summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix stack corruption in ui_readopenssl-3.1Bernd Edlinger2023-05-173-3/+53
| | | | | | | | | | | | | | | | This is an alternative to #20893 Additionally this fixes also a possible issue in UI_UTIL_read_pw: When UI_new returns NULL, the result code would still be zero as if UI_UTIL_read_pw succeeded, but the password buffer is left uninitialized, with subsequent possible stack corruption or worse. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20957) (cherry picked from commit a64c48cff88e032cf9513578493c4536df725a22)
* Fixed EVP_PKEY_CTX_set_ec_paramgen_curve_nid() for SM2 in ENGINEsYuan, Shuai2023-05-152-1/+43
| | | | | | | | | | | | | The CTRL translation is missing for SM2 key types. Fixes #20899 Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20900) (cherry picked from commit 43d5dac9d00ac486823d949f85ee3ad650b62af8)
* CMP client: fix checking new cert enrolled with oldcert and without private keyDr. David von Oheimb2023-05-128-36/+75
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20832) (cherry picked from commit e0f1ec3b2ec1b137695abc3199a62def5965351f)
* CMP client: fix error response on -csr without private key, also in docsDr. David von Oheimb2023-05-1210-22/+77
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20832) (cherry picked from commit 2d6585986f3b754750b25e7a296a08e7129a5320)
* apps/openssl.cnf: fix reference to insta.ca.crtDr. David von Oheimb2023-05-122-4/+4
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20832) (cherry picked from commit 14ca1b6f4694ad27b1163bcafda1683f4dd05a30)
* provider: return error if buf too small when getting ec pubkey paramYi Li2023-05-122-1/+23
| | | | | | | | | | | | | | | | | Fixes #20889 There was an incorrect value passed to EC_POINT_point2oct() for the buffer size of the param passed-in. Added testcases. Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20890) (cherry picked from commit 91070877adb905f51eb4b19b730d42fc257bae13)
* Fix typos found by codespellDimitri Papadopoulos2023-05-1210-24/+24
| | | | | | | | | | | | Fix only typos in doc/man* for inclusion in 3.* branches. Other typos have been fixed in a different commit. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20924) (cherry picked from commit 9a271795f84eb5402ce1ecfbcfd21392ad1560d0)
* Clarify documentation of SSL_SESSION_dupWatson Ladd2023-05-121-2/+4
| | | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20848) (cherry picked from commit 25bab273ccc9b517cc4c1783950e3f95421cb570)
* Clear ownership when duplicating sessionsWatson Ladd2023-05-122-2/+5
| | | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20848) (cherry picked from commit 9fdf9a44bbe3827fe653165a07281ccae8ab0947)
* Fixed TLS1.3 handshake issue for legacy engine API.Yuan, Shuai2023-05-111-0/+4
| | | | | | | | | | Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20922) (cherry picked from commit be6497aa208948c960a28363bac98a429677bd9d)
* CMP app: fix deallocated host/port fields in APP_HTTP_TLS_INFODr. David von Oheimb2023-05-101-3/+9
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20034) (cherry picked from commit 20d4dc8898edc12806ead2100ac09b907662aff6)
* CMP app and app_http_tls_cb(): pick the right TLS hostname (also without port)Dr. David von Oheimb2023-05-102-3/+7
| | | | | | | | | | | Fixes #20031 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20034) (cherry picked from commit 30b9a6ec89d97152b5a564b3acf3a94ee57185a7)
* Fix a typo found by codespell in a Makefile variableDimitri Papadopoulos2023-05-101-1/+1
| | | | | | | | | | | | | | I have no experience with building on Windows, so I don't know the effect of fixing this typo. I guess that this will fix a bug at worst. CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20911) (cherry picked from commit e5a054b7fcafc98a1dbf4358da390dc6e7759de5)
* DLTS → DTLSDimitri Papadopoulos2023-05-101-1/+1
| | | | | | | | | | | | | Fix a typo that is confusing for newcomers. CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20909) (cherry picked from commit 2913b5c09fcc4e5d493589ded2c22a3116127ed0)
* Fix memory leak in engine_cleanup_add_first()Kovalev Vasiliy2023-05-091-2/+3
| | | | | | | | | | | Fixes #20870 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20880) (cherry picked from commit 8c63b14296f117b07781509ced529a8955d78fb9)
* aes-gcm-armv8_64 asm support bigdianJerryDevis2023-05-091-206/+581
| | | | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20489) (cherry picked from commit 32344a74b7ee2693a5bfda361c40ec60ab5be624)
* Prevent a fuzzing timeout in the conf fuzzerMatt Caswell2023-05-081-0/+17
| | | | | | | | | | | | | | | The fuzzer was creating a config file with large numbers of includes which are expensive to process. However this should not cause a security issue, and should never happen in normal operation so we can ignore it. Fixes ossfuzz issue 57718. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20839) (cherry picked from commit 5f3adf396b06ee3b81938468995e69cff4ca64d1)
* Fix the padlock engineBernd Edlinger2023-05-051-2/+13
