root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
37,421 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Matt Caswell fb55383c65 Move the Handshake read secret change earlier in the process for QUIC 0-RTT
GitHub CI / check_update (push) Has been cancelled Details
GitHub CI / check_docs (push) Has been cancelled Details
GitHub CI / check-ansi (push) Has been cancelled Details
GitHub CI / basic_gcc (push) Has been cancelled Details
GitHub CI / basic_clang (push) Has been cancelled Details
GitHub CI / linux-arm64 (push) Has been cancelled Details
GitHub CI / freebsd-x86_64 (push) Has been cancelled Details
GitHub CI / minimal (push) Has been cancelled Details
GitHub CI / no-deprecated (push) Has been cancelled Details
GitHub CI / no-shared-ubuntu (push) Has been cancelled Details
GitHub CI / no-shared-macos (macos-13) (push) Has been cancelled Details
GitHub CI / no-shared-macos (macos-14) (push) Has been cancelled Details
GitHub CI / non-caching (push) Has been cancelled Details
GitHub CI / address_ub_sanitizer (push) Has been cancelled Details
GitHub CI / fuzz_tests (push) Has been cancelled Details
GitHub CI / memory_sanitizer (push) Has been cancelled Details
GitHub CI / threads_sanitizer (push) Has been cancelled Details
GitHub CI / enable_non-default_options (push) Has been cancelled Details
GitHub CI / full_featured (push) Has been cancelled Details
GitHub CI / no-legacy (push) Has been cancelled Details
GitHub CI / legacy (push) Has been cancelled Details
GitHub CI / out-of-readonly-source-and-install-ubuntu (push) Has been cancelled Details
GitHub CI / out-of-readonly-source-and-install-macos (macos-13) (push) Has been cancelled Details
GitHub CI / out-of-readonly-source-and-install-macos (macos-14) (push) Has been cancelled Details
GitHub CI / external-tests-misc (push) Has been cancelled Details
GitHub CI / external-tests-providers (push) Has been cancelled Details
GitHub CI / external-tests-pyca (3.9, 1.51.0) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-11 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-12 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-13 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-14 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-15 distro:ubuntu-22.04 llvm-ppa-name:jammy]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-16 distro:ubuntu-22.04 llvm-ppa-name:jammy]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:clang-17 distro:ubuntu-22.04 llvm-ppa-name:jammy]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:gcc-10 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:gcc-11 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:gcc-12 distro:ubuntu-22.04]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:gcc-13 distro:ubuntu-22.04 gcc-ppa-name:ubuntu-toolchain-r/test]) (push) Has been cancelled Details
Compiler Zoo CI / compiler (map[cc:gcc-9 distro:ubuntu-22.04]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:aarch64-linux-gnu fips:no libs:libc6-dev-arm64-cross target:linux-aarch64]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:alpha-linux-gnu fips:no libs:libc6.1-dev-alpha-cross target:linux-alpha-gcc]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:arm-linux-gnueabi fips:no libs:libc6-dev-armel-cross target:linux-armv4 tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:arm-linux-gnueabihf fips:no libs:libc6-dev-armhf-cross target:linux-armv4 tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:hppa-linux-gnu fips:no libs:libc6-dev-hppa-cross target:-static -O1 linux-generic32 tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:hppa-linux-gnu libs:libc6-dev-hppa-cross target:linux-generic32 tests:none]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:i386-pc-msdosdjgpp libs:libc-djgpp-dev libwatt-djgpp-dev djgpp-utils ppa:jwt27/djgpp-toolchain target:no-threads 386 DJGPP tests:none]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:m68k-linux-gnu fips:no libs:libc6-dev-m68k-cross target:-static -m68040 linux-latomic -Wno-stringop-overflow tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:m68k-linux-gnu libs:libc6-dev-m68k-cross target:-mcfv4e -mxgot linux-latomic -Wno-stringop-overflow no-quic tests:none]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:mips-linux-gnu