[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2015-12-10 Thread Andy Polyakov 
The branch OpenSSL_1_0_2-stable has been updated
   via  3cd33c42e3460d9351d208c08bea28f57f7465ff (commit)
  from  50053969e39ae055d2aca7a6a8bf39a3e20c1931 (commit)


- Log -
commit 3cd33c42e3460d9351d208c08bea28f57f7465ff
Author: Andy Polyakov 
Date:   Wed Dec 9 20:49:12 2015 +0100

ec/ecp_nistz256_table.c: fix potential misalignment problem with Sun C.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/ec/ecp_nistz256_table.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/ec/ecp_nistz256_table.c b/crypto/ec/ecp_nistz256_table.c
index 216d024..2f0797d 100644
--- a/crypto/ec/ecp_nistz256_table.c
+++ b/crypto/ec/ecp_nistz256_table.c
@@ -17,7 +17,7 @@ __attribute((aligned(4096)))
 #elif defined(_MSC_VER)
 __declspec(align(4096))
 #elif defined(__SUNPRO_C)
-# pragma align 4096(ecp_nistz256_precomputed)
+# pragma align 64(ecp_nistz256_precomputed)
 #endif
 static const BN_ULONG ecp_nistz256_precomputed[37][64 *
sizeof(P256_POINT_AFFINE) /
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.142

2015-12-10 Thread AppVeyor 



Build openssl master.142 failed


Commit 60f43e9e4d by Richard Levitte on 12/9/2015 10:59 PM:

Fix warnings about unused variables when EC is disabled.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#856 (OpenSSL_1_0_2-stable - 3cd33c4)

2015-12-10 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #856
Status: Still Failing

Duration: 2 minutes and 6 seconds
Commit: 3cd33c4 (OpenSSL_1_0_2-stable)
Author: Andy Polyakov
Message: ec/ecp_nistz256_table.c: fix potential misalignment problem with Sun C.

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/50053969e39a...3cd33c42e346

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/96105016

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.141

2015-12-10 Thread AppVeyor 



Build openssl master.141 failed


Commit 5e03052560 by Dr. Stephen Henson on 12/9/2015 10:09 PM:

add CHANGES and NEWS entry


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2015-12-10 Thread Rich Salz 
The branch master has been updated
   via  8e562fbfa583c676dba106e12a3bfaaf2d506772 (commit)
  from  6a9dca46f49636e1618fb5a2213eb4ae1da87c4a (commit)


- Log -
commit 8e562fbfa583c676dba106e12a3bfaaf2d506772
Author: Rich Salz 
Date:   Thu Dec 10 12:02:35 2015 -0500

OCB license moved

---

Summary of changes:
 docs/.htaccess | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/.htaccess b/docs/.htaccess
index bddf41d..afd678d 100644
--- a/docs/.htaccess
+++ b/docs/.htaccess
@@ -2,6 +2,7 @@ RewriteEngine on
 RewriteRule ^fips/fipsnotes.html /docs/fipsnotes.html [L,R=302,NC]
 RewriteRule ^fips/fipsvalidation.html /docs/fipsvalidation.html [L,R=302,NC]
 RewriteRule ^fips/index.html /docs/fips/fips.html [L,R=302,NC]
+RewriteRule ^misc/OCB-patent-grant-OpenSSL.pdf 
/source/OCB-patent-grant-OpenSSL.pdf [L,R=302,NC]
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteRule ^manmaster/apps/1/(.*)  /docs/manmaster/apps/$1 [L,R=302,NC]
 RewriteCond %{REQUEST_FILENAME} !-f
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (commit)
  from  44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (commit)


- Log -
commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68
Author: Matt Caswell 
Date:   Wed Nov 11 10:44:07 2015 +

Add a return value check

If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 ssl/t1_lib.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 83015e8..571a891 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3326,7 +3326,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
 static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
int *psignhash_nid, const unsigned char *data)
 {
-int sign_nid = 0, hash_nid = 0;
+int sign_nid = NID_undef, hash_nid = NID_undef;
 if (!phash_nid && !psign_nid && !psignhash_nid)
 return;
 if (phash_nid || psignhash_nid) {
@@ -3340,9 +3340,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int 
*psign_nid,
 *psign_nid = sign_nid;
 }
 if (psignhash_nid) {
-if (sign_nid && hash_nid)
-OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
-else
+if (sign_nid == NID_undef || hash_nid == NID_undef
+|| OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
+  sign_nid) <= 0)
 *psignhash_nid = NID_undef;
 }
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2015-12-10 Thread Matt Caswell 
The branch OpenSSL_1_0_2-stable has been updated
   via  f4d1926f9546e84631fdfd9bd68af86ffe4021b2 (commit)
  from  9501418ea2287658d1a11ce888ff97fa49e9164d (commit)


- Log -
commit f4d1926f9546e84631fdfd9bd68af86ffe4021b2
Author: Matt Caswell 
Date:   Wed Nov 11 10:44:07 2015 +

Add a return value check

If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.

Reviewed-by: Richard Levitte 
(cherry picked from commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68)

---

Summary of changes:
 ssl/t1_lib.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3176d1e..37f0ae5 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3583,7 +3583,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
 static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
int *psignhash_nid, const unsigned char *data)
 {
-int sign_nid = 0, hash_nid = 0;
+int sign_nid = NID_undef, hash_nid = NID_undef;
 if (!phash_nid && !psign_nid && !psignhash_nid)
 return;
 if (phash_nid || psignhash_nid) {
@@ -3599,9 +3599,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int 
*psign_nid,
 *psign_nid = sign_nid;
 }
 if (psignhash_nid) {
-if (sign_nid && hash_nid)
-OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
-else
+if (sign_nid == NID_undef || hash_nid == NID_undef
+|| OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
+  sign_nid) <= 0)
 *psignhash_nid = NID_undef;
 }
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  2fb5535e64c395f01151315474fd10574677e3d6 (commit)
  from  330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (commit)


- Log -
commit 2fb5535e64c395f01151315474fd10574677e3d6
Author: Matt Caswell 
Date:   Thu Dec 10 11:37:03 2015 +

Fix mkfiles for new directories

Add the new chacha and poly1305 directories to mkfiles.pl to enable proper
building on windows.

