[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 3cd33c42e3460d9351d208c08bea28f57f7465ff (commit) from 50053969e39ae055d2aca7a6a8bf39a3e20c1931 (commit) - Log - commit 3cd33c42e3460d9351d208c08bea28f57f7465ff Author: Andy PolyakovDate: Wed Dec 9 20:49:12 2015 +0100 ec/ecp_nistz256_table.c: fix potential misalignment problem with Sun C. Reviewed-by: Rich Salz --- Summary of changes: crypto/ec/ecp_nistz256_table.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ec/ecp_nistz256_table.c b/crypto/ec/ecp_nistz256_table.c index 216d024..2f0797d 100644 --- a/crypto/ec/ecp_nistz256_table.c +++ b/crypto/ec/ecp_nistz256_table.c @@ -17,7 +17,7 @@ __attribute((aligned(4096))) #elif defined(_MSC_VER) __declspec(align(4096)) #elif defined(__SUNPRO_C) -# pragma align 4096(ecp_nistz256_precomputed) +# pragma align 64(ecp_nistz256_precomputed) #endif static const BN_ULONG ecp_nistz256_precomputed[37][64 * sizeof(P256_POINT_AFFINE) / _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.142
Build openssl master.142 failed Commit 60f43e9e4d by Richard Levitte on 12/9/2015 10:59 PM: Fix warnings about unused variables when EC is disabled. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#856 (OpenSSL_1_0_2-stable - 3cd33c4)
Build Update for openssl/openssl - Build: #856 Status: Still Failing Duration: 2 minutes and 6 seconds Commit: 3cd33c4 (OpenSSL_1_0_2-stable) Author: Andy Polyakov Message: ec/ecp_nistz256_table.c: fix potential misalignment problem with Sun C. Reviewed-by: Rich SalzView the changeset: https://github.com/openssl/openssl/compare/50053969e39a...3cd33c42e346 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/96105016 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.141
Build openssl master.141 failed Commit 5e03052560 by Dr. Stephen Henson on 12/9/2015 10:09 PM: add CHANGES and NEWS entry Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 8e562fbfa583c676dba106e12a3bfaaf2d506772 (commit) from 6a9dca46f49636e1618fb5a2213eb4ae1da87c4a (commit) - Log - commit 8e562fbfa583c676dba106e12a3bfaaf2d506772 Author: Rich SalzDate: Thu Dec 10 12:02:35 2015 -0500 OCB license moved --- Summary of changes: docs/.htaccess | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/.htaccess b/docs/.htaccess index bddf41d..afd678d 100644 --- a/docs/.htaccess +++ b/docs/.htaccess @@ -2,6 +2,7 @@ RewriteEngine on RewriteRule ^fips/fipsnotes.html /docs/fipsnotes.html [L,R=302,NC] RewriteRule ^fips/fipsvalidation.html /docs/fipsvalidation.html [L,R=302,NC] RewriteRule ^fips/index.html /docs/fips/fips.html [L,R=302,NC] +RewriteRule ^misc/OCB-patent-grant-OpenSSL.pdf /source/OCB-patent-grant-OpenSSL.pdf [L,R=302,NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^manmaster/apps/1/(.*) /docs/manmaster/apps/$1 [L,R=302,NC] RewriteCond %{REQUEST_FILENAME} !-f _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (commit) from 44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (commit) - Log - commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 Author: Matt CaswellDate: Wed Nov 11 10:44:07 2015 + Add a return value check If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then we should set the NID to NID_undef. Reviewed-by: Richard Levitte --- Summary of changes: ssl/t1_lib.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 83015e8..571a891 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3326,7 +3326,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg) static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, int *psignhash_nid, const unsigned char *data) { -int sign_nid = 0, hash_nid = 0; +int sign_nid = NID_undef, hash_nid = NID_undef; if (!phash_nid && !psign_nid && !psignhash_nid) return; if (phash_nid || psignhash_nid) { @@ -3340,9 +3340,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, *psign_nid = sign_nid; } if (psignhash_nid) { -if (sign_nid && hash_nid) -OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid); -else +if (sign_nid == NID_undef || hash_nid == NID_undef +|| OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, + sign_nid) <= 0) *psignhash_nid = NID_undef; } } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via f4d1926f9546e84631fdfd9bd68af86ffe4021b2 (commit) from 9501418ea2287658d1a11ce888ff97fa49e9164d (commit) - Log - commit f4d1926f9546e84631fdfd9bd68af86ffe4021b2 Author: Matt CaswellDate: Wed Nov 11 10:44:07 2015 + Add a return value check If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then we should set the NID to NID_undef. Reviewed-by: Richard Levitte (cherry picked from commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68) --- Summary of changes: ssl/t1_lib.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 3176d1e..37f0ae5 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3583,7 +3583,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg) static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, int *psignhash_nid, const unsigned char *data) { -int sign_nid = 0, hash_nid = 0; +int sign_nid = NID_undef, hash_nid = NID_undef; if (!phash_nid && !psign_nid && !psignhash_nid) return; if (phash_nid || psignhash_nid) { @@ -3599,9 +3599,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, *psign_nid = sign_nid; } if (psignhash_nid) { -if (sign_nid && hash_nid) -OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid); -else +if (sign_nid == NID_undef || hash_nid == NID_undef +|| OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, + sign_nid) <= 0) *psignhash_nid = NID_undef; } } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 2fb5535e64c395f01151315474fd10574677e3d6 (commit) from 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (commit) - Log - commit 2fb5535e64c395f01151315474fd10574677e3d6 Author: Matt CaswellDate: Thu Dec 10 11:37:03 2015 + Fix mkfiles for new directories Add the new chacha and poly1305 directories to mkfiles.pl to enable proper building on windows. Reviewed-by: Andy Polyakov --- Summary of changes: util/mkfiles.pl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/util/mkfiles.pl b/util/mkfiles.pl index b03abc9..bc17462 100755 --- a/util/mkfiles.pl +++ b/util/mkfiles.pl @@ -63,6 +63,8 @@ my @dirs = ( "crypto/srp", "crypto/ct", "crypto/async", +"crypto/chacha", +"crypto/poly1305", "ssl", "apps", "engines", _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via c7b5b9f4b1ec24743da20926f50418ba9fa92e87 (commit) via 48f14845551c530ed42834d8034d53222d355175 (commit) via a76ba82ccbfee6df5aa86ba2a275b713f3e0f239 (commit) via bd3385d84505eeb552a6125415607785f63c6d2d (commit) via eb85cb8632ad5d868a5634b3ce18846ae351c380 (commit) via bd989745b7a4796dceff89d93b6b7ac1561c6227 (commit) via f6b9427923dd275ea4149a73f841dbcee079ace3 (commit) via 72bb2f64fc67dc644f302a07953900becced011f (commit) via 7dcb21869bec05d574d55e4c29daa5d58480d2a1 (commit) from a0ffedaf7bb7b457b42108b8819d00e64003b3a9 (commit) - Log - commit c7b5b9f4b1ec24743da20926f50418ba9fa92e87 Author: Andy PolyakovDate: Thu Dec 10 00:03:06 2015 +0100 make update. Reviewed-by: Richard Levitte commit 48f14845551c530ed42834d8034d53222d355175 Author: Andy Polyakov Date: Wed Dec 9 23:02:11 2015 +0100 Configure: make no-chacha and no-poly1305 work. Reviewed-by: Richard Levitte commit a76ba82ccbfee6df5aa86ba2a275b713f3e0f239 Author: Andy Polyakov Date: Wed Dec 9 21:47:00 2015 +0100 Wire ChaCha20-Poly1305 to TLS. Reviewed-by: Richard Levitte commit bd3385d84505eeb552a6125415607785f63c6d2d Author: Andy Polyakov Date: Wed Dec 9 21:36:19 2015 +0100 evp/c_allc.c: wire ChaCha20-Poly1305 and add tests. Reviewed-by: Richard Levitte commit eb85cb8632ad5d868a5634b3ce18846ae351c380 Author: Andy Polyakov Date: Wed Dec 9 21:35:30 2015 +0100 test/evp_test.c: allow generic AEAD ciphers to be tested. Reviewed-by: Richard Levitte commit bd989745b7a4796dceff89d93b6b7ac1561c6227 Author: Andy Polyakov Date: Wed Dec 9 21:30:56 2015 +0100 crypto/evp: add e_chacha20_poly1305.c. Reviewed-by: Richard Levitte commit f6b9427923dd275ea4149a73f841dbcee079ace3 Author: Andy Polyakov Date: Wed Dec 9 21:18:00 2015 +0100 evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0. In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe EVP_CIPHEX_CTX.cipher_data. Reviewed-by: Richard Levitte commit 72bb2f64fc67dc644f302a07953900becced011f Author: Andy Polyakov Date: Wed Dec 9 21:15:28 2015 +0100 Add ChaCha20-Poly1305 and ChaCha20 NIDs. Reviewed-by: Richard Levitte commit 7dcb21869bec05d574d55e4c29daa5d58480d2a1 Author: Andy Polyakov Date: Wed Dec 9 21:11:49 2015 +0100 Add reference ChaCha20 and Poly1305 implementations. Reviewed-by: Emilia Käsper Reviewed-by: Richard Levitte Reviewed-by: Kurt Roeckx --- Summary of changes: Configure | 2 + Makefile.org | 4 +- crypto/{whrlpool => chacha}/Makefile | 32 +- crypto/chacha/chacha_enc.c | 157 crypto/evp/Makefile| 26 +- crypto/evp/c_allc.c| 7 + crypto/evp/e_chacha20_poly1305.c | 490 crypto/evp/evp_enc.c | 8 +- crypto/evp/evp_err.c | 11 +- ssl/ssl_utst.c => crypto/include/internal/chacha.h | 56 +- .../include/internal/poly1305.h| 29 +- crypto/objects/obj_dat.h | 12 +- crypto/objects/obj_mac.num | 2 + crypto/objects/objects.txt | 2 + crypto/{whrlpool => poly1305}/Makefile | 32 +- crypto/poly1305/poly1305.c | 879 + include/openssl/evp.h | 8 + include/openssl/obj_mac.h | 8 + include/openssl/ssl.h | 1 + include/openssl/tls1.h | 18 + ssl/s3_lib.c | 113 +++ ssl/ssl_algs.c | 3 + ssl/ssl_ciph.c | 4 +- ssl/ssl_locl.h | 1 + ssl/t1_trce.c | 7 + test/evp_test.c| 2 + test/evptests.txt | 65 ++ util/libeay.num| 7 + util/mkdef.pl | 9 +- 29 files changed, 1894 insertions(+), 101
[openssl-commits] [openssl] master update