| | | | | | | | | | | | | | | | ... after it was broken for almost 5 years, since the first 1.1.1 release. Note: The last working version was 1.1.0l release. Fixes #20073 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20146) (cherry picked from commit 849ed515c7838943eab42de5c29d6a1f91079a11)
* Fix broken links on asym_cipher manpagesLadislav Marko2023-05-041-3/+2
| | | | | | | | | | | Links were missing starting tags Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20729) (cherry picked from commit 010333be5362a07508888124c83efac35b28760f)
* Add negative integer check when using ASN1_BIT_STRINGmlitre2023-05-041-0/+6
| | | | | | | | | | | | | The negative integer check is done to prevent potential overflow. Fixes #20719. CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20862) (cherry picked from commit 1258a8e4361320cd3cfaf9ede692492ce01034c8)
* rand: trust user supplied entropy when configured without a random sourcePauli2023-05-031-0/+6
| | | | | | | | | | Fixes #20841 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/20843) (cherry picked from commit 56547da9d3fa24f54b439497d322b12beb004c80)
* param->ctrl translation: Fix evp_pkey_ctx_setget_params_to_ctrl()Richard Levitte2023-05-011-0/+1
| | | | | | | | | | Ensure that ctx.ctrl_cmd defaults to translation->cmd_num Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780) (cherry picked from commit 1009940c14716ac03d5f161bdb4ae626ec6fe729)
* param->ctrl translation: Fix fix_ec_paramgen_curve_nid()Richard Levitte2023-05-011-1/+14
| | | | | | | | | | | | | This function didn't prepare space to get the param string, which causes the default_fixup_args() call to fail. Fixes #20161 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780) (cherry picked from commit ac52fe5f5ae7a1d062f09adab7744e3a3b2ddbcf)
* Avoid generating RSA keys with p < qrkarmaka982023-04-281-0/+9
| | | | | | | | | | | | | We swap p and q in that case except when ACVP tests are being run. Fixes #20823 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20833) (cherry picked from commit dc231eb598460aec239c7f597f560bca47d9f72a)
* fix md5 bug on aarch64 big-endian plantform.Liu-ErMeng2023-04-282-15/+35
| | | | | | | | | | | Signed-off-by: Liu-ErMeng <liuermeng2@huawei.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20829) (cherry picked from commit 004bd8f97d11bb7ac5f2de89f7060e03222b60fe)
* Improve documentation of -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, ↵rkarmaka982023-04-281-0/+2
| | | | | | | | | | | | | | | | -no_tls1_3 options Fixes #19014 CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20834) (cherry picked from commit 06565f36e78e6155834875ad544bb48838a812e4)
* http proxy handling: Use ossl_safe_getenv() instead of getenv()Mukesh Bharsakle2023-04-281-5/+4
| | | | | | | | | | CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20810) (cherry picked from commit e7cbb09fdf8d835bd0d88b4b288edfd525be569c)
* ASN1_OCTET_STRING_new() calls ASN1_STRING_type_new(V_ASN1_OCTET_STRING)Vladimir Kotal2023-04-281-1/+1
| | | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20838) (cherry picked from commit 26f0150fce64dd878b77eddc4504fd441cbdef87)
* fix aes-xts bug on aarch64 big-endian env.Liu-ErMeng2023-04-282-12/+25
| | | | | | | | | | Signed-off-by: Liu-ErMeng <liuermeng2@huawei.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20797) (cherry picked from commit 4df13d1054e143f1cbf13fa347491807289f87b7)
* APPS/cmp: prevent HTTP client failure on -rspin option with too few filenamesDr. David von Oheimb2023-04-283-42/+94
| | | | | | | | | | | | | | | | The logic for handling inconsistent use of -rspin etc., -port, -server, and -use_mock_srv options proved faulty. This is fixed here, updating and correcting also the documentation and diagnostics of the involved options. In particular, the case that -rspin (or -rspout. reqin, -reqout) does not provide enough message file names was not properly described and handled. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20295) (cherry picked from commit 1f757df1f3de0c18cc22a4992d66e9a7b113f61d)
* Correct the CHANGES entry for CVE-2023-1255Tomas Mraz2023-04-261-3/+3
| | | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/20798) (cherry picked from commit e6990079c2413625d2039ebed49ea17a5b8cf935)
* Fix regression of no-posix-io buildsTomas Mraz2023-04-251-3/+11
| | | | | | | | | | | Instead of using stat() to check if a file is a directory we just skip . and .. as a workaround. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/20786) (cherry picked from commit 3155b5a90e6ad9c7369d09e70e81686f4b321a73)
* Fix calling pthread_key_delete on uninitialized dataPetr Mikhalicin2023-04-241-2/+17
| | | | | | | | | | | | | | | | | | default_context_do_init may be never called and CRYPTO_THREAD_init_local inside it may be never called too. But corresponding CRYPTO_THREAD_cleanup_local is always called at cleanup stage. This lead to undefined behavior. So, add flag to check that default_context_do_init will be called successfully or not. Fix: #20697 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20801) (cherry picked from commit 31295ca02c0a2d7209a33047c7f6dd1dabc12c93)
* fips: setup the FIPS provider in pendantic mode for testingPauli2023-04-212-2/+9
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit c04e78f0c69201226430fed14c291c281da47f2d)
* test: update ssl_new tests in line with pedantic FIPS policyPauli2023-04-215-0/+29
| | | | | | | | | | | | | | | | | | Add a new option to the `test' section of SSL test data structure. This contains a space separated list of version checks, all of which must pass. Note that the version checks are as they as because: - 3.1.0 doesn't have mandatory EMS support, so it can run the old tests. - 3.1.1 (& later) will have mandatory EMS support, so they can't run them. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit 4454c20f026bb47f158ea05c207f143c81d674d8)
* test: update TLS PDF tests in line with pedantic FIPS policyPauli2023-04-211-0/+3
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit e07999369a13a29243f34cbd5d24281783984299)
* test: update evprand tests in line with pedantic FIPS policyPauli2023-04-211-0/+384
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit cf3d5c2fbaf734731b1ccbd3a84e21eeb6d0f30d)
* sslapi: use correct fipsmodule.cnfPauli2023-04-211-1/+1
| | | | | | | | | | | | The SSL API tests copies fipsmodule.cnf and modifies it. Unfortunately, it grabbed the wrong instance of this file. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit bc5d9502c5f3c726e42ef72263a4076fd48300d6)
* Bump actions/setup-python from 4.5.0 to 4.6.0dependabot[bot]2023-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4.5.0...v4.6.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20792) (cherry picked from commit 3ac96c8f715672ff77025d48b5773f5de4f84215)
* Fix checking return code of EVP_PKEY_get_int_param at check_curvePetr Mikhalicin2023-04-211-1/+1
| | | | | | | | | | | | | According to docs, EVP_PKEY_get_int_param should return 1 on Success, and 0 on Failure. So, fix checking of this return value at check_curve CLA: trivial Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20770) (cherry picked from commit 4e5f3d691343a691ddae739c51f7ae71e9893c98)
* aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryptionTomas Mraz2023-04-203-1/+16
| | | | | | | | | | | | | | Original author: Nevine Ebeid (Amazon) Fixes: CVE-2023-1255 The buffer overread happens on decrypts of 4 mod 5 sizes. Unless the memory just after the buffer is unmapped this is harmless. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/20759) (cherry picked from commit 72dfe46550ee1f1bbfacd49f071419365bc23304)
* test: test -pedantic option in fipsinstallPauli2023-04-201-1/+26
| | | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20752) (cherry picked from commit c8093347f736c7991350d26048b680d0e64974a0)
* doc: document the -pedantic option to fipsinstall.Pauli2023-04-201-0/+9
| | | | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20752) (cherry picked from commit d30fec6ff438f73f4e255b0b9c6af3ea57ec122a)
* fipsinstall: add -pedantic optionPauli2023-04-201-39/+64
| | | | | | | | | | | | This adds a -pedantic option to fipsinstall that adjusts the various settings to ensure strict FIPS compliance rather than backwards compatibility. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20752) (cherry picked from commit bc2a4225a4a03f70bb0154a72c2889aa80c1b0f6)
* Configurations/descrip.mms.tmpl: Fix a few typosRichard Levitte2023-04-181-7/+3
| | | | | | | | | | | These typos caused failed propagation of the 'cflags' attribute from Configurations/10-main.conf. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20737) (cherry picked from commit 04e0abc8bb1c24534d16cc930b611ac1d03bc9bf)
* Fix broken links in crypto manpageLadislav Marko2023-04-181-2/+2
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20741) (cherry picked from commit d79b6104ae947b8749623d3152c309f398387a54)
* CMP cert_response(): add missing rejection status on client rejecting new certDr. David von Oheimb2023-04-181-0/+1
| | | | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20257) (cherry picked from commit 44e816bd540c8687c1b4995febbde2626a655338)
* cmp_client_test.c: add tests for errors reported by server on subsequent ↵Dr. David von Oheimb2023-04-185-30/+73
| | | | | | | | | | | requests in a transaction Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20257) (cherry picked from commit 154625e1090b18c8c306a6b7a6970dbab185c49d)
* ossl_cmp_mock_srv_new.pod: correct/update names of internal test support ↵Dr. David von Oheimb2023-04-181-9/+9
| | | | | | | | | | | functions Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20257) (cherry picked from commit 7439661627b8009f69b13c57b7372286e85a2805)
* OSSL_CMP_SRV_process_request(): fix recipNonce on error in subsequent ↵Dr. David von Oheimb2023-04-181-7/+13
| | | | | | | | | | | request of a transaction Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20257) (cherry picked from commit 7cd91d221f630f18eb2cc5c01c4204e31c0a15aa)
View Lorry Controller Status