Reviewed-by: Andy Polyakov 

---

Summary of changes:
 util/mkfiles.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/util/mkfiles.pl b/util/mkfiles.pl
index b03abc9..bc17462 100755
--- a/util/mkfiles.pl
+++ b/util/mkfiles.pl
@@ -63,6 +63,8 @@ my @dirs = (
 "crypto/srp",
 "crypto/ct",
 "crypto/async",
+"crypto/chacha",
+"crypto/poly1305",
 "ssl",
 "apps",
 "engines",
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Andy Polyakov 
The branch master has been updated
   via  c7b5b9f4b1ec24743da20926f50418ba9fa92e87 (commit)
   via  48f14845551c530ed42834d8034d53222d355175 (commit)
   via  a76ba82ccbfee6df5aa86ba2a275b713f3e0f239 (commit)
   via  bd3385d84505eeb552a6125415607785f63c6d2d (commit)
   via  eb85cb8632ad5d868a5634b3ce18846ae351c380 (commit)
   via  bd989745b7a4796dceff89d93b6b7ac1561c6227 (commit)
   via  f6b9427923dd275ea4149a73f841dbcee079ace3 (commit)
   via  72bb2f64fc67dc644f302a07953900becced011f (commit)
   via  7dcb21869bec05d574d55e4c29daa5d58480d2a1 (commit)
  from  a0ffedaf7bb7b457b42108b8819d00e64003b3a9 (commit)


- Log -
commit c7b5b9f4b1ec24743da20926f50418ba9fa92e87
Author: Andy Polyakov 
Date:   Thu Dec 10 00:03:06 2015 +0100

make update.

Reviewed-by: Richard Levitte 

commit 48f14845551c530ed42834d8034d53222d355175
Author: Andy Polyakov 
Date:   Wed Dec 9 23:02:11 2015 +0100

Configure: make no-chacha and no-poly1305 work.

Reviewed-by: Richard Levitte 

commit a76ba82ccbfee6df5aa86ba2a275b713f3e0f239
Author: Andy Polyakov 
Date:   Wed Dec 9 21:47:00 2015 +0100

Wire ChaCha20-Poly1305 to TLS.

Reviewed-by: Richard Levitte 

commit bd3385d84505eeb552a6125415607785f63c6d2d
Author: Andy Polyakov 
Date:   Wed Dec 9 21:36:19 2015 +0100

evp/c_allc.c: wire ChaCha20-Poly1305 and add tests.

Reviewed-by: Richard Levitte 

commit eb85cb8632ad5d868a5634b3ce18846ae351c380
Author: Andy Polyakov 
Date:   Wed Dec 9 21:35:30 2015 +0100

test/evp_test.c: allow generic AEAD ciphers to be tested.

Reviewed-by: Richard Levitte 

commit bd989745b7a4796dceff89d93b6b7ac1561c6227
Author: Andy Polyakov 
Date:   Wed Dec 9 21:30:56 2015 +0100

crypto/evp: add e_chacha20_poly1305.c.

Reviewed-by: Richard Levitte 

commit f6b9427923dd275ea4149a73f841dbcee079ace3
Author: Andy Polyakov 
Date:   Wed Dec 9 21:18:00 2015 +0100

evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0.

In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe
EVP_CIPHEX_CTX.cipher_data.

Reviewed-by: Richard Levitte 

commit 72bb2f64fc67dc644f302a07953900becced011f
Author: Andy Polyakov 
Date:   Wed Dec 9 21:15:28 2015 +0100

Add ChaCha20-Poly1305 and ChaCha20 NIDs.

Reviewed-by: Richard Levitte 

commit 7dcb21869bec05d574d55e4c29daa5d58480d2a1
Author: Andy Polyakov 
Date:   Wed Dec 9 21:11:49 2015 +0100

Add reference ChaCha20 and Poly1305 implementations.

Reviewed-by: Emilia Käsper 
Reviewed-by: Richard Levitte 
Reviewed-by: Kurt Roeckx 

---

Summary of changes:
 Configure  |   2 +
 Makefile.org   |   4 +-
 crypto/{whrlpool => chacha}/Makefile   |  32 +-
 crypto/chacha/chacha_enc.c | 157 
 crypto/evp/Makefile|  26 +-
 crypto/evp/c_allc.c|   7 +
 crypto/evp/e_chacha20_poly1305.c   | 490 
 crypto/evp/evp_enc.c   |   8 +-
 crypto/evp/evp_err.c   |  11 +-
 ssl/ssl_utst.c => crypto/include/internal/chacha.h |  56 +-
 .../include/internal/poly1305.h|  29 +-
 crypto/objects/obj_dat.h   |  12 +-
 crypto/objects/obj_mac.num |   2 +
 crypto/objects/objects.txt |   2 +
 crypto/{whrlpool => poly1305}/Makefile |  32 +-
 crypto/poly1305/poly1305.c | 879 +
 include/openssl/evp.h  |   8 +
 include/openssl/obj_mac.h  |   8 +
 include/openssl/ssl.h  |   1 +
 include/openssl/tls1.h |  18 +
 ssl/s3_lib.c   | 113 +++
 ssl/ssl_algs.c |   3 +
 ssl/ssl_ciph.c |   4 +-
 ssl/ssl_locl.h |   1 +
 ssl/t1_trce.c  |   7 +
 test/evp_test.c|   2 +
 test/evptests.txt  |  65 ++
 util/libeay.num|   7 +
 util/mkdef.pl  |   9 +-
 29 files changed, 1894 insertions(+), 101

[openssl-commits] [openssl] master update

2015-12-10 Thread Andy Polyakov 
The branch master has been updated
   via  44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (commit)
  from  c7b5b9f4b1ec24743da20926f50418ba9fa92e87 (commit)


