Closed
Conversation
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from openssl#28611)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from openssl#28611)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl#28555)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#28270)
And further minor refactoring. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> MergeDate: Thu Jan 8 09:59:56 2026 (Merged from openssl#29439)
Fixes DEF-02-001 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:08 2026 (Merged from openssl#29593)
…nces Fixes DEF-02-002 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:10 2026 (Merged from openssl#29593)
Fixes DEF-02-005 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:11 2026 (Merged from openssl#29593)
Fixes DEF-02-006 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:13 2026 (Merged from openssl#29593)
…name Call SSL_set1_host() to apply the outer hostname to the certificate validation. Fixes DEF-02-009 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:14 2026 (Merged from openssl#29593)
Fixes DEF-02-010 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Wed Feb 11 17:19:16 2026 (Merged from openssl#29593)
…added tests Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Mon Feb 16 15:41:15 2026 (Merged from openssl#29200)
strspn() is called on likely non-NUL-terminated BIO buffer. Copy it and add NUL-termination before calling the function. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> MergeDate: Thu Feb 19 09:17:54 2026 (Merged from openssl#30050)
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> MergeDate: Thu Feb 19 09:20:46 2026 (Merged from openssl#30051)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> MergeDate: Thu Feb 19 09:22:37 2026 (Merged from openssl#30048)
And also a few additional code cleanups. Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Fri Feb 20 10:11:20 2026 (Merged from openssl#30066)
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Fri Feb 20 10:11:21 2026 (Merged from openssl#30066)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> MergeDate: Fri Feb 20 14:16:40 2026 (Merged from openssl#30059)
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Simo Sorce <simo@redhat.com> (Merged from openssl#30026)
Functions seem not documented, but exported. Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Feb 20 17:07:41 2026 (Merged from openssl#30082)
Make the X509 argument to both functions const, as we don't modify the object at all in these functions. Again, these functions, while public, appear undocumented, and so I'm omitting any HISTORY notes Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> MergeDate: Fri Feb 20 21:26:47 2026 (Merged from openssl#30073)
It can be useful to know how many parameters matched a decoded field, (or at least whether that number is non-zero). Tne new `produce_param_decoder_with_count` generator produces code that updates a count output variable. In particular, an RSA parameter handler did not handle requests for only unexpected parameter as gracefully as one might want. It can now return early when none of the provided parameters are relevant. [ The number reported is a count of matching parameter values, not a count of the resulting decoded fields, so if a parameter key occurs more than once, the count can be larger than the number of fields actually set. ] Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:11 2026 (Merged from openssl#29953)
SM digest sign/verify context initialisation needs to set the "compute_z_digest" flag earlier, before calling sm2sig_signature_init(), to process the provided parameters, because otherwise attempts to set the "distinguished identifier" will erroneously fail. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:19 2026 (Merged from openssl#29953)
This is needed for certificate verification to work correctly. Removed unnecessary explicit instances of the distid in most tests, and documentation. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:30 2026 (Merged from openssl#29953)
When the version is TLS 1.3, this sets the SM2 distinguished identifier to the RFC8998 specified value: "TLSv1.3+GM+Cipher+Suite". Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:39 2026 (Merged from openssl#29953)
Most signature algorithms will ignore this parameter, but for SM2 this makes it possible to set the RFC8998 distinguished identifier. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:47 2026 (Merged from openssl#29953)
In the default and FIPS provider dispatch tables use corresponding macros instead of string literals. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:25:57 2026 (Merged from openssl#29953)
This adds support for the "sm2sig_sm3" TLS 1.3 signature algorithm, the "curveSM2" key exchange group (ECDH over SM2) and the associated post-quantum/traditional (PQ/T) hybrid "curveSM2MLKEM768" key exchange. The default key agreement group list is expanded to add two additional PQ groups, immediately after X25519MLKEM768. These are the P-256-based SecP256r1MLKEM768 and the SM2-based curveSMMLKEM768. Neither of the new groups is a default client keyshare group, these would only come into play after a server HRR, if for some reason X25519MLKEM768 is not supported by the server, X25519 is not then the server's most preferred group, and the server supports and prefers one of these of X25519. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:26:07 2026 (Merged from openssl#29953)
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> MergeDate: Sat Feb 21 13:26:15 2026 (Merged from openssl#29953)
This extends sslapi test for SM2-based key exchange. Also add comments for #endif to clearly mark disabled code blocks. Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MergeDate: Sat Feb 21 13:26:27 2026 (Merged from openssl#29953)
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> MergeDate: Thu Mar 5 17:41:05 2026 (Merged from openssl#30261)
Fixes openssl#29748 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> MergeDate: Thu Mar 5 18:04:24 2026 (Merged from openssl#29829)
