[openssl-commits] Build failed: openssl master.1909

[AppVeyor]

Build openssl master.1909 failed


Commit 8db12f8e3d by Richard Levitte on 3/8/2016 1:31 AM:

Fix engine/asm/e_padlock-x86.pl for newer semantics


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Jenkins build is back to normal : 1_0_2_nohw #419

[openssl . sanity]

See 

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1907

[AppVeyor]

Build openssl master.1907 failed


Commit 6f8a2d2905 by Richard Levitte on 3/7/2016 11:33 PM:

Adapt mk1mf.pl and companions to changed perlasm script semantics


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1906

[AppVeyor]

Build openssl master.1906 failed


Commit 9e4034521f by Richard Levitte on 3/7/2016 11:33 PM:

Adapt mk1mf.pl and companions to changed perlasm script semantics


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1905

[AppVeyor]

Build openssl master.1905 failed


Commit 9132d77782 by Todd Short on 3/5/2016 1:47 PM:

Fix ALPN


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1904

[AppVeyor]

Build openssl master.1904 failed


Commit 1094cd4773 by Todd Short on 3/5/2016 1:47 PM:

Fix ALPN


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1903

[AppVeyor]

Build openssl master.1903 failed


Commit 8fe340b5db by Bill Cox on 3/8/2016 12:25 AM:

Merged with master


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: openssl/openssl#2589 (master - ebc4815)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2589
Status: Failed

Duration: 21 minutes and 58 seconds
Commit: ebc4815 (master)
Author: Viktor Dukhovni
Message: Don't free NCONF obtained values

Bug reported by Michel Sales.

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/e1d9f1ab39ee...ebc4815fa56b

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114396933

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1902

[AppVeyor]

Build openssl master.1902 failed


Commit a361438d3c by Richard Levitte on 3/7/2016 11:33 PM:

Adapt mk1mf.pl and companions to changed perlasm script semantics


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: openssl/openssl#2587 (master - e1d9f1a)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2587
Status: Failed

Duration: 22 minutes and 40 seconds
Commit: e1d9f1a (master)
Author: Dr. Stephen Henson
Message: Remove kinv/r fields from DSA structure.

The kinv/r fields in the DSA structure are not used by OpenSSL internally
and should not be used in general.

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/f7c4584b1532...e1d9f1ab39ee

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114376603

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1899

[AppVeyor]

Build openssl master.1899 failed


Commit ebc4815fa5 by Viktor Dukhovni on 3/7/2016 11:54 PM:

Don't free NCONF obtained values


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1898

[AppVeyor]

Build openssl master.1898 failed


Commit 6c1541f614 by Richard Levitte on 3/7/2016 11:33 PM:

Adapt mk1mf.pl and companions to changed perlasm script semantics


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1897

[AppVeyor]

Build openssl master.1897 failed


Commit e1d9f1ab39 by Dr. Stephen Henson on 3/7/2016 10:15 PM:

Remove kinv/r fields from DSA structure.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1896

[AppVeyor]

Build openssl master.1896 failed


Commit 2d736a22b3 by FdaSilvaYY on 3/7/2016 8:00 PM:

fix cert leaks in s_server


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1895

[AppVeyor]

Build openssl master.1895 failed


Commit 2d736a22b3 by FdaSilvaYY on 3/7/2016 8:00 PM:

cert leak in s_server


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: FdaSilvaYY/openssl#139 (cert_leak - 30f743a)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #139
Status: Failed

Duration: 23 minutes and 38 seconds
Commit: 30f743a (cert_leak)
Author: FdaSilvaYY
Message: fix cert leaks in s_server

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/f3efce27a549...30f743a3f553

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114376351

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1893

[AppVeyor]

Build openssl master.1893 failed


Commit 92808e6470 by FdaSilvaYY on 2/14/2016 9:42 AM:

Add checks on CRYPTO_set_ex_data return value


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: FdaSilvaYY/openssl#136 (ex_data-fixes - 3a10c45)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #136
Status: Still Failing

Duration: 27 minutes and 59 seconds
Commit: 3a10c45 (ex_data-fixes)
Author: FdaSilvaYY
Message: Add checks on CRYPTO_set_ex_data return value

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/08e481bf1655...3a10c45dd5bb

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114371040

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: FdaSilvaYY/openssl#135 (more-zalloc2 - 912f1de)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #135
Status: Still Failing

Duration: 36 minutes and 34 seconds
Commit: 912f1de (more-zalloc2)
Author: FdaSilvaYY
Message: Add more zalloc

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/3ce1d480fca5...912f1dea19c6

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114369606

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.1891

[AppVeyor]

Build openssl master.1891 failed


Commit 53c6f12c12 by Kurt Roeckx on 3/7/2016 9:58 PM:

AppVeyor: Only use the latest VS version


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Viktor Dukhovni]

The branch master has been updated
   via  ebc4815fa56b64d711ada36899a35182a99cbbdb (commit)
  from  e1d9f1ab39eeab0c3c2b9415e08c05858f77 (commit)


- Log -
commit ebc4815fa56b64d711ada36899a35182a99cbbdb
Author: Viktor Dukhovni 
Date:   Sun Mar 6 20:01:20 2016 -0500

Don't free NCONF obtained values

Bug reported by Michel Sales.

Reviewed-by: Rich Salz 

---

Summary of changes:
 apps/req.c | 24 +++-
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index 693acc2..b128fa8 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -198,7 +198,9 @@ int req_main(int argc, char **argv)
 char *extensions = NULL, *infile = NULL;
 char *outfile = NULL, *keyfile = NULL, *inrand = NULL;
 char *keyalgstr = NULL, *p, *prog, *passargin = NULL, *passargout = NULL;
-char *passin = NULL, *passout = NULL, *req_exts = NULL, *subj = NULL;
+char *passin = NULL, *passout = NULL;
+char *nofree_passin = NULL, *nofree_passout = NULL;
+char *req_exts = NULL, *subj = NULL;
 char *template = default_config_file, *keyout = NULL;
 const char *keyalg = NULL;
 OPTION_CHOICE o;
@@ -436,15 +438,17 @@ int req_main(int argc, char **argv)
 }
 }
 
-if (!passin) {
-passin = NCONF_get_string(req_conf, SECTION, "input_password");
-if (!passin)
+if (passin == NULL) {
+passin = nofree_passin =
+NCONF_get_string(req_conf, SECTION, "input_password");
+if (passin == NULL)
 ERR_clear_error();
 }
 
-if (!passout) {
-passout = NCONF_get_string(req_conf, SECTION, "output_password");
-if (!passout)
+if (passout == NULL) {
+passout = nofree_passout =
+NCONF_get_string(req_conf, SECTION, "output_password");
+if (passout == NULL)
 ERR_clear_error();
 }
 
@@ -862,8 +866,10 @@ int req_main(int argc, char **argv)
 X509_REQ_free(req);
 X509_free(x509ss);
 ASN1_INTEGER_free(serial);
-OPENSSL_free(passin);
-OPENSSL_free(passout);
+if (passin != nofree_passin)
+OPENSSL_free(passin);
+if (passout != nofree_passout)
+OPENSSL_free(passout);
 OBJ_cleanup();
 return (ret);
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2538 (master - 48fe8ab)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2538
Status: Canceled

Duration: 0 seconds
Commit: 48fe8ab (master)
Author: Dr. Stephen Henson
Message: make update

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/1e61392296d1...48fe8ab02e70

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114293661

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2540 (master - 0543603)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2540
Status: Canceled

Duration: 3 minutes and 19 seconds
Commit: 0543603 (master)
Author: Billy Brumley
Message: documentation and duplicate goto statements

Reviewed-by: Kurt Roeckx 
Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/c292b105b1d0...0543603abf9d

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114295717

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2540 (master - 0543603)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2540
Status: Canceled

Duration: 3 minutes and 19 seconds
Commit: 0543603 (master)
Author: Billy Brumley
Message: documentation and duplicate goto statements

Reviewed-by: Kurt Roeckx 
Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/c292b105b1d0...0543603abf9d

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114295717

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2540 (master - 0543603)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2540
Status: Canceled

Duration: 3 minutes and 19 seconds
Commit: 0543603 (master)
Author: Billy Brumley
Message: documentation and duplicate goto statements

Reviewed-by: Kurt Roeckx 
Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/c292b105b1d0...0543603abf9d

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114295717

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2538 (master - 48fe8ab)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2538
Status: Canceled

Duration: 0 seconds
Commit: 48fe8ab (master)
Author: Dr. Stephen Henson
Message: make update

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/1e61392296d1...48fe8ab02e70

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114293661

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2539 (master - c292b10)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2539
Status: Canceled

Duration: 3 minutes and 7 seconds
Commit: c292b10 (master)
Author: Matt Caswell
Message: Remove use of CRYPTO_LOCK_INIT in init code

Swap the use of CRYPTO_LOCK_INIT in the init code to use the new threading
API mechanism for locking.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/48fe8ab02e70...c292b105b1d0

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114295309

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: openssl/openssl#2539 (master - c292b10)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2539
Status: Canceled

Duration: 3 minutes and 7 seconds
Commit: c292b10 (master)
Author: Matt Caswell
Message: Remove use of CRYPTO_LOCK_INIT in init code

Swap the use of CRYPTO_LOCK_INIT in the init code to use the new threading
API mechanism for locking.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/48fe8ab02e70...c292b105b1d0

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114295309

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#2537 (master - 1e61392)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2537
Status: Errored

Duration: 20 seconds
Commit: 1e61392 (master)
Author: Andrea Grandi
Message: Add support to ASYNC_WAIT_CTX to speed

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 

View the changeset: 
https://github.com/openssl/openssl/compare/a556f3422014...1e61392296d1

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114283102

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  e1d9f1ab39eeab0c3c2b9415e08c05858f77 (commit)
  from  f7c4584b15320d94863daba2996eee21dde23732 (commit)


- Log -
commit e1d9f1ab39eeab0c3c2b9415e08c05858f77
Author: Dr. Stephen Henson 
Date:   Mon Mar 7 17:31:00 2016 +

Remove kinv/r fields from DSA structure.

The kinv/r fields in the DSA structure are not used by OpenSSL internally
and should not be used in general.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/dsa/dsa_lib.c  |  2 --
 crypto/dsa/dsa_ossl.c | 12 ++--
 include/openssl/dsa.h |  2 --
 3 files changed, 2 insertions(+), 14 deletions(-)

diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index f892973..f7795b2 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -180,8 +180,6 @@ void DSA_free(DSA *r)
 BN_clear_free(r->g);
 BN_clear_free(r->pub_key);
 BN_clear_free(r->priv_key);
-BN_clear_free(r->kinv);
-BN_clear_free(r->r);
 OPENSSL_free(r);
 }
 
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index cbc1e41..0874e89 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -158,16 +158,8 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int 
dlen, DSA *dsa)
 if (ctx == NULL)
 goto err;
  redo:
-if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
-if (!dsa_sign_setup(dsa, ctx, , , dgst, dlen))
-goto err;
-} else {
-kinv = dsa->kinv;
-dsa->kinv = NULL;
-r = dsa->r;
-dsa->r = NULL;
-noredo = 1;
-}
+if (!dsa_sign_setup(dsa, ctx, , , dgst, dlen))
+goto err;
 
 if (dlen > BN_num_bytes(dsa->q))
 /*
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index 643fee4..a338eae 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -164,8 +164,6 @@ struct dsa_st {
 BIGNUM *g;
 BIGNUM *pub_key;/* y public key */
 BIGNUM *priv_key;   /* x private key */
-BIGNUM *kinv;   /* Signing pre-calc */
-BIGNUM *r;  /* Signing pre-calc */
 int flags;
 /* Normally used to cache montgomery values */
 BN_MONT_CTX *method_mont_p;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  f7c4584b15320d94863daba2996eee21dde23732 (commit)
  from  53c6f12c1247b1e9444acd11ed85fd8afca01830 (commit)


- Log -
commit f7c4584b15320d94863daba2996eee21dde23732
Author: Mat 
Date:   Mon Mar 7 22:59:13 2016 +0100

GH812: Fix for no-ui build on Windows

Add UI to known algorithms in mkdef.pl

Signed-off-by: Rich Salz 
Reviewed-by: Richard Levitte 

---

Summary of changes:
 util/mkdef.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/util/mkdef.pl b/util/mkdef.pl
index 07117e9..8578171 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -116,6 +116,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", 
"DES", "BF",
 "SSL_TRACE",
 # Unit testing
 "UNIT_TEST",
+# User Interface
+"UI",
 # OCB mode
 "OCB",
  # APPLINK (win build feature?)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: FdaSilvaYY/openssl#129 (more-zalloc2 - 3ce1d48)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #129
Status: Failed

Duration: 56 minutes and 6 seconds
Commit: 3ce1d48 (more-zalloc2)
Author: FdaSilvaYY
Message: Add more zalloc

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/10cc715b85a5...3ce1d480fca5

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114353520

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#2536 (master - a556f34)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2536
Status: Errored

Duration: 9 seconds
Commit: a556f34 (master)
Author: Emilia Kasper
Message: Rework the default cipherlist.

