summaryrefslogtreecommitdiffstats
path: root/ssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix encryption level orderingNeil Horman10 days1-40/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It was noticed recently that the enum for QUIC encryption levels doesn't match the ordering that is outlined in the RFC. RFC 9000 s. 12.2 and RFC 9002 s 14.4.1 indicate that encryption level ordering is INITIAL/0RTT/HANDSHAKE/1RTT, but our enum is in the order INITAL/HANDSHAKE/0RTT/1RTT. Our enum isn't a direct wire translation, so as long as the wire->enum mapping done in ossl_quic_pkt_type_to_enc_level is done consistently it ideally wouldn't matter, but because we do coalescing in ossl_quic_tx_packetiser_generate by iterating through all the values in the enum, its possible we may coalesce in the wrong order when we do start implementing 0RTT support. Fix it by adjusting the enum properly to match the RFC order. This also necessitates and adjustment to the archetypes array, which is a two dimensional array indexed by encryption level and frame archetype (PROBE/NORMAL/ACK ONLY). Moving the 0RTT enc level to index 1 requires moving the (formerly) index 2 0RTT array row to be at index 1. Fixes #26324 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26334)
* use-of-uninitialized-value in quic_tserver_testBernd Edlinger12 days1-0/+1
| | | | | | | | Fixes #26277 Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26269)
* Reject invalid FFDHE and ECDHE key shares with SSL_AD_ILLEGAL_PARAMETER alertcx2025-01-021-2/+2
| | | | | | | | | | This changes the alert according to RFC 8446. Fixes: #25402 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25547)
* Fix potential use-after-free in REF_PRINT_COUNTNeil Horman2024-12-104-9/+9
| | | | | | | | | | | | | | | | | | | | | We use REF_PRINT_COUNT to dump out the value of various reference counters in our code However, we commonly use this macro after an increment or decrement. On increment its fine, but on decrement its not, because the macro dereferences the object holding the counter value, which may be freed by another thread, as we've given up our ref count to it prior to using the macro. The rule is that we can't reference memory for an object once we've released our reference, so lets fix this by altering REF_PRINT_COUNT to accept the value returned by CRYPTO_[UP|DOWN]_REF instead. The eliminates the need to dereference the memory the object points to an allows us to use the call after we release our reference count Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25664)
* Delete a redundant breakwillmafh2024-12-061-1/+0
| | | | | | | | CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26095)
* Fix multiple wrong checks of EVP_PKEY_set1_encoded_public_keyPeiwei Hu2024-11-221-1/+1
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25811)
* Fix SSL_write_[ex|ex2] on blocking quic streamsNeil Horman2024-11-211-2/+13
| | | | | | | | | | | | | | | | | | | | | | | When writing to a blocking quic stream, we sometimes get duplicate transmitted data. This occurs when a call to quic_write_blocking has to wait for space to become available in the ring buffer. When we do a wait, the call sets *written to the value returned in args.total_written as filled out by the calls to block_until_pred->quic_write_again. However, the value there is based on the amount we requested, which is only the remaining data that we didn't append in xso_sstream_write. So if we call quic_write_blocking with a buffer of length X, and initially append Y bytes, and write the remainig X-Y bytes via a block_until_pred call, then *written will return with the value X-Y, even though we wrote the full X bytes to the ring buffer. Fix it by recording the initial amount appended into *written, and then add the args.total_written value if we have to wait on more space Fixes openssl/project#924 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26023)
* Change "a SSL" to "an SSL"Andrew Dinh2024-11-135-5/+5
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/25868)