- Log -
commit 44bf7119d67272dbbe3a96c58b842aff8d93c1b4
Author: Andy Polyakov 
Date:   Wed Dec 2 14:26:03 2015 +0100

modes/ocb128.c: fix overstep.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/modes/ocb128.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c
index 6206755..3a3f7a8 100644
--- a/crypto/modes/ocb128.c
+++ b/crypto/modes/ocb128.c
@@ -162,7 +162,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t 
idx)
 if (!ctx->l)
 return NULL;
 }
-while (l_index <= idx) {
+while (l_index < idx) {
 ocb_double(ctx->l + l_index, ctx->l + l_index + 1);
 l_index++;
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Kurt Roeckx 
The branch master has been updated
   via  ba67253db19d0319f672d47aa359032e5e66d1b8 (commit)
  from  f8137a62d94c0a5809a4363b7b4aab3adcb8201c (commit)


- Log -
commit ba67253db19d0319f672d47aa359032e5e66d1b8
Author: Rob Stradling 
Date:   Fri Dec 4 14:35:43 2015 +

Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).

Signed-off-by: Kurt Roeckx 
Reviewed-by: Rich Salz 
Reviewed-by: Dr. Stephen Henson 

GH: #495, MR: #1435

---

Summary of changes:
 crypto/objects/obj_dat.h  |  15 ++--
 crypto/objects/obj_mac.num|   1 +
 crypto/objects/objects.txt|   1 +
 crypto/x509v3/Makefile|  18 +++-
 crypto/x509v3/ext_dat.h   |   1 +
 crypto/x509v3/v3_lib.c|   1 +
 crypto/x509v3/v3_tlsf.c   | 186 ++
 crypto/x509v3/v3err.c |   1 +
 doc/apps/x509v3_config.pod|  14 
 doc/crypto/X509V3_get_d2i.pod |   2 +
 include/openssl/obj_mac.h |   5 ++
 include/openssl/x509v3.h  |   5 ++
 util/libeay.num   |   2 +
 13 files changed, 245 insertions(+), 7 deletions(-)
 create mode 100644 crypto/x509v3/v3_tlsf.c

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index d1382a2..debf8cc 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 1020
-#define NUM_SN 1013
-#define NUM_LN 1013
-#define NUM_OBJ 936
+#define NUM_NID 1021
+#define NUM_SN 1014
+#define NUM_LN 1014
+#define NUM_OBJ 937
 
-static const unsigned char lvalues[6604]={
+static const unsigned char lvalues[6612]={
 0x2A,0x86,0x48,0x86,0xF7,0x0D,   /* [  0] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,  /* [  6] OBJ_pkcs */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
@@ -998,6 +998,7 @@ static const unsigned char lvalues[6604]={
 0x2A,0x85,0x03,0x64,0x03,/* [6588] OBJ_SNILS */
 0x2A,0x85,0x03,0x64,0x6F,/* [6593] OBJ_subjectSignTool */
 0x2A,0x85,0x03,0x64,0x70,/* [6598] OBJ_issuerSignTool */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x18, /* [6603] OBJ_tlsfeature */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2669,6 +2670,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"grasshopper-mac","grasshopper-mac",NID_grasshopper_mac,0,NULL,0},
 {"ChaCha20-Poly1305","chacha20-poly1305",NID_chacha20_poly1305,0,NULL,0},
 {"ChaCha20","chacha20",NID_chacha20,0,NULL,0},
+{"tlsfeature","TLS Feature",NID_tlsfeature,8,&(lvalues[6603]),0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -3656,6 +3658,7 @@ static const unsigned int sn_objs[NUM_SN]={
 293,   /* "textNotice" */
 133,   /* "timeStamping" */
 106,   /* "title" */
+1020,  /* "tlsfeature" */
 682,   /* "tpBasis" */
 375,   /* "trustRoot" */
 436,   /* "ucl" */
@@ -3813,6 +3816,7 @@ static const unsigned int ln_objs[NUM_LN]={
 1007,  /* "Signing Tool of Subject" */
 143,   /* "Strong Extranet ID" */
 398,   /* "Subject Information Access" */
+1020,  /* "TLS Feature" */
 130,   /* "TLS Web Client Authentication" */
 129,   /* "TLS Web Server Authentication" */
 133,   /* "Time Stamping" */
@@ -5244,6 +5248,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
 397,   /* OBJ_ac_proxying  1 3 6 1 5 5 7 1 10 */
 398,   /* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
 663,   /* OBJ_proxyCertInfo1 3 6 1 5 5 7 1 14 */
+1020,  /* OBJ_tlsfeature   1 3 6 1 5 5 7 1 24 */
 164,   /* OBJ_id_qt_cps1 3 6 1 5 5 7 2 1 */
 165,   /* OBJ_id_qt_unotice1 3 6 1 5 5 7 2 2 */
 293,   /* OBJ_textNotice   1 3 6 1 5 5 7 2 3 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 2993f56..5c6ffd4 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1017,3 +1017,4 @@ grasshopper_cfb   1016
 grasshopper_mac1017
 chacha20_poly1305  1018
 chacha20   1019
+tlsfeature 1020
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 29517e3..f34609d 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -472,6 +472,7 @@ id-pe 10: ac-proxying
 !Cname sinfo-access
 id-pe 11   : subjectInfoAccess : Subject Information Access
 id-pe 14   : proxyCertInfo : Proxy Certificate Information
+id-pe 24   : tlsfeature: TLS Feature
 
 # PKIX policyQualifiers for Internet policy qualifiers
 id-qt 1: id-qt-cps : Policy Qualifier CPS
diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile
index cd490ed..775f88b 100644
---

[openssl-commits] Fixed: openssl/openssl#852 (master - 278d6b3)

2015-12-10 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #852
Status: Fixed

Duration: 44 minutes and 30 seconds
Commit: 278d6b3 (master)
Author: Matt Caswell
Message: Prepare for 1.1.0-pre2-dev

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/e7986647267b...278d6b3663da