 - Always prefer forward-secure handshakes.
 - Consistently order ECDSA above RSA.
 - Next, always prefer AEADs to non-AEADs, irrespective of strength.
 - Within AEADs, prefer GCM > CHACHA > CCM for a given strength.
 - Prefer TLS v1.2 ciphers to legacy ciphers.
 - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default
   list to reduce ClientHello bloat.

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/3ed1839dc3ad...a556f3422014

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114276640

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Kurt Roeckx]

The branch master has been updated
   via  53c6f12c1247b1e9444acd11ed85fd8afca01830 (commit)
  from  3720597107b957b48e4a57b503c56feb5bff653f (commit)


- Log -
commit 53c6f12c1247b1e9444acd11ed85fd8afca01830
Author: Kurt Roeckx 
Date:   Mon Mar 7 22:40:56 2016 +0100

AppVeyor: Only use the latest VS version

Reviewed-by: Rich Salz 

GH: #811

---

Summary of changes:
 appveyor.yml | 13 -
 1 file changed, 13 deletions(-)

diff --git a/appveyor.yml b/appveyor.yml
index 8695359..dda4dba 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -4,25 +4,12 @@ platform:
 
 environment:
 matrix:
-- VSVER: 9
-- VSVER: 10
-- VSVER: 11
-- VSVER: 12
 - VSVER: 14
 
 configuration:
 - plain
 - shared
 
-matrix:
-allow_failures:
-- platform: x64
-  VSVER: 9
-- platform: x64
-  VSVER: 10
-- platform: x64
-  VSVER: 11
-
 before_build:
 - ps: >-
 If ($env:Platform -Match "x86") {
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl ct_silence_log_list_missing.190

[AppVeyor]

Build openssl ct_silence_log_list_missing.190 failed


Commit d31b73f416 by Rob Percival on 3/4/2016 6:06 PM:

Do not display an error message if the default CT log list is not found


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl 131

[AppVeyor]

Build openssl 131 failed


Commit 369776c981 by Alessandro Ghedini on 3/6/2016 12:54 PM:

Convert CRYPTO_LOCK_EX_DATA to new multi-threading API


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl 1.0.14

[AppVeyor]

Build openssl 1.0.14 failed


Commit 659aacc915 by Andrea Grandi on 3/7/2016 11:20 AM:

Add empty line after local variables


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  122499dd145ba7456ad9ee32fe93a1727bea7be7 (commit)
  from  210efa8badbd5365e1aec3f901c396434ae605be (commit)


- Log -
commit 122499dd145ba7456ad9ee32fe93a1727bea7be7
Author: Matt Caswell 
Date:   Mon Mar 7 20:21:16 2016 +

make update

Reviewed-by: Rich Salz 

---

Summary of changes:
 util/libcrypto.num | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/util/libcrypto.num b/util/libcrypto.num
index e6c5b35..2b77bd5 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1151,7 +1151,7 @@ i2d_X509_EXTENSIONS 1116  1_1_0   
EXIST::FUNCTION:
 X509_STORE_CTX_get0_store   1117   1_1_0   EXIST::FUNCTION:
 PKCS12_pack_p7data  1118   1_1_0   EXIST::FUNCTION:
 RSA_print_fp1119   1_1_0   
EXIST::FUNCTION:RSA,STDIO
-OPENSSL_INIT_set_config_filename1120   1_1_0   EXIST::FUNCTION:
+OPENSSL_INIT_set_config_filename1120   1_1_0   EXIST::FUNCTION:STDIO
 EC_KEY_print_fp 1121   1_1_0   EXIST::FUNCTION:EC,STDIO
 BIO_dup_chain   1122   1_1_0   EXIST::FUNCTION:
 PKCS8_PRIV_KEY_INFO_it  1123   1_1_0   
EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -3439,7 +3439,7 @@ OBJ_sn2nid  3324  1_1_0   
EXIST::FUNCTION:
 CTLOG_free  3325   1_1_0   EXIST::FUNCTION:
 EVP_CIPHER_meth_dup 3326   1_1_0   EXIST::FUNCTION:
 CMS_get1_crls   3327   1_1_0   EXIST::FUNCTION:CMS
-X509_aux_print  3328   1_1_0   EXIST::FUNCTION:STDIO
+X509_aux_print  3328   1_1_0   EXIST::FUNCTION:
 DSO_set_name_converter  3329   1_1_0   EXIST::FUNCTION:
 OPENSSL_thread_stop 3330   1_1_0   EXIST::FUNCTION:
 X509_policy_node_get0_parent3331   1_1_0   EXIST::FUNCTION:
@@ -4040,3 +4040,4 @@ CMS_unsigned_add1_attr  3905  1_1_0   
EXIST::FUNCTION:CMS
 lh_doall3906   1_1_0   EXIST::FUNCTION:
 PKCS8_pkey_get0_attrs   3907   1_1_0   EXIST::FUNCTION:
 PKCS8_pkey_add1_attr_by_NID 3908   1_1_0   EXIST::FUNCTION:
+ASYNC_is_capable3909   1_1_0   EXIST::FUNCTION:
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Andy Polyakov]

The branch OpenSSL_1_0_1-stable has been updated
   via  a15971944091fa01d959566b17ce86225346c83c (commit)
  from  6e7a1f35b71f35296257ce634fce933f8fe41c8c (commit)


- Log -
commit a15971944091fa01d959566b17ce86225346c83c
Author: Andy Polyakov 
Date:   Fri Mar 4 11:39:11 2016 +0100

bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.

Some OSes, *cough*-dows, insist on stack being "wired" to
physical memory in strictly sequential manner, i.e. if stack
allocation spans two pages, then reference to farmost one can
be punishable by SEGV. But page walking can do good even on
other OSes, because it guarantees that villain thread hits
the guard page before it can make damage to innocent one...

Reviewed-by: Rich Salz 
(cherry picked from commit adc4f1fc25b2cac90076f1e1695b05b7aeeae501)

Resolved conflicts:
crypto/bn/asm/x86_64-mont.pl
crypto/bn/asm/x86_64-mont5.pl

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/bn/asm/x86-mont.pl | 15 +++
 crypto/bn/asm/x86_64-mont.pl  | 40 +---
 crypto/bn/asm/x86_64-mont5.pl | 22 ++
 3 files changed, 74 insertions(+), 3 deletions(-)

diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
index e8f6b05..89f4de6 100755
--- a/crypto/bn/asm/x86-mont.pl
+++ b/crypto/bn/asm/x86-mont.pl
@@ -85,6 +85,21 @@ $frame=32;   # size of above frame 
rounded up to 16n
 
("esp",-64);# align to cache line
 
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   ("eax","ebp");
+   ("eax","esp");
+   ("eax",-4096);
+_label("page_walk");
+   ("edx",(0,"esp","eax"));
+   ("eax",4096);
+   _byte(0x2e);
+   (("page_walk"));
+
# load argument block...
("eax",(0*4,"esi"));# BN_ULONG *rp
("ebx",(1*4,"esi"));# const BN_ULONG *ap
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index 17fb94c..c8ae019 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -91,6 +91,20 @@ bn_mul_mont:
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul_body:
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x66,0x2e   # predict non-taken
+   jnc .Lmul_page_walk
+
mov $bp,%r12# reassign $bp
 ___
$bp="%r12";
@@ -296,6 +310,14 @@ bn_mul4x_mont:
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul4x_body:
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul4x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lmul4x_page_walk
+
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12   # reassign $bp
 ___
@@ -707,6 +729,7 @@ $code.=<<___;
 .align 16
 bn_sqr4x_mont:
 .Lsqr4x_enter:
+   mov %rsp,%rax
push%rbx
push%rbp
push%r12
@@ -715,12 +738,23 @@ bn_sqr4x_mont:
push%r15
 
shl \$3,${num}d # convert $num to bytes
-   xor %r10,%r10
mov %rsp,%r11   # put aside %rsp
-   sub $num,%r10   # -$num
+   neg $num# -$num
mov ($n0),$n0   # *n0
-   lea -72(%rsp,%r10,2),%rsp   # alloca(frame+2*$num)
+   lea -72(%rsp,$num,2),%rsp   # alloca(frame+2*$num)
and \$-1024,%rsp# minimize TLB usage
+
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lsqr4x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lsqr4x_page_walk
+
+   mov   

[openssl-commits] Canceled: FdaSilvaYY/openssl#127 (more-zalloc2 - 0ecd5be)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #127
Status: Canceled

Duration: 14 seconds
Commit: 0ecd5be (more-zalloc2)
Author: FdaSilvaYY
Message: fix build

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/d3e999247b64...0ecd5be9894f

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114347284

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: FdaSilvaYY/openssl#127 (more-zalloc2 - 0ecd5be)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #127
Status: Canceled

Duration: 14 seconds
Commit: 0ecd5be (more-zalloc2)
Author: FdaSilvaYY
Message: fix build

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/d3e999247b64...0ecd5be9894f

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114347284

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: FdaSilvaYY/openssl#127 (more-zalloc2 - 0ecd5be)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #127
Status: Canceled

Duration: 14 seconds
Commit: 0ecd5be (more-zalloc2)
Author: FdaSilvaYY
Message: fix build

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/d3e999247b64...0ecd5be9894f

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114347284

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Canceled: FdaSilvaYY/openssl#127 (more-zalloc2 - 0ecd5be)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #127
Status: Canceled

Duration: 14 seconds
Commit: 0ecd5be (more-zalloc2)
Author: FdaSilvaYY
Message: fix build

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/d3e999247b64...0ecd5be9894f

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114347284

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: FdaSilvaYY/openssl#126 (more-zalloc2 - d3e9992)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #126
Status: Errored

Duration: 16 seconds
Commit: d3e9992 (more-zalloc2)
Author: FdaSilvaYY
Message: fix build

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/44f3a511a27d...d3e999247b64

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114346896

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  37b1f8bd6260ab7d07dcc5c16f2ed88941278e82 (commit)
  from  95e040bb2b36aeee61262cc2fdc50c57dd0b863a (commit)


- Log -
commit 37b1f8bd6260ab7d07dcc5c16f2ed88941278e82
Author: Rich Salz 
Date:   Mon Mar 7 15:32:18 2016 -0500

Revert "Allow OPENSSL_NO_SOCK in e_os.h even for non-Windows/DOS platforms"

This reverts commit 963bb62195109fb863dc4d88c7470ce7f9af25ac.

