Neil Horman [Thu, 11 Dec 2025 15:31:32 +0000 (10:31 -0500)]
Remove crypto-mdebug-backtrace option from config
We still build with crypto-mdebug-backtrace enabled in a few ci jobs,
but it does nothing.
With the upcoming merge of feature/removesslv3, the code changes there
prevent the use of this option (i.e. enabling it results in
configuration failure).
It seems the most sensible thing to do here, given we have a major
release is to eliminate the option entirely, as it hasn't done anything
since 1.0.2.
Fixes openssl/project#1763
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29380)
Daniel Kubec [Wed, 10 Dec 2025 23:26:46 +0000 (00:26 +0100)]
CONF_modules_load_file.pod: The ssl_module no longer uses global data
Remove the paragraph that is no longer relevant.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29374)
Daniel Kubec [Wed, 10 Dec 2025 12:57:40 +0000 (13:57 +0100)]
ASN1: Reject negative BIGNUM components
In the ASN.1 structures we define the BIGNUM as positive and enforce
this during parsing. If the encoded value is negative, we raise an error
and reject the material.
Fixes #29210
Fixes #27407
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29370)
Matt Caswell [Wed, 3 Dec 2025 10:38:56 +0000 (10:38 +0000)]
Remove support for custom cipher methods
Custom cipher methods are considered legacy and have been deprecated
since 3.0. With the removal of ENGINEs they become a lot less useful
and add significant complexity to the code. We should therefore remove
them in 4.0.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29299)
Simo Sorce [Fri, 21 Nov 2025 21:08:35 +0000 (16:08 -0500)]
Fail serialization of finalized MD contexts
Add tests to verify that `EVP_MD_CTX_serialize` and
`EVP_MD_CTX_deserialize` fail when called on a finalized `EVP_MD_CTX`.
A finalized context is in a terminal state and should not be serializable for
resumption or have a new state deserialized into it. These tests confirm the
expected failure behavior.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28837)
Simo Sorce [Mon, 20 Oct 2025 22:46:45 +0000 (18:46 -0400)]
Use generated param decoders in SHA provider
Refactor the SHA provider's context parameter handling in sha2_prov.c to use
the generated parameter decoder framework.
This change replaces manual parameter lookups using `OSSL_PARAM_locate` and
static `OSSL_PARAM` arrays with generated decoder functions and structs. A new
template, `sha2_prov.inc.in`, is added to create the necessary decoders during
the build.
This simplifies the code, reduces boilerplate, and improves type safety.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28837)
Simo Sorce [Fri, 10 Oct 2025 17:47:38 +0000 (13:47 -0400)]
Add EVP_MD_CTX serialization for SHA3/SHAKE
Implement context serialization and deserialization for the SHA3, KECCAK,
SHAKE, and KMAC provider-based digests.
This is achieved by handling the `OSSL_DIGEST_SERIALIZATION` parameter in
get_ctx_params and set_ctx_params. A custom format is used to store the KECCAK
state, including a magic number and an algorithm identifier to ensure the
context is not loaded into an incompatible digest instance.
This allows an EVP_MD_CTX to be saved and restored, which is useful for
applications that need to checkpoint hashing operations. The existing EVP
serialization tests have been extended to cover these new algorithms.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28837)
Simo Sorce [Thu, 9 Oct 2025 22:27:42 +0000 (18:27 -0400)]
Add serialization for SHA-2 digest contexts
This commit introduces the ability to serialize and deserialize the internal
state of SHA-2 digest contexts (SHA-256 and SHA-512 families).
This functionality is exposed via the new OSSL_DIGEST_SERIALIZATION parameter,
which can be used with EVP_MD_CTX_get_params() to retrieve the state and with
EVP_DigestInit_ex2() to restore it into a new context.
This allows an application to save the state of a hash operation and resume it
later, which is useful for process migration or for saving the state of long-
unning computations. A new test case has been added to verify this.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28837)
Simo Sorce [Thu, 20 Nov 2025 15:25:47 +0000 (10:25 -0500)]
Add EVP digest context serialization
This commit introduces two new functions, EVP_MD_CTX_serialize and
EVP_MD_CTX_deserialize, to the EVP digest API.
These functions allow an application to save the state of a digest
context (EVP_MD_CTX) and restore it later. This is useful for
checkpointing long-running computations, enabling them to be paused
and resumed without starting over.
The implementation adds the OSSL_FUNC_DIGEST_SERIALIZE and
OSSL_FUNC_DIGEST_DESERIALIZE dispatch functions for providers to
supply this functionality.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28837)
Bob Beck [Tue, 9 Dec 2025 16:01:16 +0000 (09:01 -0700)]
Add static_ASN1_SEQUENCE_END to the list of statment macros
This one is pretty special, we should ponder simplifying some of
the clever preprocessor stuff here, but for now..
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29359)
Matthias Kraft [Fri, 5 Dec 2025 16:52:28 +0000 (17:52 +0100)]
Enable send-/recvmmsg for AIX >= 7.2 and disable SUPPORT_LOCAL_ADDR.
AIX doesn't support this implementation for local addresses. The AF_INET
case is unimplemented when sending. The AF_INET6 case is limited to 110
messages. The limiting factor is currently unclear.
Fixes #29292
Signed-off-by: Matthias Kraft <Matthias.Kraft@ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29334)
Niels Dossche [Mon, 8 Dec 2025 14:17:56 +0000 (15:17 +0100)]
Fix memory leak in error path of ec_gen_init()
ec_gen_set_params() can fail after some big numbers have already been
copied over. Those need to be cleaned to avoid a memory leak on failure.
This can be done with ec_gen_cleanup(), which is also consistent in how
the ecx_gen code does it.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29335)
Viktor Dukhovni [Sat, 6 Dec 2025 04:04:36 +0000 (15:04 +1100)]
The return value of RSA_*_{en,de}crypt() is signed
The functions RSA_(public|private)_(en|de)crypt() return a signed
result, in particular `-1` may be returned on error, so the caller
MUST treat the value as signed.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29323)
George Wilson [Thu, 16 Oct 2025 15:41:26 +0000 (10:41 -0500)]
doc/man3: Add OPENSSL_ppccap.pod
This patch adds a man page documenting the OPENSSL_ppccap environment
variable that is analogous to capability environment variable man pages
for other architectures.
Fixes #17046
Signed-off-by: George Wilson <gcwilson@linux.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29230)
Joshua Rogers [Sat, 11 Oct 2025 22:19:29 +0000 (06:19 +0800)]
dtls: fix DTLSv1_listen msg_callback to report HelloVerifyRequest
DTLSv1_listen built the HelloVerifyRequest in wbuf but invoked
msg_callback with buf and DTLS1_RT_HEADER_LENGTH, and version 0.
That caused incorrect logging and could disclose the ClientHello
to write callbacks. Use wbuf and the actual record version for the
record header, and add a second callback that reports the handshake
message bytes. No change to on-wire behavior.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28916)
Joshua Rogers [Sat, 11 Oct 2025 06:19:28 +0000 (14:19 +0800)]
ktls_read_record(): Harden linux recv path
- drop tag subtraction in recv buffer sizing
- enforce MSG_EOR and reject MSG_CTRUNC
- zero prepended header bytes before recvmsg
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28861)
Carter Thaxton [Thu, 9 Oct 2025 02:20:25 +0000 (19:20 -0700)]
Fix regression when X509_V_FLAG_CRL_CHECK_ALL is set, while X509_V_FLAG_CRL_CHECK is clear
Fixes #28758
When X509_V_FLAG_CRL_CHECK is not set, the man pages document that X509_V_FLAG_CRL_CHECK_ALL is ignored.
Prior to 3.6.0, this was indeed the case.
In 3.6.0, the behavior changed, and setting X509_V_FLAG_CRL_CHECK_ALL began to imply X509_V_FLAG_CRL_CHECK.
This unfortunately breaks the majority of ruby installations, which relied on the documented behavior.
For consistency, this commit applies the same logic to the new X509_V_FLAG_OCSP_RESP_CHECK and X509_V_FLAG_OCSP_RESP_CHECK_ALL flags,
which are still undocumented as of 3.6.0.
All existing tests continue to pass. They also make the assumption that the xxx_CHECK_ALL flags are irrelevant unless xxx_CHECK is set.
We could add a new test for this regression. I'll leave that to another commit.
CLA: trivial
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28797)
Dmitry Misharov [Tue, 9 Dec 2025 16:39:14 +0000 (17:39 +0100)]
run codespell pre-commit hook on staged files only
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29360)
Neil Horman [Mon, 8 Dec 2025 18:22:05 +0000 (13:22 -0500)]
Only write to pdays/psecs if they are not null
We have a few cases in which one of the paramters passed to
ASN1_TIME_diff is null (i.e. the caller doesn't care about the psec
differnce and so passes NULL as that pointer parameter).
However, OPENSSL_gmtime_diff assumes both pointers are valid, and so
writes to them unilaterally resulting in a crash as observed here:
https://github.com/openssl/openssl/pull/29333#issuecomment-3628103959
Check the pointers before writing to them.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Norbert Pocs <norbertp@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29337)
Matt Caswell [Tue, 9 Dec 2025 12:22:02 +0000 (12:22 +0000)]
Fix array formatting in evp_extra_test.c
The reformat did something silly with some of the arrays in evp_extra_test.c
Fix the arrays such that clang-format is still happy.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29349)
Bob Beck [Tue, 9 Dec 2025 14:01:47 +0000 (07:01 -0700)]
Disable clang-format around this macro
clang-format sensibly thinks this is an arithmatic operation,
and formats the math. Sadly it does not know we eventually
stringify this behind several other layers of nested macros
and so putting spaces in here is bad.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29350)
Bob Beck [Tue, 9 Dec 2025 07:08:07 +0000 (00:08 -0700)]
4.0-POST-CLANG-FORMAT-WEBKIT
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29242)
Bob Beck [Tue, 9 Dec 2025 07:05:43 +0000 (00:05 -0700)]
4.0-PRE-CLANG-FORMAT-WEBKIT
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29242)
Resolves: https://scan5.scan.coverity.com/#/project-view/65138/10222?selectedIssue=1675327 Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29317)
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29286)
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29306)
Neil Horman [Wed, 3 Dec 2025 19:36:54 +0000 (14:36 -0500)]
Make find-doc-nits compatible accross git versions
We recently found that the addition of a git config command in
util/find-doc-nits is broken in some cases, sepecifically because git
around version 2.46 broke command line compatibility, replacing the
--regexp option with the --get-regexp option. So to maintain usage of
this specific command to parse the .gitconfig file, we would need to do
some extra version detection to construct the proper command line.
However, find-doc-nits already has a fallback condition, which does some
pure perl parsing of the gitconfig file, which works perfectly well.
Instead of trying to do version matching to construct the right form of
the git config command line, just remove it all, and rely on the perl
parrse to do this work for us, which works currently in all cases.
Fixes #29197
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29304)
Viktor Dukhovni [Wed, 3 Dec 2025 04:24:46 +0000 (15:24 +1100)]
Clarify/fix encoder/decoder context docs and code
In was premature to make OSSL_(EN|DE)CODER_CTX_[sg]et_finalized() be
public interfaces. Forunately, these have not yet appeared outside the
"master" branch, so we can still retract them.
Also, in the case of decoders, the implementation failed to take into
account that the context was duplicated before it was returned to the
user, and the duplicated copy failed to copy the "finalized" field.
This commit also renames "finalized" to "frozen", because
finalisation is a misleading term in this context, it suggests
resource reclamation during garbage collection or deallocation,
not marking a structure partly immutable.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29206)
Viktor Dukhovni [Mon, 24 Nov 2025 13:37:49 +0000 (00:37 +1100)]
Per-key encoding formats for ML-KEM and ML-DSA
We support selection of ML-KEM and ML-DSA key formats on input and
output at the provider level, these are essentially global defaults,
in effect for the lifetime of the process.
Unfortunately, the JAVA interface in openssl-jostle needs to be able to
output a specific key in seed-only form. To that end, this PR
introduces a new "output-formats" PKEY encoding parameter, that can be used
with OSSL_ENCODER_CTX_set_params(3) when encoding a key to PKCS#8, after
using OSSL_ENCODER_CTX_new_for_key(3), rather than i2d_PrivateKey(3),
i2d_PKCS8PrivateKey(3) or PEM equivalents.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29206)
In a hypothetical scenario that jent_entropy_init_ex fails, or if
get_jitter_random-value fails, there are a few unexpected
posibilities.
If jent_entropy_init_ex fails, the seed initialisation may return NULL
and then DRBG will be initiated with NULL seed, which will
automatically fallback to os-seed, which will escape module boundary
(if this jitter rng is from the fips module), and call getrandom
syscall.
And separately if get_jitter_random_value fails, it may put DRBG in an
error state, but it might not put the FIPS module in error state, like
it should as per the ISO standard.
To instrument these things, I had to create tampered
jitterentropy-library that always returns errors for init_ex and
read_entropy apis, and then use gdb tracing on both libcrypto.so and
fips.so.
The most minimal solution to above hypothetical error code paths, is
to simply call ossl_set_error_state. It is either harmless, or in case
of fips-jitter will correctly put the FIPS module into error state and
prevent any further operation; and cruitially prevent silent fallback
to getrandom syscall.
Note it is unlikely that this ever was out of compliance, as often
enough getrandom syscall goes to a kernel with validated entropy
source; and openssl fips module still did reject sampling which is too
entropy source compliant.
Nonetheless it is good to fix this hypothetical error path, and
backport this to 3.5 and up.
This is similar / additional fixes, to this previous change:
- https://github.com/openssl/openssl/pull/25957
- https://github.com/openssl/openssl/commit/b9886a6f3483e0525596d3b3956416282038da82
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29226)
Norbert Pocs [Thu, 13 Nov 2025 14:53:28 +0000 (15:53 +0100)]
apps: Remove opt_legacy_okay function
The function used to check for ENGINEs to determine if a legacy code
path is available, but it makes no sense to keep it after the ENGINE
removal, as the legacy path will always fail.
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
Norbert Pocs [Fri, 21 Nov 2025 13:04:20 +0000 (14:04 +0100)]
Remove OPENSSL_INIT_ENGINE_* definitions
Keeping OPENSSL_INIT_ENGINE_ALL_BUILTIN to be defined always to zero as
it might be the most used one outside of the library, meanwhile keeping
the others undefined unless OPENSSL_ENGINE_STUBS is defined.
Neil Horman [Thu, 11 Sep 2025 20:09:56 +0000 (16:09 -0400)]
remove dasync engine test from test_rand
We're removing the engine, so we don't need to test this anymore.
NOTE: This also removes the engine skip check from the test, and this
breaks testing until such time as PR #28461 is merged (which replaces
the remaining engine test with a provider).
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
Neil Horman [Thu, 11 Sep 2025 19:39:44 +0000 (15:39 -0400)]
remove afalg tests
We have a specific test suite that exercizes the afalg engine, that is
becoming useless with engine removal.
I had considered that we should perhaps convert this into a provider,
but having looked at the engine itself, it only offers implementations
for AES-128, AES-192 and AES-256. Given that the default provider
offers these algorithms with hardware acceleration via the aesni
instruction set (or comparable instructions on non-x86 arches), it seems
like the only advantage the afalg engine offers is acceleration of these
ciphers on platforms that have off-cpu accelerators and no cpu based
acceleration support.
given that:
a) Most cpus have instruction based acceleration
b) We don't test with any platforms that use external accelerators
It seems like alot of investment to get no real advantage, so just
remove the test, allowing us to delete the engine entirely in another
PR.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
Neil Horman [Thu, 11 Sep 2025 19:19:45 +0000 (15:19 -0400)]
Remove dasync engine from sslapitest and sslbuffertest
With the impending engine removal, we don't have a need to test engine
functionality in these tests anymore, so remove the test cases that make
use of the dasync engine here.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
projects / thirdparty / openssl.git / log