The branch master has been updated via 44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (commit) from c7b5b9f4b1ec24743da20926f50418ba9fa92e87 (commit) - Log - commit 44bf7119d67272dbbe3a96c58b842aff8d93c1b4 Author: Andy PolyakovDate: Wed Dec 2 14:26:03 2015 +0100 modes/ocb128.c: fix overstep. Reviewed-by: Richard Levitte --- Summary of changes: crypto/modes/ocb128.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c index 6206755..3a3f7a8 100644 --- a/crypto/modes/ocb128.c +++ b/crypto/modes/ocb128.c @@ -162,7 +162,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx) if (!ctx->l) return NULL; } -while (l_index <= idx) { +while (l_index < idx) { ocb_double(ctx->l + l_index, ctx->l + l_index + 1); l_index++; } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via ba67253db19d0319f672d47aa359032e5e66d1b8 (commit) from f8137a62d94c0a5809a4363b7b4aab3adcb8201c (commit) - Log - commit ba67253db19d0319f672d47aa359032e5e66d1b8 Author: Rob StradlingDate: Fri Dec 4 14:35:43 2015 + Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). Signed-off-by: Kurt Roeckx Reviewed-by: Rich Salz Reviewed-by: Dr. Stephen Henson GH: #495, MR: #1435 --- Summary of changes: crypto/objects/obj_dat.h | 15 ++-- crypto/objects/obj_mac.num| 1 + crypto/objects/objects.txt| 1 + crypto/x509v3/Makefile| 18 +++- crypto/x509v3/ext_dat.h | 1 + crypto/x509v3/v3_lib.c| 1 + crypto/x509v3/v3_tlsf.c | 186 ++ crypto/x509v3/v3err.c | 1 + doc/apps/x509v3_config.pod| 14 doc/crypto/X509V3_get_d2i.pod | 2 + include/openssl/obj_mac.h | 5 ++ include/openssl/x509v3.h | 5 ++ util/libeay.num | 2 + 13 files changed, 245 insertions(+), 7 deletions(-) create mode 100644 crypto/x509v3/v3_tlsf.c diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index d1382a2..debf8cc 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1020 -#define NUM_SN 1013 -#define NUM_LN 1013 -#define NUM_OBJ 936 +#define NUM_NID 1021 +#define NUM_SN 1014 +#define NUM_LN 1014 +#define NUM_OBJ 937 -static const unsigned char lvalues[6604]={ +static const unsigned char lvalues[6612]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -998,6 +998,7 @@ static const unsigned char lvalues[6604]={ 0x2A,0x85,0x03,0x64,0x03,/* [6588] OBJ_SNILS */ 0x2A,0x85,0x03,0x64,0x6F,/* [6593] OBJ_subjectSignTool */ 0x2A,0x85,0x03,0x64,0x70,/* [6598] OBJ_issuerSignTool */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x18, /* [6603] OBJ_tlsfeature */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2669,6 +2670,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"grasshopper-mac","grasshopper-mac",NID_grasshopper_mac,0,NULL,0}, {"ChaCha20-Poly1305","chacha20-poly1305",NID_chacha20_poly1305,0,NULL,0}, {"ChaCha20","chacha20",NID_chacha20,0,NULL,0}, +{"tlsfeature","TLS Feature",NID_tlsfeature,8,&(lvalues[6603]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -3656,6 +3658,7 @@ static const unsigned int sn_objs[NUM_SN]={ 293, /* "textNotice" */ 133, /* "timeStamping" */ 106, /* "title" */ +1020, /* "tlsfeature" */ 682, /* "tpBasis" */ 375, /* "trustRoot" */ 436, /* "ucl" */ @@ -3813,6 +3816,7 @@ static const unsigned int ln_objs[NUM_LN]={ 1007, /* "Signing Tool of Subject" */ 143, /* "Strong Extranet ID" */ 398, /* "Subject Information Access" */ +1020, /* "TLS Feature" */ 130, /* "TLS Web Client Authentication" */ 129, /* "TLS Web Server Authentication" */ 133, /* "Time Stamping" */ @@ -5244,6 +5248,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 397, /* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */ 398, /* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */ 663, /* OBJ_proxyCertInfo1 3 6 1 5 5 7 1 14 */ +1020, /* OBJ_tlsfeature 1 3 6 1 5 5 7 1 24 */ 164, /* OBJ_id_qt_cps1 3 6 1 5 5 7 2 1 */ 165, /* OBJ_id_qt_unotice1 3 6 1 5 5 7 2 2 */ 293, /* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 2993f56..5c6ffd4 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1017,3 +1017,4 @@ grasshopper_cfb 1016 grasshopper_mac1017 chacha20_poly1305 1018 chacha20 1019 +tlsfeature 1020 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 29517e3..f34609d 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -472,6 +472,7 @@ id-pe 10: ac-proxying !Cname sinfo-access id-pe 11 : subjectInfoAccess : Subject Information Access id-pe 14 : proxyCertInfo : Proxy Certificate Information +id-pe 24 : tlsfeature: TLS Feature # PKIX policyQualifiers for Internet policy qualifiers id-qt 1: id-qt-cps : Policy Qualifier CPS diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile index cd490ed..775f88b 100644 ---
[openssl-commits] Fixed: openssl/openssl#852 (master - 278d6b3)
Build Update for openssl/openssl - Build: #852 Status: Fixed Duration: 44 minutes and 30 seconds Commit: 278d6b3 (master) Author: Matt Caswell Message: Prepare for 1.1.0-pre2-dev Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/e7986647267b...278d6b3663da View the full build log and details: https://travis-ci.org/openssl/openssl/builds/96043401 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 35301ce72f9ab8980789d8c0f376ec2110d3b6d0 (commit) from 1623aae7f4e9d53fb9e6a69817a46519f8dfeea1 (commit) - Log - commit 35301ce72f9ab8980789d8c0f376ec2110d3b6d0 Author: Matt CaswellDate: Thu Dec 10 13:13:41 2015 + Move opaque work complete date Move the opaque work complete from alpha to beta --- Summary of changes: policies/releasestrat.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index f27df47..4f76abd 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -97,13 +97,13 @@ Not (necessarily) feature complete Not necessarily all new APIs in place yet - Opaque work complete A beta release means: Feature complete/Feature freeze + Opaque work complete Bug fixes only _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7c31419693ef5c01bb7d86c141b5e4a740f267dc (commit) from 67f60be8c9ae5ff3129fcd6238baf124385a41d8 (commit) - Log - commit 7c31419693ef5c01bb7d86c141b5e4a740f267dc Author: Matt CaswellDate: Thu Dec 10 13:04:39 2015 + Update CHANGES and NEWS for alpha release Misc updates to the CHANGES and NEWS files ready for the alpha release. Reviewed-by: Richard Levitte --- Summary of changes: CHANGES | 4 +++- NEWS| 8 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 1b26b7b..b420393 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 1.0.2e and 1.1.0 [xx XXX ] + *) Support for ChaCha20 and Poly1305 added to libcrypto and libssl. + [Andy Polyakov] + *) New EC_KEY_METHOD, this replaces the older ECDSA_METHOD and ECDH_METHOD and integrates ECDSA and ECDH functionality into EC. Implementations can now redirect key generation and no longer need to convert to or from @@ -11,7 +14,6 @@ Note: the ecdsa.h and ecdh.h headers are now no longer needed and just include the ec.h header file instead. - [Steve Henson] *) Remove support for all 40 and 56 bit ciphers. This includes all the export diff --git a/NEWS b/NEWS index 86a81fa..4c4e7b4 100644 --- a/NEWS +++ b/NEWS @@ -7,18 +7,22 @@ Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [under development] + o Support for ChaCha20 and Poly1305 added to libcrypto and libssl o Support for extended master secret o CCM ciphersuites o Reworked test suite, now based on perl, Test::Harness and Test::More - o EVP_MD, EVP_MD_CTX and HMAC_CTX made opaque + o Varous libcrypto structures made opaque including: BIGNUM, EVP_MD, +EVP_MD_CTX and HMAC_CTX. o libssl internal structures made opaque o SSLv2 support removed o Kerberos ciphersuite support removed o RC4 removed from DEFAULT ciphersuites in libssl o 40 and 56 bit cipher support removed from libssl o All public header files moved to include/openssl, no more symlinking - o SSL/TLS state machine and record layer rewritten + o SSL/TLS state machine, version negotiation and record layer rewritten o EC revision: now operations use new EC_KEY_METHOD. + o Support for OCB mode added to libcrypto + o Support for asynchronous crypto operations added to libcrypto and libssl Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 67f60be8c9ae5ff3129fcd6238baf124385a41d8 (commit) via 2ad226e88bee97847496e542d63c67997d5beda6 (commit) from 02dc0b82ab19c32bf072213feff746b5b35f8ef6 (commit) - Log - commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8 Author: Matt CaswellDate: Wed Nov 4 11:20:50 2015 + Ensure |rwstate| is set correctly on BIO_flush A BIO_flush call in the DTLS code was not correctly setting the |rwstate| variable to SSL_WRITING. This means that SSL_get_error() will not return SSL_ERROR_WANT_WRITE in the event of an IO retry. Reviewed-by: Richard Levitte commit 2ad226e88bee97847496e542d63c67997d5beda6 Author: Matt Caswell Date: Tue Nov 3 14:45:07 2015 + Fix DTLS handshake fragment retries If using DTLS and NBIO then if a second or subsequent handshake message fragment hits a retry, then the retry attempt uses the wrong fragment offset value. This commit restores the fragment offset from the last attempt. Reviewed-by: Richard Levitte --- Summary of changes: ssl/statem/statem_dtls.c | 70 +--- 1 file changed, 49 insertions(+), 21 deletions(-) diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 6d73659..5194c73 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -250,8 +250,44 @@ int dtls1_do_write(SSL *s, int type) blocksize = 0; frag_off = 0; +s->rwstate = SSL_NOTHING; + /* s->init_num shouldn't ever be < 0...but just in case */ while (s->init_num > 0) { +if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) { +/* We must be writing a fragment other than the first one */ + +if (frag_off > 0) { +/* This is the first attempt at writing out this fragment */ + +if (s->init_off <= DTLS1_HM_HEADER_LENGTH) { +/* + * Each fragment that was already sent must at least have + * contained the message header plus one other byte. + * Therefore |init_off| must have progressed by at least + * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went + * wrong. + */ +return -1; +} + +/* + * Adjust |init_off| and |init_num| to allow room for a new + * message header for this fragment. + */ +s->init_off -= DTLS1_HM_HEADER_LENGTH; +s->init_num += DTLS1_HM_HEADER_LENGTH; +} else { +/* + * We must have been called again after a retry so use the + * fragment offset from our last attempt. We do not need + * to adjust |init_off| and |init_num| as above, because + * that should already have been done before the retry. + */ +frag_off = s->d1->w_msg_hdr.frag_off; +} +} + used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len) @@ -264,8 +300,10 @@ int dtls1_do_write(SSL *s, int type) * grr.. we could get an error if MTU picked was wrong */ ret = BIO_flush(SSL_get_wbio(s)); -if (ret <= 0) +if (ret <= 0) { +s->rwstate = SSL_WRITING; return ret; +} used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) { curr_mtu = s->d1->mtu - used_len; @@ -291,25 +329,6 @@ int dtls1_do_write(SSL *s, int type) * XDTLS: this function is too long. split out the CCS part */ if (type == SSL3_RT_HANDSHAKE) { -if (s->init_off != 0) { -OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH); -s->init_off -= DTLS1_HM_HEADER_LENGTH; -s->init_num += DTLS1_HM_HEADER_LENGTH; - -/* - * We just checked that s->init_num > 0 so this cast should - * be safe - */ -if (((unsigned int)s->init_num) > curr_mtu) -len = curr_mtu; -else -len = s->init_num; -} - -/* Shouldn't ever happen */ -if (len > INT_MAX) -len = INT_MAX; - if (len < DTLS1_HM_HEADER_LENGTH) { /* * len is so small that we really can't do anything sensible @@ -397,7 +416,16 @@ int
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via f612bdb34252c3eae4808dd3e1360d0f0a3666bc (commit) via 4a534243183498ee1a5b3fb19f4be8a0bf731ca7 (commit) from d724616f682cb374b613d7fbd57e4c2bf749469c (commit) - Log - commit f612bdb34252c3eae4808dd3e1360d0f0a3666bc Author: Matt CaswellDate: Wed Nov 4 11:20:50 2015 + Ensure |rwstate| is set correctly on BIO_flush A BIO_flush call in the DTLS code was not correctly setting the |rwstate| variable to SSL_WRITING. This means that SSL_get_error() will not return SSL_ERROR_WANT_WRITE in the event of an IO retry. Reviewed-by: Richard Levitte (cherry picked from commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8) commit 4a534243183498ee1a5b3fb19f4be8a0bf731ca7 Author: Matt Caswell Date: Tue Nov 3 14:45:07 2015 + Fix DTLS handshake fragment retries If using DTLS and NBIO then if a second or subsequent handshake message fragment hits a retry, then the retry attempt uses the wrong fragment offset value. This commit restores the fragment offset from the last attempt. Reviewed-by: Richard Levitte (cherry picked from commit 2ad226e88bee97847496e542d63c67997d5beda6) --- Summary of changes: ssl/d1_both.c | 70 +-- 1 file changed, 49 insertions(+), 21 deletions(-) diff --git a/ssl/d1_both.c b/ssl/d1_both.c index d453c07..aaa1867 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -291,8 +291,44 @@ int dtls1_do_write(SSL *s, int type) blocksize = 0; frag_off = 0; +s->rwstate = SSL_NOTHING; + /* s->init_num shouldn't ever be < 0...but just in case */ while (s->init_num > 0) { +if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) { +/* We must be writing a fragment other than the first one */ + +if (frag_off > 0) { +/* This is the first attempt at writing out this fragment */ + +if (s->init_off <= DTLS1_HM_HEADER_LENGTH) { +/* + * Each fragment that was already sent must at least have + * contained the message header plus one other byte. + * Therefore |init_off| must have progressed by at least + * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went + * wrong. + */ +return -1; +} + +/* + * Adjust |init_off| and |init_num| to allow room for a new + * message header for this fragment. + */ +s->init_off -= DTLS1_HM_HEADER_LENGTH; +s->init_num += DTLS1_HM_HEADER_LENGTH; +} else { +/* + * We must have been called again after a retry so use the + * fragment offset from our last attempt. We do not need + * to adjust |init_off| and |init_num| as above, because + * that should already have been done before the retry. + */ +frag_off = s->d1->w_msg_hdr.frag_off; +} +} + used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len) @@ -305,8 +341,10 @@ int dtls1_do_write(SSL *s, int type) * grr.. we could get an error if MTU picked was wrong */ ret = BIO_flush(SSL_get_wbio(s)); -if (ret <= 0) +if (ret <= 0) { +s->rwstate = SSL_WRITING; return ret; +} used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) { curr_mtu = s->d1->mtu - used_len; @@ -332,25 +370,6 @@ int dtls1_do_write(SSL *s, int type) * XDTLS: this function is too long. split out the CCS part */ if (type == SSL3_RT_HANDSHAKE) { -if (s->init_off != 0) { -OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH); -s->init_off -= DTLS1_HM_HEADER_LENGTH; -s->init_num += DTLS1_HM_HEADER_LENGTH; - -/* - * We just checked that s->init_num > 0 so this cast should - * be safe - */ -if (((unsigned int)s->init_num) > curr_mtu) -len = curr_mtu; -else -len = s->init_num; -} - -/* Shouldn't ever happen */ -if (len > INT_MAX) -len = INT_MAX; - if (len < DTLS1_HM_HEADER_LENGTH) {
[openssl-commits] [openssl] master update
The branch master has been updated via f8137a62d94c0a5809a4363b7b4aab3adcb8201c (commit) from 278d6b3663da7f02f294481694e2bd909eb4672f (commit) - Log - commit f8137a62d94c0a5809a4363b7b4aab3adcb8201c Author: Viktor DukhovniDate: Thu Dec 10 00:44:00 2015 -0500 Restore full support for EVP_CTX_create() etc. Reviewed-by: Dr. Stephen Henson Reviewed-by: Kurt Roeckx Reviewed-by: Matt Caswell Reviewed-by: Rich Salz Reviewed-by: Richard Levitte --- Summary of changes: include/openssl/evp.h | 8 +++- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 969a0fa..5126803 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -596,11 +596,9 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); EVP_MD_CTX *EVP_MD_CTX_new(void); int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -# ifdef OPENSSL_USE_DEPRECATED -# define EVP_MD_CTX_create() EVP_MD_CTX_new() -# define EVP_MD_CTX_init(ctx)EVP_MD_CTX_reset((ctx)) -# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx)) -# endif +# define EVP_MD_CTX_create() EVP_MD_CTX_new() +# define EVP_MD_CTX_init(ctx)EVP_MD_CTX_reset((ctx)) +# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx)) /*__owur*/ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#846 (OpenSSL_1_0_2-stable - 5005396)
Build Update for openssl/openssl - Build: #846 Status: Still Failing Duration: 2 minutes and 13 seconds Commit: 5005396 (OpenSSL_1_0_2-stable) Author: Matt Caswell Message: Ensure |rwstate| is set correctly on BIO_flush A BIO_flush call in the DTLS code was not correctly setting the |rwstate| variable to SSL_WRITING. This means that SSL_get_error() will not return SSL_ERROR_WANT_WRITE in the event of an IO retry. Reviewed-by: Richard Levitte(cherry picked from commit 67f60be8c9ae5ff3129fcd6238baf124385a41d8) View the changeset: https://github.com/openssl/openssl/compare/f4d1926f9546...50053969e39a View the full build log and details: https://travis-ci.org/openssl/openssl/builds/96022805 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-pre1 create
The annotated tag OpenSSL_1_1_0-pre1 has been created at 8593c20d6c85d03850a446e80a8e9b2a9d0bfb4a (tag) tagging 22c21b60afb33bf32f91560e7c29c21588429420 (commit) replaces master-post-reformat tagged by Matt Caswell on Thu Dec 10 14:23:10 2015 + - Log - OpenSSL 1.1.0-pre1 release tag Adam Eijdenberg (9): RT3961: Fix switch/case errors in flag parsing RT3962: Check accept_count only if not unlimited RT3963: Allow OCSP stapling with -rev and -www Fix unhandled error condition in sslv2 client hello parsing. Change error reason to match previous behaviour. Fix clang uninitialized variable warning. RT3984: Fix clang compiler warning on Mac OS X where %ld is used for uint64_t. Initial commit for Certificate Transparency support Clarify return values for EVP_DigestVerifyFinal. Adam Langley (1): Allow a zero length extension block Alessandro Ghedini (28): GH371: Print debug info for ALPN extension GH354: Memory leak fixes Add initial Travis CI configuration Use the shlib wrapper when running nptest Fix build on mingw Make BUF_strndup() read-safe on arbitrary inputs Properly format linux-arm64ilp32 target config GH408 follow-on: update buflen Print debug info for extended master secret extension Validate ClientHello extension field length Fix travis builds on master GH429: Add clang to travis Add Clang 3.6 and additional GCC 5 builds to travis Remove bugs/ and crypto/threads/ Do not treat 0 return value from BIO_get_fd() as error Replace malloc+strlcpy with strdup Fix memory leaks and other mistakes on errors Set salt length after the malloc has succeeded Fix typos Fix references to various RFCs Check memory allocation Remove useless code Add Travis builds with undefined behavior sanitizer Fix (minor) problems found by ubsan Add no-asm builds to Travis Declare cleanse_ctr variable as extern Add initial AppVeyor configuration Remove useless locking code Alok Menghrajani (3): RT3802: Fixes typos in doc/crypto/ Fixes some typos in doc/apps/ Fixes some typos in doc/ssl/ Andy Polyakov (127): sha256-armv4.pl: fix typo. Fix macosx-ppc build (and typos in unwind info). Add assembly support to ios64-cross. Fix typos in ios64-cross config line. Keep disclaiming 16-bit support. des/asm/des_enc.m4: strip #ifdef OPENSSL_SYS_ULTRASPARC as part of pre-processor controls cleanup. It doesn't mean that it no longer works on UltraSPARC, only that it doesn't utilize sparcv9-specific features like branch prediction hints and load in little-endian byte order anymore. This "costs" ~3% in EDE3 performance regression on UltraSPARC. Configure: addendum to OPENSSL_NO_[RMD160|RIPEMD] harmonization. modes/gcm128.c: fix OPENSSL_SMALL_FOOTPRINT compile failure on affected platforms (PowerPC and AArch64). modes/gcm128.c: harmonize ctx->ghash assignment, shortcut *_ctr32 in OPENSSL_SMALL_FOOTPRINT build, remove undesired reformat artefact and inconsistency in pre-processor logic. cms-test.pl: "localize" /dev/null even further [as follow-up to VMS]. des/asm/des_enc.m4: fix brown-bag typo in last commit. Harmonize objects.pl output with new format. evp/e_aes.c: fix pair of SPARC T4-specific problems: bn/bn_add.c: fix dead code elimination that went bad. Bring objects.pl output even closer to new format. Add ec/asm/ecp_nistz256-x86.pl