Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
OSSL_PROVIDER_load_ex tests Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21604)
provider test: don't run configuration based tests if configuration isn't loaded Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/21621)
Don't attempt to deactive child providers if we don't need to If a provider doesn't have any child providers then there is no need to attempt to remove them - so we should not do so. This removes some potentialy thread races. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16980)
Merge ossl_provider_activate() and ossl_provider_activate_child() These 2 functions have become so close to each other that they may as well be just one function. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15854)
Set use_fallbacks to zero when we add a provider to the store Update use_fallbacks to zero when we add a provider to the store rather than when we activate it. Its only at the point that we add it to the store that it is actually usable and visible to other threads. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15854)
Rename also the OSSL_PROVIDER_name() function Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
Test that properties are mirrored as we expect Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15242)
Add support for child provider to up_ref/free their parent If the ref counts on a child provider change, then this needs to be reflected in the parent so we add callbacks to do this. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
test: add a provider load/unload cache flush test. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15042)
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
provider: add option to load a provider without disabling the fallbacks. Add an argument to PROVIDER_try_load() that permits a provider to be loaded without changing the fallback status. This is useful when an additional provider needs to be loaded without perturbing any other setup. E.g. adding mock providers as part of unit testing. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
CORE: Separate OSSL_PROVIDER activation from OSSL_PROVIDER reference This introduces a separate activation counter, and the function ossl_provider_deactivate() for provider deactivation. Something to be noted is that if the reference count goes down to zero, we don't care if the activation count is non-zero (i.e. someone forgot to call ossl_provider_deactivate()). Since there are no more references to the provider, it doesn't matter. The important thing is that deactivation doesn't remove the provider as long as there are references to it, for example because there are live methods associated with that provider, but still makes the provider unavailable to create new methods from. Fixes #13503 Fixes #12157 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13661)
Load the config file by default Previously we only loaded the config file by default for libssl. Now we do it for libcrypto too. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9492)
Change OSSL_PARAM return size to not be a pointer. Instead of referencing the return size from the OSSL_PARAM structure, make the size a field within the structure. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9135)
For provider tests, don't define a OPENSSL_NO_ macro Since the macro to indicate if the test provider module is available is local to the test programs, it's better to use a name that isn't as easily confused with a library feature disabling macro that one would expect to find in opensslconf.h. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8664)
replaced snprintf with BIO version (for windows builds) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8651)
Add test for the provider configuration module We reuse test/provider_internal_test.c and test/p_test.c, and get it loaded one more time via the configuration file test/provider_internal_test.conf To support different platform standards regarding module extensions, we generate test/provider_internal_test.conf Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8549)
Correct the checks of module availability in provider test programs Previously, the macro OPENSSL_NO_SHARED was defined of the test/p_test module wasn't built, but the provider test programs didn't check that macro. We rename it to OPENSSL_NO_MODULE, since that name describes the situation more than OPENSSL_NO_SHARED does, and use it. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8623)