git.openssl.org Git - openssl.git/log

Add error code for unsupported explicit parameters

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)

(cherry picked from commit 53137462f42f8673fbd5b0831f8ea051ddea509f)

endecode_test: Handle expected failures for non-fips ec keys

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)

(cherry picked from commit e8a4145968eea576788761f39c5e4cb68b7c4a42)

Import only named params into FIPS module

Fixes #17978

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)

(cherry picked from commit 638c3a28af45bd81a1c90b81efd8e10449eace1b)

Check the return of EVP_KDF_fetch()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18096)

(cherry picked from commit 02119faee397565525151eb2ce39c424d129d287)

Add return value check of X509V3_add_value() in X509V3_parse_list()

X509V3_add_value() will return 0 on malloc failure, which could lead to
err logic in X509V3_parse_list().

Fix this by adding return value check of X509V3_add_value().

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18077)

(cherry picked from commit bcd5645b34c319b8e4d72d6850ead80e85f18921)

SSL_conf_cmd: Allow DH Parameters at any position.

Fixes openssl#17326.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18041)

(cherry picked from commit b2b8d1883a3b7e64006b0b4ada0cbcf3eb6dba1a)

Fix -no-tls1_2 in tests

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18019)

(cherry picked from commit 40fb5a4ce3e90c9e8702aad0fcf43eb9f6edf419)

Add test for openssl ecparam with fips and base providers

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)

(cherry picked from commit 269c349a7688daae48d95e582e62ff181888c854)

ec_export: Other parameters are exportable with domain parameters

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)

(cherry picked from commit e20af37d063514c27567c64e975fa5b3208707a9)

Add test for resetting SM2 dist ID

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)

(cherry picked from commit 707d4e06eba71fb8a8b2faa77a2072511189544d)

sm2: Allow setting 0 length SM2 dist ID param

Fixes #18022

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)

(cherry picked from commit 2904d0a2ae0ec6ce23d5cec66ce8c7bdb005d4e5)

Crypto/evp: Fix null pointer dereference

Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)

(cherry picked from commit 5f1424c6bdca8ddb9d5d88a78a1d738be19c4ea8)

kdf: avoid NULL dereference on malloc failure in sshkdf

Fixes #18009

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18011)

(cherry picked from commit 148176ca323e3dfce5d5cdb5578c113c8d2440bb)

Document {SSL|SSL_CTX}_set_{purpose|trust}()

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)

(cherry picked from commit eb27a90e41a62d3337c5e21e24ee72f1e49a445c)

Document SSL_CTX_get_ssl_method

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)

(cherry picked from commit e12bee78d4e64da2176dd9a7ec19ec680dd3bebf)

test_fipsinstall: Fallback to config(FIPSKEY) for the FIPSKEY

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18048)

(cherry picked from commit ffc22e038e92d5dd956362fa48babd03cff202d1)

Fix failure to check result of bn_rshift_fixed_top

Fixes #18010.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18034)

(cherry picked from commit bc6bac8561ead83d6135f376ffcbbb0b657e64fe)

Document the fact that setting a BIO create function means the BIO will no longer be marked as initialised

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/17983)

(cherry picked from commit dedb1927751bc9a7ada08cfc4dcc481b8ce1ad81)

Fix AIX build when no-shared is passed to Configure.

AIX shared libs are also .a files so the AIX platform staticname()
appends a '_a' to the name to avoid a collision. However, this
must not be done when no-shared is passed to Configure or the
binaries that link with -lcrypto and -lssl be unable to link as
those libraries won't exist without the '_a' suffix.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18006)

(cherry picked from commit b83c0a900f9303e0c9fd084829b791386d7c57ce)

Redefine macro X509_http_nbio to avoid using ocsp.h

The functions used from ocsp.h are actually just aliases
for functions from http.h. Use them directly to avoid
including ocsp.h.

Fixes openssl#17148

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17980)

(cherry picked from commit f593f32eede30ead69e0a16e47a564a664171283)

Fix broken link to coding-style.html

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18015)

(cherry picked from commit 31ff3635371b51c8180838ec228c164aec3774b6)

Fix Coverity 1503096: out-of-bounds access

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17898)

(cherry picked from commit d1592f21c0d4c2c94a8c6004cf7b5cad2dcb2637)

req, x509: Allow printing modulus of RSA-PSS keys

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17990)

(cherry picked from commit e4cdcb8bc44250aa4e0893dc4a7d64668f0fb949)

doc: fix example in ssh KDF man page.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17972)

(cherry picked from commit 67f48eb9be375f47bafc5be2df2d04a95e6d0ff1)

Test processing of a duplicated HRR

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)

(cherry picked from commit db44b55aaa42141921217183667800425227b658)

tls_process_server_hello: Disallow repeated HRR

Repeated HRR must be rejected.

Fixes #17934

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)

(cherry picked from commit d204a50b898435fbf937316d5693008cebf62eef)

sparse array: reduces the block size

This becomes a performance improvement in the ossl_sa_doall_arg function which
has started appearing on profile output. The other ossl_sa_ functions don't
contribute significantly to profile output.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17973)

(cherry picked from commit 514bd51a8cb901a7351ecdc45a680d6aba720b5a)

Fix typo in manpage SSL_CONF_cmd(3)

Fixes #17976.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17977)

(cherry picked from commit 5d3746910438fd052b44010d92ac70fea606fa9d)

Remove statistics tracking from LHASH

Fixes #17928. Supercedes #17931.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17935)

(cherry picked from commit 77d7b6eebb411fdb2c3d1390ac779300757aa9dc)

ticket_lifetime_hint may exceed 1 week in TLSv1.3

For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446

Fixes #17948

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17952)

(cherry picked from commit 0089cc7f9d42f6e39872161199fb8b6a99da2492)

s390x: Hide internal cpuid symbol and function

The symbol OPENSSL_s390xcap_P and the OPENSSL_cpuid_setup function are not
exported by the version script of OpenSSL. However, if someone uses the
static library without the version script, these symbols all of a sudden
become global symbols and their usage in assembler code does not correctly
reflect that for PIC. Since these symbols should never be used outside of
OpenSSL, hide them inside the binary.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17946)

(cherry picked from commit 37816ef5757e458be9648481e56bf698ee3bfbb1)

Fix formatting of NOTES-WINDOWS.md and doc-nits failure

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17960)

(cherry picked from commit bd28a23eb120b4fdfd45d18a1f05cd7366ed8058)

Fix Coverity 1498612: integer overflow

The assert added cannot ever fail because (current & 0xFFFF) != 0 from the
while loop and the trailing zero bit count therefore cannot be as large as 32.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17892)

(cherry picked from commit 81487b65b9eb8148471e729b8c1959521d62c69e)

Add build note for win-arm64

Windows on Arm is not officially supported by release, but with
x86 emulated Perl it can be built locally.
This method is added to Windows notes.
Locally all tests are passed on win-arm64.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17940)

(cherry picked from commit 288e9680399d3a755861d309058dda2fb48af8bf)

util/markdownlint.rb: Allow fenced code blocks

We use both indented and fenced styles in diverse markdown files.
We try to do this consistently in each file, though.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17933)

(cherry picked from commit fb2cd91f27d0cc0bbf1883dd188788016165a458)

Fix Coverity 1201763 uninitialised pointer read

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17890)

(cherry picked from commit a0238b7ed87998c48b1c92bad7fa82dcbba507f9)

Fix Coverity 1498613: resource leak

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17891)

(cherry picked from commit 6889ebff01fa8cd7e5905f3f242edfed55fca443)

Fix Coverity 1498611 & 1498608: uninitialised read

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17893)

(cherry picked from commit 09134f183f76539aa1294adfef10fcc694e90267)

Make `openssl check -rsa ...` to work for both RSA and RSA-PSS.

Fixes openssl#17167

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17920)

Fix coverity 1498607: uninitialised value

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17897)

(cherry picked from commit 70cd9a51911e9a4e2f24e29ddd84fa9fcb778b63)

OSSL_CMP_CTX_new.pod: make references to private key consistent with OSSL_CMP_MSG_get0_header.pod

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17887)

(cherry picked from commit 92cae9b42de1eec3da7ef6ccb36188ff61f3e0df)

OSSL_CMP_MSG_get0_header.pod: re-phrase two lenthy otherwise clauses as lists

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17887)

(cherry picked from commit 52a42f54eb9afb599d32c85100d59db46c23ffcc)

SSL_CTX_set_verify.pod: move a note further down where it fits better

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17887)

(cherry picked from commit 1aa1bba59da8248113516533aac270fb374a9584)

print SSL session, fix build warnings on OpenBSD.

time_t is a 64 bits type on this platform.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17917)

(cherry picked from commit 9362638b080e328ccab43f89048bed27bcf2f11d)

eng_dyn: Avoid spurious errors when checking for 1.1.x engine

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17901)

(cherry picked from commit bd5c91c82cdc4b6ffe4a2970f9512fc5ec7d2d06)

Fix documentation for provider-signature

Fixes #17909.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17914)

(cherry picked from commit a07a70c76f0150077ce21ee7655d1e38e4411846)

Fix declaration inconsistency (Camellia)

Fixes #17911.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17912)

(cherry picked from commit a12a71fafbe9b0ce90a51098fbf166d9da62b111)

List missing operations in provider(7)

Fixes #17910.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17915)

(cherry picked from commit 7f039951f3a737bc00ef66c91575e543924b3ab2)

check return value of functions that call BIO_new()

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17850)

(cherry picked from commit edba19760fa682ed095ca26ba89ba95530003bfe)

Prepare for 3.0.3

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Prepare for release of 3.0.2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

make update

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Update CHANGES/NEWS for new release

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Add a negative testcase for BN_mod_sqrt

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 3469282ed2faee747868150089e07a187891b5ee)

Add documentation of BN_mod_sqrt()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 03eccd2663e36f8b95ba3ae8c30a63313a38ec0a)

Fix possible infinite loop in BN_mod_sqrt()

The calculation in some cases does not finish for non-prime p.

This fixes CVE-2022-0778.

Based on patch by David Benjamin <davidben@google.com>.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 9eafb53614bf65797db25f467946e735e1b43dc9)

Fix signed integer overflow in evp_enc

Fixes #17869.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17870)

(cherry picked from commit 1832bb0f02e519a48f06a10467c7ce5f7f3feeeb)

Fixed typo in inner_evp_generic_fetch() error handling

Fixes #17876

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17877)

(cherry picked from commit ef9909f3c6471ba39be1e3d18a366044cbf30a19)

EVP_MD performance fix (refcount cache contention)

Partial fix for #17064. Avoid excessive writes to the cache line
containing the refcount for an EVP_MD object to avoid extreme
cache contention when using a single EVP_MD at high frequency on
multiple threads. This changes performance in 3.0 from being double
that of 1.1 to only slightly higher than that of 1.1.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17857)

(cherry picked from commit c0b7dac66edde45b8da80918f5b5b62d1e766a0c)

Add EVP demo for SIPHASH

Fixes #14121.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17793)

(cherry picked from commit 864853988e80517a563d2423d4fb742323995433)

evp_test: Add testcases for DH KEX with X9.42 KDF

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)

(cherry picked from commit 4413fe3520da3ad42c417828b1785eeedcde50d3)

Fix documentation of parameters for DH and ECDH KEX

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)

(cherry picked from commit 76396ebbd7b67db90a31bb7b017eb2fcfb1c61c9)

DH: Make padding always on when X9.42 KDF is used

Fixes #17834

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)

(cherry picked from commit 01b18775676115945956f4de0eb0cafedaf027ab)

Add manpages for SSL_get_certificate, SSL_get_private_key

This is as I understand these functions from reading the code.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17815)

(cherry picked from commit 2a9219514263454896bdda800b4b811843338bc7)

crypto/pem/pem_lib.c: Add check for BIO_read

As the potential failure of the BIO_read(),
it should be better to add the check and return
error if fails.
Also, in order to decrease the same code, using
'out_free' will be better.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17754)

(cherry picked from commit 2823e2e1d39479a7835d176862ec15e47a1bdecd)

check return value of functions that call BIO_new() internally

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17821)

Add EVP demo for RSA key generation

Fixes #14111.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17824)

(cherry picked from commit ad083f9b0ab81d094c2dbb8f5e2a5fb7738a0bfe)

Replace handling of negative verification result with SSL_set_retry_verify()

Provide a different mechanism to indicate that the application wants
to retry the verification. The negative result of the callback function
now indicates an error again.

Instead the SSL_set_retry_verify() can be called from the callback
to indicate that the handshake should be suspended.

Fixes #17568

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17825)

(cherry picked from commit dfb39f73132edf56daaad189e6791d1bdb57c4db)

Make ossltest engine use in test/recipes/20-test_dgst.t platform agnostic

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17861)

(cherry picked from commit abdb2278d2b65ae87bee3121be83322e4219b396)

OSSL_CMP_CTX_setup_CRM(): Fix handling of defaults from CSR and refcert

Also update and complete related documentation.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17726)

(cherry picked from commit c8c923454b52d64234c941553d81143918e502ea)

docs: correct manual page links for version 3.0

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17852)

DOC: TLS compression is disabled by default

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17854)

(cherry picked from commit 2cb52118ddd1d82d7b6028372238eaa2467bbd48)

README: add missing link to OpenSSL 3.0 manual pages

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17855)

(cherry picked from commit a20c9b6c13afb71e1dd03bf122673e3093d6c437)

Drop ariacbc demo binary

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17848)

(cherry picked from commit 97896f744d9ee4f2e821e3383caac8e8c5f226cf)

check the return of OPENSSL_sk_new_null

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/17836)

(cherry picked from commit 5266af87379aecb0ae6036dee88c1a0b8083a432)

Set protocol in init_client()

If TCP is being used, protocol = 0 is passed to init_client(), then
protocol == IPPROTO_TCP fails when attempting to set BIO_SOCK_NODELAY.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17838)

(cherry picked from commit 54b6755702309487ea860e1cc3e60ccef4cf7878)

Avoid potential memory leak

Resolves #17827

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17828)

(cherry picked from commit 175355923046921a689b500f7a72455f7095708f)

check the return value of BIO_new_file()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17820)

(cherry picked from commit 625b0990a069a18917341e2f0fbe36327b0883b7)

README: add link to migration_guide manual page

which replaces the link to the OpenSSL 3.0 Wiki.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17849)

Some platforms don't have pthread_atfork

We've had a report of a linker failure on some platforms (this one was
linux ARM) that apparently did not have pthread_atfork. It's strange that
this has not been reported before but the simplest solution is just to
remove this from the library since it isn't really used anyway.

Currently it is called to set up the fork handlers OPENSSL_fork_prepare,
OPENSSL_fork_parent and OPENSSL_fork_child. However all of those functions
are no-ops. This is a remnant from earlier code that got removed. We can
safely remove it now.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17842)

(cherry picked from commit 5979596247a73d1aec7310e4da0b6023ffd79623)

android-x86 target: Add -latomic

Fixes https://github.com/openssl/openssl/issues/14083 again after being
broken by https://github.com/openssl/openssl/pull/15640.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17833)

(cherry picked from commit b420e249370c4a85c4edd65fb445d20f9c19c44d)

Fix test failure when testing with Test::Harness

Fixes an issue where, when the test suite was being run with the older
Test::Harness package, the test suite would not complete correctly due
to evaluation of $harness->runtests()->has_errors, which is only
available for the newer TAP::Parser::Aggregator code path.

Fixes #17818.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17823)

(cherry picked from commit fe537f89cd6b75c10e717a0eb159f33710729b67)

fetch: convert a NULL property query to ""

Previously, a NULL property query was never cached and this lead to a
performance degregation. Now, such a query is converted to an empty string
and cached.

Fixes #17752
Fixes https://github.openssl.org/openssl/openssl/issues/26

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17769)

(cherry picked from commit af788ad6c3624ccc4b49778a9ded2487b9dbeedd)

Add EVP demos for RSA-PSS signing and verification

Two demos are provided: one using RSA-PSS directly in which a digest
must be provided, and one using RSA-PSS with the EVP_DigestSign APIs
which performs the hashing for you.

Fixes #14113.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17800)

(cherry picked from commit e9492d1cecf459261f1f5ac0eb03e9c631600537)

Add EVP demo for Poly1305 demonstrating Poly1305-AES

Fixes #14122.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17796)

(cherry picked from commit 3dafeacef8d7bf82e462cc52659681108db42e43)

Add demo for ARIA-256-CBC.

