Fixes (#24517):
(3/3) Addresses the potential deadlock if an error occurs from up_ref
in functions ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, and
ENGINE_get_prev in file crypto/engine/eng_list.c
CLA: trivial
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24780)
Richard Levitte [Mon, 1 Jul 2024 13:28:39 +0000 (15:28 +0200)]
fix: remove some odd empty lines
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24776)
Richard Levitte [Mon, 1 Jul 2024 13:28:14 +0000 (15:28 +0200)]
fix: openssl speed: RSA encryption is on the pubkey, not the privkey
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24776)
In case of zero-length input the code wrote one byte
before the start of the output buffer. The length
of the output was also reported incorrectly in this case.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24770)
JohnnySavages [Thu, 27 Jun 2024 01:59:52 +0000 (21:59 -0400)]
Check EC_GROUP_get0_order result before dereference
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24755)
Richard Levitte [Thu, 27 Jun 2024 06:30:28 +0000 (08:30 +0200)]
OpenSSL::Test: Avoid running IPv6 related tests if IPv6 was explicitly disabled
It's possible to disable IPv6 explicitly when configuring OpenSSL. In that
case, IPv6 related tests should be skipped.
This is solved by having OpenSSL::Test::Utils::have_IPv6() check configuration
first, before trying to determine if the machine supports IPv6.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24748)
Pauli [Thu, 27 Jun 2024 00:08:05 +0000 (10:08 +1000)]
Clarify DRBG seeding.
There is a legacy code path that OpenSSL won't use anymore but applications
could. Add a comment indicating this to avoid confusion for people not
intimately conversant with the nuances in the RNG code.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24745)
sanumesh [Tue, 11 Jun 2024 14:47:07 +0000 (09:47 -0500)]
Add aix-clang and aix64-clang configuration
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24609)
sgzmd [Tue, 25 Jun 2024 14:53:32 +0000 (15:53 +0100)]
Free appname if it was set after initializing crypto.
Fixes #24729
CLA: trivial
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24730)
Vita Batrla [Tue, 25 Jun 2024 09:58:49 +0000 (11:58 +0200)]
docs: document that *_free(NULL) does nothing
Explicitly documents that *_free(NULL) does nothing.
Fixes two cases where that wasn't true.
Fixes #24675.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24735)
Matt Caswell [Fri, 21 Jun 2024 13:29:26 +0000 (14:29 +0100)]
Add a test for an empty NextProto message
It is valid according to the spec for a NextProto message to have no
protocols listed in it. The OpenSSL implementation however does not allow
us to create such a message. In order to check that we work as expected
when communicating with a client that does generate such messages we have
to use a TLSProxy test.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 21 Jun 2024 09:41:55 +0000 (10:41 +0100)]
Correct return values for tls_construct_stoc_next_proto_neg
Return EXT_RETURN_NOT_SENT in the event that we don't send the extension,
rather than EXT_RETURN_SENT. This actually makes no difference at all to
the current control flow since this return value is ignored in this case
anyway. But lets make it correct anyway.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:22:13 +0000 (11:22 +0100)]
Use correctly formatted ALPN data in tserver
The QUIC test server was using incorrectly formatted ALPN data. With the
previous implementation of SSL_select_next_proto this went unnoticed. With
the new stricter implemenation it was failing.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:18:27 +0000 (11:18 +0100)]
More correctly handle a selected_len of 0 when processing NPN
In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but
the selected_len is 0 we should fail. Previously this would fail with an
internal_error alert because calling OPENSSL_malloc(selected_len) will
return NULL when selected_len is 0. We make this error detection more
explicit and return a handshake failure alert.
Follow on from CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Matt Caswell [Fri, 31 May 2024 10:14:33 +0000 (11:14 +0100)]
Fix SSL_select_next_proto
Ensure that the provided client list is non-NULL and starts with a valid
entry. When called from the ALPN callback the client list should already
have been validated by OpenSSL so this should not cause a problem. When
called from the NPN callback the client list is locally configured and
will not have already been validated. Therefore SSL_select_next_proto
should not assume that it is correctly formatted.
We implement stricter checking of the client protocol list. We also do the
same for the server list while we are about it.
CVE-2024-5535
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)
Richard Levitte [Thu, 20 Jun 2024 12:30:16 +0000 (14:30 +0200)]
Give util/mkinstallvars.pl more fine grained control over var dependencies
Essentially, we try to do what GNU does. 'prefix' is used to define the
defaults for 'exec_prefix' and 'libdir', and these are then used to define
further directory values. util/mkinstallvars.pl is changed to reflect that
to the best of our ability.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24687)
erbsland-dev [Sat, 22 Jun 2024 07:14:25 +0000 (09:14 +0200)]
bio_ssl.c: Do not call SSL_shutdown if not inited
Fixes #4545
If free is called for an SSL BIO that is in initialization phase,
the `SSL_shutdown` call is omitted.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24705)
Fix usage of deallocated EVP_RAND_CTX after execution of FIPS on-demand self tests
Once RNG is used, triggering FIPS on-demand self tests (via
OSSL_PROVIDER_self_test() API) crashes the application. This happens because the
RNG context is stored before self tests, and restored after their execution.
In the meantime - before context restoration - RAND_set0_private() function is
called, which decrements the stored RNG context reference counter and frees it.
To resolve the issue, the stored RNG context refcount has been incremented via
the EVP_RAND_CTX_up_ref() API to avoid its deallocation during the RNG context
switch performed by the self test function.
The provider_status_test test has been updated to reproduce the issue as
a regression test.
Signed-off-by: Karol Brzuskiewicz <kabr@arista.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24599)
Tomas Mraz [Wed, 19 Jun 2024 15:40:21 +0000 (17:40 +0200)]
Allow calling OPENSSL_INIT_free() with NULL argument
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24681)
Richard Levitte [Wed, 19 Jun 2024 06:06:45 +0000 (08:06 +0200)]
[DOCS] Correct history in doc/man3/OSSL_STORE_LOADER.pod
Bulk editing had history wrongly specify current functions as deprecated,
among other small errors.
Fixes #24678
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24680)
Tomas Mraz [Mon, 17 Jun 2024 14:48:26 +0000 (16:48 +0200)]
Fix regression of EVP_PKEY_CTX_add1_hkdf_info() with older providers
If there is no get_ctx_params() implemented in the key exchange
provider implementation the fallback will not work. Instead
check the gettable_ctx_params() to see if the fallback should be
performed.
Fixes #24611
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24661)
Robert Schulze [Wed, 19 Jun 2024 08:40:16 +0000 (08:40 +0000)]
Incorporate more review feedback
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Robert Schulze [Tue, 18 Jun 2024 20:31:14 +0000 (20:31 +0000)]
Incorporate review feedback
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Robert Schulze [Tue, 18 Jun 2024 14:43:26 +0000 (14:43 +0000)]
Fix data race between SSL_SESSION_list_add and ssl_session_dup
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Tomas Mraz [Mon, 17 Jun 2024 10:19:45 +0000 (12:19 +0200)]
Add test for ASN1_item_verify()
This is a test for https://github.com/openssl/openssl/issues/24575
Original idea by Theo Buehler.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24576)
Tomas Mraz [Thu, 6 Jun 2024 13:36:00 +0000 (15:36 +0200)]
ASN1_item_verify_ctx(): Return -1 on fatal errors
Fixes #24575
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24576)
Tomas Mraz [Mon, 17 Jun 2024 10:35:39 +0000 (12:35 +0200)]
Add CHANGES.md entry for the EC/DSA nonce generation fixes
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24660)
Neil Horman [Mon, 17 Jun 2024 18:12:46 +0000 (14:12 -0400)]
Some minor nit corrections in the thread code for rcu
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24630)
Neil Horman [Mon, 15 Apr 2024 20:56:29 +0000 (16:56 -0400)]
Make rcu_thread_key context-aware
Currently, rcu has a global bit of data, the CRYPTO_THREAD_LOCAL object
to store per thread data. This works in some cases, but fails in FIPS,
becuase it contains its own copy of the global key.
So
1) Make the rcu_thr_key a per-context variable, and force
ossl_rcu_lock_new to be context aware
2) Store a pointer to the context in the lock object
3) Use the context to get the global thread key on read/write lock
4) Use ossl_thread_start_init to properly register a cleanup on thread
exit
5) Fix up missed calls to OSSL_thread_stop() in our tests
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24630)
Fix handling of max_fragment_length extension for PSK
A psk session was assumed to be a resumption which failed a check
when parsing the max_fragment_length extension hello from the client.
Relevant code from PR#18130 which was a suggested fix to the issue
was cherry-picked.
Fixes #18121
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24513)
Jaime Hablutzel [Mon, 17 Jun 2024 16:40:08 +0000 (11:40 -0500)]
Fix typo in openssl-verification-options documentation.
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24662)
CMP app: fix combination of -certout and -chainout with equal filename argument
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24267)
Tomas Mraz [Thu, 11 Apr 2024 09:34:57 +0000 (11:34 +0200)]
test/prov_config_test.c: Cleanup and fix potential leaks
Fixes #24106
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24107)
Fix memory leak on error in crypto/conf/conf_mod.c
Fixes #24111
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24119)
sanumesh [Tue, 28 May 2024 17:46:52 +0000 (12:46 -0500)]
enable AES-XTS optimization for AIX
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24518)
Disable 70-test_quic_multistream.t when building with PUT threads.
The test recipe includes a TEST_skip when OpenSSL is built with _PUT_MODEL_
based on design assumptions for QUIC and incompatibility with PUT wrapper
methods.
Fixes: #24442 Fixes: #24431 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24468)
Tomas Mraz [Mon, 3 Jun 2024 14:46:41 +0000 (16:46 +0200)]
Update CHANGES.md and NEWS.md for the upcoming release
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24549)
Gerd Hoffmann [Wed, 22 May 2024 11:11:09 +0000 (13:11 +0200)]
uefi: move variables
Fixes "unused variable" warnings with OPENSSL_SYS_UEFI.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24459)
Gerd Hoffmann [Wed, 22 May 2024 08:18:52 +0000 (10:18 +0200)]
uefi: add typedef for uintptr_t
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24459)
Amir Mohammadi [Wed, 22 May 2024 16:18:51 +0000 (19:48 +0330)]
Fix potential memory leak in test_bad_dtls
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24464)
sanumesh [Mon, 27 May 2024 10:00:00 +0000 (05:00 -0500)]
threads_pthread.c: change inline to ossl_inline
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24502)
Matt Caswell [Fri, 26 Apr 2024 10:05:52 +0000 (11:05 +0100)]
Move the ability to load the dasync engine into ssltestlib.c
The sslapitest has a helper function to load the dasync engine which is
useful for testing pipelining. We would like to have the same facility
from sslbuffertest, so we move the function to the common location
ssltestlib.c
Follow on from CVE-2024-4741
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)
Matt Caswell [Tue, 23 Apr 2024 15:34:46 +0000 (16:34 +0100)]
Only free the read buffers if we're not using them
If we're part way through processing a record, or the application has
not released all the records then we should not free our buffer because
they are still needed.
CVE-2024-4741
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)
Added an explicit yield (OP_SLEEP) to QUIC testing for cooperative threading.
Fixes: #24442 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24443)
Hongren Zheng [Thu, 16 May 2024 08:41:25 +0000 (16:41 +0800)]
fips provider: explicitly setup cpuid when initializing
Fixes: #23979
Previously fips module relied on OPENSSL_cpuid_setup
being used as constructor by the linker to correctly
setup the capability vector, either via .section .init
(for x86_64) or via __attribute__((constructor)).
This would make ld.so call OPENSSL_cpuid_setup before
the init function for fips module. However, this early
constructing behavior has several disadvantages:
1. Not all platform/toolchain supports such behavior
2. Initialisation sequence is not well defined, and
some function might not be initialized when cpuid_setup
is called
3. Implicit path is hard to maintain and debug
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24419)
Tomas Mraz [Wed, 8 May 2024 13:23:45 +0000 (15:23 +0200)]
Check DSA parameters for excessive sizes before validating
This avoids overly long computation of various validation
checks.
Fixes CVE-2024-4603
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)
Liu-Ermeng [Mon, 8 Jan 2024 04:01:29 +0000 (20:01 -0800)]
fix sm2 encryption implementation bug.
According to the "GB/T 32918.4-2016"
section 6.1 encryption, step A5:
If result of the "KDF" is all zeros, we should go back to
the begin(step A1).
section 7.1 decryption, step B4:
If result of the "KDF" is all zeros, we should raise error and exit.
Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23210)
Jacob Champion [Mon, 6 May 2024 16:50:11 +0000 (09:50 -0700)]
Add reason codes with the correct offset for two alerts
Fixes #24300. The current values of SSL_R_NO_APPLICATION_PROTOCOL and
SSL_R_PSK_IDENTITY_NOT_FOUND don't allow for a correct lookup of the
corresponding reason strings.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24351)
Georgi Valkov [Fri, 3 May 2024 04:51:08 +0000 (07:51 +0300)]
threads_win: fix build error with VS2010
VC 2010 or earlier compilers do not support static inline.
To work around this problem, we can use the ossl_inline macro.
Fixes:
crypto\threads_win.c(171) : error C2054: expected '(' to follow 'inline'
crypto\threads_win.c(172) : error C2085: 'get_hold_current_qp' : not in formal parameter list
crypto\threads_win.c(172) : error C2143: syntax error : missing ';' before '{'
crypto\threads_win.c(228) : warning C4013: 'get_hold_current_qp' undefined; assuming extern returning int
crypto\threads_win.c(228) : warning C4047: '=' : 'rcu_qp *' differs in levels of indirection from 'int'
Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24370)
Daiki Ueno [Mon, 13 May 2024 00:07:57 +0000 (09:07 +0900)]
doc: Fix description of EVP_CIPHER_CTX_dup
This fixes a couple of copy and paste error from EVP_MD_CTX_dup,
where: EVP_CIPHER_CTX_dup is useful to avoid multiple
EVP_CIPHER_fetch (instead of EVP_MD_fetch) and returns
EVP_CIPHER_CTX (instead of EVP_MD_CTX).
Signed-off-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24376)
Georgi Valkov [Sat, 4 May 2024 08:24:08 +0000 (11:24 +0300)]
quic_multistream_test: fix undefined symbol snprintf with VS2010
As snprintf is not available everywhere, use BIO_snprintf instead.
Fixes:
IF EXIST test\quic_multistream_test.exe.manifest DEL /F /Q test\quic_multistream_test.exe.manifest
"link" /nologo /debug setargv.obj /subsystem:console /opt:ref /nologo /debug @V:\_tmp\nm4.tmp
quic_multistream_test-bin-quic_multistream_test.obj : error LNK2019: unresolved external symbol _snprintf referenced in function _helper_init
test\quic_multistream_test.exe : fatal error LNK1120: 1 unresolved externals
NMAKE : fatal error U1077: '"E:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\BIN\link.EXE"' : return code '0x460'
Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24369)
Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24350)
Huiyue Xu [Thu, 9 Nov 2023 02:54:02 +0000 (10:54 +0800)]
Add linux-arm64ilp32-clang target
While clang 15 config target by '--target', not cannot support
'-mabi=ilp32', so add the linux-arm64ilp32-clang target.
Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22666)
projects / thirdparty / openssl.git / log
