- 07 3月, 2022 1 次提交
-
-
由 Daniel 提交于
Fixes #14104 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17802)
-
- 04 3月, 2022 5 次提交
-
-
由 Hugo Landau 提交于
This demo optionally accepts a single command line argument, allowing the output length to be specified. Fixes #14106. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17803)
-
由 xkernel 提交于
Also check return value of functions that call BIO_new() internally such as dup_bio_out(). Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17421)
-
由 Richard Levitte 提交于
Before PR #15310, which reworked how build files (Makefile, ...) were generated, everything was done when configuring, so configdata.pm could depend on build file templates and we'd get away with it. However, since building configdata.pm is now independent of the build file templates, that dependency is unnecessary, and would lead to surprises of the build file template is updated, with an unexpected full reconfiguration as a result, when all that's needed is to run configdata.pm with no flags to get the build file re-generated. This change is therefore a completion of what was forgotten in #15310. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17756)
-
由 XiaokangQian 提交于
The EOR3 instruction is implemented with .inst, and the code here is enabled using run-time detection of the CPU capabilities, so no need to explicitly ask for the sha3 extension. Fixes #17773 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17795)
-
由 Hugo Landau 提交于
This offers both a known answer test with fixed keys and also demonstrates a more realistic usage with random keys. Fixes #14118. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17799)
-
- 03 3月, 2022 9 次提交
-
-
由 Hugo Landau 提交于
Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17790)
-
由 Hugo Landau 提交于
Fix a bug in `openssl s_server -WWW` where it would attempt to invoke `SSL_sendfile` if `-ktls -sendfile` was passed on the command line, even if KTLS has not actually been enabled, for example because it is not supported by the host. Since `SSL_sendfile` is only supported when KTLS is actually being used, this resulted in a failure to serve requests. Fixes #17503. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17788)
-
由 Matt Caswell 提交于
Set the environment variable MALLOC_PERTURB_ during tests to perturb the output from OPENSSL_malloc() calls (see the mallopt man page for details about this environment variable). This could be a low cost way of spotting uninit reads in "make test" runs in some situations. In tests I have found it to be a little unreliable (sometimes it seemed to not perturb the output for inexplicable reasons) - but since this is easy to implement I think it is worthwhile. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17768)
-
由 John Baldwin 提交于
FreeBSD does not provide a global timezone variable containing the offset to UTC. Instead, FreeBSD's libc includes a legacy timezone function dating back to Version 7 AT&T UNIX. As a result, asn1_string_to_time_t currently fails to compile on FreeBSD as it subtracts a function from a time_t value: ../crypto/asn1/a_time.c:625:37: error: invalid operands to binary expression ('time_t' (aka 'long') and 'char *(int, int)') timestamp_utc = timestamp_local - timezone; ~~~~~~~~~~~~~~~ ^ ~~~~~~~~ 1 error generated. However, FreeBSD's libc does include a non-standard (but widely available) timegm function which converts a struct tm directly to a UTC time_t value. Use this on FreeBSD instead of mktime. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17765)
-
由 Michael Baentsch 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17733)
-
由 Michael Baentsch 提交于
We need to handle signatures with and without digest algs and we generalize the ossl_cms_ecdsa_dsa_sign() function to other algorithms that are handled in the same way. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17733)
-
由 zhangzhilei 提交于
This patch use table-lookup borrow from aes in crypto/aes/aes_core.c. Test on my PC(AMD Ryzen Threadripper 3990X 64-Core Processor), before and after optimization: debug mode: Before: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 40101.14k 41453.80k 42073.86k 42174.81k 42216.11k 42227.03k SM4-ECB 41222.60k 42074.88k 42673.66k 42868.05k 42896.04k 42844.16k SM4-CTR 35867.22k 36874.47k 37004.97k 37083.82k 37052.42k 37076.99k After: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 47273.51k 48957.40k 49665.19k 49810.77k 49859.24k 49834.67k SM4-ECB 48100.01k 49323.34k 50224.04k 50273.28k 50533.72k 50730.12k SM4-CTR 41352.64k 42621.29k 42971.22k 43061.59k 43089.92k 43100.84k non-debug mode: Before: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 141596.59k 145102.93k 146794.50k 146540.89k 146650.45k 146877.10k SM4-ECB 144774.71k 155106.28k 158166.36k 158279.00k 158520.66k 159280.97k SM4-CTR 138021.10k 141577.60k 142493.53k 142736.38k 142852.10k 143125.16k After: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 142016.95k 150068.48k 152238.25k 152773.97k 153094.83k 152027.14k SM4-ECB 148842.94k 159919.87k 163628.37k 164515.84k 164697.43k 164790.27k SM4-CTR 141774.23k 146206.89k 147470.25k 147816.28k 146770.60k 148346.20k Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17766)