Reviewed-by: Tim Hudson 

---

Summary of changes:
 e_os.h | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/e_os.h b/e_os.h
index 870c7a7..41ab7bb 100644
--- a/e_os.h
+++ b/e_os.h
@@ -460,7 +460,10 @@ extern int kbhit(void);
 # endif
 
 # ifdef USE_SOCKETS
-#  ifdef OPENSSL_NO_SOCK
+#  if defined(WINDOWS) || defined(MSDOS)
+  /* windows world */
+
+#   ifdef OPENSSL_NO_SOCK
 #define OpenSSL_Write(a,b,c)   (-1)
 #define OpenSSL_Read(a,b,c)(-1)
 #   elif !defined(__DJGPP__)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl ct_x509_log_names.189

[AppVeyor]

Build openssl ct_x509_log_names.189 failed


Commit 57a1a07e2b by Rob Percival on 3/4/2016 5:20 PM:

Makes x509 app show name of CT log that each SCT came from


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: FdaSilvaYY/openssl#124 (ex_data-fixes - 1e1e46e)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #124
Status: Failed

Duration: 25 seconds
Commit: 1e1e46e (ex_data-fixes)
Author: FdaSilvaYY
Message: Add checks on CRYPTO_set_ex_data return value

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/c61e092a2024...1e1e46ea9aa8

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/114337464

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  95e040bb2b36aeee61262cc2fdc50c57dd0b863a (commit)
  from  ec59112a822e16a539bc5dd1b8bed12afbcb82b8 (commit)


- Log -
commit 95e040bb2b36aeee61262cc2fdc50c57dd0b863a
Author: Rich Salz 
Date:   Sat Mar 5 01:13:58 2016 -0500

Fix pkeyutl to KDF lnks.

Reviewed-by: Viktor Dukhovni 

---

Summary of changes:
 doc/apps/pkeyutl.pod | 2 +-
 doc/crypto/EVP_PKEY_HKDF.pod | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod
index 1c8e83f..fed683f 100644
--- a/doc/apps/pkeyutl.pod
+++ b/doc/apps/pkeyutl.pod
@@ -263,7 +263,7 @@ Derive a shared secret value:
  openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
 
 Hexdump 48 bytes of TLS1 PRF using digest B and shared secret and
-seed consisting of the single byte 0xFF.
+seed consisting of the single byte 0xFF:
 
  openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
 -pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump
diff --git a/doc/crypto/EVP_PKEY_HKDF.pod b/doc/crypto/EVP_PKEY_HKDF.pod
index 00c0a76..8a5ef98 100644
--- a/doc/crypto/EVP_PKEY_HKDF.pod
+++ b/doc/crypto/EVP_PKEY_HKDF.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-EVP_PKEY_HKDF; EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt,
+EVP_PKEY_HKDF, EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt,
 EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info -
 HMAC-based Extract-and-Expand key derivation algorithm
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#2529 (master - 3ed1839)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2529
Status: Errored

Duration: 48 minutes and 50 seconds
Commit: 3ed1839 (master)
Author: Andy Polyakov
Message: Makefile.in: populate [PLIB_]LDFLAG even with $target{} settings.

RT#4373

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/adc4f1fc25b2...3ed1839dc3ad

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114245480

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  8731a4fcd267d56cab2ad6d7cfac2c846c413a5d (commit)
  from  2b2b96847d7f22b24109a53a57c6d4d371209de3 (commit)


- Log -
commit 8731a4fcd267d56cab2ad6d7cfac2c846c413a5d
Author: Rich Salz 
Date:   Wed Mar 2 16:12:46 2016 -0500

ISSUE 43: Add BIO_sock_shutdown

This replaces SHUTDOWN/SHUTDOWN2 with BIO_closesocket.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 apps/s_client.c|  8 
 apps/s_server.c|  6 +++---
 apps/s_socket.c|  6 +++---
 apps/s_time.c  |  6 +++---
 crypto/bio/bss_dgram.c |  2 +-
 crypto/bio/bss_sock.c  |  2 +-
 e_os.h | 10 --
 7 files changed, 15 insertions(+), 25 deletions(-)

diff --git a/apps/s_client.c b/apps/s_client.c
index cce8e24..247bdbf 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1735,7 +1735,7 @@ int s_client_main(int argc, char **argv)
 if (init_client(, host, port, socket_family, socket_type) == 0)
 {
 BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
-SHUTDOWN(s);
+BIO_closesocket(s);
 goto end;
 }
 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s);
@@ -1753,7 +1753,7 @@ int s_client_main(int argc, char **argv)
 if (getsockname(s, , (void *)) < 0) {
 BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
-SHUTDOWN(s);
+BIO_closesocket(s);
 goto end;
 }
 
@@ -2135,7 +2135,7 @@ int s_client_main(int argc, char **argv)
"drop connection and then reconnect\n");
 do_ssl_shutdown(con);
 SSL_set_connect_state(con);
-SHUTDOWN(SSL_get_fd(con));
+BIO_closesocket(SSL_get_fd(con));
 goto re_start;
 }
 }
@@ -2452,7 +2452,7 @@ int s_client_main(int argc, char **argv)
 if (in_init)
 print_stuff(bio_c_out, con, full_log);
 do_ssl_shutdown(con);
-SHUTDOWN(SSL_get_fd(con));
+BIO_closesocket(SSL_get_fd(con));
  end:
 if (con != NULL) {
 if (prexit != 0)
diff --git a/apps/s_server.c b/apps/s_server.c
index 5ac3d8f..99442cd 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2245,7 +2245,7 @@ static int sv_body(int s, int stype, unsigned char 
*context)
 if ((i <= 0) || (buf[0] == 'Q')) {
 BIO_printf(bio_s_out, "DONE\n");
 (void)BIO_flush(bio_s_out);
-SHUTDOWN(s);
+BIO_closesocket(s);
 close_accept_socket();
 ret = -11;
 goto err;
@@ -2254,7 +2254,7 @@ static int sv_body(int s, int stype, unsigned char 
*context)
 BIO_printf(bio_s_out, "DONE\n");
 (void)BIO_flush(bio_s_out);
 if (SSL_version(con) != DTLS1_VERSION)
-SHUTDOWN(s);
+BIO_closesocket(s);
 /*
  * close_accept_socket(); ret= -11;
  */
@@ -2451,7 +2451,7 @@ static void close_accept_socket(void)
 {
 BIO_printf(bio_err, "shutdown accept socket\n");
 if (accept_socket >= 0) {
-SHUTDOWN2(accept_socket);
+BIO_closesocket(accept_socket);
 }
 }
 
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 958dd78..00556bc 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -266,11 +266,11 @@ int do_server(int *accept_sock, const char *host, const 
char *port,
 } while (sock < 0 && BIO_sock_should_retry(ret));
 if (sock < 0) {
 ERR_print_errors(bio_err);
-SHUTDOWN(asock);
+BIO_closesocket(asock);
 break;
 }
 i = (*cb)(sock, type, context);
-SHUTDOWN2(sock);
+BIO_closesocket(sock);
 } else {
 i = (*cb)(asock, type, context);
 }
@@ -278,7 +278,7 @@ int do_server(int *accept_sock, const char *host, const 
char *port,
 if (naccept != -1)
 naccept--;
 if (i < 0 || naccept == 0) {
-SHUTDOWN2(asock);
+BIO_closesocket(asock);
 ret = i;
 break;
 }
diff --git a/apps/s_time.c b/apps/s_time.c
index fd00148..cc9a979 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -292,7 +292,7 @@ int s_time_main(int argc, char **argv)
 #else
 SSL_shutdown(scon);
 #endif
-SHUTDOWN2(SSL_get_fd(scon));
+BIO_closesocket(SSL_get_fd(scon));
 
 nConn += 1;
 if (SSL_session_reused(scon))
@@ -349,7 +349,7 @@ int s_time_main(int argc, char **argv)
 #else
 SSL_shutdown(scon);
 

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  2b2b96847d7f22b24109a53a57c6d4d371209de3 (commit)
   via  11c8bc42f7b3c84588fa3354b91424df73471de1 (commit)
  from  3f3c7d26d577902a542bf226a091aab93ea1ff96 (commit)


- Log -
commit 2b2b96847d7f22b24109a53a57c6d4d371209de3
Author: Rob Percival 
Date:   Mon Mar 7 17:58:49 2016 +

Minor update to includes and documentation for ct_test.c

Reviewed-by: Emilia Käsper 
Reviewed-by: Rich Salz 

commit 11c8bc42f7b3c84588fa3354b91424df73471de1
Author: Rob Percival 
Date:   Mon Mar 7 17:58:14 2016 +

Remove OPENSSL_NO_UNIT_TEST guard from ct_test.c

Reviewed-by: Emilia Käsper 
Reviewed-by: Rich Salz 

---

Summary of changes:
 test/ct_test.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/test/ct_test.c b/test/ct_test.c
index 30e1ac6..90c3c08 100644
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -1,5 +1,5 @@
 /*
- * Tests the Certificate Transparency public and internal APIs.
+ * Tests the Certificate Transparency public API.
  *
  * Author:  Rob Percival (robperci...@google.com)
  *
@@ -59,12 +59,12 @@
 
 #include 
 #include 
-#include 
+#include 
 #include 
 #include 
 #include "testutil.h"
 
-#if !defined(OPENSSL_NO_CT) && !defined(OPENSSL_NO_UNIT_TEST)
+#ifndef OPENSSL_NO_CT
 
 /* Used when declaring buffers to read text files into */
 #define CT_TEST_MAX_FILE_SIZE 8096
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl 1.0.13

[AppVeyor]

Build openssl 1.0.13 failed


Commit 2ef07b9727 by Andrea Grandi on 3/7/2016 11:02 AM:

Fix error with wait set of fds for the select()


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: agrandi/openssl#15 (fix-wait-ctx - 659aacc)

[Travis CI]

Build Update for agrandi/openssl
-

Build: #15
Status: Failed

Duration: 1 minute and 47 seconds
Commit: 659aacc (fix-wait-ctx)
Author: Andrea Grandi
Message: Add empty line after local variables

View the changeset: 
https://github.com/agrandi/openssl/compare/2ef07b9727e8...659aacc9154e

View the full build log and details: 
https://travis-ci.org/agrandi/openssl/builds/114304192

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#2528 (master - adc4f1f)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2528
Status: Errored

Duration: 1 hour, 11 minutes, and 2 seconds
Commit: adc4f1f (master)
Author: Andy Polyakov
Message: bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.

Some OSes, *cough*-dows, insist on stack being "wired" to
physical memory in strictly sequential manner, i.e. if stack
allocation spans two pages, then reference to farmost one can
be punishable by SEGV. But page walking can do good even on
other OSes, because it guarantees that villain thread hits
the guard page before it can make damage to innocent one...

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/56cd71b46e5f...adc4f1fc25b2

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114244918

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  c6912adf0c07227b18be3d8ef12d92ad7fc4318a (commit)
  from  fa657fc8df1744d1531aba2e269e03d73a12fda9 (commit)


- Log -
commit c6912adf0c07227b18be3d8ef12d92ad7fc4318a
Author: Richard Levitte 
Date:   Mon Mar 7 18:58:25 2016 +0100

Fix the build tree include directory for afalg engine

Reviewed-by: Rich Salz 

---

Summary of changes:
 engines/afalg/build.info | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engines/afalg/build.info b/engines/afalg/build.info
index 763b35f..ecbc9a1 100644
--- a/engines/afalg/build.info
+++ b/engines/afalg/build.info
@@ -8,6 +8,6 @@ IF[{- !$disabled{afalg} -}]
   ENGINES=afalg
   SOURCE[afalg]=e_afalg.c e_afalg_err.c
   DEPEND[afalg]=../../libcrypto
-  INCLUDE[afalg]= {- rel2abs(catdir($builddir,"../include")) -} ../../include
+  INCLUDE[afalg]= {- rel2abs(catdir($builddir,"../../include")) -} 
../../include
  ENDIF
 ENDIF
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  fa657fc8df1744d1531aba2e269e03d73a12fda9 (commit)
  from  db922318b3470db8629979f24d4f0f82e9561190 (commit)


- Log -
commit fa657fc8df1744d1531aba2e269e03d73a12fda9
Author: Richard Levitte 
Date:   Sat Mar 5 19:05:25 2016 +0100

Make OpenSSL::Test::setup() a bit more forgiving

It was unexpected that OpenSSL::Test::setup() should be called twice
by the same recipe.  However, that may happen if a recipe combines
OpenSSL::Test and OpenSSL::Test::Simple, which can be a sensible thing
to do.  Therefore, we now allow it.

Reviewed-by: Rich Salz 

---

Summary of changes:
 test/testlib/OpenSSL/Test.pm | 10 --
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/test/testlib/OpenSSL/Test.pm b/test/testlib/OpenSSL/Test.pm
index 5139a5e..ecac93f 100644
--- a/test/testlib/OpenSSL/Test.pm
+++ b/test/testlib/OpenSSL/Test.pm
@@ -121,9 +121,15 @@ is defined).
 =cut
 
 sub setup {
+my $old_test_name = $test_name;
 $test_name = shift;
 
 BAIL_OUT("setup() must receive a name") unless $test_name;
+warn "setup() detected test name change.  Innocuous, so we continue...\n"
+if $old_test_name && $old_test_name ne $test_name;
+
+return if $old_test_name;
+
 BAIL_OUT("setup() needs \$TOP or \$SRCTOP and \$BLDTOP to be defined")
 unless $ENV{TOP} || ($ENV{SRCTOP} && $ENV{BLDTOP});
 BAIL_OUT("setup() found both \$TOP and \$SRCTOP or \$BLDTOP...")
@@ -131,8 +137,8 @@ sub setup {
 
 __env();
 
-BAIL_OUT("setup() expects the file Configure in the \$TOP directory")
-   unless -f srctop_file("Configure");
+BAIL_OUT("setup() expects the file Configure in the source top directory")
+unless -f srctop_file("Configure");
 
 __cwd($directories{RESULTS});
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Kurt Roeckx]

The branch OpenSSL_1_0_1-stable has been updated
   via  6e7a1f35b71f35296257ce634fce933f8fe41c8c (commit)
  from  01992513186f3954934d08ef500bfd7cd55306a0 (commit)


- Log -
commit 6e7a1f35b71f35296257ce634fce933f8fe41c8c
Author: Kurt Roeckx 
Date:   Sun Jan 10 13:23:43 2016 +0100

Remove LOW from the default

Reviewed-by: Viktor Dukhovni 
(cherry picked from commit 29cce508972f61511318bf8cf7011fae027cddb2)

---

Summary of changes:
 CHANGES  |  4 ++-
 doc/apps/ciphers.pod |  2 +-
 ssl/s2_lib.c | 16 +-
 ssl/s3_lib.c | 88 ++--
 ssl/ssl.h|  2 +-
 ssl/ssl_ciph.c   | 16 +-
 ssl/ssl_locl.h   |  3 +-
 7 files changed, 67 insertions(+), 64 deletions(-)

diff --git a/CHANGES b/CHANGES
index 2a78cc4..b0222cf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
 
  Changes between 1.0.1s and 1.0.1t [xx XXX ]
 
-  *)
+  *) Remove LOW from the DEFAULT cipher list.  This removes singles DES from 
the
+ default.
+ [Kurt Roeckx]
 
  Changes between 1.0.1r and 1.0.1s [1 Mar 2016]
 
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 888b8ed..34bb816 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -107,7 +107,7 @@ The following is a list of all permitted cipher strings and 
their meanings.
 
 The default cipher list.
 This is determined at compile time and is normally
-B.
+B.
 When used, this must be the first cipherstring specified.
 
 =item B
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 82c1731..7bcb81a 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -150,7 +150,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -167,7 +167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL2_CF_5_BYTE_ENC,
  40,
  128,
@@ -184,7 +184,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -201,7 +201,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL2_CF_5_BYTE_ENC,
  40,
  128,
@@ -219,7 +219,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_IDEA,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -237,7 +237,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_DES,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  0,
  56,
  56,
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_3DES,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
  0,
  112,
  168,
@@ -271,7 +271,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  SSL2_CF_8_BYTE_ENC,
  64,
  64,
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a48f2b6..35d6587 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -213,7 +213,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  128,
@@ -263,7 +263,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  128,
@@ -299,7 +299,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  56,
@@ -317,7 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  56,
  56,
@@ -352,7 +352,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- 

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Kurt Roeckx]

The branch OpenSSL_1_0_2-stable has been updated
   via  29cce508972f61511318bf8cf7011fae027cddb2 (commit)
  from  01c32b5e448f6d42a23ff16bdc6bb0605287fa6f (commit)


- Log -
commit 29cce508972f61511318bf8cf7011fae027cddb2
Author: Kurt Roeckx 
Date:   Sun Jan 10 13:23:43 2016 +0100

Remove LOW from the default

Reviewed-by: Viktor Dukhovni 

---

Summary of changes:
 CHANGES  |  4 ++-
 doc/apps/ciphers.pod |  2 +-
 ssl/s2_lib.c | 16 +-
 ssl/s3_lib.c | 88 ++--
 ssl/ssl.h|  2 +-
 ssl/ssl_ciph.c   | 16 +-
 ssl/ssl_locl.h   |  3 +-
 7 files changed, 67 insertions(+), 64 deletions(-)

diff --git a/CHANGES b/CHANGES
index 0e3d70e..d0bc834 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
 
  Changes between 1.0.2g and 1.0.2h [xx XXX ]
 
-  *)
+  *) Remove LOW from the DEFAULT cipher list.  This removes singles DES from 
the
+ default.
+ [Kurt Roeckx]
 
  Changes between 1.0.2f and 1.0.2g [1 Mar 2016]
 
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 9643b4d..9224557 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -107,7 +107,7 @@ The following is a list of all permitted cipher strings and 
their meanings.
 
 The default cipher list.
 This is determined at compile time and is normally
-B.
+B.
 When used, this must be the first cipherstring specified.
 
 =item B
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index a8036b3..88e67f0 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -150,7 +150,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -167,7 +167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL2_CF_5_BYTE_ENC,
  40,
  128,
@@ -184,7 +184,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -201,7 +201,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL2_CF_5_BYTE_ENC,
  40,
  128,
@@ -219,7 +219,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_IDEA,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  0,
  128,
  128,
@@ -237,7 +237,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_DES,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  0,
  56,
  56,
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_3DES,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
  0,
  112,
  168,
@@ -271,7 +271,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  SSL2_CF_8_BYTE_ENC,
  64,
  64,
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 4aac3b2..872e636 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -208,7 +208,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_RC4,
  SSL_MD5,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  128,
@@ -258,7 +258,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_RC2,
  SSL_MD5,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  128,
@@ -294,7 +294,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  40,
  56,
@@ -312,7 +312,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  56,
  56,
@@ -347,7 +347,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
  SSL_DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  d3054fb663a6a3a4689e52c10bb3094c39a3bce8 (commit)
  from  d62d17b9c0d8f40beaf4e168c08f18cd8bcda79b (commit)


- Log -
commit d3054fb663a6a3a4689e52c10bb3094c39a3bce8
Author: Benjamin Kaduk 
Date:   Tue Dec 15 16:23:51 2015 -0600

GH768: Minor grammar nits in CRYPTO_get_ex_new_index.pod

Signed-off-by: Rich Salz 
Reviewed-by: Kurt Roeckx 

---

Summary of changes:
 doc/crypto/CRYPTO_get_ex_new_index.pod | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/doc/crypto/CRYPTO_get_ex_new_index.pod 
b/doc/crypto/CRYPTO_get_ex_new_index.pod
index 1720a8f..e87d1a3 100644
--- a/doc/crypto/CRYPTO_get_ex_new_index.pod
+++ b/doc/crypto/CRYPTO_get_ex_new_index.pod
@@ -85,7 +85,7 @@ B parameter should be an already-created index value.
 When setting exdata, the pointer specified with a particular index is saved,
 and returned on a subsequent "get" call.  If the application is going to
 release the data, it must make sure to set a B value at the index,
-to avoid likely double-free crash.
+to avoid likely double-free crashes.
 
 The function B is used to free all exdata attached
 to a structure. The appropriate type-specific routine must be used.
@@ -124,9 +124,10 @@ for B and B objects.  The B and 
B parameters
 are pointers to the destination and source B structures,
 respectively.  The B parameter is a pointer to the source exdata.
 When the dup_func() returns, the value in B is copied to the
-destination ex_data.  If the pointer contained in B is not modified,
-then both B and B will point to the same data.  The B,
-B and B parameters are as described for the other two callbacks.
+destination ex_data.  If the pointer contained in B is not modified
+by the dup_func(), then both B and B will point to the same data.
+The B, B and B parameters are as described for the other
+two callbacks.
 
 =head1 RETURN VALUES
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  667867cced0013c1cfd8d7a9efa43b8f2cebc942 (commit)
  from  b8972edad65a5245645f40654b903dbcd1a4d5c1 (commit)


- Log -
commit 667867cced0013c1cfd8d7a9efa43b8f2cebc942
Author: Matt Caswell 
Date:   Mon Mar 7 16:55:39 2016 +

Add a function to detect if we have async or not

Add the ASYNC_is_capable() function and use it in speed.

Reviewed-by: Richard Levitte 
Reviewed-by: Rich Salz 

---

Summary of changes:
 apps/speed.c| 42 +++--
 crypto/async/arch/async_null.c  |  5 +
 crypto/async/arch/async_posix.c |  6 +-
 crypto/async/arch/async_win.c   |  5 +
 doc/crypto/ASYNC_start_job.pod  | 19 ++-
 include/openssl/async.h |  2 ++
 6 files changed, 46 insertions(+), 33 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index f45a3e2..4d3a938 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -99,24 +99,6 @@
 # include 
 #endif
 
-#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
-# include 
-#endif
-
-#if !defined(OPENSSL_NO_ASYNC)
-# if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
-#  if _POSIX_VERSION >= 200112L
-#   define ASYNC_POSIX
-#  endif
-# elif defined(_WIN32) || defined(__CYGWIN__)
-#  define ASYNC_WIN
-# endif
-#endif
-
-#if !defined(ASYNC_POSIX) && !defined(ASYNC_WIN)
-# define ASYNC_NULL
-#endif
-
 #include 
 #ifndef OPENSSL_NO_DES
 # include 
@@ -458,7 +440,7 @@ OPTIONS speed_options[] = {
 #ifndef NO_FORK
 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
 #endif
-#ifndef ASYNC_NULL
+#ifndef OPENSSL_NO_ASYNC
 {"async_jobs", OPT_ASYNCJOBS, 'p', "Enable async mode and start pnum 
jobs"},
 #endif
 #ifndef OPENSSL_NO_ENGINE
@@ -1136,7 +1118,7 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 int i = 0;
 OSSL_ASYNC_FD job_fd = 0;
 size_t num_job_fds = 0;
-#if defined(ASYNC_POSIX)
+#if defined(OPENSSL_SYS_UNIX)
 fd_set waitfdset;
 OSSL_ASYNC_FD max_fd = 0;
 #endif
@@ -1171,7 +1153,7 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 }
 }
 
