to use a "fake_now" implementation
We then use it in test_corrupted_data() to remove an OSSL_sleep() which
may fail in some builds.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Mon, 3 Jul 2023 14:31:49 +0000 (15:31 +0100)]
Work around relocation errors in the m68k cross-compilation builds
Errors such as this seen:
libssl.a(libssl-lib-ssl_stat.o): in function `SSL_alert_desc_string_long':
ssl_stat.c:(.text+0xab2): relocation truncated to fit: R_68K_GOT16O against `.LC157'
test/libtestutil.a(libtestutil-lib-opt.o): in function `opt_pair':
opt.c:(.text+0x10b2): relocation truncated to fit: R_68K_GOT16O against `.LC53'
test/libtestutil.a(libtestutil-lib-opt.o): in function `opt_string':
opt.c:(.text+0x113c): relocation truncated to fit: R_68K_GOT16O against `.LC53'
libcrypto.a(libcrypto-lib-decoder_lib.o): in function `OSSL_DECODER_CTX_set_construct_data':
decoder_lib.c:(.text+0x5a4): relocation truncated to fit: R_68K_GOT16O against `__func__.2'
libcrypto.a(libcrypto-lib-decoder_pkey.o): in function `ossl_decoder_ctx_setup_for_pkey':
decoder_pkey.c:(.text+0x6c2): relocation truncated to fit: R_68K_GOT16O against `decoder_construct_pkey'
libcrypto.a(libcrypto-lib-tb_dsa.o): in function `ENGINE_register_DSA':
tb_dsa.c:(.text+0x5e): relocation truncated to fit: R_68K_GOT16O against `dummy_nid'
libcrypto.a(libcrypto-lib-tb_dsa.o): in function `ENGINE_set_default_DSA':
tb_dsa.c:(.text+0xc4): relocation truncated to fit: R_68K_GOT16O against `dummy_nid'
libcrypto.a(libcrypto-lib-asymcipher.o): in function `.L18':
asymcipher.c:(.text+0x168): relocation truncated to fit: R_68K_GOT16O against `__func__.0'
asymcipher.c:(.text+0x2e8): relocation truncated to fit: R_68K_GOT16O against `__func__.0'
asymcipher.c:(.text+0x33e): relocation truncated to fit: R_68K_GOT16O against `__func__.0'
libcrypto.a(libcrypto-lib-digest.o): in function `EVP_MD_CTX_ctrl':
digest.c:(.text+0xa52): additional relocation overflows omitted from the output
collect2: error: ld returned 1 exit status
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Mon, 3 Jul 2023 13:44:46 +0000 (14:44 +0100)]
Fix no-thread-pool building
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Fri, 30 Jun 2023 15:50:47 +0000 (16:50 +0100)]
Skip the QUIC ssltrace test under certain config options
Various options disturb the output expected from the ssl trace test, so we
skip it if necessary.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Fri, 30 Jun 2023 15:40:41 +0000 (16:40 +0100)]
Use %llx not %lx for uint64_t
Some compilers don't like %lx
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Fri, 30 Jun 2023 15:34:48 +0000 (16:34 +0100)]
Don't compile quic_thread_assist.c on OPENSSL_NO_QUIC_THREAD_ASSIST
If OPENSSL_NO_QUIC_THREAD_ASSIST is defined then we don't have the right
support for QUIC thread assisted mode so don't attempt to compile that
code.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Fri, 30 Jun 2023 15:27:29 +0000 (16:27 +0100)]
Disable QUIC if TLSv1.3 is disabled
QUIC depends on TLSv1.3, so if the latter is disabled then we must do
the same for QUIC.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
Matt Caswell [Fri, 30 Jun 2023 14:56:13 +0000 (15:56 +0100)]
Enable QUIC by default
Ensure builds enable QUIC without explicitly having to ask for it. To
disable QUIC pass "no-quic" to Configure.
As a result we can remove all use of "enable-quic" from the various CI
runs.
We also add a CHANGES and NEWS entry for QUIC support.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21332)
riscv: Clarify dual-licensing wording for GCM and AES
The original text for the Apache + BSD dual licensing for riscv GCM and AES
perlasm was taken from other openSSL users like crypto/crypto/LPdir_unix.c .
Though Eric pointed out that the dual-licensing text could be read in a
way negating the second license [0] and suggested to clarify the text
even more.
So do this here for all of the GCM, AES and shared riscv.pm .
We already had the agreement of all involved developers for the actual
dual licensing in [0] and [1], so this is only a better clarification
for this.