-
由 Hugo Landau 提交于
This fixes a bug whereby BN_mod_exp2_mont can dereference a NULL pointer if BIGNUM argument m represents zero. Regression test added. Fixes #17648. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17783)
-
由 Hugo Landau 提交于
`openssl req -x509` has code allowing it to generate certificates from CSRs as a replacement for `openssl x509`, but a bug prevents it from working properly. -CA and -CAkey can now be passed to generate a CA-signed certificate as documented in openssl-req(1). Regression testing has been added to `openssl req`. Fixes #17736. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17782)
-
- 02 3月, 2022 1 次提交
-
-
由 Daniel 提交于
Fixes #12491. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17744)
-
- 01 3月, 2022 4 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Nicola Tuveri 提交于
Fixes #17743 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Nicola Tuveri 提交于
`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already marked as aliases of each other in the headers. This commit, for each pair, replaces the leftover uses of the latter synonym with the first one, which is considered more common. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Tom Cosgrove 提交于
Reverting to using swapcontext() when compiling with clang on BTI-enabled builds fixes the BTI setjmp() failure seen when running asynctest. The issue with setjmp/longjmp is a known clang bug: see https://github.com/llvm/llvm-project/issues/48888 Change-Id: I6eeaaa2e15f402789f1b3e742038f84bef846e29 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17698)
-
- 28 2月, 2022 6 次提交
-
-
由 Jiasheng Jiang 提交于
Since the potential failure of memory allocation, it should be better to check the return value of the OPENSSL_strndup(), like x509v3_add_len_value(). And following the comment of 'if (astrlen < 0)', return -1 if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17737)
-
由 Jiasheng Jiang 提交于
As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new() could return NULL. Therefore, it should be better to check it and return error if fails in order to guarantee the success of the initialization. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17738)
-
由 Matt Caswell 提交于
This option is no longer set by default from OpenSSL 3.0. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/17748)
-
由 xkernel 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17741)
-
由 Pauli 提交于
Fixes #17753 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17764)
-
由 Pauli 提交于
Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
-
- 25 2月, 2022 1 次提交
-
-
由 Richard Levitte 提交于
This is crucial when the build tree isn't the source tree, as they only take effect in directories where included header files reside. The issue only comes up when linking with the static libraries, since the shared libraries have upper case aliases of all symbols. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17755)
-
- 24 2月, 2022 6 次提交
-
-
由 Jiasheng Jiang 提交于
As the glue2bio() could return NULL pointer if fails, it should be better to check the return value in order to avoid the use of NULL pointer. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17718)
-
由 Jiasheng Jiang 提交于
Since the memory allocation may fail, the BIO_new_mem_buf() may return NULL pointer. Therefore, it should be better to check it and return error if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17730)
-
由 Carlo Teubner 提交于
CLA: trivial Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17731)
-
由 Raul Ferrando 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17708)
-
由 Matt Caswell 提交于
This macro and function were deprecated in the documentation but not in the source. Following an OTC vote the deprecation has been removed from the documentation. See https://github.com/openssl/technical-policies/issues/26 Fixes #17517 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17750)
-
由 msa42 提交于
CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17745)
-
- 23 2月, 2022 3 次提交
-
-
由 Matt Caswell 提交于
The SNI test in test_cert_cb_int() was always failing because it used SSL_CTX_new() instead of SSL_CTX_new_ex() and was therefore not using the correct libctx. PR #17739 amended the test to check the return value from SSL_CTX_new() which made the failure obvious. Fixes #17757 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17758)
-
由 xkernel 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17740)
-
由 Jiasheng Jiang 提交于
As the potential failure of the memory allocation, it should be better to check the return value of SSL_CTX_new() and return error if fails, like SSL_CTX_new_ex(). Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17739)
-
- 22 2月, 2022 4 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17723)
-
由 Deepankar Bhattacharjee 提交于
Performance increase around 50%. Co-authored-by: NMadhusudhanan Duraisamy <madurais@in.ibm.com> Co-authored-by: NNilamjyoti Goswami <nilamgoswami@in.ibm.com> Co-authored-by: NSiva Sundar Anbareeswaran <srisivasundar@in.ibm.com> Reviewed-by: NDanny Tsen <dtsen@us.ibm.com> Tested-by: NDanny Tsen <dtsen@us.ibm.com> Signed-off-by: NDanny <dtsen@us.ibm.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16637)
-