-#if defined(ASYNC_POSIX)
+#if defined(OPENSSL_SYS_UNIX)
 FD_ZERO();
 
 /* Add to the wait set all the fds that are already in the WAIT_CTX
@@ -1197,7 +1179,7 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 #endif
 
 while (num_inprogress > 0) {
-#if defined(ASYNC_POSIX)
+#if defined(OPENSSL_SYS_UNIX)
 int select_result = 0;
 struct timeval select_timeout;
 select_timeout.tv_sec = 0;
@@ -1252,7 +1234,7 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 if (select_result == 0)
 continue;
 
-#elif defined(ASYNC_WIN)
+#elif defined(OPENSSL_SYS_WINDOWS)
 DWORD avail = 0;
 #endif
 
@@ -1269,10 +1251,10 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 }
 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, _fd, 
_job_fds);
 
-#if defined(ASYNC_POSIX)
+#if defined(OPENSSL_SYS_UNIX)
 if (num_job_fds == 1 && !FD_ISSET(job_fd, ))
 continue;
-#elif defined(ASYNC_WIN)
+#elif defined(OPENSSL_SYS_WINDOWS)
 if (num_job_fds == 1 &&
 !PeekNamedPipe(job_fd, NULL, 0, NULL, , NULL) && 
avail > 0)
 continue;
@@ -1290,7 +1272,7 @@ static int run_benchmark(int async_jobs, int 
(*loop_function)(void *), loopargs_
 total_op_count += job_op_count;
 }
 --num_inprogress;
-#if defined(ASYNC_POSIX)
+#if defined(OPENSSL_SYS_UNIX)
 FD_CLR(job_fd, );
 #endif
 loopargs[i].inprogress_job = NULL;
@@ -1520,8 +1502,14 @@ int speed_main(int argc, char **argv)
 #endif
 break;
 case OPT_ASYNCJOBS:
-#ifndef ASYNC_NULL
+#ifndef OPENSSL_NO_ASYNC
 async_jobs = atoi(opt_arg());
+if (!ASYNC_is_capable()) {
+BIO_printf(bio_err,
+   "%s: async_jobs specified but async not 
supported\n",
+   prog);
+goto opterr;
+}
 #endif
 break;
 case OPT_MISALIGN:
diff --git a/crypto/async/arch/async_null.c b/crypto/async/arch/async_null.c
index 7b93090..f0b8a5c 100644
--- a/crypto/async/arch/async_null.c
+++ b/crypto/async/arch/async_null.c
@@ -55,6 +55,11 @@
 
 #ifdef ASYNC_NULL
 
+int ASYNC_is_capable(void)
+{
+return 0;
+}
+
 void async_local_cleanup(void)
 {
 }
diff --git a/crypto/async/arch/async_posix.c b/crypto/async/arch/async_posix.c
index 553ec66..2d9e510 100644
--- a/crypto/async/arch/async_posix.c
+++ 

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  6bd7a4d96c47068c63cbd2ca93f501816dc453c1 (commit)
   via  8a67946e5bf1cd0fe0020e0f28cbf84642ec4132 (commit)
   via  66ddf178b4eaac6d65f8ba56821f69b598556cec (commit)
   via  ae4c7450754ea13265edd69e6ff74d87c89401cd (commit)
  from  667867cced0013c1cfd8d7a9efa43b8f2cebc942 (commit)


- Log -
commit 6bd7a4d96c47068c63cbd2ca93f501816dc453c1
Author: Richard Levitte 
Date:   Mon Mar 7 15:41:33 2016 +0100

Unified - adapt the generation of bignum assembler to use GENERATE

This gets rid of the BEGINRAW..ENDRAW sections in crypto/bn/build.info.

This also moves the assembler generating perl scripts to take the
output file name as last command line argument, where necessary.

Reviewed-by: Rich Salz 

commit 8a67946e5bf1cd0fe0020e0f28cbf84642ec4132
Author: Richard Levitte 
Date:   Mon Mar 7 14:50:37 2016 +0100

Unified - Add the build.info command OVERRIDE, to avoid build file clashes

Should it be needed because the recipes within a RAW section might
clash with those generated by Configure, it's possible to tell it
not to generate them with the use of OVERRIDES, for example:

SOURCE[libfoo]=foo.c bar.c

OVERRIDES=bar.o
BEGINRAW[Makefile(unix)]
bar.o: bar.c
$(CC) $(CFLAGS) -DSPECIAL -c -o $@ $<
ENDRAW[Makefile(unix)]

Reviewed-by: Rich Salz 

commit 66ddf178b4eaac6d65f8ba56821f69b598556cec
Author: Richard Levitte 
Date:   Mon Mar 7 14:38:54 2016 +0100

Unified - Adapt the Unix and VMS templates to support GENERATE

Reviewed-by: Rich Salz 

commit ae4c7450754ea13265edd69e6ff74d87c89401cd
Author: Richard Levitte 
Date:   Mon Mar 7 14:37:00 2016 +0100

Unified - Add the build.info command GENERATE, to generate source files

In some cases, one might want to generate some source files from
others, that's done as follows:

GENERATE[foo.s]=asm/something.pl $(CFLAGS)
GENERATE[bar.s]=asm/bar.S

The value of each GENERATE line is a command line or part of it.
Configure places no rules on the command line, except the the first
item muct be the generator file.  It is, however, entirely up to the
build file template to define exactly how those command lines should
be handled, how the output is captured and so on.

Reviewed-by: Rich Salz 

---

Summary of changes:
 Configurations/README |  50 +++-
 Configurations/README.design  |  16 ++---
 Configurations/common.tmpl|  25 +++-
 Configurations/descrip.mms.tmpl   |  15 +
 Configurations/unix-Makefile.tmpl |  37 
 Configure |  29 -
 crypto/bn/Makefile.in |  34 +--
 crypto/bn/asm/alpha-mont.pl   |   3 +
 crypto/bn/asm/bn-586.pl   |   6 +-
 crypto/bn/asm/co-586.pl   |   5 ++
 crypto/bn/asm/ia64-mont.pl|   4 +-
 crypto/bn/asm/sparct4-mont.pl |   3 +
 crypto/bn/asm/sparcv9-gf2m.pl |   3 +
 crypto/bn/asm/sparcv9-mont.pl |   3 +
 crypto/bn/asm/sparcv9a-mont.pl|   3 +
 crypto/bn/asm/via-mont.pl |   5 ++
 crypto/bn/asm/vis3-mont.pl|   3 +
 crypto/bn/asm/x86-gf2m.pl |   5 ++
 crypto/bn/asm/x86-mont.pl |   5 ++
 crypto/bn/asm/x86.pl  |   4 ++
 crypto/bn/build.info  | 120 +++---
 21 files changed, 272 insertions(+), 106 deletions(-)

diff --git a/Configurations/README b/Configurations/README
index afc6004..5665d24 100644
--- a/Configurations/README
+++ b/Configurations/README
@@ -363,8 +363,22 @@ include paths the build of their source files should use:
 
 INCLUDE[foo]=include
 
-It's possible to have raw build file lines, between BEGINRAW and
-ENDRAW lines as follows:
+In some cases, one might want to generate some source files from
+others, that's done as follows:
+
+GENERATE[foo.s]=asm/something.pl $(CFLAGS)
+GENERATE[bar.s]=asm/bar.S
+
+The value of each GENERATE line is a command line or part of it.
+Configure places no rules on the command line, except the the first
+item muct be the generator file.  It is, however, entirely up to the
+build file template to define exactly how those command lines should
+be handled, how the output is captured and so on.
+
+NOTE: GENERATE lines are limited to one command only per GENERATE.
+
+As a last resort, it's possible to have raw build file lines, between
+BEGINRAW and ENDRAW lines as follows:
 
 BEGINRAW[Makefile(unix)]
 haha.h: {- $builddir -}/Makefile
@@ -390,6 +404,18 @@ configuration items:
build hoho.h: echo "/* hoho */" > hoho.h

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  b8972edad65a5245645f40654b903dbcd1a4d5c1 (commit)
  from  0543603abf9d275298a85beeb365db901e092436 (commit)


- Log -
commit b8972edad65a5245645f40654b903dbcd1a4d5c1
Author: Alessandro Ghedini 
Date:   Mon Mar 7 12:27:52 2016 +

GH804: Fix unused-result warnings in dasync

Signed-off-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 engines/e_dasync.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index 0580103..25dd233 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -338,7 +338,8 @@ static void dummy_pause_job(void) {
 #if defined(ASYNC_WIN)
 WriteFile(pipefds[1], , 1, , NULL);
 #elif defined(ASYNC_POSIX)
-write(pipefds[1], , 1);
+if (write(pipefds[1], , 1) < 0)
+return;
 #endif
 
 /* Ignore errors - we carry on anyway */
@@ -348,7 +349,8 @@ static void dummy_pause_job(void) {
 #if defined(ASYNC_WIN)
 ReadFile(pipefds[0], , 1, , NULL);
 #elif defined(ASYNC_POSIX)
-read(pipefds[0], , 1);
+if (read(pipefds[0], , 1) < 0)
+return;
 #endif
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  c292b105b1d0a627091480d3e4f6122b22a46385 (commit)
   via  a072ed0c882caa5c0b1742262ef7f4aa1e0e04a5 (commit)
   via  b1f1e7aebad6ece6d878ca7e823b4ad92e2415f3 (commit)
  from  48fe8ab02e7080a5557e287a5190cbbd40021a98 (commit)


- Log -
commit c292b105b1d0a627091480d3e4f6122b22a46385
Author: Matt Caswell 
Date:   Mon Mar 7 14:39:22 2016 +

Remove use of CRYPTO_LOCK_INIT in init code

Swap the use of CRYPTO_LOCK_INIT in the init code to use the new threading
API mechanism for locking.

Reviewed-by: Richard Levitte 

commit a072ed0c882caa5c0b1742262ef7f4aa1e0e04a5
Author: Matt Caswell 
Date:   Wed Mar 2 15:23:57 2016 +

Swap the init code to use the new Thread API thread locals

The init code was using its own thread local code. Now we have a central
API for it we should use that instead.

Reviewed-by: Richard Levitte 

commit b1f1e7aebad6ece6d878ca7e823b4ad92e2415f3
Author: Matt Caswell 
Date:   Wed Mar 2 14:51:00 2016 +

Swap the init code to use CRYPTO_ONCE

The init code was using its own "once" implementation. Now that we have
the new thread API we should use that instead.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/init.c| 328 ++-
 crypto/lock.c|   3 +-
 include/openssl/crypto.h |   3 +-
 ssl/ssl_init.c   |  97 ++
 4 files changed, 113 insertions(+), 318 deletions(-)

diff --git a/crypto/init.c b/crypto/init.c
index 2c0bde6..44acd4f 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -55,6 +55,7 @@
  *
  */
 
+#include 
 #include 
 #include 
 #include 
@@ -74,188 +75,29 @@ static int stopped = 0;
 
 static void ossl_init_thread_stop(struct thread_local_inits_st *locals);
 
-/* Implement "once" functionality */
-#if !defined(OPENSSL_THREADS)
-typedef int OPENSSL_INIT_ONCE;
-# define OPENSSL_INIT_ONCE_STATIC_INIT  0
-
-static void ossl_init_once_run(OPENSSL_INIT_ONCE *once, void (*init)(void))
-{
-if (*once == OPENSSL_INIT_ONCE_STATIC_INIT) {
-*once = 1;
-init();
-}
-}
-
-static int ossl_init_setup_thread_stop(void)
-{
-/*
- * There are no threads to stop. Do nothing.
- */
-return 1;
-}
-
-static void ossl_init_thread_stop_cleanup(void)
-{
-}
-
-static struct thread_local_inits_st *local = NULL;
-static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
-{
-struct thread_local_inits_st *tmp;
-
-tmp = local;
-
-if (local == NULL && alloc)
-tmp = local = OPENSSL_zalloc(sizeof(*local));
-
-if (!alloc)
-local = NULL;
-
-return tmp;
-}
-
-#elif defined(OPENSSL_SYS_WINDOWS)
-
-# include 
-
-# if _WIN32_WINNT < 0x0600
-
-/*
- * Versions before 0x0600 (Windows Vista, Windows Server 2008 or later) do not
- * have InitOnceExecuteOnce, so we fall back to using a spinlock instead.
- */
-typedef LONG OPENSSL_INIT_ONCE;
-#  define OPENSSL_INIT_ONCE_STATIC_INIT  0
-
-#  define ONCE_UNINITED 0
-#  define ONCE_ININIT   1
-#  define ONCE_DONE 2
-
-static void ossl_init_once_run(OPENSSL_INIT_ONCE *once, void (*init)(void))
-{
-LONG volatile *lock = (LONG *)once;
-LONG result;
-
-if (*lock == ONCE_DONE)
-return;
-
-do {
-result = InterlockedCompareExchange(lock, ONCE_ININIT, ONCE_UNINITED);
-if (result == ONCE_UNINITED) {
-init();
-*lock = ONCE_DONE;
-return;
-}
-} while (result == ONCE_ININIT);
-}
-
-# else
-
-typedef INIT_ONCE OPENSSL_INIT_ONCE;
-#  define OPENSSL_INIT_ONCE_STATIC_INIT  INIT_ONCE_STATIC_INIT
-
-static BOOL CALLBACK once_cb(PINIT_ONCE once, PVOID initfp, PVOID *unused)
-{
-void (*init)(void) = initfp;
-
-init();
-
-return TRUE;
-}
-
-static void ossl_init_once_run(OPENSSL_INIT_ONCE *once, void (*init)(void))
-{
-InitOnceExecuteOnce((INIT_ONCE *)once, once_cb, init, NULL);
-}
-# endif
-
-static DWORD threadstopkey = TLS_OUT_OF_INDEXES;
-
-static int ossl_init_setup_thread_stop(void)
-{
-/*
- * We use a dummy thread local key here. We use the destructor to detect
- * when the thread is going to stop
- */
-threadstopkey = TlsAlloc();
-if (threadstopkey == TLS_OUT_OF_INDEXES)
-return 0;
-
-return 1;
-}
-
-static void ossl_init_thread_stop_cleanup(void)
-{
-if (threadstopkey != TLS_OUT_OF_INDEXES) {
-TlsFree(threadstopkey);
-}
-}
-
-static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
-{
-struct thread_local_inits_st *local = TlsGetValue(threadstopkey);
-
-if (local == NULL && alloc) {
-local = 

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  48fe8ab02e7080a5557e287a5190cbbd40021a98 (commit)
   via  5596bda4fc372ca9528895e39db35425f9e28e83 (commit)
   via  54dbf42398e23349b59f258a3dd60387bbc5ba13 (commit)
  from  1e61392296d15b1edb89e346e1f75d0235aba2e7 (commit)


- Log -
commit 48fe8ab02e7080a5557e287a5190cbbd40021a98
Author: Dr. Stephen Henson 
Date:   Mon Mar 7 15:25:56 2016 +

make update

Reviewed-by: Rich Salz 

commit 5596bda4fc372ca9528895e39db35425f9e28e83
Author: Dr. Stephen Henson 
Date:   Fri Mar 4 03:51:35 2016 +

Update documentation

Reviewed-by: Rich Salz 

commit 54dbf42398e23349b59f258a3dd60387bbc5ba13
Author: Dr. Stephen Henson 
Date:   Fri Mar 4 03:48:39 2016 +

Make PKCS8_PRIV_KEY_INFO opaque.

Make PKCS8_PRIV_KEY_INFO opaque. Several accessor functions already exist
for this structure. Two new ones were added to handle attributes.

The old handling of broken formats has been removed and the corresponding
structures simplified.

Reviewed-by: Rich Salz 

---

Summary of changes:
 apps/pkcs12.c  |  4 +--
 apps/pkcs8.c   | 44 ++
 crypto/asn1/p8_pkey.c  | 64 ++
 crypto/evp/evp_err.c   |  3 +-
 crypto/evp/evp_pkey.c  | 46 ++-
 crypto/include/internal/x509_int.h |  9 ++
 crypto/pkcs12/p12_attr.c   | 10 ++
 crypto/pkcs12/p12_sbag.c   |  2 +-
 doc/apps/pkcs8.pod | 23 --
 include/openssl/evp.h  |  3 +-
 include/openssl/x509.h | 23 +++---
 util/libcrypto.num |  4 +--
 12 files changed, 59 insertions(+), 176 deletions(-)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index b4aabb2..5ed2122 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -660,7 +660,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 p8 = PKCS12_SAFEBAG_get0_p8inf(bag);
 if ((pkey = EVP_PKCS82PKEY(p8)) == NULL)
 return 0;
-print_attribs(out, p8->attributes, "Key Attributes");
+print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
 PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
 EVP_PKEY_free(pkey);
 break;
@@ -682,7 +682,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 PKCS8_PRIV_KEY_INFO_free(p8);
 return 0;
 }
-print_attribs(out, p8->attributes, "Key Attributes");
+print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
 PKCS8_PRIV_KEY_INFO_free(p8);
 PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
 EVP_PKEY_free(pkey);
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 0968fef..8a4d542 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -67,7 +67,7 @@
 typedef enum OPTION_choice {
 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
 OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT,
-OPT_TOPK8, OPT_NOITER, OPT_NOCRYPT, OPT_NOOCT, OPT_NSDB, OPT_EMBED,
+OPT_TOPK8, OPT_NOITER, OPT_NOCRYPT,
 #ifndef OPENSSL_NO_SCRYPT
 OPT_SCRYPT, OPT_SCRYPT_N, OPT_SCRYPT_R, OPT_SCRYPT_P,
 #endif
@@ -83,10 +83,6 @@ OPTIONS pkcs8_options[] = {
 {"topk8", OPT_TOPK8, '-', "Output PKCS8 file"},
 {"noiter", OPT_NOITER, '-', "Use 1 as iteration count"},
 {"nocrypt", OPT_NOCRYPT, '-', "Use or expect unencrypted private key"},
-{"nooct", OPT_NOOCT, '-', "Use (nonstandard) no octet format"},
-{"nsdb", OPT_NSDB, '-', "Use (nonstandard) DSA Netscape DB format"},
-{"embed", OPT_EMBED, '-',
- "Use (nonstandard) embedded DSA parameters format"},
 {"v2", OPT_V2, 's', "Use PKCS#5 v2.0 and cipher"},
 {"v1", OPT_V1, 's', "Use PKCS#5 v1.5 and cipher"},
 {"v2prf", OPT_V2PRF, 's'},
@@ -117,7 +113,7 @@ int pkcs8_main(int argc, char **argv)
 char *passinarg = NULL, *passoutarg = NULL, *prog;
 char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
 OPTION_CHOICE o;
-int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER, p8_broken = PKCS8_OK;
+int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
 int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
 int private = 0;
 #ifndef OPENSSL_NO_SCRYPT
@@ -159,15 +155,6 @@ int pkcs8_main(int argc, char **argv)
 case OPT_NOCRYPT:
 nocrypt = 1;
 break;
-case OPT_NOOCT:
-p8_broken = PKCS8_NO_OCTET;
-break;
-case OPT_NSDB:
-p8_broken = PKCS8_NS_DB;
-break;
-case OPT_EMBED:
-p8_broken = 

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  1e61392296d15b1edb89e346e1f75d0235aba2e7 (commit)
   via  b283968327219aa6e4f57596f1234a32ea7df484 (commit)
   via  0ff4343575882fe767da1c62e1f9586d8f29e73c (commit)
   via  8b0b80d923d3dfcf982caf27b17bd14d3fa9ff01 (commit)
  from  a556f342201473b4bf8dbf879b03890a74e412b6 (commit)


- Log -
commit 1e61392296d15b1edb89e346e1f75d0235aba2e7
Author: Andrea Grandi 
Date:   Mon Feb 29 11:28:55 2016 +

Add support to ASYNC_WAIT_CTX to speed

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 

commit b283968327219aa6e4f57596f1234a32ea7df484
Author: Andrea Grandi 
Date:   Sat Feb 27 06:14:49 2016 +

Remove unnecessary memset() to 0 and check for NULL before OPENSSL_free()

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 

commit 0ff4343575882fe767da1c62e1f9586d8f29e73c
Author: Andrea Grandi 
Date:   Thu Feb 18 10:56:53 2016 +

Fix the error with RSA and the daysnc engine in async mode.

Move RSA struct in the job local struct.
The change is applied also to other crypto operations (e.g. DSA) to
make things consistent.

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 

commit 8b0b80d923d3dfcf982caf27b17bd14d3fa9ff01
Author: Andrea Grandi 
Date:   Wed Dec 9 07:26:38 2015 +

Add support for async jobs in OpenSSL speed

Summary of the changes:

* Move the calls to the crypto operations inside wrapper functions.
  This is required because ASYNC_start_job takes a function as an argument.

* Add new function run_benchmark() that manages the jobs for all the 
operations.
  In the POSIX case it uses a select() to receive the events from the engine
  and resume the jobs that are paused, while in the WIN case it uses 
PeekNamedPipe()

* Add new option argument async_jobs to enable and specify the number of 
async jobs

Example:
  openssl speed -engine dasync -elapsed -async_jobs 32 rsa2048

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 apps/speed.c | 1814 --
 1 file changed, 1272 insertions(+), 542 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 97d8e56..f45a3e2 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -86,6 +86,7 @@
 #include 
 #include 
 #include 
+#include 
 #if !defined(OPENSSL_SYS_MSDOS)
 # include OPENSSL_UNISTD
 #endif
@@ -98,6 +99,24 @@
 # include 
 #endif
 
+#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
+# include 
+#endif
+
+#if !defined(OPENSSL_NO_ASYNC)
+# if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
+#  if _POSIX_VERSION >= 200112L
+#   define ASYNC_POSIX
+#  endif
+# elif defined(_WIN32) || defined(__CYGWIN__)
+#  define ASYNC_WIN
+# endif
+#endif
+
+#if !defined(ASYNC_POSIX) && !defined(ASYNC_WIN)
+# define ASYNC_NULL
+#endif
+
 #include 
 #ifndef OPENSSL_NO_DES
 # include 
@@ -178,14 +197,106 @@
 #endif
 
 #undef BUFSIZE
-#define BUFSIZE (1024*8+1)
+#define BUFSIZE (1024*16+1)
 #define MAX_MISALIGNMENT 63
 
+#define ALGOR_NUM   30
+#define SIZE_NUM6
+#define PRIME_NUM   3
+#define RSA_NUM 7
+#define DSA_NUM 3
+
+#define EC_NUM  17
+#define MAX_ECDH_SIZE   256
+#define MISALIGN64
+
 static volatile int run = 0;
 
 static int mr = 0;
 static int usertime = 1;
 
+typedef struct loopargs_st {
+ASYNC_JOB *inprogress_job;
+ASYNC_WAIT_CTX *wait_ctx;
+unsigned char *buf;
+unsigned char *buf2;
+unsigned char *buf_malloc;
+unsigned char *buf2_malloc;
+unsigned int *siglen;
+#ifndef OPENSSL_NO_RSA
+RSA *rsa_key[RSA_NUM];
+#endif
+#ifndef OPENSSL_NO_DSA
+DSA *dsa_key[DSA_NUM];
+#endif
+#ifndef OPENSSL_NO_EC
+EC_KEY *ecdsa[EC_NUM];
+EC_KEY *ecdh_a[EC_NUM];
+EC_KEY *ecdh_b[EC_NUM];
+unsigned char *secret_a;
+unsigned char *secret_b;
+#endif
+EVP_CIPHER_CTX *ctx;
+HMAC_CTX *hctx;
+GCM128_CONTEXT *gcm_ctx;
+} loopargs_t;
+
+#ifndef OPENSSL_NO_MD2
+static int EVP_Digest_MD2_loop(void *args);
+#endif
+
+#ifndef OPENSSL_NO_MDC2
+static int EVP_Digest_MDC2_loop(void *args);
+#endif
+#ifndef OPENSSL_NO_MD4
+static int EVP_Digest_MD4_loop(void *args);
+#endif
+#ifndef OPENSSL_NO_MD5
+static int MD5_loop(void *args);
+static int HMAC_loop(void *args);
+#endif
+static int SHA1_loop(void *args);
+static int SHA256_loop(void *args);
+static int SHA512_loop(void *args);
+#ifndef OPENSSL_NO_WHIRLPOOL
+static int WHIRLPOOL_loop(void *args);
+#endif
+#ifndef OPENSSL_NO_RMD160

[openssl-commits] Errored: openssl/openssl#2525 (master - 6e42e3f)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2525
Status: Errored

Duration: 14 minutes and 53 seconds
Commit: 6e42e3f (master)
Author: Andy Polyakov
Message: perlasm/x86_64-xlate.pl: handle binary constants early.

Not all assemblers of "gas" flavour handle binary constants, e.g.
seasoned MacOS Xcode doesn't, so give them a hand.

Reviewed-by: Rich Salz 
Reviewed-by: Viktor Dukhovni 

View the changeset: 
https://github.com/openssl/openssl/compare/a193388811db...6e42e3ff9cde

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114243621

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Emilia Kasper]

The branch master has been updated
   via  a556f342201473b4bf8dbf879b03890a74e412b6 (commit)
  from  3ed1839dc3ad285ca83609007a18911d3c7bfdbe (commit)


- Log -
commit a556f342201473b4bf8dbf879b03890a74e412b6
Author: Emilia Kasper 
Date:   Thu Mar 3 19:50:03 2016 +0100

Rework the default cipherlist.

 - Always prefer forward-secure handshakes.
 - Consistently order ECDSA above RSA.
 - Next, always prefer AEADs to non-AEADs, irrespective of strength.
 - Within AEADs, prefer GCM > CHACHA > CCM for a given strength.
 - Prefer TLS v1.2 ciphers to legacy ciphers.
 - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default
   list to reduce ClientHello bloat.

Reviewed-by: Rich Salz 

---

Summary of changes:
 CHANGES|   9 +
 ssl/s3_lib.c   | 116 -
 ssl/ssl_ciph.c |  63 ---
 ssl/ssl_locl.h |   4 +-
 4 files changed, 127 insertions(+), 65 deletions(-)

diff --git a/CHANGES b/CHANGES
index 8c4d9a5..f91ba05 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,15 @@
 
  Changes between 1.0.2g and 1.1.0  [xx XXX ]
 
+  *) Changes to the DEFAULT cipherlist:
+   - Prefer (EC)DHE handshakes over plain RSA.
+   - Prefer AEAD ciphers over legacy ciphers.
+   - Prefer ECDSA over RSA when both certificates are available.
+   - Prefer TLSv1.2 ciphers/PRF.
+   - Remove DSS, SEED, IDEA, CAMELLIA, and AES-CCM from the
+ default cipherlist.
+ [Emilia Käsper]
+
   *) Change the ECC default curve list to be this, in order: x25519,
  secp256r1, secp521r1, secp384r1.
  [Rich Salz]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index c9b27eb..78aaf7b 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -239,7 +239,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_IDEA,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -272,7 +272,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_3DES,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  112,
  168,
@@ -401,7 +401,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_AES128,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -463,7 +463,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_AES256,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  256,
  256,
@@ -560,7 +560,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_AES128,
  SSL_SHA256,
  SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -579,7 +579,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA128,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -595,7 +595,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA128,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -611,7 +611,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA128,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  128,
  128,
@@ -661,7 +661,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_AES256,
  SSL_SHA256,
  SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  256,
  256,
@@ -759,7 +759,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA256,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  256,
  256,
@@ -775,7 +775,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA256,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  256,
  256,
@@ -791,7 +791,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_CAMELLIA256,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH,
  SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
  256,
  256,
@@ -1028,7 +1028,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
  SSL_SEED,
  SSL_SHA1,
  SSL_SSLV3,
- SSL_MEDIUM,
+   

[openssl-commits] Errored: openssl/openssl#2523 (master - a193388)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2523
Status: Errored

Duration: 48 minutes and 45 seconds
Commit: a193388 (master)
Author: Matt Caswell
Message: Fix some clang warnings

The af_alg engine and associated test were creating warnings when compiled
with clang. This fixes it.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/b63447c1150f...a193388811db

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114240449

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Dr . Stephen Henson]

The branch OpenSSL_1_0_2-stable has been updated
   via  01c32b5e448f6d42a23ff16bdc6bb0605287fa6f (commit)
  from  bd34ecbae008f23f9d64375ef766148e23084ccf (commit)


- Log -
commit 01c32b5e448f6d42a23ff16bdc6bb0605287fa6f
Author: Dr. Stephen Henson 
Date:   Fri Mar 4 18:04:46 2016 +

Don't shift serial number into sign bit

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/asn1/t_x509.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 8aab551..396 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -140,7 +140,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
 goto err;
 
 bs = X509_get_serialNumber(x);
-if (bs->length <= (int)sizeof(long)) {
+if (bs->length < (int)sizeof(long)
+|| (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) {
 l = ASN1_INTEGER_get(bs);
 if (bs->type == V_ASN1_NEG_INTEGER) {
 l = -l;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Andy Polyakov]

The branch OpenSSL_1_0_2-stable has been updated
   via  bd34ecbae008f23f9d64375ef766148e23084ccf (commit)
   via  ba26fa14556ba49466d51e4d9e6be32afee9c465 (commit)
  from  df14e5023743bde0ed2860817729cee61fab3662 (commit)


- Log -
commit bd34ecbae008f23f9d64375ef766148e23084ccf
Author: Andy Polyakov 
Date:   Fri Mar 4 11:39:11 2016 +0100

bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.

Some OSes, *cough*-dows, insist on stack being "wired" to
physical memory in strictly sequential manner, i.e. if stack
allocation spans two pages, then reference to farmost one can
be punishable by SEGV. But page walking can do good even on
other OSes, because it guarantees that villain thread hits
the guard page before it can make damage to innocent one...

Reviewed-by: Rich Salz 
(cherry picked from commit adc4f1fc25b2cac90076f1e1695b05b7aeeae501)

commit ba26fa14556ba49466d51e4d9e6be32afee9c465
Author: Andy Polyakov 
Date:   Fri Mar 4 11:32:26 2016 +0100

perlasm/x86_64-xlate.pl: handle binary constants early.

Not all assemblers of "gas" flavour handle binary constants, e.g.
seasoned MacOS Xcode doesn't, so give them a hand.

Reviewed-by: Rich Salz 
Reviewed-by: Viktor Dukhovni 
(cherry picked from commit 6e42e3ff9cde4383049fdafa2a8b37b9485b)

---

Summary of changes:
 crypto/bn/asm/x86-mont.pl  | 15 +++
 crypto/bn/asm/x86_64-mont.pl   | 42 -
 crypto/bn/asm/x86_64-mont5.pl  | 61 +-
 crypto/perlasm/x86_64-xlate.pl |  2 +-
 4 files changed, 117 insertions(+), 3 deletions(-)

diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
index e8f6b05..89f4de6 100755
--- a/crypto/bn/asm/x86-mont.pl
+++ b/crypto/bn/asm/x86-mont.pl
@@ -85,6 +85,21 @@ $frame=32;   # size of above frame 
rounded up to 16n
 
("esp",-64);# align to cache line
 
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   ("eax","ebp");
+   ("eax","esp");
+   ("eax",-4096);
+_label("page_walk");
+   ("edx",(0,"esp","eax"));
+   ("eax",4096);
+   _byte(0x2e);
+   (("page_walk"));
+
# load argument block...
("eax",(0*4,"esi"));# BN_ULONG *rp
("ebx",(1*4,"esi"));# const BN_ULONG *ap
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index 29ba122..8fb6c99 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -130,6 +130,20 @@ $code.=<<___;
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul_body:
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x66,0x2e   # predict non-taken
+   jnc .Lmul_page_walk
+
mov $bp,%r12# reassign $bp
 ___
$bp="%r12";
@@ -342,6 +356,14 @@ $code.=<<___;
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul4x_body:
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul4x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lmul4x_page_walk
+
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12   # reassign $bp
 ___
@@ -795,6 +817,15 @@ bn_sqr8x_mont:
sub %r11,%rsp
 .Lsqr8x_sp_done:
and \$-64,%rsp
+   mov %rax,%r11
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lsqr8x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lsqr8x_page_walk
+
mov $num,%r10
neg $num
 
@@ -932,8 +963,17 @@ bn_mulx4x_mont:
sub $num,%r10   # -$num
   

[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
   via  3ed1839dc3ad285ca83609007a18911d3c7bfdbe (commit)
  from  adc4f1fc25b2cac90076f1e1695b05b7aeeae501 (commit)


- Log -
commit 3ed1839dc3ad285ca83609007a18911d3c7bfdbe
Author: Andy Polyakov 
Date:   Sun Mar 6 14:36:11 2016 +0100

Makefile.in: populate [PLIB_]LDFLAG even with $target{} settings.

RT#4373

Reviewed-by: Richard Levitte 

---

Summary of changes:
 Makefile.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile.in b/Makefile.in
index 892a208..e7b3f99 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -95,8 +95,8 @@ CROSS_COMPILE= {- $config{cross_compile_prefix} -}
 CC= $(CROSS_COMPILE){- $target{cc} -}
 CFLAG={- our $cflags2 = join(" ",(map { "-D".$_} @{$target{defines}}, 
@{$config{defines}}),"-DOPENSSLDIR=\"\\\"\$(OPENSSLDIR)\\\"\"","-DENGINESDIR=\"\\\"\$(ENGINESDIR)\\\"\"")
 -} {- $target{cflags} -} {- $config{cflags} -}
 CFLAG_Q={- $cflags2 =~ s|([\\"])|\\$1|g; $cflags2 -} {- $config{cflags} -}
-LDFLAG= {- $config{lflags} -}
-PLIB_LDFLAG= {- $config{plib_lflags} -}
+LDFLAG= {- $target{lflags} -} {- $config{lflags} -}
+PLIB_LDFLAG= {- $target{plib_lflags} -} {- $config{plib_lflags} -}
 EX_LIBS= {- $target{ex_libs} -} {- $config{ex_libs} -}
 EXE_EXT= {- $target{exe_extension} -}
 ARFLAGS= {- $target{arflags} -}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
   via  adc4f1fc25b2cac90076f1e1695b05b7aeeae501 (commit)
  from  56cd71b46e5fe4f403c6247d83c2ad88e537b6c3 (commit)


- Log -
commit adc4f1fc25b2cac90076f1e1695b05b7aeeae501
Author: Andy Polyakov 
Date:   Fri Mar 4 11:39:11 2016 +0100

bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.

