summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.github/workflows/ci.yml36
-rw-r--r--.github/workflows/run-checker-ci.yml2
-rw-r--r--.github/workflows/windows.yml6
-rw-r--r--CHANGES.md4
-rwxr-xr-xConfigure16
-rw-r--r--doc/man7/openssl-qlog.pod15
6 files changed, 30 insertions, 49 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index da6c7860ab..d64425ce1b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -83,7 +83,7 @@ jobs:
run: sudo locale-gen tr_TR.UTF-8
- name: config
# enable-quic is on by default, but we leave it here to check we're testing the explicit enable somewhere
- run: CC=gcc ./config --banner=Configured enable-fips enable-quic enable-unstable-qlog --strict-warnings && perl configdata.pm --dump
+ run: CC=gcc ./config --banner=Configured enable-fips enable-quic --strict-warnings && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -100,7 +100,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: CC=clang ./config --banner=Configured no-fips enable-unstable-qlog --strict-warnings && perl configdata.pm --dump
+ run: CC=clang ./config --banner=Configured no-fips --strict-warnings && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -119,7 +119,7 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: config
- run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace enable-unstable-qlog
+ run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace
- name: config dump
run: ./configdata.pm --dump
- name: make
@@ -136,7 +136,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --strict-warnings no-bulk no-pic no-asm enable-unstable-qlog -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-bulk no-pic no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
- name: make
run: make -j4 # verbose, so no -s here
- name: get cpu info
@@ -153,7 +153,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --strict-warnings no-deprecated enable-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-deprecated enable-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -170,7 +170,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --strict-warnings no-shared no-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -188,7 +188,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --strict-warnings no-shared no-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -205,7 +205,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -222,7 +222,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -239,7 +239,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --debug -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --debug -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method enable-nextprotoneg && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -257,7 +257,7 @@ jobs:
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
# --debug -O1 is to produce a debug build that runs in a reasonable amount of time
- run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -274,7 +274,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: CC=clang ./config --banner=Configured no-fips enable-unstable-qlog --strict-warnings -fsanitize=thread && perl configdata.pm --dump
+ run: CC=clang ./config --banner=Configured no-fips --strict-warnings -fsanitize=thread && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -293,7 +293,7 @@ jobs:
- name: modprobe tls
run: sudo modprobe tls
- name: config
- run: ./config --banner=Configured --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-egd enable-ktls enable-fips no-threads enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-egd enable-ktls enable-fips no-threads && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -318,7 +318,7 @@ jobs:
- name: install extra config support
run: sudo apt-get -y install libsctp-dev abigail-tools libzstd-dev zstd
- name: config
- run: ./config --banner=Configured --strict-warnings enable-ktls enable-fips enable-egd enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-sctp enable-ssl3 enable-ssl3-method enable-trace enable-zlib enable-zstd enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings enable-ktls enable-fips enable-egd enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-sctp enable-ssl3 enable-ssl3-method enable-trace enable-zlib enable-zstd && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -335,7 +335,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured --strict-warnings no-legacy enable-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured --strict-warnings no-legacy enable-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -352,7 +352,7 @@ jobs:
- name: checkout fuzz/corpora submodule
run: git submodule update --init --depth 1 fuzz/corpora
- name: config
- run: ./config --banner=Configured -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-fips enable-unstable-qlog && perl configdata.pm --dump
+ run: ./config --banner=Configured -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-fips && perl configdata.pm --dump
- name: make
run: make -s -j4
- name: get cpu info
@@ -384,7 +384,7 @@ jobs:
mkdir ./install
- name: config
run: |
- ../source/config --banner=Configured enable-fips enable-quic enable-unstable-qlog enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd)
+ ../source/config --banner=Configured enable-fips enable-quic enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd)
perl configdata.pm --dump
working-directory: ./build
- name: make
@@ -420,7 +420,7 @@ jobs:
mkdir ./install
- name: config
run: |
- ../source/config --banner=Configured enable-fips enable-quic enable-unstable-qlog enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd)
+ ../source/config --banner=Configured enable-fips enable-quic enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd)
perl configdata.pm --dump
working-directory: ./build
- name: make
diff --git a/.github/workflows/run-checker-ci.yml b/.github/workflows/run-checker-ci.yml
index 1fbc3e708a..025349b6d3 100644
--- a/.github/workflows/run-checker-ci.yml
+++ b/.github/workflows/run-checker-ci.yml
@@ -28,7 +28,7 @@ jobs:
no-ec,
no-ecx,
no-http,
- no-legacy enable-unstable-qlog,
+ no-legacy,
no-sock,
enable-ssl-trace,
no-stdio,
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index f271ca34fb..5b88d12ca2 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -22,9 +22,9 @@ jobs:
- windows-2022
platform:
- arch: win64
- config: enable-fips enable-unstable-qlog
+ config: enable-fips
- arch: win32
- config: --strict-warnings no-fips enable-unstable-qlog
+ config: --strict-warnings no-fips
runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }}
steps:
- uses: actions/checkout@v4
@@ -155,7 +155,7 @@ jobs:
# - windows-2022
platform:
- arch: win64
- config: -DCMAKE_C_COMPILER=gcc --strict-warnings no-fips enable-unstable-qlog
+ config: -DCMAKE_C_COMPILER=gcc --strict-warnings no-fips
# are we really learning sth new from win32? So let's save some CO2 for now disabling this
# - arch: win32
# config: -DCMAKE_C_COMPILER=gcc --strict-warnings no-fips
diff --git a/CHANGES.md b/CHANGES.md
index c67d0bd6aa..d857bf846a 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -124,8 +124,8 @@ OpenSSL 3.3
The qlog output from OpenSSL currently uses a pre-standard draft version of
qlog. The output from OpenSSL will change in incompatible ways in future
releases, and is not subject to any format stability or compatibility
- guarantees at this time; therefore this functionality must currently be
- enabled with the build-time option `enable-unstable-qlog`. See the
+ guarantees at this time. This functionality can be
+ disabled with the build-time option `no-unstable-qlog`. See the
openssl-qlog(7) manpage for details.
*Hugo Landau*
diff --git a/Configure b/Configure
index c09bec39f6..cac277f45c 100755
--- a/Configure
+++ b/Configure
@@ -579,7 +579,6 @@ our %disabled = ( # "what" => "comment"
"ktls" => "default",
"md2" => "default",
"msan" => "default",
- "unstable-qlog" => "default",
"rc5" => "default",
"sctp" => "default",
"ssl3" => "default",
@@ -2976,21 +2975,6 @@ or position independent code, please let us know (but please first make sure
you have tried with a current version of OpenSSL).
EOF
-print <<"EOF" if (!$disabled{qlog});
-
-============================== WARNING ===============================
-
-WARNING: You have enabled qlog. This functionality is unstable and
- implements a draft version of the qlog specification. The qlog
- output from OpenSSL *will* change in incompatible ways in future,
- and is not subject to any format stability or compatibility
- guarantees at this time. See the manpage openssl-qlog(7) for
- details.
-
-============================== WARNING ===============================
-
-EOF
-
print $banner;
exit(0);
diff --git a/doc/man7/openssl-qlog.pod b/doc/man7/openssl-qlog.pod
index 17c56f1b07..914083a31c 100644
--- a/doc/man7/openssl-qlog.pod
+++ b/doc/man7/openssl-qlog.pod
@@ -22,9 +22,6 @@ for details.
=head1 USAGE
-The qlog functionality must be explicitly enabled at OpenSSL build time using
-the I<enable-unstable-qlog> configure flag.
-
When OpenSSL is built with qlog support, qlog is enabled at run time by setting
the standard B<QLOGDIR> environment variable to point to a directory where qlog
files should be written. Once set, any QUIC connection established by OpenSSL
@@ -43,6 +40,9 @@ Connection ID used in the header of the first Initial packet sent as part of the
connection process, and B<{vantage_point_type}> is either C<client> or
C<server>, reflecting the perspective of the endpoint producing the qlog output.
+The qlog functionality can be disabled at OpenSSL build time using the
+I<no-unstable-qlog> configure flag.
+
=head1 SUPPORTED EVENT TYPES
The following event types are currently supported:
@@ -178,12 +178,9 @@ breaking ways in the future, including in non-major releases of OpenSSL. The
qlog output of OpenSSL is considered unstable and not subject to any format
stability or compatibility guarantees at this time.
-As such, the qlog functionality is currently guarded behind the build-time
-configuration flag B<enable-unstable-qlog>, which is not enabled by default, to
-ensure that users are aware of this instability. Users of the OpenSSL qlog
-functionality must be aware that the output may change arbitrarily between
-releases and that the preservation of compatibility with any given tool between
-releases is not guaranteed.
+Users of the OpenSSL qlog functionality must be aware that the output may change
+arbitrarily between releases and that the preservation of compatibility with any
+given tool between releases is not guaranteed.
=head2 Aims
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 11:21:35 +0100