* Fix SSL_stream_reset for stream objects which have FIN bit setNeil Horman2024-11-131-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When calling SSL_stream_reset on a QUIC stream object that has received all data that is expected to be sent (i.e. when the sender has sent a STREAM frame with the FIN bit set), we encounter the following segfault: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7f0bd28 in ossl_quic_sstream_get_final_size (qss=0x0, final_size=0x0) at ssl/quic/quic_sstream.c:273 273 if (!qss->have_final_size) (gdb) bt 0) 0x00007ffff7f0bd28 in ossl_quic_sstream_get_final_size (qss=0x0, final_size=0x0) at ssl/quic/quic_sstream.c:273 1) 0x00007ffff7ef65bf in quic_validate_for_write (xso=0x5555555efcb0, err=0x7fffffffd5e0) at ssl/quic/quic_impl.c:2513 2) 0x00007ffff7ef8ae3 in ossl_quic_stream_reset (ssl=0x5555555efcb0, args=0x0, args_len=0) at ssl/quic/quic_impl.c:3657 3) 0x00007ffff7ebdaa6 in SSL_stream_reset (s=0x5555555efcb0, args=0x0, args_len=0) at ssl/ssl_lib.c:7635 4) 0x0000555555557527 in build_request_set ( req_list=0x55555555ebd0 "neil1.txt neil2.txt neil3.txt neil4.txt neil5.txt neil6.txt neil7.txt neil8.txt neil9.txt neil10.txt neil11.txt neil12.txt neil13.txt neil14.txt neil15.txt neil16.txt neil17.txt neil18.txt neil19.txt "..., ssl=0x5555555b6f80) at demos/guide/quic-hq-interop.c:545 5) 0x00005555555587b2 in main (argc=4, argv=0x7fffffffe568) at demos/guide/quic-hq-interop.c:941 This occurs because: 1) When the stream FIN bit is set, the quic stack frees the underlying stream structures immediately within the QUIC stack and 2) when SSL_stream_reset is called, the call stack indicates we call quic_validate_for_write, which attempts to access the xso->stream->sstream QUIC_SSTREAM object, which was already freed in (1) The fix I think is pretty straightforward. On receipt of a STREAM frame with a FIN bit set, the QUIC stack sets the QUIC_STREAM object state to QUIC_SSTREAM_STATE_DATA_RECVD, which means we can use that state to simply assert that the stream is valid for write, which allows it to be reset properly. Fixes #25410 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25910)
* Fix memleaks in cmd_RecordPadding()Holger Dengler2024-11-131-8/+7
| | | | | | | | | | | | | Free the internal copy of parameter `value` on each early exit. Fixes #25906 Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25926)
* txp_generate_stream_frames(): Set stream id in header early enoughTomas Mraz2024-11-121-1/+1
| | | | | | | | | | | | | Otherwise we will calculate an incorrect header size for higher stream ids and won't fit the frame into the packet. Fixes #25417 Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25928)
* Don't complain with "no cipher match" for QUIC objectsMatt Caswell2024-11-081-3/+5
| | | | | | | | | | | | | | Calling the functions SSL_CTX_set_cipher_list() or SSL_set_cipher_list() will return the error "no cipher match" if no TLSv1.2 (or below) ciphers are enabled after calling them. However this is normal behaviour for QUIC objects which do not support TLSv1.2 ciphers. Therefore we should suppress that error in this case. Fixes #25878 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25886)
* Make sure we use the correct SSL object when making a callbackMatt Caswell2024-11-0716-72/+87
| | | | | | | | | | | | | When processing a callback within libssl that applies to TLS the original SSL object may have been created for TLS directly, or for QUIC. When making the callback we must make sure that we use the correct SSL object. In the case of QUIC we must not use the internal only SSL object. Fixes #25788 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25874)
* Keep hold of a reference to the user SSL in QUICMatt Caswell2024-11-074-5/+17
| | | | | | | | | | In some cases a QUIC SSL_CONNECTION object needs to get hold of a reference to the original SSL object as created by the user. We should keep a reference to it. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25874)
* Use correct alerts for some cert comp errorsTodd Short2024-11-041-4/+12
| | | | | | | | | | Fixes #25471 Signed-off-by: Todd Short <todd.short@me.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25845)
* Support DEFAULT keyword and '-' prefix in SSL_CTX_set1_groups_list()Frederik Wedel-Heinen2024-11-041-11/+72
| | | | | | | | Fixes #25790 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25813)
* tls_common.c: Align the calculation of maximal alignment valueFrederik Wedel-Heinen2024-10-241-7/+7
| | | | | | | | | | | In tls_setup_write_buffer() and tls_setup_read_buffer() the calculation is different. Make them the same. Fixes #25746 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25764)
* Fix memory leaks in ossl_quic_calculate_retry_integrity_tag()Niels Dossche2024-10-231-5/+5
| | | | | | | | | | | | | | | Fixes #25625 Several error paths return 0 directly instead of going to err to clean up the objects. CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25636)
* updating comments in test recipieNeil Horman2024-10-212-7/+4
| | | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25297)
* Convert keylogging in response to commentsNeil Horman2024-10-212-14/+15
