oweals/openssl.git
5 years agoMove ec_asm_src file information to build.info files
Richard Levitte [Sun, 16 Jun 2019 17:57:52 +0000 (19:57 +0200)]
Move ec_asm_src file information to build.info files

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoMove cpuid_asm_src file information to build.info files
Richard Levitte [Sun, 16 Jun 2019 17:35:08 +0000 (19:35 +0200)]
Move cpuid_asm_src file information to build.info files

Also took away the internal 'debug-linux-ia32-aes' config target, as
it's broken (refers to files that no longer exist).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoMove bn_asm_src file information to build.info files
Richard Levitte [Sun, 16 Jun 2019 14:56:25 +0000 (16:56 +0200)]
Move bn_asm_src file information to build.info files

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoConfigure: add mechanism to specify asm target architecture
Richard Levitte [Sun, 16 Jun 2019 11:32:58 +0000 (13:32 +0200)]
Configure: add mechanism to specify asm target architecture

As preparation for moving asm file specs to build.info files, we must
make sure there is still some base information to help select the
correct files.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoMove uplink file information to build.info files
Richard Levitte [Sun, 16 Jun 2019 10:56:21 +0000 (12:56 +0200)]
Move uplink file information to build.info files

This file information was hidden in config target files, when they
should really be part of build.info like any other file we build
from.  With build.info variables, the task became much easier.

We take the opportunity to move apps_init_src and apps_aux_src to
apps/build.info as well, and to clean up apps/build.info.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoConfigure: add mechanism to specify uplink target architecture
Richard Levitte [Sun, 16 Jun 2019 10:37:21 +0000 (12:37 +0200)]
Configure: add mechanism to specify uplink target architecture

As preparation for moving uplink file specs to build.info files, we
must make sure there is still some base information to help select the
correct files.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoConfigure: allow conditions and variable values to have variable references
Richard Levitte [Sun, 16 Jun 2019 09:38:30 +0000 (11:38 +0200)]
Configure: allow conditions and variable values to have variable references

This will allow building variables on other variables, and to have
conditions based on variable contents.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9166)

5 years agoConfigure: AIX needs a specific DSO extension function
Richard Levitte [Sat, 25 May 2019 09:02:59 +0000 (11:02 +0200)]
Configure: AIX needs a specific DSO extension function

DSO extensions are normally derived from platform->shlibextsimple() on
Unix.  This isn't the case for AIX, so it needs to define its own DSO
extension specifically.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9005)

5 years agoFix no-ec with no-dh
Matt Caswell [Thu, 13 Jun 2019 18:34:37 +0000 (19:34 +0100)]
Fix no-ec with no-dh

Make sure that the combination of no-ec with no-dh builds successfully.
If neither ec or dh are available then TLSv1.3 is not possible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9156)

5 years agoAllow TLSv1.3 in a no-ec build
Matt Caswell [Thu, 13 Jun 2019 10:06:12 +0000 (11:06 +0100)]
Allow TLSv1.3 in a no-ec build

Now that we have TLSv1.3 FFDHE support there is no reason why we should
not allow TLSv1.3 to be used in a no-ec build. This commit enables that
to happen.

It also fixes no-ec which was previously broken.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9156)

5 years agoReplumbing: Adapt the default and legacy providers to use library context upcall
Richard Levitte [Fri, 14 Jun 2019 09:41:32 +0000 (11:41 +0200)]
Replumbing: Adapt the default and legacy providers to use library context upcall

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9160)

5 years agoReplumbing: Adapt the FIPS module to use the library context upcall
Richard Levitte [Fri, 14 Jun 2019 08:27:30 +0000 (10:27 +0200)]
Replumbing: Adapt the FIPS module to use the library context upcall

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9160)

5 years agoReplumbing: offer a core upcall to get the provider object's library context
Richard Levitte [Fri, 14 Jun 2019 08:19:56 +0000 (10:19 +0200)]
Replumbing: offer a core upcall to get the provider object's library context

The FIPS module currently has "magic" support to have the library
context become the provider context within the core code, for the FIPS
module's inner provider.

We replace that with a core upcall that returns the library context
associated with a provider object.  That way, the FIPS module can
handle the assignment of the inner provider context itself.  This
allows the FIPS module (and any other provider module that wishes to
use a similar mechanism) to define for itself what the provider
context is.  It's currently simply a pointer to a library context,
but may contain other stuff as well in the future.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9160)

5 years agocrypto/ppccap.c: Fix FIPS build on PPC
Richard Levitte [Mon, 17 Jun 2019 06:14:57 +0000 (08:14 +0200)]
crypto/ppccap.c: Fix FIPS build on PPC

Some code was temporarly disabled in the FIPS module because SHA other
SHA1 hadn't been ported.  Now that they have, we must enable this code
again.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9168)

5 years agoBetter document specific OSSL_PARAM symbols.
Pauli [Mon, 17 Jun 2019 01:34:09 +0000 (11:34 +1000)]
Better document specific OSSL_PARAM symbols.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9114)

5 years agoAdd documentation for X509_cmp and related APIs
Paul Yang [Thu, 6 Jun 2019 03:42:02 +0000 (11:42 +0800)]
Add documentation for X509_cmp and related APIs

Fixes: #9088

Functions documented in this commit: X509_cmp, X509_NAME_cmp,
X509_issuer_and_serial_cmp, X509_issuer_name_cmp, X509_subject_name_cmp,
X509_CRL_cmp, X509_CRL_match

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9091)

5 years agoUse variables in build.info files where it's worth the while
Richard Levitte [Wed, 12 Jun 2019 10:10:00 +0000 (12:10 +0200)]
Use variables in build.info files where it's worth the while

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9144)

5 years agoConfigure: Add support for variables in build.info files
Richard Levitte [Wed, 12 Jun 2019 10:03:31 +0000 (12:03 +0200)]
Configure: Add support for variables in build.info files

Variables have the syntax defined with this regular expression:

    \$([[:alpha:]_][[:alnum:]_]*)

They are always local to the build.info they are defined in, and are
defined like this:

    $VAR=text

Expansion is done very simply, any reference to the variable (with the
exact same variable syntax) is replaced with its defined value.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9144)

5 years agoFix building with enable-trace
Matt Caswell [Fri, 14 Jun 2019 08:07:29 +0000 (09:07 +0100)]
Fix building with enable-trace

Tracing doesn't work in the FIPS module. Ensure we switch it off there.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9159)

5 years agoFix no-dh
Matt Caswell [Thu, 13 Jun 2019 09:21:46 +0000 (10:21 +0100)]
Fix no-dh

The recent TLSv1.3 FFDHE support missed a few OPENSSL_NO_DH guards.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9153)

5 years agoUpdate the d2i docs to reflect reality
Matt Caswell [Wed, 12 Jun 2019 11:12:07 +0000 (12:12 +0100)]
Update the d2i docs to reflect reality

The d2i docs state that if an error occurs then |*a| is not freed. This
is not correct. On error it is freed and set to NULL. We update the docs
to say this, and also discuss the fact that this behaviour was inconsistent
prior to OpenSSL 1.1.0.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9146)

5 years agots: Fix awkward sentences in the documentation and the default digest
Tomas Mraz [Wed, 12 Jun 2019 10:01:19 +0000 (12:01 +0200)]
ts: Fix awkward sentences in the documentation and the default digest

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9143)

5 years agots: Use sha256 as default digest for TS query
Tomas Mraz [Fri, 14 Dec 2018 11:10:58 +0000 (12:10 +0100)]
ts: Use sha256 as default digest for TS query

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7900)

5 years agoFix typo mistake on calls to SSL_ctrl in ssl.h
raja-ashok [Tue, 11 Jun 2019 14:59:08 +0000 (20:29 +0530)]
Fix typo mistake on calls to SSL_ctrl in ssl.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9140)

5 years agoUpdate docs for TLS1.3 FFDHE
raja-ashok [Sat, 11 May 2019 17:58:26 +0000 (23:28 +0530)]
Update docs for TLS1.3 FFDHE

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8178)

5 years agoAdd testcase for TLS1.3 FFDHE
raja-ashok [Thu, 7 Feb 2019 13:03:49 +0000 (18:33 +0530)]
Add testcase for TLS1.3 FFDHE

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8178)

5 years agoTLS1.3 FFDHE Support
raja-ashok [Fri, 25 Jan 2019 15:34:49 +0000 (21:04 +0530)]
TLS1.3 FFDHE Support

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8178)

5 years agoEnable find-doc-nits to find undocumented symbols since 1.1.1
Matt Caswell [Thu, 6 Jun 2019 11:35:37 +0000 (12:35 +0100)]
Enable find-doc-nits to find undocumented symbols since 1.1.1

A previous commit added the ability to find newly undocumented symbols.
We extend this capability to check anything that was newly added since
1.1.1 which is undocumented. A new option -o is added to find-doc-nits
to amend the behaviour of -v or -e to check symbols that were newly
added since the release of 1.1.1.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)

5 years agoFix an incorrect macro
Matt Caswell [Thu, 6 Jun 2019 11:14:59 +0000 (12:14 +0100)]
Fix an incorrect macro

A macro was missing a space which was confusing find-doc-nits

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)

5 years agoi2d_PublicKey was listed in 2 different man pages
Matt Caswell [Thu, 6 Jun 2019 11:14:28 +0000 (12:14 +0100)]
i2d_PublicKey was listed in 2 different man pages

find-doc-nits complains if a symbol is documented in more than one
location.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)

5 years agoMake find-doc-nits check for newly added undocumented symbols
Matt Caswell [Thu, 6 Jun 2019 11:12:49 +0000 (12:12 +0100)]
Make find-doc-nits check for newly added undocumented symbols

We create lists of undocumented functions and macros as they are now so
that find-doc-nits can check for newly introduced functions/macros that
are undocumented.

This works in a similar way to the -u and -d options to find-doc-nits.
These count undocumented symbols and print a detailed list of undocumented
symbols repsectively. This commit adds the -v and -e options to restrict
the count/detailed list to newly added undocumented symbols only.

There is also a new -s option that does the same as -e except that it
produces no output if there are no newly undocumented symbols.

We also amend "make doc-nits" to add the -s option which should cause
travis to fail if a PR adds undocumented symbols.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)

5 years agoConfigure: count basenames for all library sources
Richard Levitte [Tue, 11 Jun 2019 16:11:25 +0000 (18:11 +0200)]
Configure: count basenames for all library sources

Make sure that each basename only appears once.  This is due to the
static library archiver on Unix, that indexes archived object files by
base name only, thereby making base name clashes...  interesting.

This is a safety net for OpenSSL developer!

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9133)

5 years agoEnsure code is compiled with correct BIGNUM assembler defines
Matt Caswell [Tue, 11 Jun 2019 12:49:43 +0000 (13:49 +0100)]
Ensure code is compiled with correct BIGNUM assembler defines

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoAdd some dummy BIGNUM calls from inside the FIPS provider
Matt Caswell [Tue, 11 Jun 2019 11:06:27 +0000 (12:06 +0100)]
Add some dummy BIGNUM calls from inside the FIPS provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoMake BIGNUM code available from within the FIPS module
Matt Caswell [Wed, 29 May 2019 16:31:22 +0000 (17:31 +0100)]
Make BIGNUM code available from within the FIPS module

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoTemporarily disable RAND call in FIPS_MODE until RAND is available
Matt Caswell [Thu, 30 May 2019 14:42:32 +0000 (15:42 +0100)]
Temporarily disable RAND call in FIPS_MODE until RAND is available

Other commits will enable the RAND code in FIPS_MODE. Until those commits
are in place we temporarily disable making RAND calls while in FIPS_MODE.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoConvert bn_rand.c to use EVP
Matt Caswell [Wed, 29 May 2019 16:29:34 +0000 (17:29 +0100)]
Convert bn_rand.c to use EVP

Replace the low level SHA512_* function calls with EVP calls.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoCreate BN_CTX_new_ex() and BN_CTX_secure_new_ex()
Matt Caswell [Wed, 29 May 2019 16:03:53 +0000 (17:03 +0100)]
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex()

These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing
an OPENSSL_CTX so that we can access this where needed throughout the
BIGNUM sub library.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)

5 years agoRemove redundant include
Acheev Bhagat [Wed, 12 Jun 2019 00:28:04 +0000 (20:28 -0400)]
Remove redundant include

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9137)

5 years agoOSSL_PARAM example code bug fix.
Pauli [Tue, 11 Jun 2019 23:48:13 +0000 (09:48 +1000)]
OSSL_PARAM example code bug fix.

Technically not a bug since the code worked but the array index shouldn't have
been constant after searching for the field.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9136)

5 years agoMove a fall through comment
Matt Caswell [Tue, 11 Jun 2019 12:27:45 +0000 (13:27 +0100)]
Move a fall through comment

When compiling with --strict-warnings using gcc 7.4.0 the compiler
complains that a case falls through, even though there is an explicit
comment stating this. Moving the comment outside of the conditional
compilation section resolves this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9131)

5 years agoFix a URL to the NMBRTHRY list archive
Bernd Edlinger [Mon, 10 Jun 2019 08:24:35 +0000 (10:24 +0200)]
Fix a URL to the NMBRTHRY list archive

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9123)

5 years agoFix app opt compile failure due to missing <inttypes.h>
Shane Lontis [Tue, 11 Jun 2019 08:19:20 +0000 (18:19 +1000)]
Fix app opt compile failure due to missing <inttypes.h>

opt.c uses functions that are only available if inttypes.h exists.
It now checks a define which is unavailable if
inttypes.h is included. The include is done automagically inside e_os2.h.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8986)

5 years agoFix Windows Compile failure due to missing <inttypes.h>
Shane Lontis [Tue, 11 Jun 2019 08:17:52 +0000 (18:17 +1000)]
Fix Windows Compile failure due to missing <inttypes.h>

Including <inttypes.h> caused a windows build failure.
The test is now skipped if strtoimax & strtoumax are not supported.
It does this by checking for a define which is only available if
inttypes.h is not included. The include is done automagically inside e_os2.h.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8986)

5 years agoAdd defines to indicate if intypes.h and stdint.h are unavailable
Shane Lontis [Tue, 11 Jun 2019 08:16:51 +0000 (18:16 +1000)]
Add defines to indicate if intypes.h and stdint.h are unavailable

Use the defines OPENSSL_NO_INTTYPES_H & OPENSSL_NO_STDINT_H to determine
if the headers are unavailable for a platform.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8986)

5 years agoPBKDF2 updates to conform to SP800-132
Shane Lontis [Fri, 3 May 2019 03:04:58 +0000 (13:04 +1000)]
PBKDF2 updates to conform to SP800-132

The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
  - the range of the key length.
  - the minimum iteration count (1000 recommended).
  - salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)

5 years agoMake EVP_MD_CTX_ctrl() work for legacy use cases (ssl3).
Shane Lontis [Fri, 7 Jun 2019 02:05:23 +0000 (12:05 +1000)]
Make EVP_MD_CTX_ctrl() work for legacy use cases (ssl3).

This is still required currently by engines and digestsign/digestverify.
This PR contains merged in code from Richard Levitte's PR #9126.

[extended tests]

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9103)

5 years agoFix Keccak structure name reference in S390 legacy code
Shane Lontis [Mon, 10 Jun 2019 02:40:13 +0000 (12:40 +1000)]
Fix Keccak structure name reference in S390 legacy code

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9120)

5 years agoFix doc to remove const arg in GEN_SESSION_CB
Shigeki Ohtsu [Fri, 7 Jun 2019 02:49:48 +0000 (11:49 +0900)]
Fix doc to remove const arg in GEN_SESSION_CB

ae3947de095 changed the callback arg not to have a const parameter.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9104)

5 years agoChange cipher default strings to a function
Todd Short [Fri, 5 Apr 2019 14:03:29 +0000 (10:03 -0400)]
Change cipher default strings to a function

Making the default cipher strings a function gives the library more
control over the defaults. Potentially allowing a change in the
future as ciphers become deprecated or dangerous.
Also allows third party distributors to change the defaults for their
installations.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8686)

5 years agoBIO_lookup_ex: Retry with AI_ADDRCONFIG cleared if getaddrinfo fails
Tomas Mraz [Fri, 7 Jun 2019 09:34:42 +0000 (11:34 +0200)]
BIO_lookup_ex: Retry with AI_ADDRCONFIG cleared if getaddrinfo fails

The lookup for ::1 with getaddrinfo() might return error even if
the ::1 would work if AI_ADDRCONFIG flag is used.

Fixes: #9053

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9108)

5 years agoImprove the Windows OneCore target support. (Add targets for building libraries for...
MouriNaruto [Sat, 11 May 2019 21:10:58 +0000 (05:10 +0800)]
Improve the Windows OneCore target support. (Add targets for building libraries for Windows Store apps.)

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8917)

5 years agodoc/internal/man3/ossl_method_construct.pod: follow common conventions
Richard Levitte [Fri, 7 Jun 2019 10:30:01 +0000 (12:30 +0200)]
doc/internal/man3/ossl_method_construct.pod: follow common conventions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9109)

5 years agoEVP fetching: make operation_id part of the method identity
Richard Levitte [Fri, 7 Jun 2019 09:44:08 +0000 (11:44 +0200)]
EVP fetching: make operation_id part of the method identity

Because the operation identity wasn't integrated with the created
methods, the following code would give unexpected results:

    EVP_MD *md = EVP_MD_fetch(NULL, "MD5", NULL);
    EVP_CIPHER *cipher = EVP_CIPHER_fetch(NULL, "MD5", NULL);

    if (md != NULL)
        printf("MD5 is a digest\n");
    if (cipher != NULL)
        printf("MD5 is a cipher\n");

The message is that MD5 is both a digest and a cipher.

Partially fixes #9106

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9109)

5 years agoRevert the DEVRANDOM_WAIT feature
Dr. Matthias St. Pierre [Wed, 5 Jun 2019 09:09:46 +0000 (11:09 +0200)]
Revert the DEVRANDOM_WAIT feature

The DEVRANDOM_WAIT feature added a select() call to wait for the
`/dev/random` device to become readable before reading from the
`/dev/urandom` device. It was introduced in commit 38023b87f037
in order to mitigate the fact that the `/dev/urandom` device
does not block until the initial seeding of the kernel CSPRNG
has completed, contrary to the behaviour of the `getrandom()`
system call.

It turned out that this change had negative side effects on
performance which were not acceptable. After some discussion it
was decided to revert this feature and leave it up to the OS
resp. the platform maintainer to ensure a proper initialization
during early boot time.

Fixes #9078

This partially reverts commit 38023b87f037.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9084)

5 years agoAdd documentation for new functions taking an OPENSSL_CTX parameter
Matt Caswell [Wed, 29 May 2019 15:03:57 +0000 (16:03 +0100)]
Add documentation for new functions taking an OPENSSL_CTX parameter

Various functions have been added that take an OPENSSL_CTX parameter as
a result of moving the RAND code into the FIPS module. We document all of
those functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9039)

5 years agoMove the rand_nonce_lock code into drbg_lib.c
Matt Caswell [Fri, 24 May 2019 15:36:44 +0000 (16:36 +0100)]
Move the rand_nonce_lock code into drbg_lib.c

It was previously rand_lib but it makes more sense in drbg_lib.c since
all the functions that use this lock are only ever called from drbg_lib.c

We add some FIPS_MODE defines in preparation for later moving this code
into the FIPS module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9039)

5 years agoMake the rand_crng code OPENSSL_CTX aware
Matt Caswell [Thu, 23 May 2019 15:51:55 +0000 (16:51 +0100)]
Make the rand_crng code OPENSSL_CTX aware

This is in preparation for moving this code inside the FIPS module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9039)

5 years agoConvert drbg_lib to use OPENSSL_CTX for its global data
Matt Caswell [Thu, 23 May 2019 13:35:31 +0000 (14:35 +0100)]
Convert drbg_lib to use OPENSSL_CTX for its global data

In preparation for moving the RAND code into the FIPS module we make
drbg_lib.c OPENSSL_CTX aware.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9039)

5 years agoReplace BIO_printf with ASN1_STRING_print in GENERAL_NAME_print
Acheev Bhagat [Fri, 7 Jun 2019 00:05:49 +0000 (20:05 -0400)]
Replace BIO_printf with ASN1_STRING_print in GENERAL_NAME_print

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9101)

5 years agoFixed typo in code comment.
David Makepeace [Fri, 7 Jun 2019 00:45:51 +0000 (10:45 +1000)]
Fixed typo in code comment.
[skip ci]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9102)

5 years agoChange EVP_MAC method from copy to dup
Kurt Roeckx [Tue, 18 Dec 2018 23:36:40 +0000 (00:36 +0100)]
Change EVP_MAC method from copy to dup

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
GH: #7651

5 years agoReplace EVP_MAC_CTX_copy() by EVP_MAC_CTX_dup()
Kurt Roeckx [Sun, 4 Nov 2018 18:16:20 +0000 (19:16 +0100)]
Replace EVP_MAC_CTX_copy() by EVP_MAC_CTX_dup()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
GH: #7651

5 years agoFix typo in macro argument of SSL_set1_client_sigalgs_list()
Dr. Matthias St. Pierre [Thu, 6 Jun 2019 11:28:29 +0000 (13:28 +0200)]
Fix typo in macro argument of SSL_set1_client_sigalgs_list()

Fixes #9092

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9093)

5 years agoAddress property documentation concerns.
Pauli [Thu, 6 Jun 2019 06:38:26 +0000 (16:38 +1000)]
Address property documentation concerns.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9090)

5 years agorename the digest provider files to avoid any name clashes with other folders
Shane Lontis [Wed, 5 Jun 2019 06:01:18 +0000 (16:01 +1000)]
rename the digest provider files to avoid any name clashes with other folders

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9083)

5 years agoCoverity fixes
Shane Lontis [Tue, 4 Jun 2019 01:32:58 +0000 (11:32 +1000)]
Coverity fixes

covID 1445689 Resource leak (in error path)
covID 1445318 Resource leak (in test - minor)
covID 1443705 Unchecked return value (Needed if CRYPTO_atomic_add() was used)
covID 1443691 Resource leak (in app - minor)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9071)

5 years agoman: fix doc-nit in property.pod
Dr. Matthias St. Pierre [Wed, 5 Jun 2019 19:03:34 +0000 (21:03 +0200)]
man: fix doc-nit in property.pod

This causes travis build failures on master

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9087)

5 years agoDocument property hierarchy.
Pauli [Thu, 30 May 2019 01:37:12 +0000 (11:37 +1000)]
Document property hierarchy.

Add documentation to indicate the interaction between global (context level)
property queries and local (passed to fetch) ones.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9042)

5 years agoEVP_DigestInit_ex(): drop previous context engine earlier
Richard Levitte [Tue, 4 Jun 2019 14:15:46 +0000 (16:15 +0200)]
EVP_DigestInit_ex(): drop previous context engine earlier

If a EVP_MD_CTX holds a reference to a previously given engine, and
the type of its digest isn't the same as the one given in the new
call, drop that engine reference, allowing providers or other engines
to provide the new algorithm on an equal basis.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9077)

5 years agoDocument deprecation of version-specific SSL/TLS methods
Dr. Matthias St. Pierre [Fri, 24 May 2019 12:04:26 +0000 (14:04 +0200)]
Document deprecation of version-specific SSL/TLS methods

In commit 2b8fa1d56cd3 the version-specific SSL/TLS methods were
deprecated. This patch improves the documentation of that change
by stating the deprecation more prominently in the manual page
and explaining the reason for the deprecation.

Fixes #8989

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9001)

5 years agobuild_SYS_str_reasons: Fix a crash caused by overlong locales
Vitezslav Cizek [Tue, 4 Jun 2019 11:24:59 +0000 (13:24 +0200)]
build_SYS_str_reasons: Fix a crash caused by overlong locales

The 4 kB SPACE_SYS_STR_REASONS in crypto/err/err.c isn't enough for some locales.
The Russian locales consume 6856 bytes, Ukrainian even 7000.

build_SYS_str_reasons() contains an overflow check:

if (cnt > sizeof(strerror_pool))
    cnt = sizeof(strerror_pool);

But since commit 9f15e5b911ba6053e09578f190354568e01c07d7 it no longer
works as cnt is incremented once more after the condition.

cnt greater than sizeof(strerror_pool) results in an unbounded
OPENSSL_strlcpy() in openssl_strerror_r(), eventually causing a crash.

When the first received error string was empty or contained only
spaces, cur would move in front of the start of the strerror_pool.

Also don't call openssl_strerror_r when the pool is full.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8966)

5 years agoRemove last references to DEBUG_SAFESTACK
Dr. Matthias St. Pierre [Mon, 3 Jun 2019 14:03:42 +0000 (16:03 +0200)]
Remove last references to DEBUG_SAFESTACK

The DEBUG_SAFESTACK preprocessor define is obsolete since 2008
when the non-safestack code was removed by commit 985de8634000.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9070)

5 years agoMove digests to providers
Shane Lontis [Thu, 11 Apr 2019 10:27:59 +0000 (20:27 +1000)]
Move digests to providers

Move digest code into the relevant providers (fips, default, legacy).
The headers are temporarily moved to be internal, and will be moved
into providers after all external references are resolved. The deprecated
digest code can not be removed until EVP_PKEY (signing) is supported by
providers. EVP_MD data can also not yet be cleaned up for the same reasons.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8763)

5 years agoAdd missing parentheses in macro
Mathias Berchtold [Thu, 30 May 2019 05:25:31 +0000 (07:25 +0200)]
Add missing parentheses in macro

Add missing parentheses in macro

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9044)

5 years agoReally fail if we have a test failure
Matt Caswell [Fri, 31 May 2019 13:34:13 +0000 (14:34 +0100)]
Really fail if we have a test failure

Commit c5f7a99645a broke the test framework such that some tests might
fail, but the test framework still gives a PASS result overall.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9056)

5 years agoEnsure we get all the right defines for AES assembler in FIPS module
Matt Caswell [Thu, 30 May 2019 13:40:57 +0000 (14:40 +0100)]
Ensure we get all the right defines for AES assembler in FIPS module

There are various C macro definitions that are passed via the compiler
to enable AES assembler optimisation. We need to make sure that these
defines are also passed during compilation of the FIPS module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9038)

5 years agoMake basic AES ciphers available from within the FIPS providers
Matt Caswell [Tue, 28 May 2019 10:25:08 +0000 (11:25 +0100)]
Make basic AES ciphers available from within the FIPS providers

These ciphers were already provider aware, and were available from the
default provider. We move them into the FIPS provider too.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9038)

5 years agoWrite a test for receiving a KeyUpdate (update requested) while writing
Matt Caswell [Wed, 17 Apr 2019 09:30:53 +0000 (10:30 +0100)]
Write a test for receiving a KeyUpdate (update requested) while writing

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8773)

5 years agoDefer sending a KeyUpdate until after pending writes are complete
Matt Caswell [Wed, 17 Apr 2019 10:09:05 +0000 (11:09 +0100)]
Defer sending a KeyUpdate until after pending writes are complete

If we receive a KeyUpdate message (update requested) from the peer while
we are in the middle of a write, we should defer sending the responding
KeyUpdate message until after the current write is complete. We do this
by waiting to send the KeyUpdate until the next time we write and there is
no pending write data.

This does imply a subtle change in behaviour. Firstly the responding
KeyUpdate message won't be sent straight away as it is now. Secondly if
the peer sends multiple KeyUpdates without us doing any writing then we
will only send one response, as opposed to previously where we sent a
response for each KeyUpdate received.

Fixes #8677

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8773)

5 years agoRemove file reference from property documentation.
Pauli [Sun, 2 Jun 2019 22:38:01 +0000 (08:38 +1000)]
Remove file reference from property documentation.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9066)

5 years agoAdd the content type attribute to additional CMS signerinfo.
Shane Lontis [Mon, 3 Jun 2019 05:19:48 +0000 (15:19 +1000)]
Add the content type attribute to additional CMS signerinfo.

Fixes #8923

Found using the openssl cms -resign option.
This uses an alternate path to do the signing which was not adding the required signed attribute
content type. The content type attribute should always exist since it is required is there are
any signed attributes.
As the signing time attribute is always added in code, the content type attribute is also required.
The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes
e.g. The message digest attribute is a signed attribute that must exist if any signed attributes
exist, it cannot be an unsigned attribute and there must only be one instance containing a single
value.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8944)

5 years agoFix a typo in the property grammar that creates an ambiguous parse.
Pauli [Sun, 2 Jun 2019 22:06:15 +0000 (08:06 +1000)]
Fix a typo in the property grammar that creates an ambiguous parse.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9065)

5 years agoWindows: Add missing quotes in build file
Richard Levitte [Sat, 1 Jun 2019 05:07:48 +0000 (07:07 +0200)]
Windows: Add missing quotes in build file

All invokations of $(PERL) need to be quoted, in case it contains
spaces.  That was forgotten in one spot.

Fixes #9060

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9062)

5 years agoAdd sparse array of const pointer type
Pauli [Sat, 1 Jun 2019 07:55:33 +0000 (17:55 +1000)]
Add sparse array of const pointer type

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8840)

5 years agoFix various mistakes in ec_GFp_nistp_recode_scalar_bits comment.
David Benjamin [Thu, 30 May 2019 21:01:10 +0000 (17:01 -0400)]
Fix various mistakes in ec_GFp_nistp_recode_scalar_bits comment.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9050)

5 years agoFix CHECK_BSD_STYLE_MACROS for OpenBSD and cryptodev-linux
Retropotenza [Fri, 31 May 2019 10:43:24 +0000 (12:43 +0200)]
Fix CHECK_BSD_STYLE_MACROS for OpenBSD and cryptodev-linux

CLA: trivial

Fixes #8911

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8866)

5 years agoUpdate X509_STORE_new.pod
Sambit Kumar Dash [Thu, 2 May 2019 18:23:04 +0000 (23:53 +0530)]
Update X509_STORE_new.pod

Minor typo.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8866)

5 years agoConstify OSSL_PROVIDER getter input parameters
Richard Levitte [Fri, 31 May 2019 08:53:12 +0000 (10:53 +0200)]
Constify OSSL_PROVIDER getter input parameters

Some OSSL_PROVIDER getters took a non-const OSSL_PROVIDER parameter.
There's no reason to do so.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9054)

5 years agoUpdate EVP_VerifyInit.pod
Sambit Kumar Dash [Thu, 30 May 2019 21:23:02 +0000 (02:53 +0530)]
Update EVP_VerifyInit.pod

Method name correction.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9052)

5 years agoissue-8998: Ensure that the alert is generated and reaches the remote
agnosticdev [Wed, 29 May 2019 15:27:26 +0000 (10:27 -0500)]
issue-8998: Ensure that the alert is generated and reaches the remote

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9041)

5 years agoCertificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
Andreas Kretschmer [Tue, 2 Apr 2019 09:16:53 +0000 (11:16 +0200)]
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712)

CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI.
    Adds extensive man pages and tests.  Integration into build scripts.

Incremental pull request based on OpenSSL commit 1362190b1b78 of 2018-09-26

3rd chunk: CMP ASN.1 structures (in crypto/cmp/cmp_asn.c) and related files

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8669)

5 years agoAdd man 7 page about properties.
Pauli [Thu, 30 May 2019 00:57:53 +0000 (10:57 +1000)]
Add man 7 page about properties.

Add a page about properties in the man7 section of the public documentation.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9011)

5 years agoJoin the x509 and x509v3 directories
Richard Levitte [Mon, 13 May 2019 16:07:45 +0000 (09:07 -0700)]
Join the x509 and x509v3 directories

This has been long overdue.

Note that this does not join the X509 and X509V3 error modules, that
will be too many macro changes at this stage.

Fixes #8919

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8925)

5 years agoFuzz: add a few more types into Fuzzing for ESS
FdaSilvaYY [Wed, 30 Jan 2019 20:16:38 +0000 (21:16 +0100)]
Fuzz: add a few more types into Fuzzing for ESS

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8117)

5 years agoCAdES: Fix SignerInfo attribute construction order.
FdaSilvaYY [Tue, 29 Jan 2019 22:54:30 +0000 (23:54 +0100)]
CAdES: Fix SignerInfo attribute construction order.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8117)

5 years agocrypto/conf: openssl_config_int() returns unitialized value
Dr. Matthias St. Pierre [Tue, 28 May 2019 12:29:59 +0000 (14:29 +0200)]
crypto/conf: openssl_config_int() returns unitialized value

openssl_config_int() returns the uninitialized variable `ret`
when compiled with OPENSSL_SYS_UEFI.

Fixes #9026

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9029)

5 years agoTypo BIO_SOCK_REUSADDR => BIO_SOCK_REUSEADDR
Iuri Rezende Souza [Tue, 28 May 2019 04:02:34 +0000 (00:02 -0400)]
Typo BIO_SOCK_REUSADDR => BIO_SOCK_REUSEADDR

CLA: trivial

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9021)

5 years agoTest of uniformity of BN_rand_range output.
Pauli [Tue, 28 May 2019 23:54:29 +0000 (09:54 +1000)]
Test of uniformity of BN_rand_range output.

Rework the test so that it fails far less often.

A number of independent tests are executed and 5% are expected to fail.
The number of such failures follows a binomial distribution which permits
a statistical test a 0.01% expected failure rate.

There is a command line option to enable the stochastic range checking.
It is off by default.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8830)

5 years agofix timeout in 30-test_evp_pkey_dparam
Shane Lontis [Tue, 28 May 2019 23:50:19 +0000 (09:50 +1000)]
fix timeout in 30-test_evp_pkey_dparam

enabling the 'enable-crypto-mdebug' option and running parameter generation
causes timeouts.
Loading pregenerated params is more suited for these tests.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9022)