Merge pull request #122 from pi-314159/20240910

Update to upstream f10c1dc
open-quantum-safe · Sep 13, 2024 · 4c1370c · 4c1370c
2 parents 6421f76 + 5918e7d
commit 4c1370c
Show file tree

Hide file tree

Showing 353 changed files with 41,569 additions and 15,240 deletions.
diff --git a/.gitignore b/.gitignore
@@ -27,6 +27,7 @@
 /util/bot/nasm-win32.exe
 /util/bot/ninja
 /util/bot/perl-win32
+/util/bot/qemu-static
 /util/bot/sde-linux64
 /util/bot/sde-linux64.tar.xz
 /util/bot/sde-win32

diff --git a/API-CONVENTIONS.md b/API-CONVENTIONS.md
@@ -40,7 +40,15 @@ for more details.
 As with `errno`, callers must test the function's return value, not the error
 queue to determine whether an operation failed. Some codepaths may not interact
 with the error queue, and the error queue may have state from a previous failed
-operation.
+operation. After checking for failure, the caller can then inspect the error
+queue in the failure case for details.
+
+As a notable exception, some functions in the SSL/TLS library use a multi-step
+process to indicate failure: First, the return value indicates whether the
+operation failed. Then, `SSL_get_error` indicates whether the failure was due to
+an error (`SSL_ERROR_SSL`) or some recoverable condition (e.g.
+`SSL_ERROR_WANT_READ`). In the former case, the caller can use the error queue
+for more information.
 
 When ignoring a failed operation, it is recommended to call `ERR_clear_error` to
 avoid the state interacting with future operations. Failing to do so should not
@@ -50,7 +58,9 @@ operations being mixed in error logging. We hope to
 situation in the future.
 
 Where possible, avoid conditioning on specific reason codes and limit usage to
-logging. The reason codes are very specific and may change over time.
+logging. The reason codes are very fine-grained and tend to leak details of the
+library's internal structure. Changes in the library often have a side effect of
+changing the exact reason code returned.
 
 
 ## Memory allocation

diff --git a/BUILD.bazel b/BUILD.bazel
@@ -44,6 +44,12 @@ load(
 )
 load(":util/util.bzl", "bssl_cc_binary", "bssl_cc_library", "bssl_cc_test")
 
+# Disable the parse_headers feature. It does not work well in C right now. See
+# https://github.com/bazelbuild/bazel/issues/23460 for details. When that is
+# fixed, if enabled, we likely also need to rename some headers to .inc per
+# https://google.github.io/styleguide/cppguide.html#Self_contained_Headers
+package(features = ["-parse_headers"])
+
 licenses(["notice"])
 
 exports_files(["LICENSE"])

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -535,6 +535,10 @@ if(FIPS_DELOCATE)
   target_include_directories(bcm_c_generated_asm PRIVATE ${PROJECT_SOURCE_DIR}/include)
   set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
   set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
+  if(CLANG)
+    # Clang warns when passing both -c (from CMake) and -S.
+    set_property(TARGET bcm_c_generated_asm APPEND PROPERTY COMPILE_OPTIONS "-Wno-unused-command-line-argument")
+  endif()
 
   set(TARGET_FLAG "")
   if(CMAKE_ASM_COMPILER_TARGET)