26 Pull requests opened by 13 people

• fix: exporters/cmake/OpenSSLConfig.cmake.in to work for build config

  #24918 opened Jul 17, 2024

• Enhance s_client Output

  #24921 opened Jul 17, 2024

• CMS_get1_crls(): Remove redundant check for NULL crls

  #24928 opened Jul 18, 2024

• Avoid leaking *ba_ret on reconnections

  #24931 opened Jul 18, 2024

• evp_get_digest/cipherbyname_ex(): Try to fetch if not found

  #24940 opened Jul 19, 2024

• threads: follow formatting rules

  #24941 opened Jul 19, 2024

• Arrange the ossl-nghttp3-demo-server.c to run with the client demo.

  #24946 opened Jul 19, 2024

• Fix typos found by codespell

  #24949 opened Jul 21, 2024

• Fix typos found by codespell in openssl-3.3 doc

  #24950 opened Jul 21, 2024

• Fix typos found by codespell in openssl-3.2 doc

  #24951 opened Jul 21, 2024

• Fix typos found by codespell in openssl-3.1 doc

  #24952 opened Jul 21, 2024

• Fix typos found by codespell in openssl-3.0 doc

  #24953 opened Jul 21, 2024

• rehash.c: handle possible null pointer returned by OPENSSL_strdup

  #24958 opened Jul 22, 2024

• apps.c: Check potential NULL returned by OPENSSL_strdup

  #24959 opened Jul 22, 2024

• Tdes fips disable

  #24960 opened Jul 22, 2024

• Clarify EVP_CipherUpdate() authenticated bytes behavior

  #24961 opened Jul 22, 2024

• ASN1_item_i2d: check both returned length and allocated pointer

  #24966 opened Jul 22, 2024

• Various fixup :

  #24968 opened Jul 22, 2024

• 24913

  #24969 opened Jul 22, 2024

• Quic server cml lite

  #24971 opened Jul 23, 2024

• dtls_meth.c: Silently drop DTLS records with invalid MAC

  #24973 opened Jul 23, 2024

• Fix strtoul test on alpine/musl

  #24974 opened Jul 23, 2024

• [pending #23416] Refactor OpenSSL 'EdDSA' EVP_SIGNATURE to allow use with EVP_PKEY functions

  #24975 opened Jul 23, 2024

• Fix Coverity-1604641

  #24976 opened Jul 23, 2024

• Fix typo in mk-fipsmodule-cnf.pl

  #24977 opened Jul 24, 2024

• Fips dsa keygen disable

  #24978 opened Jul 24, 2024

8 Issues closed by 5 people

• ossl_cipher_unpadblock rejecting valid plaintexts by default (3.3.1 Windows MSVC)

  #24967 closed Jul 23, 2024

• Segmentation Fault in OpenSSL-1.1.1 CRYPTO_THREAD_write_lock when using an engine for RSA

  #24963 closed Jul 22, 2024

• Stack smashing error in BIO_int_ctrl() on a 64-bit machine

  #24875 closed Jul 22, 2024

• OPENSSL_ia32cap doesn't work to disable AES-NI on certain processor

  #24894 closed Jul 19, 2024

• OpenSSL 1.1.1 all password bytes are ignored after first newline

  #7310 closed Jul 18, 2024

• [BUG] Use of strnlen() is not portable

  #24908 closed Jul 18, 2024

• stricter parser for `ipv4_from_asc`

  #24432 closed Jul 18, 2024

• Compling error in x509v3.h when building with powrprof.h header

  #24813 closed Jul 17, 2024

10 Issues opened by 9 people

• DTLS should silently drop messages with invalid MAC instead of sending fatal alert

  #24972 opened Jul 23, 2024

• Whether setting security level to zero in FIPS mode should be allowed or not ?

  #24970 opened Jul 23, 2024

• Once Fips is enable can't encrypt/decrypt file on version 3.0.2-fips

  #24962 opened Jul 22, 2024

• A0340100:error:8000274C:system library:BIO_connect:Unknown error:crypto\bio\bio_sock2.c:178:calling connect()

  #24957 opened Jul 22, 2024

• Statically linked openssl and/or OpenSSL libraries: Enable simple use of static third party provider(s)

  #24944 opened Jul 19, 2024

• No "ossl_static.pdb" is generated when compiling with Clang

  #24939 opened Jul 19, 2024

• ECDSA verify using prehashed message not allowed in FIPS

  #24937 opened Jul 19, 2024

• signature algorithms (RSA, DSA, ECDSA) & digests

  #24936 opened Jul 19, 2024

• OPENSSL_NO_DEPRECATED prevents compiling

  #24920 opened Jul 17, 2024

• Re-key a CA hierachy from its certificate

  #24919 opened Jul 17, 2024

51 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Implement functionality for direct use of composite signature algorithms

  #23416 commented on Jul 24, 2024 • 17 new comments

• add support for TLS 1.3 OCSP multi-stapling for server certs

  #20945 commented on Jul 20, 2024 • 11 new comments

• Disable DSA signing in the FIPS provider

  #24799 commented on Jul 23, 2024 • 6 new comments

• Add a no-short-mac FIPS indicator

  #24917 commented on Jul 24, 2024 • 5 new comments

• feat: Support basicAttConstraints X.509v3 extension

  #24847 commented on Jul 23, 2024 • 4 new comments

• providers: stop probing for getentropy(3) on recent FreeBSD

  #24903 commented on Jul 22, 2024 • 2 new comments

• XOF / EVP_MD_size() changes.

  #24571 commented on Jul 23, 2024 • 2 new comments

• Disallow SHAKE as the digest for PBKDF2 and X9.42 KDF

  #24862 commented on Jul 24, 2024 • 1 new comment

• Add RSA Signature restrictions for X9.31 padding in the FIPS provider.

  #24021 commented on Jul 20, 2024 • 1 new comment

• Add fips indicator requirements doc

  #23609 commented on Jul 18, 2024 • 1 new comment

• [design] Functions for explicitly fetched signature algorithms

  #22672 commented on Jul 22, 2024 • 1 new comment

• Crashed when used openssl which enabled "Control Flow Guard" on Windows x64

  #22944 commented on Jul 22, 2024 • 0 new comments

• EVP_CTRL_AEAD_SET_TAG fails for OCB

  #8331 commented on Jul 22, 2024 • 0 new comments

• document the format of DSA signature in EVP_SIGNATURE-DSA

  #23762 commented on Jul 20, 2024 • 0 new comments

• Replace PKCS#1 v1.5 padding in RSA PCT

  #23832 commented on Jul 20, 2024 • 0 new comments

• Restrict the length of key-derivation key used in KDFs

  #23900 commented on Jul 19, 2024 • 0 new comments

• EVP_CipherUpdate() setting AAD for AES-256-OCB returns incorrect `outlen`

  #8310 commented on Jul 22, 2024 • 0 new comments

• Add explicit indicator for PBKDF2

  #24120 commented on Jul 23, 2024 • 0 new comments

• Unable to run asm code on OpenBSD (arm64)

  #24137 commented on Jul 18, 2024 • 0 new comments

• Grammatical changes and typo fixes

  #24150 commented on Jul 18, 2024 • 0 new comments

• Fix for Issue #23499 Updated CRYPTOGAMS License Repository Link + Included License in Relevant Files

  #24231 commented on Jul 24, 2024 • 0 new comments

• "-keyopt ecdh_kdf_md:sha256" not working in "openssl cms"

  #24004 commented on Jul 19, 2024 • 0 new comments

• statem: always save sigalgs during PHA

  #24651 commented on Jul 18, 2024 • 0 new comments

• add ech-api.md

  #24738 commented on Jul 17, 2024 • 0 new comments

• In scrypt remove the check that N < 2^(128 * r / 8)

  #24741 commented on Jul 18, 2024 • 0 new comments

• EVP_PKEY_CTX_get_ecdh_kdf_md doesn't work when using the FIPS provider

  #19338 commented on Jul 19, 2024 • 0 new comments

• s_client returned protocol version is confusing

  #8123 commented on Jul 17, 2024 • 0 new comments

• Current master: tests hang up

  #24914 commented on Jul 17, 2024 • 0 new comments

• fix: Have util/mkerr.pl comply better with our coding style

  #24902 commented on Jul 17, 2024 • 0 new comments

• openssl_fopen() causes segmentation fault (access violation) under some conditions on Windows

  #24416 commented on Jul 17, 2024 • 0 new comments

• LeakSanitizer: detected memory leaks

  #24892 commented on Jul 17, 2024 • 0 new comments

• FIPS indicator epic

  #24849 commented on Jul 23, 2024 • 0 new comments

• [BUG] test_lhash fails on NonStop (threading) at commit 01753c09bb

  #24913 commented on Jul 23, 2024 • 0 new comments

• EVP_MD_CTX_FLAG_REUSE

  #6343 commented on Jul 23, 2024 • 0 new comments

• AT_SECURE undefined

  #8349 commented on Jul 23, 2024 • 0 new comments

• openssl@3 fails to build (80-test_cmp_http.t) on macOS Mojave 10.14.3

  #22467 commented on Jul 23, 2024 • 0 new comments

• Add 'copy' and 'move' Configuration Values for DNS Subject Alternative Names

  #341 commented on Jul 23, 2024 • 0 new comments

• `x509_lu.c` and `x509_vfy.c`: refactor `find_issuer()` and friends

  #18762 commented on Jul 22, 2024 • 0 new comments

• Add RFC8701 GREASE Support

  #19646 commented on Jul 23, 2024 • 0 new comments

• Add client-side session caching

  #19687 commented on Jul 23, 2024 • 0 new comments

• Uninitialized output buffer is causing memory sanitizer build to fail

  #23572 commented on Jul 23, 2024 • 0 new comments

• Add Reproducible Error Injection (rebased)

  #21668 commented on Jul 23, 2024 • 0 new comments

• pkcs7: support sm2 public algorithm

  #21719 commented on Jul 21, 2024 • 0 new comments

• Provide `evp_test` as separate installable tool

  #22327 commented on Jul 19, 2024 • 0 new comments

• Bugfixes for params to legacy control translations for EC parameters

  #22587 commented on Jul 20, 2024 • 0 new comments

• Freebsd CI failure

  #23992 commented on Jul 22, 2024 • 0 new comments

• (Reopened PR) Add constant-time implementation for `ossl_cipher_unpadblock`

  #22777 commented on Jul 21, 2024 • 0 new comments

• Implement interleaved AES-CBC+HMAC-SHA algorithm on aarch64

  #22949 commented on Jul 22, 2024 • 0 new comments

• Add the SSL option of disabling DTLS record replay check

  #22980 commented on Jul 23, 2024 • 0 new comments

• DTLS 1.3: Update epochs when changing key and cipher state

  #23229 commented on Jul 23, 2024 • 0 new comments

• Support dtls 1.3 downgrade mechanism

  #23320 commented on Jul 22, 2024 • 0 new comments