Fixes #14104

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17802)

(cherry picked from commit 376972773469e59a19acb9ebdecd3ddc290e391b)

EVP demo for XOF digest using SHAKE256

This demo optionally accepts a single command line argument, allowing
the output length to be specified.

Fixes #14106.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17803)

(cherry picked from commit 4c8cdcd1cf74747a80b4f7dd323cd83ea6c985d8)

Enable openssl req -x509 to create certificates from CSRs

`openssl req -x509` has code allowing it to generate certificates from CSRs
as a replacement for `openssl x509`, but a bug prevents it from working
properly. -CA and -CAkey can now be passed to generate a CA-signed
certificate as documented in openssl-req(1).

Regression testing has been added to `openssl req`.

Backport of #17782 to 3.0.

Fixes #17736.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17805)

Rework dependencies between config files and build files

Before PR #15310, which reworked how build files (Makefile, ...) were
generated, everything was done when configuring, so configdata.pm
could depend on build file templates and we'd get away with it.

However, since building configdata.pm is now independent of the build
file templates, that dependency is unnecessary, and would lead to
surprises of the build file template is updated, with an unexpected
full reconfiguration as a result, when all that's needed is to run
configdata.pm with no flags to get the build file re-generated.

This change is therefore a completion of what was forgotten in #15310.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17756)

(cherry picked from commit 468d15179d6b0d0c2f5674bcbef66743925f2133)

Add EVP demo for X25519 key exchange

This offers both a known answer test with fixed keys and also
demonstrates a more realistic usage with random keys.

Fixes #14118.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17799)

(cherry picked from commit 2cc7c9b6981d683711e76c3483f813701b686eb9)

Fix typo in EVP_MD-BLAKE2(7)

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17790)

(cherry picked from commit a3b4cd1d6e307c1b1607ee9270658b5baf0b9870)

s_server: Do not use SSL_sendfile when KTLS is not being used

Fix a bug in `openssl s_server -WWW` where it would attempt to invoke
`SSL_sendfile` if `-ktls -sendfile` was passed on the command line, even
if KTLS has not actually been enabled, for example because it is not
supported by the host. Since `SSL_sendfile` is only supported when KTLS
is actually being used, this resulted in a failure to serve requests.

Fixes #17503.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17788)

(cherry picked from commit aea68b0ddb7113b982ab503bf830d641e8425759)

Add back check for the DH public key size

This is needed for TLS-1.3.

Also add check for uncompressed point format for ECDHE as
the other formats are not allowed by RFC 8446.

Fixes #17667

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17785)

Fix NULL pointer dereference for BN_mod_exp2_mont

This fixes a bug whereby BN_mod_exp2_mont can dereference a NULL pointer
if BIGNUM argument m represents zero.

Regression test added. Fixes #17648.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17783)

(cherry picked from commit 43135a5d2274c24e97f50e16ce492c22eb717ab2)

Improve documentation of BIO_FLAGS_BASE64_NO_NL flag.

Fixes #12491.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17744)

(cherry picked from commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5)

[ssl] Add tests for Perfect Forward Secrecy criteria on SECLEVEL >= 3

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17763)

(cherry picked from commit d71151ae704847f4ac3f4a5f394ea64f1d229815)

[ssl] Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3

Fixes #17743

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17763)

(cherry picked from commit b139a95665eb023b38695d62d9dfc28f3fb89972)

[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH alias

`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already
marked as aliases of each other in the headers.
This commit, for each pair, replaces the leftover uses of the latter
synonym with the first one, which is considered more common.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17763)

(cherry picked from commit 66914fc024cfe0fec00dc0f2c7bd8a7957da5ec4)

aarch64: Fix async_fibre_swapcontext() on clang BTI builds

Reverting to using swapcontext() when compiling with clang on BTI-enabled
builds fixes the BTI setjmp() failure seen when running asynctest.

The issue with setjmp/longjmp is a known clang bug: see
https://github.com/llvm/llvm-project/issues/48888

Change-Id: I6eeaaa2e15f402789f1b3e742038f84bef846e29

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17698)

(cherry picked from commit d2d2401aed7ff45f4c013201944e1218dce12da7)