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/96043401

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  35301ce72f9ab8980789d8c0f376ec2110d3b6d0 (commit)
  from  1623aae7f4e9d53fb9e6a69817a46519f8dfeea1 (commit)


- Log -
commit 35301ce72f9ab8980789d8c0f376ec2110d3b6d0
Author: Matt Caswell 
Date:   Thu Dec 10 13:13:41 2015 +

Move opaque work complete date

Move the opaque work complete from alpha to beta

---

Summary of changes:
 policies/releasestrat.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policies/releasestrat.html b/policies/releasestrat.html
index f27df47..4f76abd 100644
--- a/policies/releasestrat.html
+++ b/policies/releasestrat.html
@@ -97,13 +97,13 @@
  
Not (necessarily) feature complete
Not necessarily all new APIs in place yet
-   Opaque work complete
  
 
  A beta release means:
 
  
Feature complete/Feature freeze
+   Opaque work complete
Bug fixes only
  
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  7c31419693ef5c01bb7d86c141b5e4a740f267dc (commit)
  from  67f60be8c9ae5ff3129fcd6238baf124385a41d8 (commit)


- Log -
commit 7c31419693ef5c01bb7d86c141b5e4a740f267dc
Author: Matt Caswell 
Date:   Thu Dec 10 13:04:39 2015 +

Update CHANGES and NEWS for alpha release

Misc updates to the CHANGES and NEWS files ready for the alpha release.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 CHANGES | 4 +++-
 NEWS| 8 ++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 1b26b7b..b420393 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 1.0.2e and 1.1.0  [xx XXX ]
 
+  *) Support for ChaCha20 and Poly1305 added to libcrypto and libssl.
+ [Andy Polyakov]
+
   *) New EC_KEY_METHOD, this replaces the older ECDSA_METHOD and ECDH_METHOD
  and integrates ECDSA and ECDH functionality into EC. Implementations can
  now redirect key generation and no longer need to convert to or from
@@ -11,7 +14,6 @@
 
  Note: the ecdsa.h and ecdh.h headers are now no longer needed and just
  include the ec.h header file instead.
-
  [Steve Henson]
 
   *) Remove support for all 40 and 56 bit ciphers.  This includes all the 
export
diff --git a/NEWS b/NEWS
index 86a81fa..4c4e7b4 100644
--- a/NEWS
+++ b/NEWS
@@ -7,18 +7,22 @@
 
   Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [under development]
 
+  o Support for ChaCha20 and Poly1305 added to libcrypto and libssl
   o Support for extended master secret
   o CCM ciphersuites
   o Reworked test suite, now based on perl, Test::Harness and Test::More
-  o EVP_MD, EVP_MD_CTX and HMAC_CTX made opaque
+  o Varous libcrypto structures made opaque including: BIGNUM, EVP_MD,
+EVP_MD_CTX and HMAC_CTX.
   o libssl internal structures made opaque
   o SSLv2 support removed
   o Kerberos ciphersuite support removed
   o RC4 removed from DEFAULT ciphersuites in libssl
   o 40 and 56 bit cipher support removed from libssl
   o All public header files moved to include/openssl, no more symlinking
-  o SSL/TLS state machine and record layer rewritten
+  o SSL/TLS state machine, version negotiation and record layer rewritten
   o EC revision: now operations use new EC_KEY_METHOD.
+  o Support for OCB mode added to libcrypto
+  o Support for asynchronous crypto operations added to libcrypto and 
libssl
 
   Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  67f60be8c9ae5ff3129fcd6238baf124385a41d8 (commit)
   via  2ad226e88bee97847496e542d63c67997d5beda6 (commit)
  from  02dc0b82ab19c32bf072213feff746b5b35f8ef6 (commit)


- Log -
commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8
Author: Matt Caswell 
Date:   Wed Nov 4 11:20:50 2015 +

Ensure |rwstate| is set correctly on BIO_flush

A BIO_flush call in the DTLS code was not correctly setting the |rwstate|
variable to SSL_WRITING. This means that SSL_get_error() will not return
SSL_ERROR_WANT_WRITE in the event of an IO retry.

Reviewed-by: Richard Levitte 

commit 2ad226e88bee97847496e542d63c67997d5beda6
Author: Matt Caswell 
Date:   Tue Nov 3 14:45:07 2015 +

Fix DTLS handshake fragment retries

If using DTLS and NBIO then if a second or subsequent handshake message
fragment hits a retry, then the retry attempt uses the wrong fragment
offset value. This commit restores the fragment offset from the last
attempt.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 ssl/statem/statem_dtls.c | 70 +---
 1 file changed, 49 insertions(+), 21 deletions(-)

diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 6d73659..5194c73 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -250,8 +250,44 @@ int dtls1_do_write(SSL *s, int type)
 blocksize = 0;
 
 frag_off = 0;
+s->rwstate = SSL_NOTHING;
+
 /* s->init_num shouldn't ever be < 0...but just in case */
 while (s->init_num > 0) {
+if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) {
+/* We must be writing a fragment other than the first one */
+
+if (frag_off > 0) {
+/* This is the first attempt at writing out this fragment */
+
+if (s->init_off <= DTLS1_HM_HEADER_LENGTH) {
+/*
+ * Each fragment that was already sent must at least have
+ * contained the message header plus one other byte.
+ * Therefore |init_off| must have progressed by at least
+ * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something 
went
+ * wrong.
+ */
+return -1;
+}
+
+/*
+ * Adjust |init_off| and |init_num| to allow room for a new
+ * message header for this fragment.
+ */
+s->init_off -= DTLS1_HM_HEADER_LENGTH;
+s->init_num += DTLS1_HM_HEADER_LENGTH;
+} else {
+/*
+ * We must have been called again after a retry so use the
+ * fragment offset from our last attempt. We do not need
+ * to adjust |init_off| and |init_num| as above, because
+ * that should already have been done before the retry.
+ */
+frag_off = s->d1->w_msg_hdr.frag_off;
+}
+}
+
 used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
 + mac_size + blocksize;
 if (s->d1->mtu > used_len)
@@ -264,8 +300,10 @@ int dtls1_do_write(SSL *s, int type)
  * grr.. we could get an error if MTU picked was wrong
  */
 ret = BIO_flush(SSL_get_wbio(s));
-if (ret <= 0)
+if (ret <= 0) {
+s->rwstate = SSL_WRITING;
 return ret;
+}
 used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
 if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
 curr_mtu = s->d1->mtu - used_len;
@@ -291,25 +329,6 @@ int dtls1_do_write(SSL *s, int type)
  * XDTLS: this function is too long.  split out the CCS part
  */
 if (type == SSL3_RT_HANDSHAKE) {
-if (s->init_off != 0) {
-OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
-s->init_off -= DTLS1_HM_HEADER_LENGTH;
-s->init_num += DTLS1_HM_HEADER_LENGTH;
-
-/*
- * We just checked that s->init_num > 0 so this cast should
- * be safe
- */
-if (((unsigned int)s->init_num) > curr_mtu)
-len = curr_mtu;
-else
-len = s->init_num;
-}
-
-/* Shouldn't ever happen */
-if (len > INT_MAX)
-len = INT_MAX;
-
 if (len < DTLS1_HM_HEADER_LENGTH) {
 /*
  * len is so small that we really can't do anything sensible
@@ -397,7 +416,16 @@ int

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

2015-12-10 Thread Matt Caswell 
The branch OpenSSL_1_0_1-stable has been updated
   via  f612bdb34252c3eae4808dd3e1360d0f0a3666bc (commit)
   via  4a534243183498ee1a5b3fb19f4be8a0bf731ca7 (commit)
  from  d724616f682cb374b613d7fbd57e4c2bf749469c (commit)


- Log -
commit f612bdb34252c3eae4808dd3e1360d0f0a3666bc
Author: Matt Caswell 
Date:   Wed Nov 4 11:20:50 2015 +

Ensure |rwstate| is set correctly on BIO_flush

A BIO_flush call in the DTLS code was not correctly setting the |rwstate|
variable to SSL_WRITING. This means that SSL_get_error() will not return
SSL_ERROR_WANT_WRITE in the event of an IO retry.

Reviewed-by: Richard Levitte 
(cherry picked from commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8)

commit 4a534243183498ee1a5b3fb19f4be8a0bf731ca7
Author: Matt Caswell 
Date:   Tue Nov 3 14:45:07 2015 +

Fix DTLS handshake fragment retries

If using DTLS and NBIO then if a second or subsequent handshake message
fragment hits a retry, then the retry attempt uses the wrong fragment
offset value. This commit restores the fragment offset from the last
attempt.

Reviewed-by: Richard Levitte 
(cherry picked from commit 2ad226e88bee97847496e542d63c67997d5beda6)

---

Summary of changes:
 ssl/d1_both.c | 70 +--
 1 file changed, 49 insertions(+), 21 deletions(-)

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index d453c07..aaa1867 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -291,8 +291,44 @@ int dtls1_do_write(SSL *s, int type)
 blocksize = 0;
 
 frag_off = 0;
+s->rwstate = SSL_NOTHING;
+
 /* s->init_num shouldn't ever be < 0...but just in case */
 while (s->init_num > 0) {
+if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) {
+/* We must be writing a fragment other than the first one */
+
+if (frag_off > 0) {
+/* This is the first attempt at writing out this fragment */
+
+if (s->init_off <= DTLS1_HM_HEADER_LENGTH) {
+/*
+ * Each fragment that was already sent must at least have
+ * contained the message header plus one other byte.
+ * Therefore |init_off| must have progressed by at least
+ * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something 
went
+ * wrong.
+ */
+return -1;
+}
+
+/*
+ * Adjust |init_off| and |init_num| to allow room for a new
+ * message header for this fragment.
+ */
+s->init_off -= DTLS1_HM_HEADER_LENGTH;
+s->init_num += DTLS1_HM_HEADER_LENGTH;
+} else {
+/*
+ * We must have been called again after a retry so use the
+ * fragment offset from our last attempt. We do not need
+ * to adjust |init_off| and |init_num| as above, because
+ * that should already have been done before the retry.
+ */
+frag_off = s->d1->w_msg_hdr.frag_off;
+}
+}
+
 used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
 + mac_size + blocksize;
 if (s->d1->mtu > used_len)
@@ -305,8 +341,10 @@ int dtls1_do_write(SSL *s, int type)
  * grr.. we could get an error if MTU picked was wrong
  */
 ret = BIO_flush(SSL_get_wbio(s));
-if (ret <= 0)
+if (ret <= 0) {
+s->rwstate = SSL_WRITING;
 return ret;
+}
 used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
 if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
 curr_mtu = s->d1->mtu - used_len;
@@ -332,25 +370,6 @@ int dtls1_do_write(SSL *s, int type)
  * XDTLS: this function is too long.  split out the CCS part
  */
 if (type == SSL3_RT_HANDSHAKE) {
-if (s->init_off != 0) {
-OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
-s->init_off -= DTLS1_HM_HEADER_LENGTH;
-s->init_num += DTLS1_HM_HEADER_LENGTH;
-
-/*
- * We just checked that s->init_num > 0 so this cast should
- * be safe
- */
-if (((unsigned int)s->init_num) > curr_mtu)
-len = curr_mtu;
-else
-len = s->init_num;
-}
-
-/* Shouldn't ever happen */
-if (len > INT_MAX)
-len = INT_MAX;
-
 if (len < DTLS1_HM_HEADER_LENGTH) {

[openssl-commits] [openssl] master update

2015-12-10 Thread Viktor Dukhovni 
The branch master has been updated
   via  f8137a62d94c0a5809a4363b7b4aab3adcb8201c (commit)
  from  278d6b3663da7f02f294481694e2bd909eb4672f (commit)


- Log -
commit f8137a62d94c0a5809a4363b7b4aab3adcb8201c
Author: Viktor Dukhovni 
Date:   Thu Dec 10 00:44:00 2015 -0500

Restore full support for EVP_CTX_create() etc.

Reviewed-by: Dr. Stephen Henson 
Reviewed-by: Kurt Roeckx 
Reviewed-by: Matt Caswell 
Reviewed-by: Rich Salz 
Reviewed-by: Richard Levitte 

---

Summary of changes:
 include/openssl/evp.h | 8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 969a0fa..5126803 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -596,11 +596,9 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void 
*p2);
 EVP_MD_CTX *EVP_MD_CTX_new(void);
 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
 void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
-# ifdef OPENSSL_USE_DEPRECATED
-#  define EVP_MD_CTX_create() EVP_MD_CTX_new()
-#  define EVP_MD_CTX_init(ctx)EVP_MD_CTX_reset((ctx))
-#  define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-# endif
+# define EVP_MD_CTX_create() EVP_MD_CTX_new()
+# define EVP_MD_CTX_init(ctx)EVP_MD_CTX_reset((ctx))
+# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
 /*__owur*/ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
 void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
 void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#846 (OpenSSL_1_0_2-stable - 5005396)

2015-12-10 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #846
Status: Still Failing

Duration: 2 minutes and 13 seconds
Commit: 5005396 (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Ensure |rwstate| is set correctly on BIO_flush

A BIO_flush call in the DTLS code was not correctly setting the |rwstate|
variable to SSL_WRITING. This means that SSL_get_error() will not return
SSL_ERROR_WANT_WRITE in the event of an IO retry.

Reviewed-by: Richard Levitte 
(cherry picked from commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8)

View the changeset: 
https://github.com/openssl/openssl/compare/f4d1926f9546...50053969e39a

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/96022805

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-pre1 create

2015-12-10 Thread Matt Caswell 
The annotated tag OpenSSL_1_1_0-pre1 has been created
at  8593c20d6c85d03850a446e80a8e9b2a9d0bfb4a (tag)
   tagging  22c21b60afb33bf32f91560e7c29c21588429420 (commit)
  replaces  master-post-reformat
 tagged by  Matt Caswell
on  Thu Dec 10 14:23:10 2015 +

- Log -
OpenSSL 1.1.0-pre1 release tag

Adam Eijdenberg (9):
  RT3961: Fix switch/case errors in flag parsing
  RT3962: Check accept_count only if not unlimited
  RT3963: Allow OCSP stapling with -rev and -www
  Fix unhandled error condition in sslv2 client hello parsing.
  Change error reason to match previous behaviour.
  Fix clang uninitialized variable warning.
  RT3984: Fix clang compiler warning on Mac OS X where %ld is used for 
uint64_t.
  Initial commit for Certificate Transparency support
  Clarify return values for EVP_DigestVerifyFinal.

Adam Langley (1):
  Allow a zero length extension block

Alessandro Ghedini (28):
  GH371: Print debug info for ALPN extension
  GH354: Memory leak fixes
  Add initial Travis CI configuration
  Use the shlib wrapper when running nptest
  Fix build on mingw
  Make BUF_strndup() read-safe on arbitrary inputs
  Properly format linux-arm64ilp32 target config
  GH408 follow-on: update buflen
  Print debug info for extended master secret extension
  Validate ClientHello extension field length
  Fix travis builds on master
  GH429: Add clang to travis
  Add Clang 3.6 and additional GCC 5 builds to travis
  Remove bugs/ and crypto/threads/
  Do not treat 0 return value from BIO_get_fd() as error
  Replace malloc+strlcpy with strdup
  Fix memory leaks and other mistakes on errors
  Set salt length after the malloc has succeeded
  Fix typos
  Fix references to various RFCs
  Check memory allocation
  Remove useless code
  Add Travis builds with undefined behavior sanitizer
  Fix (minor) problems found by ubsan
  Add no-asm builds to Travis
  Declare cleanse_ctr variable as extern
  Add initial AppVeyor configuration
  Remove useless locking code

Alok Menghrajani (3):
  RT3802: Fixes typos in doc/crypto/
  Fixes some typos in doc/apps/
  Fixes some typos in doc/ssl/

Andy Polyakov (127):
  sha256-armv4.pl: fix typo.
  Fix macosx-ppc build (and typos in unwind info).
  Add assembly support to ios64-cross. Fix typos in ios64-cross config 
line.
  Keep disclaiming 16-bit support.
  des/asm/des_enc.m4: strip #ifdef OPENSSL_SYS_ULTRASPARC as part of 
pre-processor controls cleanup. It doesn't mean that it no longer works on 
UltraSPARC, only that it doesn't utilize sparcv9-specific features like 
branch prediction hints and load in little-endian byte order anymore. This 
"costs" ~3% in EDE3 performance regression on UltraSPARC.
  Configure: addendum to OPENSSL_NO_[RMD160|RIPEMD] harmonization.
  modes/gcm128.c: fix OPENSSL_SMALL_FOOTPRINT compile failure on 
affected platforms (PowerPC and AArch64).
  modes/gcm128.c: harmonize ctx->ghash assignment, shortcut *_ctr32 in 
OPENSSL_SMALL_FOOTPRINT build, remove undesired reformat artefact and 
inconsistency in pre-processor logic.
  cms-test.pl: "localize" /dev/null even further [as follow-up to VMS].
  des/asm/des_enc.m4: fix brown-bag typo in last commit.
  Harmonize objects.pl output with new format.
  evp/e_aes.c: fix pair of SPARC T4-specific problems:
  bn/bn_add.c: fix dead code elimination that went bad.
  Bring objects.pl output even closer to new format.
  Add ec/asm/ecp_nistz256-x86.pl module.
  Engage ecp_nistz256-x86 module.
  ec/asm/ecp_nistz256-x86.pl: fix typos (error shows in Windows build).
  Configure: disable warning C4090 in Windows builds.
  ec/ecp_nistz256.c: fix compiler warnings.
  Add more Camellia OIDs.
  Add Camellia CTR mode.
  Add ec/asm/ecp_nistz256-armv4.pl module.
  Engage ecp_nistz256-armv4 module.
  evp/evp.h: add missing camellia-ctr declarations.
  evp/evp_test.c: avoid crashes when referencing uninitialized pointers.
  sha/asm/sha1-586.pl: fix typo.
  perlasm/x86masm.pl: make it work.
  aes/asm/bsaes-armv7: fix kernel-side XTS and harmonize with Linux.
  Fix crash in SPARC T4 XTS.
  ARMv4 assembly pack: add Cortex-A15 performance data.
  ssl/s3_clnt.c: fix intermittent failures.
  Avoid reading an unused byte after the buffer
  Configure: fold related configurations more aggressively and clean-up.
  sha/asm/sha256-armv4.pl: adapt for use in Linux kernel context.
  Configure: remove unused variables.
  Add vpaes-amrv8.pl module.
  Engage vpaes-armv8 module.
  ec/asm/ecp_nistz256-x86_64.pl: update commentary with before-after 
performance data.
  sha/asm/sha256-armv4.pl: fix compile issue in kernel and

