113 files changed, 5407 insertions, 208 deletions

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b8b8f2ec3c..9bc5f9777f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -96,7 +96,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@basic-gcc"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   basic_clang:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -118,7 +118,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@basic-clang"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   self-hosted:
     if: github.repository == 'openssl/openssl'
@@ -143,7 +143,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@self-hosted-${{ matrix.os }}"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   minimal:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -165,8 +165,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@minimal"
-        path: artifacts/
-        if-no-files-found: ignore
+        path: artifacts.tar.gz
 
   no-deprecated:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -188,7 +187,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@no-deprecated"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   no-shared-ubuntu:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -210,7 +209,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@no-shared-ubuntu"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   no-shared-macos:
     strategy:
@@ -237,7 +236,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@no-shared-${{ matrix.os }}"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   non-caching:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -263,7 +262,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@non-caching"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   address_ub_sanitizer:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -289,7 +288,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@address_ub_sanitizer"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   fuzz_tests:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -315,7 +314,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@fuzz_tests"
-        path: artifacts/
+        path: artifacts.tar.gz
         if-no-files-found: ignore
 
   memory_sanitizer:
@@ -343,7 +342,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@memory_sanitizer"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   threads_sanitizer:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -369,7 +368,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@threads_sanitizer"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   enable_non-default_options:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -393,7 +392,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@enable_non-default_options"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   full_featured:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -423,7 +422,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@full_featured"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   no-legacy:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -445,7 +444,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@no-legacy"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   legacy:
     runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }}
@@ -467,7 +466,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@legacy"
-        path: artifacts/
+        path: artifacts.tar.gz
 
   # out-of-source-and-install checks multiple things at the same time:
   # - That building, testing and installing works from an out-of-source
@@ -509,7 +508,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@out-of-readonly-source-and-install-ubuntu"
-        path: build/artifacts/
+        path: build/artifacts.tar.gz
     - name: make install
       run: make install
       working-directory: ./build
@@ -554,7 +553,7 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "ci@out-of-readonly-source-and-install-${{ matrix.os }}"
-        path: build/artifacts/
+        path: build/artifacts.tar.gz
     - name: make install
       run: make install
       working-directory: ./build
@@ -570,7 +569,7 @@ jobs:
         sudo apt-get update
         sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy
     - name: install cpanm and Test2::V0 for gost_engine testing
-      uses: perl-actions/install-with-cpanm@v1
+      uses: perl-actions/install-with-cpanm@stable
       with:
         install: Test2::V0
     - name: setup hostname workaround
diff --git a/.github/workflows/coveralls.yml b/.github/workflows/coveralls.yml
index aae4fbf4f8..5751bbdb13 100644
--- a/.github/workflows/coveralls.yml
+++ b/.github/workflows/coveralls.yml
@@ -56,7 +56,7 @@ jobs:
         sudo apt-get -yq install lcov
         sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy
     - name: install Test2::V0 for gost_engine testing
-      uses: perl-actions/install-with-cpanm@v1
+      uses: perl-actions/install-with-cpanm@stable
       with:
         install: Test2::V0
     - name: setup hostname workaround
diff --git a/.github/workflows/cross-compiles.yml b/.github/workflows/cross-compiles.yml
index 4e5dfa45f2..5dc1b83f4e 100644
--- a/.github/workflows/cross-compiles.yml
+++ b/.github/workflows/cross-compiles.yml
@@ -220,5 +220,5 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: "cross-compiles@${{ matrix.platform.arch }}"
-        path: artifacts/
+        path: artifacts.tar.gz
         if-no-files-found: ignore
diff --git a/.github/workflows/make-test b/.github/workflows/make-test
index 247b4c61bd..195928e786 100755
--- a/.github/workflows/make-test
+++ b/.github/workflows/make-test
@@ -37,4 +37,7 @@ echo "Test suite exited with $RESULT, artifacts path is $OSSL_CI_ARTIFACTS_PATH"
 (cd "$OSSL_CI_ARTIFACTS_PATH"; find . -type f | sort)
 echo "::endgroup::"
 
+echo "Archive artifacts"
+tar -czvf artifacts.tar.gz $OSSL_CI_ARTIFACTS_PATH
+
 exit $RESULT
diff --git a/CHANGES.md b/CHANGES.md
index 76801ac78c..28e1c0ae4d 100644
--- a/CHANGES.md