Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DIX5q_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGVZ8HopLGEsnUUBM15qFO1QEAdjpz8MCT3-2BxWFt6SEjotQnr8-2FORji8Qp5Xlc1CzNrc6ogvySh3yI9rvjXj4hhyAdhjcEAHn79i2FXB17FqdsKOuAsQo7iJ0Vds-2FOwCuw5kdiO-2FftXI9lULWT5vDad7Ugddaum-2FjYrVUBA0uMmM9N7FdGDsfBeSWNYQbSag9k-3D Build ID: 486698 Analysis Summary: New defects found: 0 Defects eliminated: 1
[openssl/openssl] 79edcf: Update CHANGES.md and NEWS.md for new release
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 79edcf4da7d4525acf0db894bc6af6f9ca2b9b9b https://github.com/openssl/openssl/commit/79edcf4da7d4525acf0db894bc6af6f9ca2b9b9b Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M CHANGES.md M NEWS.md Log Message: --- Update CHANGES.md and NEWS.md for new release Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19379)
[openssl/openssl] 247b8e: Ensure that the key share group is allowed for our...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 247b8e52527ed4facd9ff07cdef0df819193c0c3 https://github.com/openssl/openssl/commit/247b8e52527ed4facd9ff07cdef0df819193c0c3 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/statem/extensions_clnt.c M ssl/statem/extensions_srvr.c Log Message: --- Ensure that the key share group is allowed for our protocol version We should never send or accept a key share group that is not in the supported groups list or a group that isn't suitable for use in TLSv1.3 Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 04719b208992750ffe2b9232c62ca9179185f3e5 https://github.com/openssl/openssl/commit/04719b208992750ffe2b9232c62ca9179185f3e5 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/recipes/70-test_key_share.t Log Message: --- Add a test for where a client sends a non-TLSv1.3 key share This should not happen but we should tolerate and send an HRR Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Commit: 7b141d4934ab1254d65fd1859ca1c6eff1113b50 https://github.com/openssl/openssl/commit/7b141d4934ab1254d65fd1859ca1c6eff1113b50 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M test/ssl-tests/14-curves.cnf M test/ssl-tests/14-curves.cnf.in Log Message: --- Add a test for TLSv1.3 only client sending a correct key_share Make sure that a TLSv1.3 only client does not send a TLSv1.3 key_share. Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/19317) Compare: https://github.com/openssl/openssl/compare/f78c51995e35...7b141d4934ab
[openssl/openssl] 2c50d7: Convert the TLSv1.3 crypto code to the new write r...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 https://github.com/openssl/openssl/commit/2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/ssl_local.h M ssl/statem/statem_clnt.c M ssl/t1_enc.c M ssl/tls13_enc.c M test/sslapitest.c Log Message: --- Convert the TLSv1.3 crypto code to the new write record layer We also clean up some of the KTLS code while we are doing it now that all users of KTLS have been moved to the new write record layer. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: bfda3aeec5986d9374e1ceb33b823a2d82bd29ca https://github.com/openssl/openssl/commit/bfda3aeec5986d9374e1ceb33b823a2d82bd29ca Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Remove most of the DTLS special casing from the write record code Most of this was unnecessary anyway since DTLS isn't using these codepaths. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f https://github.com/openssl/openssl/commit/2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: --- Remove some unneeded usage of the SSL_CONNECTION object Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 4bf610bdce3b0e474c5ce7db5be77e152f3649b6 https://github.com/openssl/openssl/commit/4bf610bdce3b0e474c5ce7db5be77e152f3649b6 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/s3_enc.c M ssl/statem/statem.c M ssl/statem/statem.h M ssl/t1_enc.c M ssl/tls13_enc.c Log Message: --- Remove enc_write_state This field was used to track whether a cipher ctx was valid for writing or not, and also whether we should write out plaintext alerts. With the new record layer design we no longer need to track whether a cipher ctx is valid since the whole record layer will be aborted if it is not. Also we have a different mechanism for tracking whether we should write out plaintext alerts. Therefore this field is removed from the SSL object. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 435d88d70813825533c8789faa71c6287e0d43c9 https://github.com/openssl/openssl/commit/435d88d70813825533c8789faa71c6287e0d43c9 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/recordmethod.h M ssl/ssl_lib.c M ssl/statem/extensions.c Log Message: --- Use the configured max_send_fragment value in the write record layer Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 https://github.com/openssl/openssl/commit/f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: --- Remove an old TODO from the code Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 91fe8ff02a323eddb0404f975d5c9a03c024593b https://github.com/openssl/openssl/commit/91fe8ff02a323eddb0404f975d5c9a03c024593b Author: Matt Caswell Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: --- Defer write buffer and WPACKET allocation/initialisation to protocol code We move some protocol specific code for write buffer and WPACKET allocation and initialisation out of tls_common.c and into the protocol specific files. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 7ca61d63e99726ef7874b88b96892dae75f51156
[openssl/web] 061f8b: Make better rendering of general policy-supplementals
Branch: refs/heads/master Home: https://github.com/openssl/web Commit: 061f8b1a0772202c1311e536bf99e6237fd026f4 https://github.com/openssl/web/commit/061f8b1a0772202c1311e536bf99e6237fd026f4 Author: Richard Levitte Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M Makefile Log Message: --- Make better rendering of general policy-supplementals The quick method in the previous commit was incorrect. We change it to align with how other policy files are rendered. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/web/pull/369)
[openssl/web] 3397d0: We have policy-supplementals, let's render them
Branch: refs/heads/master Home: https://github.com/openssl/web Commit: 3397d021f6316bf7605753ceb135d624071f27d0 https://github.com/openssl/web/commit/3397d021f6316bf7605753ceb135d624071f27d0 Author: Richard Levitte Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M Makefile Log Message: --- We have policy-supplementals, let's render them Reviewed-by: Paul Dale (Merged from https://github.com/openssl/web/pull/368)
[openssl/openssl] 7f2d61: Add LoongArch64 cpuid and OPENSSL_loongarchcap_P
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 7f2d6188c7b16ef7a4ddb56f42014156b9f8 https://github.com/openssl/openssl/commit/7f2d6188c7b16ef7a4ddb56f42014156b9f8 Author: zhuchen Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M Configurations/10-main.conf M crypto/build.info A crypto/loongarch64cpuid.pl A crypto/loongarch_arch.h A crypto/loongarchcap.c Log Message: --- Add LoongArch64 cpuid and OPENSSL_loongarchcap_P Loongarch64 architecture defines 128 bit vector extension lsx and 256 bit vector extension lasx. The cpucfg instruction can be used to obtain whether the CPU has a corresponding extension. This part of code is added to prepare for the subsequent addition of corresponding vector instruction optimization. Signed-off-by: zhuchen Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19364) Commit: ef917549f5867d269d359155ff67b8ccb5e66a76 https://github.com/openssl/openssl/commit/ef917549f5867d269d359155ff67b8ccb5e66a76 Author: zhuchen Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: A crypto/aes/asm/vpaes-loongarch64.pl M crypto/aes/build.info M include/crypto/aes_platform.h Log Message: --- Add vpaes-loongarch64.pl module. Add 128 bit lsx vector expansion optimization code of Loongarch64 architecture to AES. The test result on the 3A5000 improves performance by about 40%~50%. Signed-off-by: zhuchen Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/19364) Compare: https://github.com/openssl/openssl/compare/e1e93f7a07df...ef917549f586
[openssl/web] 2b8c7b: Drop the old platform policy file, as it is now in...
Branch: refs/heads/master Home: https://github.com/openssl/web Commit: 2b8c7b112fc03cefe76266bb6c146842fd283d84 https://github.com/openssl/web/commit/2b8c7b112fc03cefe76266bb6c146842fd283d84 Author: Richard Levitte Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M policies/general/dirdata.yaml R policies/platformpolicy.md Log Message: --- Drop the old platform policy file, as it is now in general-policies Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/web/pull/365)
[openssl/web] b76532: Drop the old travel policy file, as it is now in g...
Branch: refs/heads/master Home: https://github.com/openssl/web Commit: b76532d81672e0519980f58fcdfc5d227a475e7c https://github.com/openssl/web/commit/b76532d81672e0519980f58fcdfc5d227a475e7c Author: Richard Levitte Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M policies/general/dirdata.yaml R policies/travel.md Log Message: --- Drop the old travel policy file, as it is now in general-policies Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/web/pull/366)
[openssl/web] 0a5aef: Drop the old travel policy file, as it is now in g...
Branch: refs/heads/master Home: https://github.com/openssl/web Commit: 0a5aef75a55a6d97b0ab2742926eabb67b1c2b0f https://github.com/openssl/web/commit/0a5aef75a55a6d97b0ab2742926eabb67b1c2b0f Author: Richard Levitte Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M policies/general/dirdata.yaml R policies/travel.md Log Message: --- Drop the old travel policy file, as it is now in general-policies