[openssl-commits] [web] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  43f39f381386b6db3c88d6856cd1b0749ff38222 (commit)
  from  35301ce72f9ab8980789d8c0f376ec2110d3b6d0 (commit)


- Log -
commit 43f39f381386b6db3c88d6856cd1b0749ff38222
Author: Matt Caswell 
Date:   Thu Dec 10 14:36:59 2015 +

Update newsflash for 1.1.0 alpha1 release

---

Summary of changes:
 news/newsflash.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/news/newsflash.txt b/news/newsflash.txt
index cf51a94..a964a50 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,6 +4,7 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
+10-Dec-2015: Alpha 1 of OpenSSL 1.1.0 is now available: please download and 
test it
 03-Dec-2015: Security Advisory: four 
security fixes
 03-Dec-2015: OpenSSL 1.0.2e is now available, including bug and security fixes
 03-Dec-2015: OpenSSL 1.0.1q is now available, including bug and security fixes
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2015-12-10 Thread Matt Caswell 
The branch master has been updated
   via  278d6b3663da7f02f294481694e2bd909eb4672f (commit)
   via  22c21b60afb33bf32f91560e7c29c21588429420 (commit)
   via  ac7f47dce13bf82d1279c0fe2affa07afbe81e06 (commit)
   via  b0cae88cc22bf9e14510553b2cd663b701b02af7 (commit)
  from  e7986647267b689c88b079bd4277facca9720fc1 (commit)


- Log -
commit 278d6b3663da7f02f294481694e2bd909eb4672f
Author: Matt Caswell 
Date:   Thu Dec 10 14:24:22 2015 +

Prepare for 1.1.0-pre2-dev

Reviewed-by: Richard Levitte 

commit 22c21b60afb33bf32f91560e7c29c21588429420
Author: Matt Caswell 
Date:   Thu Dec 10 14:23:10 2015 +

Prepare for 1.1.0-pre1 release

Reviewed-by: Richard Levitte 

commit ac7f47dce13bf82d1279c0fe2affa07afbe81e06
Author: Matt Caswell 
Date:   Thu Dec 10 14:21:59 2015 +

OpenSSL 1.1.0 is now in pre release

Reviewed-by: Richard Levitte 

commit b0cae88cc22bf9e14510553b2cd663b701b02af7
Author: Matt Caswell 
Date:   Thu Dec 10 14:21:59 2015 +

make update

Reviewed-by: Richard Levitte 

---

Summary of changes:
 NEWS   |  2 +-
 README |  2 +-
 crypto/async/Makefile  | 12 ++--
 include/openssl/opensslv.h |  6 +++---
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/NEWS b/NEWS
index 4c4e7b4..ab7b2af 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,7 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [under development]
+  Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [in pre-release]
 
   o Support for ChaCha20 and Poly1305 added to libcrypto and libssl
   o Support for extended master secret
diff --git a/README b/README
index cc20f57..a8235dc 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.0-dev
+ OpenSSL 1.1.0-pre2-dev
 
  Copyright (c) 1998-2015 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/crypto/async/Makefile b/crypto/async/Makefile
index 44da77f..7b1dd56 100644
--- a/crypto/async/Makefile
+++ b/crypto/async/Makefile
@@ -76,8 +76,8 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-arch/async_null.o: ../../e_os.h ../../include/openssl/async.h
-arch/async_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+arch/async_null.o: ../../include/openssl/async.h ../../include/openssl/crypto.h
+arch/async_null.o: ../../include/openssl/e_os2.h
 arch/async_null.o: ../../include/openssl/opensslconf.h
 arch/async_null.o: ../../include/openssl/opensslv.h
 arch/async_null.o: ../../include/openssl/ossl_typ.h
@@ -86,7 +86,7 @@ arch/async_null.o: ../../include/openssl/stack.h
 arch/async_null.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h
 arch/async_null.o: arch/../arch/async_posix.h arch/../arch/async_win.h
 arch/async_null.o: arch/../async_locl.h arch/async_null.c
-arch/async_posix.o: ../../e_os.h ../../include/openssl/async.h
+arch/async_posix.o: ../../include/openssl/async.h
 arch/async_posix.o: ../../include/openssl/crypto.h
 arch/async_posix.o: ../../include/openssl/e_os2.h
 arch/async_posix.o: ../../include/openssl/opensslconf.h
@@ -97,8 +97,8 @@ arch/async_posix.o: ../../include/openssl/stack.h
 arch/async_posix.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h
 arch/async_posix.o: arch/../arch/async_posix.h arch/../arch/async_win.h
 arch/async_posix.o: arch/../async_locl.h arch/async_posix.c
-arch/async_win.o: ../../e_os.h ../../include/openssl/async.h
-arch/async_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+arch/async_win.o: ../../include/openssl/async.h ../../include/openssl/crypto.h
+arch/async_win.o: ../../include/openssl/e_os2.h
 arch/async_win.o: ../../include/openssl/opensslconf.h
 arch/async_win.o: ../../include/openssl/opensslv.h
 arch/async_win.o: ../../include/openssl/ossl_typ.h
@@ -107,7 +107,7 @@ arch/async_win.o: ../../include/openssl/stack.h
 arch/async_win.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h
 arch/async_win.o: arch/../arch/async_posix.h arch/../arch/async_win.h
 arch/async_win.o: arch/../async_locl.h arch/async_win.c
-async.o: ../../e_os.h ../../include/openssl/async.h ../../include/openssl/bio.h
+async.o: ../../include/openssl/async.h ../../include/openssl/bio.h
 async.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 async.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
 async.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h