module. Engage ecp_nistz256-x86 module. ec/asm/ecp_nistz256-x86.pl: fix typos (error shows in Windows build). Configure: disable warning C4090 in Windows builds. ec/ecp_nistz256.c: fix compiler warnings. Add more Camellia OIDs. Add Camellia CTR mode. Add ec/asm/ecp_nistz256-armv4.pl module. Engage ecp_nistz256-armv4 module. evp/evp.h: add missing camellia-ctr declarations. evp/evp_test.c: avoid crashes when referencing uninitialized pointers. sha/asm/sha1-586.pl: fix typo. perlasm/x86masm.pl: make it work. aes/asm/bsaes-armv7: fix kernel-side XTS and harmonize with Linux. Fix crash in SPARC T4 XTS. ARMv4 assembly pack: add Cortex-A15 performance data. ssl/s3_clnt.c: fix intermittent failures. Avoid reading an unused byte after the buffer Configure: fold related configurations more aggressively and clean-up. sha/asm/sha256-armv4.pl: adapt for use in Linux kernel context. Configure: remove unused variables. Add vpaes-amrv8.pl module. Engage vpaes-armv8 module. ec/asm/ecp_nistz256-x86_64.pl: update commentary with before-after performance data. sha/asm/sha256-armv4.pl: fix compile issue in kernel and
[openssl-commits] [web] master update
The branch master has been updated via 43f39f381386b6db3c88d6856cd1b0749ff38222 (commit) from 35301ce72f9ab8980789d8c0f376ec2110d3b6d0 (commit) - Log - commit 43f39f381386b6db3c88d6856cd1b0749ff38222 Author: Matt CaswellDate: Thu Dec 10 14:36:59 2015 + Update newsflash for 1.1.0 alpha1 release --- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index cf51a94..a964a50 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,7 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +10-Dec-2015: Alpha 1 of OpenSSL 1.1.0 is now available: please download and test it 03-Dec-2015: Security Advisory: four security fixes 03-Dec-2015: OpenSSL 1.0.2e is now available, including bug and security fixes 03-Dec-2015: OpenSSL 1.0.1q is now available, including bug and security fixes _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 278d6b3663da7f02f294481694e2bd909eb4672f (commit) via 22c21b60afb33bf32f91560e7c29c21588429420 (commit) via ac7f47dce13bf82d1279c0fe2affa07afbe81e06 (commit) via b0cae88cc22bf9e14510553b2cd663b701b02af7 (commit) from e7986647267b689c88b079bd4277facca9720fc1 (commit) - Log - commit 278d6b3663da7f02f294481694e2bd909eb4672f Author: Matt CaswellDate: Thu Dec 10 14:24:22 2015 + Prepare for 1.1.0-pre2-dev Reviewed-by: Richard Levitte commit 22c21b60afb33bf32f91560e7c29c21588429420 Author: Matt Caswell Date: Thu Dec 10 14:23:10 2015 + Prepare for 1.1.0-pre1 release Reviewed-by: Richard Levitte commit ac7f47dce13bf82d1279c0fe2affa07afbe81e06 Author: Matt Caswell Date: Thu Dec 10 14:21:59 2015 + OpenSSL 1.1.0 is now in pre release Reviewed-by: Richard Levitte commit b0cae88cc22bf9e14510553b2cd663b701b02af7 Author: Matt Caswell Date: Thu Dec 10 14:21:59 2015 + make update Reviewed-by: Richard Levitte --- Summary of changes: NEWS | 2 +- README | 2 +- crypto/async/Makefile | 12 ++-- include/openssl/opensslv.h | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/NEWS b/NEWS index 4c4e7b4..ab7b2af 100644 --- a/NEWS +++ b/NEWS @@ -5,7 +5,7 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [under development] + Major changes between OpenSSL 1.0.2e and OpenSSL 1.1.0 [in pre-release] o Support for ChaCha20 and Poly1305 added to libcrypto and libssl o Support for extended master secret diff --git a/README b/README index cc20f57..a8235dc 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 1.1.0-dev + OpenSSL 1.1.0-pre2-dev Copyright (c) 1998-2015 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/crypto/async/Makefile b/crypto/async/Makefile index 44da77f..7b1dd56 100644 --- a/crypto/async/Makefile +++ b/crypto/async/Makefile @@ -76,8 +76,8 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -arch/async_null.o: ../../e_os.h ../../include/openssl/async.h -arch/async_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +arch/async_null.o: ../../include/openssl/async.h ../../include/openssl/crypto.h +arch/async_null.o: ../../include/openssl/e_os2.h arch/async_null.o: ../../include/openssl/opensslconf.h arch/async_null.o: ../../include/openssl/opensslv.h arch/async_null.o: ../../include/openssl/ossl_typ.h @@ -86,7 +86,7 @@ arch/async_null.o: ../../include/openssl/stack.h arch/async_null.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h arch/async_null.o: arch/../arch/async_posix.h arch/../arch/async_win.h arch/async_null.o: arch/../async_locl.h arch/async_null.c -arch/async_posix.o: ../../e_os.h ../../include/openssl/async.h +arch/async_posix.o: ../../include/openssl/async.h arch/async_posix.o: ../../include/openssl/crypto.h arch/async_posix.o: ../../include/openssl/e_os2.h arch/async_posix.o: ../../include/openssl/opensslconf.h @@ -97,8 +97,8 @@ arch/async_posix.o: ../../include/openssl/stack.h arch/async_posix.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h arch/async_posix.o: arch/../arch/async_posix.h arch/../arch/async_win.h arch/async_posix.o: arch/../async_locl.h arch/async_posix.c -arch/async_win.o: ../../e_os.h ../../include/openssl/async.h -arch/async_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +arch/async_win.o: ../../include/openssl/async.h ../../include/openssl/crypto.h +arch/async_win.o: ../../include/openssl/e_os2.h arch/async_win.o: ../../include/openssl/opensslconf.h arch/async_win.o: ../../include/openssl/opensslv.h arch/async_win.o: ../../include/openssl/ossl_typ.h @@ -107,7 +107,7 @@ arch/async_win.o: ../../include/openssl/stack.h arch/async_win.o: ../../include/openssl/symhacks.h arch/../arch/async_null.h arch/async_win.o: arch/../arch/async_posix.h arch/../arch/async_win.h arch/async_win.o: arch/../async_locl.h arch/async_win.c -async.o: ../../e_os.h ../../include/openssl/async.h ../../include/openssl/bio.h +async.o: ../../include/openssl/async.h ../../include/openssl/bio.h async.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h async.o: ../../include/openssl/err.h ../../include/openssl/lhash.h async.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
[openssl-commits] [web] master update
The branch master has been updated via 853d5312059e2ac68ad626555c2896e7e8c929bf (commit) from 43f39f381386b6db3c88d6856cd1b0749ff38222 (commit) - Log - commit 853d5312059e2ac68ad626555c2896e7e8c929bf Author: Richard LevitteDate: Thu Dec 10 15:53:37 2015 +0100 Add necessary targets for 1.1.0 --- Summary of changes: Makefile | 7 +++ 1 file changed, 7 insertions(+) diff --git a/Makefile b/Makefile index d395154..3c3a7af 100644 --- a/Makefile +++ b/Makefile @@ -16,6 +16,7 @@ SIMPLE = newsflash.inc sitemap.txt \ news/cl098.txt news/cl100.txt news/cl101.txt news/cl102.txt \ news/openssl-0.9.8-notes.inc news/openssl-1.0.0-notes.inc \ news/openssl-1.0.1-notes.inc news/openssl-1.0.2-notes.inc \ +news/openssl-1.1.0-notes.inc \ news/newsflash.inc \ news/vulnerabilities.inc \ source/.htaccess \ @@ -104,6 +105,9 @@ news/openssl-1.0.1-notes.html: news/openssl-notes.html.in news/openssl-1.0.2-notes.html: news/openssl-notes.html.in @rm -f $@ sed -e 's|@VERSION@|1.0.2|g' < $< > $@ +news/openssl-1.1.0-notes.html: news/openssl-notes.html.in + @rm -f $@ + sed -e 's|@VERSION@|1.1.0|g' < $< > $@ news/openssl-0.9.8-notes.inc: $(CHECKOUTS)/openssl-0.9.8-stable/NEWS news/openssl-0.9.8-notes.html @rm -f $@ ./bin/mk-notes 0.9.8 < $(CHECKOUTS)/openssl-0.9.8-stable/NEWS > $@ @@ -116,6 +120,9 @@ news/openssl-1.0.1-notes.inc: $(CHECKOUTS)/openssl-1.0.1-stable/NEWS news/openss news/openssl-1.0.2-notes.inc: $(CHECKOUTS)/openssl-1.0.2-stable/NEWS news/openssl-1.0.2-notes.html @rm -f $@ ./bin/mk-notes 1.0.2 < $(CHECKOUTS)/openssl-1.0.2-stable/NEWS > $@ +news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/master/NEWS news/openssl-1.1.0-notes.html + @rm -f $@ + ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/master/NEWS > $@ news/newsflash.inc: news/newsflash.txt sed <$? >$@ \ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 85554c25dc3b80f3ad588f1cc2c1c000c58b606b (commit) from 853d5312059e2ac68ad626555c2896e7e8c929bf (commit) - Log - commit 85554c25dc3b80f3ad588f1cc2c1c000c58b606b Author: Richard LevitteDate: Thu Dec 10 15:55:58 2015 +0100 Correct path for master --- Summary of changes: Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 3c3a7af..c2a245c 100644 --- a/Makefile +++ b/Makefile @@ -120,9 +120,9 @@ news/openssl-1.0.1-notes.inc: $(CHECKOUTS)/openssl-1.0.1-stable/NEWS news/openss news/openssl-1.0.2-notes.inc: $(CHECKOUTS)/openssl-1.0.2-stable/NEWS news/openssl-1.0.2-notes.html @rm -f $@ ./bin/mk-notes 1.0.2 < $(CHECKOUTS)/openssl-1.0.2-stable/NEWS > $@ -news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/master/NEWS news/openssl-1.1.0-notes.html +news/openssl-1.1.0-notes.inc: $(CHECKOUTS)/openssl/NEWS news/openssl-1.1.0-notes.html @rm -f $@ - ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/master/NEWS > $@ + ./bin/mk-notes 1.1.0 < $(CHECKOUTS)/openssl/NEWS > $@ news/newsflash.inc: news/newsflash.txt sed <$? >$@ \ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 6a9dca46f49636e1618fb5a2213eb4ae1da87c4a (commit) from 85554c25dc3b80f3ad588f1cc2c1c000c58b606b (commit) - Log - commit 6a9dca46f49636e1618fb5a2213eb4ae1da87c4a Author: Richard LevitteDate: Thu Dec 10 15:58:35 2015 +0100 Have the release notes account for pre-releases as well --- Summary of changes: bin/mk-notes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/mk-notes b/bin/mk-notes index 7738c6b..66c5937 100755 --- a/bin/mk-notes +++ b/bin/mk-notes @@ -8,7 +8,7 @@ my $copy = 0; my $in_ul = 0; while ( ) { chomp; -if (/^\s*(Major changes between|Known issues in).*(\d+\.\d+\.\d+)\D.*\[\d+\s(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s\d+\]:?$/) { +if (/^\s*(Major changes between|Known issues in).*(\d+\.\d+\.\d+)\D.*\[(in pre-release|\d+\s(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s\d+)\]:?$/) { if ($in_ul) { print "\n"; $in_ul = 0; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits