During a release cycle we always wind up going through our git history
to try make sure we caught all the stuff that needed a CHANGES/NEWS
entry. Lets try make that at least a little more automated here. PR's
that reference CVEs, come from feature branches or impact public apis
generally need a NEWS/CHANGES entry, so lets flag those during CI. It
should serve as a reminder to add entries to NEWS/CHANGES to prs meeting
the above criteria, and can be ignored via the application of the
no_news_changes_needed label to the PR.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Tue Jan 13 19:17:37 2026
(Merged from https://github.com/openssl/openssl/pull/29536)
SSL_free(conn_ssl) for a QCSO enters ossl_quic_free, which calls qc_cleanup.
qc_cleanup already frees qc->tls via SSL_free(qc->tls) and then frees qc->ch.
The additional SSL_free(ossl_quic_channel_get0_tls(new_ch)) releases the same
TLS a second time, which is redundant.
We also replace some of the pure condition checks with ossl_assert() checks
as these conditions cannot really fail.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:54:07 2026
(Merged from https://github.com/openssl/openssl/pull/28920)
Just like in previous commit, this define does not represent a toggleable
feature, but is entirely dependent on the OPENSSL_SMALL_FOOTPRINT define.
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:27 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
Just like in previous commit, this define does not represent a toggleable
feature, but is entirely dependent on the OPENSSL_SMALL_FOOTPRINT define.
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:25 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
It does not represent a feature that some arch may or may not possess, but
instead is entirely dependent on the OPENSSL_SMALL_FOOTPRINT option.
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:24 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
Use BIO_free() to free "in" if error occurs to avoid memory leak.
Moreover, add check for "out" to avoid NULL pointer dereference.
Also replace OPENSSL_assert with return.
Fixes: e599d0a ("Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:40:14 2026
(Merged from https://github.com/openssl/openssl/pull/27920)
In PR #29145 a new OSSL_LIB_CTX_SSL_CONF_IMODULE was added, but
the OSSL_LIB_CTX_MAX_INDEXES value was left behind.
This should probably be converted to an enum, but I'll leave that work
to some other brave soul.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29581)
recvfrom() may return WSAECONNRESET when the destination port
used in a previous sendto() call is no longer available. This
causes QUIC PORT to swich from running state. This behavior
is not desired for QUIC protocol. The trick is to disable
SIO_UDP_CONNRESET flag on UDP port used by QUIC.
The issue was kindly reported and root caused by goforit22123-netizen@
Fixes: #29530
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Mon Jan 12 10:27:25 2026
(Merged from https://github.com/openssl/openssl/pull/29538)
Now that EVP_PKEY_ASN1_METHODs have been removed from the public API we
need to update the documentation accordingly. They still exist internally
and so some references are still appropriate in the internal documetnation.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29405)
Now that the ability to register a custom EVP_PKEY_ASN1_METHOD has
been removed in an earlier commit, we can now remove the functions that
are used to create a custom EVP_PKEY_ASN1_METHOD.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29405)
We remove the ability to add application defined EVP_PKEY_ASN1_METHODs
via the `EVP_PKEY_asn1_add0()` function. We also remove the related function
`EVP_PKEY_asn1_add_alias()`.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29405)
Somewhere in our conversion from .c files to .inc files for our rand
providers, we created code in drbg_hmac_set_ctx_params_locked to fetch
our digest and hmac when creating the rand instance. However, the
function drbg_fetch_algs_from_prov only fetched our digest for this rand
type, not the hmac, and returned 1 while doing so, indicating success.
This is problematic because it means that we never wind up fetching an
HMAC for this rand type. As a result we never compute the strength of
the DRBG and so any attempt to seed it fails.
Ensure that, if we load a digest for this DRBG, we also fetch an HMAC,
and fail if we can't do so, so the HMAC-DRBG is useful.
Fixesopenssl/private#853
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29560)
OpenSSL's build file (Makefile) handles library directories via two
variables, 'LIBDIR' and 'libdir', where the former is empty when the
path given through ./Configure's '--libdir' is absolute.
This was forgotten when treating the resulting values in,
util/mkinstallvars.pl, which got libdir in exporters/libcrypto.pc
to not be quite right if .Configure was called with a '--libdir'
with an absolute path.
The fix turns out to be quite easy.
Resolves: https://github.com/openssl/openssl/issues/28779
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29540)