fips:no libs:libc6-dev-mips-cross target:-static linux-mips32 tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:mips-linux-gnu libs:libc6-dev-mips-cross target:linux-mips32 tests:none]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:mips64-linux-gnuabi64 fips:no libs:libc6-dev-mips64-cross target:-static linux64-mips64]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:mips64-linux-gnuabi64 libs:libc6-dev-mips64-cross target:linux64-mips64 tests:none]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:mipsel-linux-gnu fips:no libs:libc6-dev-mipsel-cross target:linux-mips32 tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:powerpc64le-linux-gnu fips:no libs:libc6-dev-ppc64el-cross target:linux-ppc64le]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:riscv64-linux-gnu fips:no libs:libc6-dev-riscv64-cross target:linux64-riscv64]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:s390x-linux-gnu fips:no libs:libc6-dev-s390x-cross target:linux64-s390x -Wno-stringop-overflow]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:sh4-linux-gnu fips:no libs:libc6-dev-sh4-cross target:no-async linux-latomic tests:-test_includes -test_store -test_x509_store]) (push) Has been cancelled Details
Cross Compile / cross-compilation (map[arch:sparc64-linux-gnu libs:libc6-dev-sparc64-cross target:linux64-sparcv9 tests:none]) (push) Has been cancelled Details
Fuzz-checker CI / fuzz-checker (map[cc:afl-clang-fast config:enable-fuzz-afl no-module install:afl++ name:AFL]) (push) Has been cancelled Details
Fuzz-checker CI / fuzz-checker (map[cc:clang-18 config:enable-fuzz-libfuzzer enable-asan enable-ubsan -fno-sanitize=function -fsanitize-coverage=trace-cmp -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION extra:enable-fips enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment ena… (push) Has been cancelled Details
Fuzz-checker CI / fuzz-checker (map[cc:clang-18 config:enable-fuzz-libfuzzer enable-asan enable-ubsan -fno-sanitize=function install:libfuzzer-18-dev libs:--with-fuzzer-lib=/usr/lib/llvm-18/lib/libFuzzer.a --with-fuzzer-include=/usr/include/clang/18/include/fuzzer linke… (push) Has been cancelled Details
CIFuzz / Fuzzing (push) Has been cancelled Details
Run-checker CI / run-checker (enable-trace enable-fips) (push) Has been cancelled Details
Run-checker CI / run-checker (no-cmp) (push) Has been cancelled Details
Run-checker CI / run-checker (no-cms) (push) Has been cancelled Details
Run-checker CI / run-checker (no-default-thread-pool) (push) Has been cancelled Details
Run-checker CI / run-checker (no-dgram) (push) Has been cancelled Details
Run-checker CI / run-checker (no-dh) (push) Has been cancelled Details
Run-checker CI / run-checker (no-dtls) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ec) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ecx) (push) Has been cancelled Details
Run-checker CI / run-checker (no-http) (push) Has been cancelled Details
Run-checker CI / run-checker (no-legacy) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ml-dsa) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ml-kem) (push) Has been cancelled Details
Run-checker CI / run-checker (no-quic) (push) Has been cancelled Details
Run-checker CI / run-checker (no-sock) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ssl-trace) (push) Has been cancelled Details
Run-checker CI / run-checker (no-stdio) (push) Has been cancelled Details
Run-checker CI / run-checker (no-thread-pool) (push) Has been cancelled Details
Run-checker CI / run-checker (no-threads) (push) Has been cancelled Details
Run-checker CI / run-checker (no-tls) (push) Has been cancelled Details
Run-checker CI / run-checker (no-tls1_2) (push) Has been cancelled Details
Run-checker CI / run-checker (no-tls1_3) (push) Has been cancelled Details
Run-checker CI / run-checker (no-ui) (push) Has been cancelled Details
Run-checker merge / run-checker (enable-asan enable-ubsan no-shared no-asm -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=function) (push) Has been cancelled Details
Run-checker merge / run-checker (enable-pie) (push) Has been cancelled Details
Run-checker merge / run-checker (enable-ubsan no-asm -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=function) (push) Has been cancelled Details
Run-checker merge / run-checker (enable-weak-ssl-ciphers) (push) Has been cancelled Details
Run-checker merge / run-checker (enable-zlib) (push) Has been cancelled Details
Run-checker merge / run-checker (no-dso) (push) Has been cancelled Details
Run-checker merge / run-checker (no-dynamic-engine) (push) Has been cancelled Details
Run-checker merge / run-checker (no-ec2m enable-fips) (push) Has been cancelled Details
Run-checker merge / run-checker (no-engine no-shared) (push) Has been cancelled Details
Run-checker merge / run-checker (no-err) (push) Has been cancelled Details
Run-checker merge / run-checker (no-filenames) (push) Has been cancelled Details
Run-checker merge / run-checker (no-integrity-only-ciphers) (push) Has been cancelled Details
Run-checker merge / run-checker (no-module) (push) Has been cancelled Details
Run-checker merge / run-checker (no-ocsp) (push) Has been cancelled Details
Run-checker merge / run-checker (no-pinshared) (push) Has been cancelled Details
Run-checker merge / run-checker (no-srp) (push) Has been cancelled Details
Run-checker merge / run-checker (no-srtp) (push) Has been cancelled Details
Run-checker merge / run-checker (no-ts) (push) Has been cancelled Details
Run-checker merge / jitter (push) Has been cancelled Details
Run-checker merge / threads_sanitizer_atomic_fallback (push) Has been cancelled Details
Windows GitHub CI / shared (map[arch:win32 config:--strict-warnings no-fips os:windows-2022]) (push) Has been cancelled Details
Windows GitHub CI / shared (map[arch:win64 config:enable-fips no-thread-pool no-quic os:windows-2022]) (push) Has been cancelled Details
Windows GitHub CI / shared (map[arch:win64 config:enable-fips os:windows-2019]) (push) Has been cancelled Details
Windows GitHub CI / plain (windows-2022) (push) Has been cancelled Details
Windows GitHub CI / minimal (windows-2019) (push) Has been cancelled Details
Windows GitHub CI / cygwin (windows-2019, map[arch:win64 config:-DCMAKE_C_COMPILER=gcc --strict-warnings enable-demos no-fips]) (push) Has been cancelled Details
Windows Compression GitHub CI / zstd (push) Has been cancelled Details
Windows Compression GitHub CI / brotli (push) Has been cancelled Details 
On the server side we were changing the handshake rx secret a little late.
This meant the application was forced to call SSL_do_handshake() again
even if there was nothing to read in order to get the secret. We move it
a little earlier int the process to avoid this.

Fixes the issue described in:
https://github.com/ngtcp2/ngtcp2/pull/1582#issuecomment-2735950083

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27101)

(cherry picked from commit 95051052b3)
 2025-03-20 20:22:53 +01:00
openssl-machine 0c679f5566 Copyright year updates 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Release: yes
 2025-03-12 13:35:59 +00:00
Cheng Zhang 1b3f27f920 Add the SSL_NO_EOED internal macro 
The TLS EndOfEarlyData message is not applicable in some scenarios (e.g., QUIC).
This adds a macro to handle this message.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26552)
 2025-02-19 17:27:04 +01:00
Matt Caswell da1c088f59 Copyright year updates 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
 2023-09-07 09:59:15 +01:00
Hugo Landau 6e5550a104 Minor updates 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
 2023-07-05 09:03:04 +10:00
Hugo Landau d6e7ebba33 Minor fixes 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
 2023-07-05 09:03:04 +10:00
Matt Caswell 6d1f693359 Implement the QUIC Fault injector support for TLS handshake messages 
Provide helper functions to listen for TLS handshake messages being sent,
as well as the ability to change the contents of those messages as well as
resizing them.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20030)
 2023-02-22 05:34:04 +00:00
Matt Caswell d03fe5de8d Add the ability to mutate TLS handshake messages before they are written 
We add callbacks so that TLS handshake messages can be modified by the test
framework before they are passed to the handshake hash, possibly encrypted
and written to the network. This enables us to simulate badly behaving
endpoints.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20030)
 2023-02-22 05:34:03 +00:00