A client that sends an excessive number of keyshares to the server can cause us to check that the groups are both in the client and server lists, which is expensive. In reality there should be no reason to send a large number of keyshares, so we restrict this to a sensible number (16). Any more than this are simply ignored. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> MergeDate: Fri Mar 6 10:33:03 2026 (Merged from openssl#30263)
We restrict the number of supported groups and sig algs that the server is willing to accept from the client to 128 (for both). Any more than this are simply ignored. This number is significantly more than the total amount of current codepoints assigned by IANA for these extensions. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> MergeDate: Fri Mar 6 10:33:03 2026 (Merged from openssl#30263)
Test that we correctly ignore large numbers of sigalgs Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> MergeDate: Fri Mar 6 10:33:04 2026 (Merged from openssl#30263)
Test that we correctly ignore large numbers of key shares. Similarly we do the same for a large number of supported groups. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> MergeDate: Fri Mar 6 10:33:04 2026 (Merged from openssl#30263)
We now restrict the max number of key_shares/supported groups/sig algs that we will pay attention to as a server. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> MergeDate: Fri Mar 6 10:33:04 2026 (Merged from openssl#30263)
This reverts commit ae8d50f. Fixes: openssl/project#1893 messing with free is a bridge too far Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 17:50:22 2026 (Merged from openssl#30273)
This reverts constification of the return value types of X509_STORE_CTX_get_current_cert(), X509_STORE_CTX_get0_current_issuer(), X509_STORE_CTX_get0_cert() functions, and arguments of X509_STORE_CTX_set_cert() and X509_STORE_CTX_init() functions. Constification of users of these functions, as well as X509_STORE_CTX_get_issuer_fn and X509_STORE_CTX_check_issued_fn types, remained in place. Complements: e5b5633 "Constify X509_STORE_CTX functions invoving X509 *" Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 18:33:12 2026 (Merged from openssl#30272)
…funcs Remove mentions of un-constified X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get0_current_issuer, X509_STORE_CTX_init, X509_STORE_CTX_set_cert for the list of constified functions. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 18:33:15 2026 (Merged from openssl#30272)
This partially reverts commit 367c54e "Constify X509_OBJECT_[get0|set1]_X509 and friends", as well as removes them from the list added in c0f82d9 "Describe X509 constification and ASN1_STRING changes". Constification of X509_get_pubkey() arguments remains in place. Resolves: openssl/project#1892 Complements: 367c54e "Constify X509_OBJECT_[get0|set1]_X509 and friends" Complements: c0f82d9 "Describe X509 constification and ASN1_STRING changes" Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 18:36:10 2026 (Merged from openssl#30276)
I placed these new notes prominently based upon how important I think that they are for applications developers targeting Windows platforms. With this new option, contributed (but not documented) by @nhorman in Commit 9431cc2, standalone executable applications can be distributed that do not require an installer and do not require modification of the target computer. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 1:50:49 2026 (Merged from openssl#30064)
This partially reverts commit 07ee3d5 "constify X509_find_by_issuer_and_serial", as it operates on a stack of X509 (not const X509 objects), and returns a pointer to one. The constification of PKCS7_signatureVerify argument is sensible (as the argument is read-only inside the function) and is remained in place. Fixes: 07ee3d5 "constify X509_find_by_issuer_and_serial" Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 21:29:34 2026 (Merged from openssl#30265)
This reverts commit 0da2990 "Constify X509_find_by_subject", as it operates on a stack of X509 (not const X509) objects, and returns a pointer to one of them. Fixes: 0da2990 "Constify X509_find_by_subject", Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Fri Mar 6 21:29:37 2026 (Merged from openssl#30265)
A specific order makes link addition more consistent moving forward. The links were sorted with "LC_ALL=C sort -V" command, "sort" is from GNU coreutils. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:11 2026 (Merged from openssl#30338)
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:14 2026 (Merged from openssl#30338)
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:17 2026 (Merged from openssl#30338)
An attempt has been made to harmonise the language and style of the changelog and news records a bit. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:20 2026 (Merged from openssl#30338)
Reorder entries, following general additions-changes-deprecations-removals order. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:22 2026 (Merged from openssl#30338)
…ANGES.md Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:25 2026 (Merged from openssl#30338)
Include various items from CHANGES.md, remove items pertaining OPENSSL_sk_set_cmp_thunks() and crypto-mdebug-backtrace, split into new features and significant/incompatible changes. Also, while at it, added the leader to the 3.6.0 news entry. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:28 2026 (Merged from openssl#30338)
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:32 2026 (Merged from openssl#30338)
The URLs have changed from [1] to [2]. [1] https://www.openssl.org/news/vulnerabilities.html [2] https://openssl-library.org/news/vulnerabilities/ Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:35 2026 (Merged from openssl#30338)
Since it has been released before 4.0.0-alpha1. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> MergeDate: Tue Mar 10 13:39:37 2026 (Merged from openssl#30338)
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> MergeDate: Tue Mar 10 14:31:43 2026 Release: yes
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> MergeDate: Tue Mar 10 14:33:31 2026 Release: yes
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> MergeDate: Tue Mar 10 14:33:32 2026 Release: yes
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> MergeDate: Tue Mar 10 14:33:43 2026 Release: yes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.