- Sep 28, 2023
-
-
Matt Caswell authored
Reviewed-by:Richard Levitte <levitte@openssl.org> Release: yes
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Ensure we use OPENSSL_NO_SSL_TRACE guards where appropriate. Reviewed-by:
Tomas Mraz <tomas@openssl.org> Reviewed-by:
Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22193)
-
- Sep 27, 2023
-
-
Randall S. Becker authored
Fixes: #22178 Signed-of-by:
Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22179)
-
Matt Caswell authored
We were neglecting to register the main thread to receive thread stop notifications. This is important if the thread that starts the FIPS provider is not the same one that is used when OPENSSL_cleanup() is called. Reviewed-by:
-
Pauli authored
Until the cipher dupctx is properly implemented in 3.1 and 3.0 the check is wrong. This should be reverted once the implemenation has been done. Reviewed-by:
-
Pauli authored
Fixes #21909 Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Rather than instantiate the private and primary DRBGs during the selftest, instead use a test RNG. This leaves the DRBG setup pristine and permits later replacement of the seed source despite the very early running power up self tests. Reviewed-by:
-
Pauli authored
Add a warning note to the provider cross version checks indicating that a pull request branch will not be used if execution is set to on pull request. Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
- Sep 25, 2023
-
-
Jonathan M. Wilbur authored
Signed-off-by:
Jonathan M. Wilbur <jonathan@wilbur.space> Reviewed-by:
Todd Short <todd.short@me.com> Reviewed-by:
-
- Sep 24, 2023
-
-
Matt Caswell authored
We also add a test for BIO_ADDR_dup() which was also added in 3.2 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Matt Caswell authored
We now have a public function for BIO_ADDR_copy() which can be used in preference to the test code's private implementation. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
We already have BIO_ADDR_dup() but in some contexts that is not sufficent. We implement BIO_ADDR_copy() and make BIO_ADDR_dup() use it. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Michael Baentsch authored
Reviewed-by:
Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by:
-
- Sep 22, 2023
-
-
Matthias St. Pierre authored
Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an `RSA` key with an application defined `RSA_METHOD`) used to work in 1.1.1. That feature was broken in commit 60488d24, but later on fixed by @t8m in commit b247113c (see #14859). This commit corrects a minor flaw of the fix, which affects only `no-engine` builds: the special treatment for foreign keys is guarded by an `OPENSSL_NO_ENGINE` check. Reviewed-by:
-
Huiyue Xu authored
sparse_array.o is not needed in libssl at 3.0.x version. Signed-off-by:
Huiyue Xu <xuhuiyue@huawei.com> Reviewed-by:
-
Matt Caswell authored
The previous terminology was quite confusing. We try to use drop, duplicate and delay more consistently and introduce the "reinject" terminology as a mechanism for implementing duplicates and delays. Reviewed-by:
-
Matt Caswell authored
An application may pass in a whole BIO chain via SSL_set_bio(). When we free the BIO we should be using BIO_free_all() not BIO_free() like we do with TLS. Reviewed-by:
-
Matt Caswell authored
We are actually passing two references to sbio: one as part of a BIO chain and one stand alone. Therefore we need two references. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
So far we've only applied noise to the server to client datagrams. Do the same thing the other way around. Reviewed-by:
-
Matt Caswell authored
We add a new flag QTEST_FLAG_CLIENT_TRACE to get debug tracing output if required. Reviewed-by:
-
Matt Caswell authored
Where multiple packets are in a single datagram we split them so that all packets can be affected by the noise Reviewed-by:
-
Matt Caswell authored
Provide a BIO filter that can split QUIC datagrams containing multiple packets, such that each packet is in its own datagram. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Now that we have a noisy datagram BIO we cannot rely on datagrams always reliably being delivered in the test framework. We need to start taking notice of timeouts and handling them appropriately. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
We drop some datagrams, and we delay some datagrams. We can also duplicate some datagrams. Reviewed-by:
-
Matt Caswell authored
We send several messages between client and server, and server and client, and also create a new stream. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Create a noisy dgram test that can drop/duplicate/reorder UDP packets and ensure that the QUIC connection is tolerant of this. At this stage we just create the outline of the test. Adding in the noise will come in future commits. Reviewed-by:
-
- Sep 21, 2023
-
-
Veronika Hanulíková authored
Reviewed-by:
-
Veronika Hanulíková authored
Reviewed-by:
-
Steffen Klee authored
CLA: trivial Reviewed-by:
-