| | | | | | | | | | | | | | 1) Convert failures in keylog setup to trace messages for a warning-like mechanism 2) Convert sslkeylogfile_cb to be a flag used to determine making a direct call to the internal logging function Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25297)
* Fix build break when OPENSSL_NO_SSLKEYLOGFILE is not definedNeil Horman2024-10-211-2/+3
| | | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25297)
* Update sslkeylog in response to commentsNeil Horman2024-10-211-16/+34
| | | | | | | | | | | | | | | * instead of keeping an external reference count, just use the BIO_up_ref call, and the BIO's callback mechanism to detect the final free, for which we set keylog_bio to NULL * Return an error from SSL_CTX_new_ex if the setup of the keylog file fails Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25297)
* Add sslkeylog config option and implementationNeil Horman2024-10-212-1/+125
| | | | | | | | | | | | | | | Add a config option for sslkeylog (disabled by default) When enabled, SSL_CTX_new[_ex] becomes sensitive to the SSLKEYLOGFILE environment variable. It records keylog callback messages to the file specified in the environment variable according to the format specified in https://www.ietf.org/archive/id/draft-thomson-tls-keylogfile-00.html Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25297)
* Fix memory leak in tls_parse_ctos_psk()Niels Dossche2024-10-111-1/+1
| | | | | | | | | | | | | `sess` is not NULL at this point, and is freed on the success path, but not on the error path. Fix this by going to the `err` label such that `SSL_SESSION_free(sess)` is called. CLA: trivial Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25643)
* Check file name for not being NULL before opening itЗишан Мирза2024-09-263-7/+51
| | | | | | | | Fixes #24416 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25458)
* Rename list macrosNeil Horman2024-09-263-5/+5
| | | | | | | | | | | | | | | | | | | | | The quic implementation defined a set of LIST_* macros for list manipulation, which conflicts with the generally support BSD api found in the queue.h system header. While this isn't normally a problem, A report arrived indicating that MacOSX appears to implicitly include queue.h from another system header which causes definition conflicts. As the openssl macros are internal only, it seems the most sensible thing to do is place them in a well known namespace for our library to avoid the conflict, so add an OSSL_ prefix to all our macros Fixes #25516 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/25519)
* Detect fin state of a QUIC stream for streams which are completely readNeil Horman2024-09-131-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | SSL_poll indicates that a stream which has had the fin bit set on it, should generate SSL_POLL_EVENT_R events, so that applications can detect stream completion via SSL_read_ex and SSL_get_error returning SSL_ERROR_ZERO_RETURN. However, the quic polling code misses on this, as a client that completely reads a buffer after receipt has its underlying stream buffer freed, loosing the fin status We can however detect stream completion still, as a stream which has been finalized, and had all its data read will be in the QUIC_RSTREAM_STATE_DATA_READ state, iff the fin bit was set. Fix it by checking in test_poll_event_r for that state, and generating a SSL_POLL_EVENT_R if its found to be true, so as to stay in line with the docs. Fixes openssl/private#627 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25399)
* IANA has assigned numbers for new TLS Supported Groups in ML-KEMSahana Prasad2024-09-131-0/+2
| | | | | | | | | | https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25477)
* Cleanup of unused functions and macros in ssl_local.hFrederik Wedel-Heinen2024-09-102-29/+0
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24648)
* ssl: rework "e_os.h" inclusionsFdaSilvaYY2024-09-059-3/+16
| | | | | | | | | | - Remove e_os.h include from "ssl_local.h" - Added e_os.h into the files that need it now. - Move e_os.h to be the very first include Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
* Copyright year updatesTomas Mraz2024-09-0516-16/+16
| | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
* Check for excess data in CertificateVerifyViktor Dukhovni2024-08-291-0/+4
| | | | | | | | | | | | As reported by Alicja Kario, we ignored excess bytes after the signature payload in TLS CertificateVerify Messages. These should not be present. Fixes: #25298 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25302)
* Correct Alert Handling for Missing Compression Methodserbsland-dev2024-08-291-8/+9
| | | | | | | | | | Fixes #7940: Updated the compression check logic to improve protocol compliance. The code now returns `SSL_AD_DECODE_ERROR` when no compression method is provided in the ClientHello message. It returns `SSL_AD_ILLEGAL_PARAMETER` if the “null” compression method (0x00) is missing. Additionally, refactored the related test code for enhanced readability and maintainability. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25255)
* EVP_MD_size() updatesslontis2024-08-298-12/+13
| | | | | | | | | | For SHAKE algorithms we now return 0 from EVP_MD_size(). So all the places that check for < 0 needed to change to <= 0 (Otherwise the behaviour will be to digest nothing in most cases). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25285)
* Return SSL_AD_UNEXPECTED_MESSAGE alert when receiving any other ↵cx2024-08-261-1/+1
| | | | | | | | | | | | change_cipher_spec value(RFC 8446) Fixes: #25086 CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25257)
* Fix the alert used on a missing key_shareMatt Caswell2024-08-211-6/+9
| | | | | | | | | | | | RFC8446 requires we send an illegal_parameter alert if we don't get a key_share back from the server and our kex_modes require one. We were instead reporting this as missing_extension. Fixes #25040 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25059)
* Ensure the msg_callback is called on CCS receipt in TLSv1.3Matt Caswell2024-08-151-1/+4
| | | | | | | | | | | | CCS records are ignore in TLSv1.3. But we should still call the msg_callback anyway. Fixes #25166 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25169)
* Return SSL_AD_DECRYPT_ERROR alert on PSK binder validation failure (RFC 8446)Bhaskar Metiya2024-08-151-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/25176)
* adds TLS signature algorithms list featureMichael Baentsch2024-08-133-62/+171
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24821)
* Remove the event queue codeMatt Caswell2024-08-072-197/+1
| | | | | | | | | | | | | | | PR #18345 added some code for an event queue. It also added a test for it. Unfortunately this event queue code has never been used for anything. Additionally the test was never integrated into a test recipe, so it never actually gets invoked via "make test". This makes the code entirely dead, unnecessarily bloats the size of libssl and causes a decrease in our testing code coverage value. We remove the dead code. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25100)
* Check that a supported_versions extension is present in an HRRMatt Caswell2024-08-072-1/+17
| | | | | | | | | | | | | If an HRR is sent then it MUST contain supported_versions according to the RFC. We were sanity checking any supported_versions extension that was sent but failed to verify that it was actually present. Fixes #25041 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25068)
* Add logging support for early dataLeonie Theobald2024-08-071-0/+1
| | | | | | | | | | | -trace option didn't cover early data message which resulted in misleading logging. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25026)
* ssl: factorize and improved hex conversion codeFdaSilvaYY2024-08-071-10/+5
| | | | | | | | Add inline qualifier to avoid exporting a function for one unique use Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24968)
* ssl: remove stdio.h and sprintf use from libssl.FdaSilvaYY2024-08-071-12/+10
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24968)
* Fix typos found by codespellDimitri Papadopoulos2024-08-071-1/+1
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24949)
* Do not implicitly start connection with SSL_handle_events() or SSL_poll()Tomas Mraz2024-08-031-1/+10
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25069)
* Return infinity time from SSL_get_event_timeout when the connection is not ↵Tomas Mraz2024-08-031-2/+3
| | | | | | | | started Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25069)
* Do not falsely start the connection through SSL_pending()/_has_pending()Tomas Mraz2024-08-031-0/+3
| | | | | | | | Fixes #25054 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25069)
* ssl_evp_cipher_fetch(): Avoid using 3DES from the FIPS providerTomas Mraz2024-08-011-0/+15
| | | | | | | | | | | | Avoid using a fetched cipher that is decrypt-only which is the case for 3DES from the fips provider. Add a decrypt-only parameter to the EVP_CIPHER and test it in libssl when fetching. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25028)
* 3DES ciphersuites are not allowed in FIPS anymoreTomas Mraz2024-08-011-11/+11
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25028)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 09:05:20 +0100