Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module
Commit log since last time: 6353507e9d DOC: Fix check of EVP_PKEY_fromdata{,_init} in examples d9ea62c2c2 DOC: Modify one example in EVP_PKEY_fromdata(3) bef7638610 Cleanup deprecation of ENGINE_setup_bsd_cryptodev 7f0f88240e Slightly abstract ktls_start() to reduce OS-specific #ifdefs. 74eee1bdaa Remove unused dummy functions from ktls.h. 4b09e19216 Fix the socket BIO control methods to use ktls_crypto_info_t. 076bf8c2c9 X509_STORE_CTX_print_verify_cb(): add AKID and SKID output for (non-)trusted certs 0b86eefd43 OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted 15076c26d7 Strengthen chain building for CMP 39082af2fa Add OSSL_CMP_CTX_get1_newChain() and related CLI option -chainout 09e76c5dd3 test/drbgtest: improve the reseed after fork test 59ed733989 Fix coverity CID #1454815 - NULL ptr dereference in initthread.c 5340c8ea2a Fix coverity CID #1452769 & #1452771 - Arg passed to function that cannot be negative in cms_ess.c 776cf98b49 Fix coverity CID #1457935 - Check return value in ffc_params.c for BIO_indent/BIO_puts calls. d135774e7d Fix coverity CID #1465967 & #1465968 - fix NULL dereference in dh_ameth.c 3320026911 Fix coverity CID #1466371 - fix dereference before NULL check. 0e540f231c Fix coverity CID #1466375 - Remove dead code. 7ce49eeaca Fix coverity CID #1466377 - resource leak due to early return in ec_get_params(). ea47869792 Fix coverity CID #1466378 - Incorrect expression in ec_backend.c d55d0935de ASN1: Make ASN1_item_verify_ctx() work with provider-native keys 5045abb2e9 EC: Remove one error record that shadows another 7192e4dfa1 TEST: Ensure that the base provider i activated when needed 96b924105f Revert "TEST: separate out NIST ECC tests from non-NIST" 4feda976de EVP: Don't report malloc failure in new_raw_key_int() 88c1d0c1da TEST: have key_unsupported() in evp_test.c look at the last error c2150f7357 STORE: Stop the flood of errors 67b6401356 CORE: Fix small bug in passphrase caching 7a30681095 STORE: Fix potential memory leak a10847c427 "Downgrade" provider-native keys to legacy where needed b527564884 EVP: Downgrade EVP_PKEYs in EVP_PKEY2PKCS8() 7620d89c3f TEST: Modify test/recipes/90-test_store.t for use with different 'file:' loaders a1447076be STORE: Deprecate legacy / ENGINE functions 63f187cfed STORE: Add a built-in 'file:' storemgmt implementation (loader) 16feca7154 STORE: Move the built-in 'file:' loader to become an engine module bd7a6f16eb OSSL_ENCODER / OSSL_DECODER post-rename cleanup a955676141 ASN1: Fix d2i_KeyParams() to advance |pp| like all other d2i functions do 0bc193dd05 Ensure EVP_MAC_update() passes the length even if it is 0 13c9843cff Convert ssl3_cbc_digest_record() to use EVP_MD_is_a() 820d87bc98 Update the EVP_PKEY MAC documentation f271389305 Enable PKEY MAC bridge signature algs to take ctx params e08f86ddb1 Make ssl3_cbc_digest_record() use the real data_size 2e2084dac3 Start using the provider side TLS HMAC implementation 3fddbb264e Add an HMAC implementation that is TLS aware b48ca22a56 Avoid AIX compiler issue by making the macro argument names not match any substring 6f04bcc7e3 Fix typo in FIPS_MODULE endif macro comment 1010e4ac97 Fix post-condition in algorithm_do_this 2b748d722b Fix use of OPENSSL_realloc in provider Build log ended with (last 100 lines): # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2326:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:691:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:2051:CMP info: will contact http://127.0.0.1:1700/pkix/ # ASN1_get_object:../openssl/crypto/asn1/asn1_lib.c:105:CMP error: header too long # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2098:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2326:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:691:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:2051:CMP info: will contact http://127.0.0.1:1700/pkix/ # ASN1_get_object:../openssl/crypto/asn1/asn1_lib.c:105:CMP error: header too long # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2098:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # cmp_main:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2326:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:691:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:2051:CMP info: will contact http://127.0.0.1:1700/pkix/ # ASN1_get_object:../openssl/crypto/asn1/asn1_lib.c:105:CMP error: header too long # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2098:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=211, Tests=3019, 600 wallclock secs ( 9.93 usr 1.27 sys + 533.41 cusr 53.47 csys = 598.08 CPU) Result: FAIL Makefile:2425: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2423: recipe for target 'tests' failed make: *** [tests] Error 2