Signed-off-by: Heiko Stuebner <heiko.stuebner@vrull.eu> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21357)
Hugo Landau [Mon, 3 Jul 2023 15:24:54 +0000 (16:24 +0100)]
Rework options handling
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 3 Jul 2023 14:54:07 +0000 (15:54 +0100)]
Simplify QUIC API masking
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 3 Jul 2023 07:17:48 +0000 (08:17 +0100)]
Update SSL options handling
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Thu, 29 Jun 2023 12:48:57 +0000 (13:48 +0100)]
Minor updates
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Wed, 28 Jun 2023 20:03:47 +0000 (21:03 +0100)]
QUIC: Fix multistream test 19
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Wed, 28 Jun 2023 18:55:19 +0000 (19:55 +0100)]
make update
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Wed, 28 Jun 2023 18:51:09 +0000 (19:51 +0100)]
Remove unused server code
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 26 Jun 2023 12:47:03 +0000 (13:47 +0100)]
Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:36:42 +0000 (15:36 +0000)]
QUIC SSL: Block SSL_clear
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:36:07 +0000 (15:36 +0000)]
QUIC SSL: Block SSL_dup
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:35:05 +0000 (15:35 +0000)]
QUIC SSL: SSL_set_quiet_shutdown
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:32:52 +0000 (15:32 +0000)]
QUIC SSL: Version setting restrictions
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:32:18 +0000 (15:32 +0000)]
QUIC SSL: Forbid pipeline-related operations
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:29:16 +0000 (15:29 +0000)]
QUIC SSL: SSL_set_fd for BIO_s_datagram
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:28:40 +0000 (15:28 +0000)]
QUIC SSL: HelloRetryRequest
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:27:50 +0000 (15:27 +0000)]
QUIC SSL: Buffer Management
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:27:01 +0000 (15:27 +0000)]
QUIC SSL: Prohibit early data functionailty
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:25:25 +0000 (15:25 +0000)]
QUIC SSL: Prohibit readahead-related functions
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:24:17 +0000 (15:24 +0000)]
QUIC: Implement SSL_has_pending
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:22:41 +0000 (15:22 +0000)]
QUIC: Implement SSL_rstate_string(_long)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:21:57 +0000 (15:21 +0000)]
QUIC: Prohibit post-handshake auth
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:21:29 +0000 (15:21 +0000)]
QUIC: Control SSL option setting
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:20:20 +0000 (15:20 +0000)]
QUIC: Forbid NPN
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:20:05 +0000 (15:20 +0000)]
QUIC: Forbid non-QUIC ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:18:55 +0000 (15:18 +0000)]
QUIC TLS: Prohibit SRTP-related calls for QUIC TLS
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Hugo Landau [Mon, 16 Jan 2023 15:18:12 +0000 (15:18 +0000)]
QUIC SSL Behaviours: Allow detection of an SSL connection used for QUIC handshake
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
Tomas Mraz [Fri, 30 Jun 2023 19:53:30 +0000 (21:53 +0200)]
80-test_ssl_new.t: Test 14-curves.cnf depends on enabled DH now
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21336)
Tomas Mraz [Fri, 30 Jun 2023 19:48:29 +0000 (21:48 +0200)]
Reorganize runchecker jobs
Put jobs that are more likely to fail to on pull request CI.
To compensate move some less likely to fail jobs to on push and
daily CI jobs.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21336)
Tomas Mraz [Fri, 30 Jun 2023 16:12:00 +0000 (18:12 +0200)]
70-test_tls13hrr.t: Use P-521 instead of X25519 for invalid group test
Otherwise this testcase won't work with no-ecx.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21333)
Todd Short [Fri, 30 Jun 2023 21:28:16 +0000 (17:28 -0400)]
Update .gitignore with LSP files
This does not provide files for LSP support, but ignores them so they
aren't accidentally checked in by developers.
LSP (Language Server Protocol) is a tools that can be used with various
editors to make navigating source code easier. It is more advanced than
`cscope` and supports completion, for example.
A common LSP for C/C++ is `clangd`, and it creates a `.cache` directory
within the project to store data.
The tool `bear` can be used with `make` to assist `clangd` in
determining where the source code is (specifically headers). This is
critical as OpenSSL uses the `<>` form of `#include` rather than the
`""` form. The `<>` form will cause `clangd` to look in e.g.
`/usr/include` for header files, rather than `include/openssl`. The
`bear` tool will create `compile_commands.json` that `clangd` can use
to find include files.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21338)
ret in ossl_config_int() only used to check return value of
CONF_modules_load_file(), should set it to 1 if in UEFI system.
Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21300)
Duncan Thomson [Wed, 28 Jun 2023 21:02:26 +0000 (22:02 +0100)]
Fix OSSL_PROVIDER_try_load() retain_fallbacks doc
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21319)
Jakub Wilk [Wed, 28 Jun 2023 20:17:00 +0000 (22:17 +0200)]
openssl-rsautl.pod: Add missing comma
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21318)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21322)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21322)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21322)
Sam James [Wed, 26 Apr 2023 00:04:09 +0000 (01:04 +0100)]
CI: add GCC 13
Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20961)
Matt Caswell [Tue, 27 Jun 2023 09:23:47 +0000 (10:23 +0100)]
Fix typos in s_client
There was some typos of OPENSS_NO_QUIC (should be OPENSSL_NO_QUIC) in
s_client
Fixes #21291
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21293)
Tomas Mraz [Wed, 28 Jun 2023 14:55:57 +0000 (16:55 +0200)]
Do not use stitched AES-GCM implementation on PPC32
The implementation is not usable there at all.
Fixes #21301
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21312)
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21232)
Jörg Sommer [Thu, 15 Jun 2023 16:16:49 +0000 (18:16 +0200)]
openssl speed -multi -evp prints wrong algorithm name
When running `openssl speed -evp md5` the result shows `md5` as algorithm
name. But when adding the option `-multi 2` it gives `evp` as algorithm
name.
Signed-off-by: Jörg Sommer <joerg@jo-so.de> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21216)
projects / thirdparty / openssl.git / log