Some OSes, *cough*-dows, insist on stack being "wired" to
physical memory in strictly sequential manner, i.e. if stack
allocation spans two pages, then reference to farmost one can
be punishable by SEGV. But page walking can do good even on
other OSes, because it guarantees that villain thread hits
the guard page before it can make damage to innocent one...

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/bn/asm/x86-mont.pl | 15 +++
 crypto/bn/asm/x86_64-mont.pl  | 42 -
 crypto/bn/asm/x86_64-mont5.pl | 61 ++-
 3 files changed, 116 insertions(+), 2 deletions(-)

diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
index e8f6b05..89f4de6 100755
--- a/crypto/bn/asm/x86-mont.pl
+++ b/crypto/bn/asm/x86-mont.pl
@@ -85,6 +85,21 @@ $frame=32;   # size of above frame 
rounded up to 16n
 
("esp",-64);# align to cache line
 
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   ("eax","ebp");
+   ("eax","esp");
+   ("eax",-4096);
+_label("page_walk");
+   ("edx",(0,"esp","eax"));
+   ("eax",4096);
+   _byte(0x2e);
+   (("page_walk"));
+
# load argument block...
("eax",(0*4,"esi"));# BN_ULONG *rp
("ebx",(1*4,"esi"));# const BN_ULONG *ap
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index 29ba122..8fb6c99 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -130,6 +130,20 @@ $code.=<<___;
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul_body:
+   # Some OSes, *cough*-dows, insist on stack being "wired" to
+   # physical memory in strictly sequential manner, i.e. if stack
+   # allocation spans two pages, then reference to farmost one can
+   # be punishable by SEGV. But page walking can do good even on
+   # other OSes, because it guarantees that villain thread hits
+   # the guard page before it can make damage to innocent one...
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x66,0x2e   # predict non-taken
+   jnc .Lmul_page_walk
+
mov $bp,%r12# reassign $bp
 ___
$bp="%r12";
@@ -342,6 +356,14 @@ $code.=<<___;
 
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
 .Lmul4x_body:
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmul4x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lmul4x_page_walk
+
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12   # reassign $bp
 ___
@@ -795,6 +817,15 @@ bn_sqr8x_mont:
sub %r11,%rsp
 .Lsqr8x_sp_done:
and \$-64,%rsp
+   mov %rax,%r11
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lsqr8x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x2e# predict non-taken
+   jnc .Lsqr8x_page_walk
+
mov $num,%r10
neg $num
 
@@ -932,8 +963,17 @@ bn_mulx4x_mont:
sub $num,%r10   # -$num
mov ($n0),$n0   # *n0
lea -72(%rsp,%r10),%rsp # alloca(frame+$num+8)
-   lea ($bp,$num),%r10
and \$-128,%rsp
+   mov %rax,%r11
+   sub %rsp,%r11
+   and \$-4096,%r11
+.Lmulx4x_page_walk:
+   mov (%rsp,%r11),%r10
+   sub \$4096,%r11
+   .byte   0x66,0x2e   # predict non-taken
+   jnc .Lmulx4x_page_walk
+
+   lea ($bp,$num),%r10
##
# Stack layout
# +0num
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 2e8c9db..938e170 100755
--- 

[openssl-commits] [openssl] master update

[Emilia Kasper]

The branch master has been updated
   via  56cd71b46e5fe4f403c6247d83c2ad88e537b6c3 (commit)
  from  6e42e3ff9cde4383049fdafa2a8b37b9485b (commit)


- Log -
commit 56cd71b46e5fe4f403c6247d83c2ad88e537b6c3
Author: Emilia Kasper 
Date:   Mon Mar 7 12:59:40 2016 +0100

Restore some mingw builds

"no-pic" builds have in fact been green (and reasonably fast), so
restore them while we figure out why tests without "no-pic" hang.

Reviewed-by: Andy Polyakov 

---

Summary of changes:
 .travis.yml | 12 
 1 file changed, 12 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index 5407b5f..f43bd10 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -5,6 +5,9 @@ addons:
 packages:
 - clang-3.6
 - gcc-5
+- binutils-mingw-w64
+- gcc-mingw-w64
+- wine
 sources:
 - llvm-toolchain-precise-3.6
 - ubuntu-toolchain-r-test
@@ -45,6 +48,12 @@ matrix:
 - os: linux
   compiler: clang
   env: CONFIG_OPTS="no-engine" BUILDONLY="yes"
+- os: linux
+  compiler: i686-w64-mingw32-gcc
+  env: CONFIG_OPTS="no-pic"
+- os: linux
+  compiler: x86_64-w64-mingw32-gcc
+  env: CONFIG_OPTS="no-pic"
 exclude:
 - os: osx
   compiler: clang-3.6
@@ -72,6 +81,9 @@ script:
 - cd _srcdist
 - make
 - if [ -z "$BUILDONLY" ]; then
+  if [ -n "$CROSS_COMPILE" ]; then
+  export EXE_SHELL="wine" WINEPREFIX=`pwd`;
+  fi;
   HARNESS_VERBOSE=yes make test;
   fi
 - cd ..
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
   via  6e42e3ff9cde4383049fdafa2a8b37b9485b (commit)
  from  a193388811db7e842ed7d1966bbe2552095b26cc (commit)


- Log -
commit 6e42e3ff9cde4383049fdafa2a8b37b9485b
Author: Andy Polyakov 
Date:   Fri Mar 4 11:32:26 2016 +0100

perlasm/x86_64-xlate.pl: handle binary constants early.

Not all assemblers of "gas" flavour handle binary constants, e.g.
seasoned MacOS Xcode doesn't, so give them a hand.

Reviewed-by: Rich Salz 
Reviewed-by: Viktor Dukhovni 

---

Summary of changes:
 crypto/perlasm/x86_64-xlate.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index 0a023fb..80ab17f 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -195,6 +195,7 @@ my %globals;
 sub out {
my $self = shift;
 
+   $self->{value} =~ s/\b(0b[0-1]+)/oct($1)/eig;
if ($gas) {
# Solaris /usr/ccs/bin/as can't handle multiplications
# in $self->{value}
@@ -205,7 +206,6 @@ my %globals;
}
sprintf "\$%s",$self->{value};
} else {
-   $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
$self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
sprintf "%s",$self->{value};
}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#2519 (master - b63447c)

[Travis CI]

Build Update for openssl/openssl
-

Build: #2519
Status: Errored

Duration: 14 minutes and 4 seconds
Commit: b63447c (master)
Author: Emilia Kasper
Message: Trim Travis config part 2

- Remove Win builds (temporarily). They're slow, allowed to fail,
  and therefore not useful as they are.
- Make the --unified part of the matrix build-only. (This can be
  swapped if --unified becomes the default)
- Only build 'no-engine' once, don't run any tests, but don't allow it
  to fail.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/3135650970f2...b63447c1150f

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/114220960

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Emilia Kasper]

The branch master has been updated
   via  b63447c1150f659cfc54ed290df33345e8ce7cbd (commit)
  from  3135650970f280cce0fdbbf06024daa8b23bfd85 (commit)


- Log -
commit b63447c1150f659cfc54ed290df33345e8ce7cbd
Author: Emilia Kasper 
Date:   Sun Mar 6 22:31:18 2016 +0100

Trim Travis config part 2

- Remove Win builds (temporarily). They're slow, allowed to fail,
  and therefore not useful as they are.
- Make the --unified part of the matrix build-only. (This can be
  swapped if --unified becomes the default)
- Only build 'no-engine' once, don't run any tests, but don't allow it
  to fail.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 .travis.yml | 53 +++--
 1 file changed, 7 insertions(+), 46 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 5be74f0..5407b5f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -5,9 +5,6 @@ addons:
 packages:
 - clang-3.6
 - gcc-5
-- binutils-mingw-w64
-- gcc-mingw-w64
-- wine
 sources:
 - llvm-toolchain-precise-3.6
 - ubuntu-toolchain-r-test
@@ -21,17 +18,15 @@ compiler:
 - clang-3.6
 - gcc
 - gcc-5
-- i686-w64-mingw32-gcc
-- x86_64-w64-mingw32-gcc
 
 env:
 - CONFIG_OPTS=""
 - CONFIG_OPTS="shared"
 - CONFIG_OPTS="no-pic"
 - CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug enable-rc5 
enable-md2"
-- CONFIG_OPTS="--unified"
-- CONFIG_OPTS="--unified shared"
-- CONFIG_OPTS="--unified --debug --strict-warnings enable-crypto-mdebug 
enable-rc5 enable-md2"
+- CONFIG_OPTS="--unified" BUILDONLY="yes"
+- CONFIG_OPTS="--unified shared" BUILDONLY="yes"
+- CONFIG_OPTS="--unified --debug --strict-warnings enable-rc5 enable-md2" 
BUILDONLY="yes"
 
 matrix:
 include:
@@ -48,14 +43,8 @@ matrix:
   compiler: gcc-5
   env: CONFIG_OPTS="no-asm --strict-warnings -fno-sanitize-recover 
-fsanitize=address -fsanitize=undefined enable-rc5 enable-md2"
 - os: linux
-  compiler: clang-3.6
-  env: CONFIG_OPTS="no-engine"
-- os: linux
-  compiler: gcc
-  env: CONFIG_OPTS="no-engine"
-- os: linux
-  compiler: gcc-5
-  env: CONFIG_OPTS="no-engine"
+  compiler: clang
+  env: CONFIG_OPTS="no-engine" BUILDONLY="yes"
 exclude:
 - os: osx
   compiler: clang-3.6
@@ -63,33 +52,6 @@ matrix:
   compiler: gcc
 - os: osx
   compiler: gcc-5
-- os: osx
-  compiler: i686-w64-mingw32-gcc
-- os: osx
-  compiler: x86_64-w64-mingw32-gcc
-- compiler: i686-w64-mingw32-gcc
-  env: CONFIG_OPTS="shared"
-- compiler: x86_64-w64-mingw32-gcc
-  env: CONFIG_OPTS="shared"
-- compiler: i686-w64-mingw32-gcc
-  env: CONFIG_OPTS="--unified shared"
-- compiler: x86_64-w64-mingw32-gcc
-  env: CONFIG_OPTS="--unified shared"
-allow_failures:
-- compiler: i686-w64-mingw32-gcc
-  env: CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug 
enable-rc5 enable-md2"
-- compiler: x86_64-w64-mingw32-gcc
-  env: CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug 
enable-rc5 enable-md2"
-- compiler: i686-w64-mingw32-gcc
-  env: CONFIG_OPTS="--unified --debug --strict-warnings 
enable-crypto-mdebug enable-rc5 enable-md2"
-- compiler: x86_64-w64-mingw32-gcc
-  env: CONFIG_OPTS="--unified --debug --strict-warnings 
enable-crypto-mdebug enable-rc5 enable-md2"
-- compiler: clang-3.6
-  env: CONFIG_OPTS="no-engine"
-- compiler: gcc-5
-  env: CONFIG_OPTS="no-engine"
-- compiler: gcc
-  env: CONFIG_OPTS="no-engine"
 
 before_script:
 - sh .travis-create-release.sh $TRAVIS_OS_NAME
@@ -109,10 +71,9 @@ before_script:
 script:
 - cd _srcdist
 - make
-- if [ -n "$CROSS_COMPILE" ]; then
-  export EXE_SHELL="wine" WINEPREFIX=`pwd`;
+- if [ -z "$BUILDONLY" ]; then
+  HARNESS_VERBOSE=yes make test;
   fi
-- HARNESS_VERBOSE=yes make test
 - cd ..
 
 notifications:
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Jenkins build is back to normal : master_basic #1747

[openssl . sanity]

See 

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits