[openssl/openssl] 86945b: Fix verify_callback in the openssl s_client/s_serv...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 86945b10ccd84f685bd6215bbb00d1e700303e49 https://github.openssl.org/openssl/openssl/commit/86945b10ccd84f685bd6215bbb00d1e700303e49 Author: Dmitry Belyavskiy Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M apps/s_cb.c Log Message: --- Fix verify_callback in the openssl s_client/s_server app We need to check that error cert is available before printing its data Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb Reviewed-by: Viktor Dukhovni Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18805) (cherry picked from commit fad0f80eff188ef938fed614245a56ed56110deb)
[openssl/openssl] cc90ba: Fix verify_callback in the openssl s_client/s_serv...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: cc90ba66062afc27e31e403613711dba5a7475a8 https://github.openssl.org/openssl/openssl/commit/cc90ba66062afc27e31e403613711dba5a7475a8 Author: Dmitry Belyavskiy Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M apps/lib/s_cb.c Log Message: --- Fix verify_callback in the openssl s_client/s_server app We need to check that error cert is available before printing its data Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb Reviewed-by: Viktor Dukhovni Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18805) (cherry picked from commit fad0f80eff188ef938fed614245a56ed56110deb)
[openssl/openssl] fad0f8: Fix verify_callback in the openssl s_client/s_serv...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: fad0f80eff188ef938fed614245a56ed56110deb https://github.openssl.org/openssl/openssl/commit/fad0f80eff188ef938fed614245a56ed56110deb Author: Dmitry Belyavskiy Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M apps/lib/s_cb.c Log Message: --- Fix verify_callback in the openssl s_client/s_server app We need to check that error cert is available before printing its data Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb Reviewed-by: Viktor Dukhovni Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18805)
[openssl/openssl] 632631: check-format.pl: improve wording: 'no' -> 'missing...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 63263147a3ad55cb26d7cfcdfca474ce324a15ac https://github.openssl.org/openssl/openssl/commit/63263147a3ad55cb26d7cfcdfca474ce324a15ac Author: Dr. David von Oheimb Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M util/check-format.pl Log Message: --- check-format.pl: improve wording: 'no' -> 'missing'; further minor improvements Reviewed-by: Richard Levitte Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18789) Commit: 4e9fa07121abf3ebaaf7e0367bd9be3a8b273ebf https://github.openssl.org/openssl/openssl/commit/4e9fa07121abf3ebaaf7e0367bd9be3a8b273ebf Author: Dr. David von Oheimb Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M util/check-format-test-negatives.c M util/check-format.pl Log Message: --- check-format.pl: fix false positive on 'for(;; stmt)' Reviewed-by: Richard Levitte Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18789) Commit: 23757b61d49ac3e46440dc34e56b83201106e440 https://github.openssl.org/openssl/openssl/commit/23757b61d49ac3e46440dc34e56b83201106e440 Author: Dr. David von Oheimb Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M util/check-format-test-negatives.c M util/check-format-test-positives.c M util/check-format.pl Log Message: --- check-format.pl: fix detection of missing/extra blank lines in local decls Reviewed-by: Richard Levitte Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18789) Compare: https://github.openssl.org/openssl/openssl/compare/e1eafe8c8761...23757b61d49a
[openssl/openssl] ddb81a: "Reserve" the method store when constructing methods
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: ddb81a94ac8af145750940c20999ac952165bf10 https://github.openssl.org/openssl/openssl/commit/ddb81a94ac8af145750940c20999ac952165bf10 Author: Richard Levitte Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M crypto/core_algorithm.c M crypto/core_fetch.c M crypto/encode_decode/decoder_meth.c M crypto/encode_decode/encoder_meth.c M crypto/evp/evp_fetch.c M crypto/property/property.c M crypto/store/store_meth.c M include/internal/core.h M include/internal/property.h Log Message: --- "Reserve" the method store when constructing methods Introducing the concept of reserving the store where a number of provided operation methods are to be stored. This avoids racing when constructing provided methods, which is especially pertinent when multiple threads are trying to fetch the same method, or even any implementation for the same given operation type. This introduces a |biglock| in OSSL_METHOD_STORE, which is separate from the |lock| which is used for more internal and finer grained locking. Fixes #18152 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18153) (cherry picked from commit e1eafe8c87612a94552e9ad5df56c489cb6f0ff2)
[openssl/openssl] e1eafe: "Reserve" the method store when constructing methods
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: e1eafe8c87612a94552e9ad5df56c489cb6f0ff2 https://github.openssl.org/openssl/openssl/commit/e1eafe8c87612a94552e9ad5df56c489cb6f0ff2 Author: Richard Levitte Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M crypto/core_algorithm.c M crypto/core_fetch.c M crypto/encode_decode/decoder_meth.c M crypto/encode_decode/encoder_meth.c M crypto/evp/evp_fetch.c M crypto/property/property.c M crypto/store/store_meth.c M include/internal/core.h M include/internal/property.h Log Message: --- "Reserve" the method store when constructing methods Introducing the concept of reserving the store where a number of provided operation methods are to be stored. This avoids racing when constructing provided methods, which is especially pertinent when multiple threads are trying to fetch the same method, or even any implementation for the same given operation type. This introduces a |biglock| in OSSL_METHOD_STORE, which is separate from the |lock| which is used for more internal and finer grained locking. Fixes #18152 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18153)
[openssl/openssl] 3cfc2a: Coverity 1503321 & 1503327: dereference after null...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3cfc2a967a4a5313f141ae433b833f3c6c9a5643 https://github.openssl.org/openssl/openssl/commit/3cfc2a967a4a5313f141ae433b833f3c6c9a5643 Author: Pauli Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M crypto/provider_core.c Log Message: --- Coverity 1503321 & 1503327: dereference after null check The earlier fix being inadequate Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18822) (cherry picked from commit f913c3cd7e22eecbcc8f84b72c645081fa37fdf4) Commit: d3cc10eb0ee31a3950bb310c8201614fb076f759 https://github.openssl.org/openssl/openssl/commit/d3cc10eb0ee31a3950bb310c8201614fb076f759 Author: Pauli Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Coverity 1507372: explicit null dereference Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18822) (cherry picked from commit d768f853bb05b5a49a2aeb5b5702776834e68d06) Compare: https://github.openssl.org/openssl/openssl/compare/3f348a0f6c31...d3cc10eb0ee3
[openssl/openssl] f913c3: Coverity 1503321 & 1503327: dereference after null...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: f913c3cd7e22eecbcc8f84b72c645081fa37fdf4 https://github.openssl.org/openssl/openssl/commit/f913c3cd7e22eecbcc8f84b72c645081fa37fdf4 Author: Pauli Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M crypto/provider_core.c Log Message: --- Coverity 1503321 & 1503327: dereference after null check The earlier fix being inadequate Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18822) Commit: d768f853bb05b5a49a2aeb5b5702776834e68d06 https://github.openssl.org/openssl/openssl/commit/d768f853bb05b5a49a2aeb5b5702776834e68d06 Author: Pauli Date: 2022-07-20 (Wed, 20 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Coverity 1507372: explicit null dereference Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18822) Compare: https://github.openssl.org/openssl/openssl/compare/1efd8533e1cc...d768f853bb05
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DEVlg_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEPG3YvQf5KC95ta5HSmnmxf5loXH0gE6r73Dkk0YbWJu7s4vhdBjAxZRQlEGArDZn-2FTgtKp-2B7ga07Th8lc6GDzK4Vhuk4xB7KLYw3O2zygZ5uTTUJ7zFRgBWnjSvP9BOqEImHg0q5zdHpGFmn1FtVOpgcthNt0eY9suIfecK03q-2BgbNG0rrq93SemwalsVNPU-3D Build ID: 468558 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl/web] b2b17e: Update policies/omc-bylaws.md with a history line ...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/web Commit: b2b17e519646cb29fe3a823b7e9ae875e071bd3c https://github.openssl.org/openssl/web/commit/b2b17e519646cb29fe3a823b7e9ae875e071bd3c Author: Richard Levitte Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M policies/omc-bylaws.md Log Message: --- Update policies/omc-bylaws.md with a history line re the minor edit clause Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/web/pull/352) Commit: 0b6f40f52f7171d4096ab82cc7bc0802e396dc68 https://github.openssl.org/openssl/web/commit/0b6f40f52f7171d4096ab82cc7bc0802e396dc68 Author: Richard Levitte Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M policies/omc-bylaws.md Log Message: --- Remove the top date record ... it's repeated in the history section at the end of the bylaws, so is unnecessarily redundant. Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/web/pull/352) Compare: https://github.openssl.org/openssl/web/compare/102361e1fc62...0b6f40f52f71
[openssl/openssl] 3f348a: Fix aarch64 signed bit shift issue found by UBSAN
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3f348a0f6c3138791740043b2c924a9d85865d85 https://github.openssl.org/openssl/openssl/commit/3f348a0f6c3138791740043b2c924a9d85865d85 Author: Tom Cosgrove Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/arm_arch.h Log Message: --- Fix aarch64 signed bit shift issue found by UBSAN Fixes #18813 Signed-off-by: Tom Cosgrove Change-Id: Ic543885091ed3ef2ddcbe21de0a4ac0bca1e2494 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18816) (cherry picked from commit 1efd8533e1ccc5c5e69795eb393a6b79b62e48e2)
[openssl/openssl] 1efd85: Fix aarch64 signed bit shift issue found by UBSAN
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 1efd8533e1ccc5c5e69795eb393a6b79b62e48e2 https://github.openssl.org/openssl/openssl/commit/1efd8533e1ccc5c5e69795eb393a6b79b62e48e2 Author: Tom Cosgrove Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/aes/asm/bsaes-armv8.pl M crypto/arm_arch.h Log Message: --- Fix aarch64 signed bit shift issue found by UBSAN Also fix conditional branch out of range when using sanitisers. Fixes #18813 Signed-off-by: Tom Cosgrove Change-Id: Ic543885091ed3ef2ddcbe21de0a4ac0bca1e2494 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18816)
[openssl/openssl] 8ed6dd: For known safe primes use the minimum key length a...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba https://github.openssl.org/openssl/openssl/commit/8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/dh/dh_group_params.c M crypto/ffc/ffc_backend.c M crypto/ffc/ffc_dh.c M crypto/ffc/ffc_key_generate.c M include/internal/ffc.h M test/ffc_internal_test.c Log Message: --- For known safe primes use the minimum key length according to RFC 7919 Longer private key sizes unnecessarily raise the cycles needed to compute the shared secret without any increase of the real security. This fixes a regression from 1.1.1 where these shorter keys were generated for the known safe primes. Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: c9bdbc12ac7343992ba249e11d2bda3338469a97 https://github.openssl.org/openssl/openssl/commit/c9bdbc12ac7343992ba249e11d2bda3338469a97 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M providers/implementations/encode_decode/encode_key2text.c M test/recipes/30-test_evp_pkey_provided/DH.priv.txt M test/recipes/30-test_evp_pkey_provided/DH.pub.txt Log Message: --- dh_to_text: Print the dh->length if set Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: 5eac066bef0c23bb74255423d335e634e4deb8d5 https://github.openssl.org/openssl/openssl/commit/5eac066bef0c23bb74255423d335e634e4deb8d5 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Test that we generate a short private key for known DH prime Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: ce4579adf94d5f26e566a1e04c8a52ec5943cdd0 https://github.openssl.org/openssl/openssl/commit/ce4579adf94d5f26e566a1e04c8a52ec5943cdd0 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/ffc/ffc_params.c M test/ffc_internal_test.c Log Message: --- ossl_ffc_params_copy: Copy the keylength too Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Compare: https://github.openssl.org/openssl/openssl/compare/b89a5b8df909...ce4579adf94d
[openssl/openssl] 55eafe: APPS/x509: With -CA but both -CAserial and -CAcrea...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 55eafed6fbefbc1e725bf7b17b2bbca083a457fc https://github.openssl.org/openssl/openssl/commit/55eafed6fbefbc1e725bf7b17b2bbca083a457fc Author: Dr. David von Oheimb Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M apps/apps.c M apps/apps.h M apps/ca.c M apps/x509.c M doc/man1/x509.pod Log Message: --- APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Backported from https://github.com/openssl/openssl/pull/18373 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/18803) Commit: ff238172e26aa0a3f795cbfd60b9615e3e00a216 https://github.openssl.org/openssl/openssl/commit/ff238172e26aa0a3f795cbfd60b9615e3e00a216 Author: Dr. David von Oheimb Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M doc/man1/x509.pod Log Message: --- x509.pod: fix description of certificate serial number storage Backported from https://github.com/openssl/openssl/pull/18373 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/18803) Compare: https://github.openssl.org/openssl/openssl/compare/d94f8aa38570...ff238172e26a
[openssl/openssl] b89a5b: apps/x509: Improve doc fix for -CAserial anc -CAcr...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: b89a5b8df909cb3c10b2efe72dc32755e66771b6 https://github.openssl.org/openssl/openssl/commit/b89a5b8df909cb3c10b2efe72dc32755e66771b6 Author: Dr. David von Oheimb Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M doc/man1/openssl-x509.pod.in Log Message: --- apps/x509: Improve doc fix for -CAserial anc -CAcreateserial This follows up on https://github.com/openssl/openssl/pull/18373 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/18804) (cherry picked from commit 7a16f179ab0bc2c474a754c0ad7e35b40534a38e)
[openssl/openssl] 7a16f1: apps/x509: Improve doc fix for -CAserial anc -CAcr...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 7a16f179ab0bc2c474a754c0ad7e35b40534a38e https://github.openssl.org/openssl/openssl/commit/7a16f179ab0bc2c474a754c0ad7e35b40534a38e Author: Dr. David von Oheimb Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M doc/man1/openssl-x509.pod.in Log Message: --- apps/x509: Improve doc fix for -CAserial anc -CAcreateserial This follows up on https://github.com/openssl/openssl/pull/18373 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/18804)