openssl - Mirror of https://github.com/openssl/openssl

Age	Commit message (Collapse)	Author
2023-09-04	Move ALIGN32 and ALIGN64 into common.h, and fix for clang-cl.exe	Tom Cosgrove
	clang-cl.exe defines __clang__ and _MSC_VER but not __GNUC__, so a clang- specific guard is needed to get the correct ALIGNxx versions. Fixes #21914 Change-Id: Icdc047b182ad1ba61c7b1b06a1e951eda1a0c33d Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21921)
2023-09-01	QUIC APL: Implement SSL_want	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21915)
2023-09-01	Comment on internal flag	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01	BIO: Allow third parties to use integers instead of pointers for poll ↵	Hugo Landau
	descriptors Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01	QUIC: Make TLS1_FLAGS_QUIC private	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01	QUIC API: Revise SSL_get_conn_close_info to use a flags field	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01	QUIC APL: Allow stream origin to be queried	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01	Minor updates	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	Minor fixes	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	BIO: Add BIO_dgram_detect_peer_addr API	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	QUIC CHANNEL: Introduce concept of (non-)addressed mode	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	QUIC CHANNEL: Cleanup poll descriptor management	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	QUIC REACTOR: Move can-poll flags into reactor	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01	BIO_s_connect: Add support for datagram mode	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
2023-08-31	QUIC: Harden ring buffer against internal misuse	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21895)
2023-08-30	OSSL_PROVIDER_load_ex	Dmitry Belyavskiy
	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21604)
2023-08-30	Fix misspelled deprecation macro name in comment	Matthias St. Pierre
	Commit 77c30753cd replaced the convenience macros `DEPRECATEDIN_{major}_{minor}` by `OSSL_DEPRECATEDIN_{major}_{minor}` but misspelled them in the comment. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21868)
2023-08-30	make update	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30	QUIC MULTISTREAM TEST: Test WAIT_PEER	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30	QUIC APL: Support waiting for peer-initiated shutdown	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30	QUIC APL: Implement backpressure on stream creation	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-25	QUIC APL: Fix stream backpressure conditions to use non-I/O errors	Hugo Landau
	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25	QUIC APL: Implement backpressure on stream creation	Hugo Landau
	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25	Always use uint8_t for TLS record type	Tomas Mraz
	Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21823)
2023-08-25	Avoid issues with endianness when type is used in SSL_trace()	Tomas Mraz
	The TLS record type is a single byte value so we can use uint8_t for it. This allows passing its address directly to SSL_trace() instead of converting it to a single byte type first. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21823)
2023-08-25	Don't keep creating CONNECTION_CLOSE frames	Matt Caswell
	If we want to send a CONNECTION_CLOSE frame then one is enough unless we are scheduled to send another one. Now that we can create more than one datagram in one go this is now required. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21798)
2023-08-24	QUIC: Rename SSL_set_initial_peer_addr to SSL_set1_initial_peer_addr	Hugo Landau
	Fixes #21701 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21814)
2023-08-23	ossl_quic_tx_packetiser_generate(): Always report if packets were sent	Tomas Mraz
	Even in case of later failure we need to flush the previous packets. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
2023-08-23	QUIC: Add ERR_raise() calls for EVP call failures	Tomas Mraz
	This improves tracking where the failure was triggered. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
2023-08-17	Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons	vl-loz
	This change is for feature request #21679. Adds a couple of setters to aid with custom CRL validation. Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21737)
2023-08-16	Fix decoders so that they use the passed in propq.	slontis
	Fixes #21198 decoder objects were setting propq as NULL. Added a set_ctx/settable_ctx to all decoders that should supply a property query parameter to internal functions. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21219)
2023-08-16	quic: process stateless resets	Pauli
	Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21649)
2023-08-15	Add a test for receiving a post-handshake CertificateRequest	Matt Caswell
	This should result in a QUIC PROTOCOL_VIOLATION We also add tests for a post-handshake KeyUpdate, and a NewSessionTicket with an invalid max_early_data value. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15	Add the ability to send NewSessionTicket messages when we want them	Matt Caswell
	Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15	NewSessionTickets with an early_data extension must have a valid max value	Matt Caswell
	The max_early_data value must be 0xffffffff if the extension is present in a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15	Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION	Matt Caswell
	An OpenSSL QUIC client does not send the post_handshake_auth extension. Therefore if a server sends a post-handsahke CertificateRequest then this would be treated as a TLS protocol violation with an "unexpected message" alert code. However RFC 9001 specifically requires us to treat this as QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message" alert code in this one instance. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15	Remove include/internal/decoder.h, as it's superfluous	Richard Levitte
	The routines declared in there are entirely libcrypto internal, so include/crypto/decoder.h is better suited for them. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/21733)
2023-08-10	QUIC APL/CHANNEL: Wire up connection closure reason	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10	QUIC TEST: Test NEW_CONN_ID frames	Hugo Landau
	Fixes https://github.com/openssl/project/issues/86 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10	QUIC TEST: Test malformed crypto stream data, excess buffering	Hugo Landau
	Fixes https://github.com/openssl/project/issues/85 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10	QUIC TEST: Ensure PING causes ACK generation	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10	Don't use C++ reserved word template for function arguments	MscVZoltan
	CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21692)
2023-08-08	Resolve some of the TODO(QUIC) items	Tomas Mraz
	For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH designation to indicate these do not need to be resolved in QUIC MVP release. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21539)
2023-08-08	QUIC TLS: Rethink error handling	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC: Move string conversion functions into a source file	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC CHANNEL: Improve error reporting	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC FC: Rename stream count mode to reflect actual function	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC QRX: Don't process 1-RTT packets until handshake is complete	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC CHANNEL, TXP: Discard INITIAL EL correctly	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08	QUIC TLS: Report TLS errors properly as QUIC protocol errors	Hugo Landau
	Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)