[openssl-commits] [web] master update

2015-12-10 Thread Richard Levitte 
The branch master has been updated
   via  853d5312059e2ac68ad626555c2896e7e8c929bf (commit)
  from  43f39f381386b6db3c88d6856cd1b0749ff38222 (commit)


- Log -
commit 853d5312059e2ac68ad626555c2896e7e8c929bf
Author: Richard Levitte 
Date:   Thu Dec 10 15:53:37 2015 +0100

Add necessary targets for 1.1.0

---

Summary of changes:
 Makefile | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/Makefile b/Makefile
index d395154..3c3a7af 100644
--- a/Makefile
+++ b/Makefile
@@ -16,6 +16,7 @@ SIMPLE = newsflash.inc sitemap.txt \
 news/cl098.txt news/cl100.txt news/cl101.txt news/cl102.txt \
 news/openssl-0.9.8-notes.inc news/openssl-1.0.0-notes.inc \
 news/openssl-1.0.1-notes.inc news/openssl-1.0.2-notes.inc \
+news/openssl-1.1.0-notes.inc \
 news/newsflash.inc \
 news/vulnerabilities.inc \
 source/.htaccess \
@@ -104,6 +105,9 @@ news/openssl-1.0.1-notes.html: news/openssl-notes.html.in
 news/openssl-1.0.2-notes.html: news/openssl-notes.html.in
@rm -f $@
sed -e 's|@VERSION@|1.0.2|g' < $< > $@
+news/openssl-1.1.0-notes.html: news/openssl-notes.html.in
+   @rm -f $@
+   sed -e 's|@VERSION@|1.1.0|g' < $< > $@
 news/openssl-0.9.8-notes.inc: $(CHECKOUTS)/openssl-0.9.8-stable/NEWS 
news/openssl-0.9.8-notes.html
@rm -f $@
./bin/mk-notes 0.9.8 < $(CHECKOUTS)/openssl-0.9.8-stable/NEWS > $@
@@ -116,6 +120,9 @@ news/openssl-1.0.1-notes.inc: 
$(CHECKOUTS)/openssl-1.0.1-stable/NEWS news/openss
 news/openssl-1.0.2-notes.inc: $(CHECKOUTS)/openssl-1.0.2-stable/NEWS 
news/openssl-1.0.2-notes.html
@rm -f $@
./bin/mk-notes 1.0.2 < $(CHECKOUTS)/openssl-1.0.2-stable/NEWS > $@
+news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/master/NEWS 
news/openssl-1.1.0-notes.html
+   @rm -f $@
+   ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/master/NEWS > $@
 
 news/newsflash.inc: news/newsflash.txt
sed <$? >$@ \
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2015-12-10 Thread Richard Levitte 
The branch master has been updated
   via  85554c25dc3b80f3ad588f1cc2c1c000c58b606b (commit)
  from  853d5312059e2ac68ad626555c2896e7e8c929bf (commit)


- Log -
commit 85554c25dc3b80f3ad588f1cc2c1c000c58b606b
Author: Richard Levitte 
Date:   Thu Dec 10 15:55:58 2015 +0100

Correct path for master

---

Summary of changes:
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 3c3a7af..c2a245c 100644
--- a/Makefile
+++ b/Makefile
@@ -120,9 +120,9 @@ news/openssl-1.0.1-notes.inc: 
$(CHECKOUTS)/openssl-1.0.1-stable/NEWS news/openss
 news/openssl-1.0.2-notes.inc: $(CHECKOUTS)/openssl-1.0.2-stable/NEWS 
news/openssl-1.0.2-notes.html
@rm -f $@
./bin/mk-notes 1.0.2 < $(CHECKOUTS)/openssl-1.0.2-stable/NEWS > $@
-news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/master/NEWS 
news/openssl-1.1.0-notes.html
+news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/openssl/NEWS 
news/openssl-1.1.0-notes.html
@rm -f $@
-   ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/master/NEWS > $@
+   ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/openssl/NEWS > $@
 
 news/newsflash.inc: news/newsflash.txt
sed <$? >$@ \
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2015-12-10 Thread Richard Levitte 
The branch master has been updated
   via  6a9dca46f49636e1618fb5a2213eb4ae1da87c4a (commit)
  from  85554c25dc3b80f3ad588f1cc2c1c000c58b606b (commit)


- Log -
commit 6a9dca46f49636e1618fb5a2213eb4ae1da87c4a
Author: Richard Levitte 
Date:   Thu Dec 10 15:58:35 2015 +0100

Have the release notes account for pre-releases as well

---

Summary of changes:
 bin/mk-notes | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/mk-notes b/bin/mk-notes
index 7738c6b..66c5937 100755
--- a/bin/mk-notes
+++ b/bin/mk-notes
@@ -8,7 +8,7 @@ my $copy = 0;
 my $in_ul = 0;
 while (  ) {
 chomp;
-if (/^\s*(Major changes between|Known issues 
in).*(\d+\.\d+\.\d+)\D.*\[\d+\s(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s\d+\]:?$/)
 {
+if (/^\s*(Major changes between|Known issues in).*(\d+\.\d+\.\d+)\D.*\[(in 
pre-release|\d+\s(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s\d+)\]:?$/) 
{
if ($in_ul) {
print "\n";
$in_ul = 0;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits