[openssl-commits] Errored: FdaSilvaYY/openssl#734 (up_ref_api_unify - 66ebe90)

[Travis CI]

Build Update for FdaSilvaYY/openssl
-

Build: #734
Status: Errored

Duration: 18 minutes and 37 seconds
Commit: 66ebe90 (up_ref_api_unify)
Author: FdaSilvaYY
Message: Unify _up_ref methods signature and behaviour.

Add a status return value instead of void.
Add some sanity checks on reference counter value.
Update the docs.

View the changeset: 
https://github.com/FdaSilvaYY/openssl/compare/c2fb4c4f081b...66ebe906c1b6

View the full build log and details: 
https://travis-ci.org/FdaSilvaYY/openssl/builds/127928074

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  9d103dbb6f44dbe5d430356e5560c84984ada049 (commit)
  from  c7e6ae6a810d9b65fa604f5ca3a003c5164f3c5f (commit)


- Log -
commit 9d103dbb6f44dbe5d430356e5560c84984ada049
Author: Dr. Stephen Henson 
Date:   Wed May 4 14:50:14 2016 +0100

support embed in ASN.1 print

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/asn1/tasn_prn.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index f6bd218..7a96aca 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -314,6 +314,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int 
indent,
 {
 int i, flags;
 const char *sname, *fname;
+ASN1_VALUE *tfld;
 flags = tt->flags;
 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
 sname = ASN1_ITEM_ptr(tt->item)->sname;
@@ -323,6 +324,16 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, 
int indent,
 fname = NULL;
 else
 fname = tt->field_name;
+
+/*
+ * If field is embedded then fld needs fixing so it is a pointer to
+ * a pointer to a field.
+ */
+if (flags & ASN1_TFLG_EMBED) {
+tfld = (ASN1_VALUE *)fld;
+fld = 
+}
+
 if (flags & ASN1_TFLG_SK_MASK) {
 char *tname;
 ASN1_VALUE *skitem;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  c7e6ae6a810d9b65fa604f5ca3a003c5164f3c5f (commit)
  from  4e0d184ac1dde845ba9574872e2ae5c903c81dff (commit)


- Log -
commit c7e6ae6a810d9b65fa604f5ca3a003c5164f3c5f
Author: Richard Levitte 
Date:   Wed May 4 19:26:59 2016 +0200

Complete the list of names in doc/ssl/SSL_CTX_load_verify_locations.pod

Reviewed-by: Rich Salz 

---

Summary of changes:
 doc/ssl/SSL_CTX_load_verify_locations.pod | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod 
b/doc/ssl/SSL_CTX_load_verify_locations.pod
index 53e119e..3c1e3b7 100644
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -2,8 +2,9 @@
 
 =head1 NAME
 
-SSL_CTX_load_verify_locations - set default locations for trusted CA
-certificates
+SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths,
+SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set
+default locations for trusted CA certificates
 
 =head1 SYNOPSIS
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Dr . Stephen Henson]

The branch OpenSSL_1_0_1-stable has been updated
   via  b583c1bd069f6928c3973dc6d6864930f6c4bb3e (commit)
  from  28dab7cfba522603d88ca95aab16b335060b6c3d (commit)


- Log -
commit b583c1bd069f6928c3973dc6d6864930f6c4bb3e
Author: Dr. Stephen Henson 
Date:   Wed May 4 16:09:06 2016 +0100

Fix name length limit check.

The name length limit check in x509_name_ex_d2i() includes
the containing structure as well as the actual X509_NAME. This will
cause large CRLs to be rejected.

Fix by limiting the length passed to ASN1_item_ex_d2i() which will
then return an error if the passed X509_NAME exceeds the length.

RT#4531

Reviewed-by: Rich Salz 
(cherry picked from commit 4e0d184ac1dde845ba9574872e2ae5c903c81dff)

---

Summary of changes:
 crypto/asn1/x_name.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index a858c29..26378fd 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -199,10 +199,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
 int i, j, ret;
 STACK_OF(X509_NAME_ENTRY) *entries;
 X509_NAME_ENTRY *entry;
-if (len > X509_NAME_MAX) {
-ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
-return 0;
-}
+if (len > X509_NAME_MAX)
+len = X509_NAME_MAX;
 q = p;
 
 /* Get internal representation of Name */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Dr . Stephen Henson]

The branch OpenSSL_1_0_2-stable has been updated
   via  a1eef756cc1948ed4d1f175d97367aa2b24d962d (commit)
  from  b8c75aab217842e527bd6dbe21d1908484edfb03 (commit)


- Log -
commit a1eef756cc1948ed4d1f175d97367aa2b24d962d
Author: Dr. Stephen Henson 
Date:   Wed May 4 16:09:06 2016 +0100

Fix name length limit check.

The name length limit check in x509_name_ex_d2i() includes
the containing structure as well as the actual X509_NAME. This will
cause large CRLs to be rejected.

Fix by limiting the length passed to ASN1_item_ex_d2i() which will
then return an error if the passed X509_NAME exceeds the length.

RT#4531

Reviewed-by: Rich Salz 
(cherry picked from commit 4e0d184ac1dde845ba9574872e2ae5c903c81dff)

---

Summary of changes:
 crypto/asn1/x_name.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index a858c29..26378fd 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -199,10 +199,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
 int i, j, ret;
 STACK_OF(X509_NAME_ENTRY) *entries;
 X509_NAME_ENTRY *entry;
-if (len > X509_NAME_MAX) {
-ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
-return 0;
-}
+if (len > X509_NAME_MAX)
+len = X509_NAME_MAX;
 q = p;
 
 /* Get internal representation of Name */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  4e0d184ac1dde845ba9574872e2ae5c903c81dff (commit)
  from  c73aa309049c4f04ec81f0f1cf552eab8456a16e (commit)


- Log -
commit 4e0d184ac1dde845ba9574872e2ae5c903c81dff
Author: Dr. Stephen Henson 
Date:   Wed May 4 16:09:06 2016 +0100

Fix name length limit check.

The name length limit check in x509_name_ex_d2i() includes
the containing structure as well as the actual X509_NAME. This will
cause large CRLs to be rejected.

Fix by limiting the length passed to ASN1_item_ex_d2i() which will
then return an error if the passed X509_NAME exceeds the length.

RT#4531

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/x509/x_name.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index 72682fe..662de64 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -194,10 +194,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
 int i, j, ret;
 STACK_OF(X509_NAME_ENTRY) *entries;
 X509_NAME_ENTRY *entry;
-if (len > X509_NAME_MAX) {
-ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
-return 0;
-}
+if (len > X509_NAME_MAX)
+len = X509_NAME_MAX;
 q = p;
 
 /* Get internal representation of Name */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#3693 (master - e6c5dbc)

[Travis CI]

Build Update for openssl/openssl
-

Build: #3693
Status: Errored

Duration: 43 minutes and 19 seconds
Commit: e6c5dbc (master)
Author: Marek Klein
Message: DEFINE_STACK_OF(ASN1_UTF8STRING) moved from ts_lcl.h to asn1.h

Reviewed-by: Rich Salz 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/1020)

View the changeset: 
https://github.com/openssl/openssl/compare/ad9a05621ac7...e6c5dbc8e822

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/127784281

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed in Jenkins: master_windows #1601

[openssl . sanity]

See 

Changes:

[rsalz] GH932: Add more help messages to some apps options.

[steve] Fix double free in d2i_PrivateKey().

[steve] add documentation

[steve] Fix Blake block length

[steve] reject zero block length in PKCS12 keygen

[Matt Caswell] Handle malloc failures in BIO_accept

[Richard Levitte] DEFINE_STACK_OF(ASN1_UTF8STRING) moved from ts_lcl.h to asn1.h

[Richard Levitte] Check return of PEM_write_* functions and report possible 
errors

--
Started by upstream project "master_basic" build number 1866
originally caused by:
 Started by an SCM change
Building remotely on windows-slave in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > https://github.com/openssl/openssl.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse "refs/remotes/origin/master^{commit}" # timeout=10
 > git rev-parse "refs/remotes/origin/origin/master^{commit}" # timeout=10
Checking out Revision c73aa309049c4f04ec81f0f1cf552eab8456a16e 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f c73aa309049c4f04ec81f0f1cf552eab8456a16e
 > git rev-list b273fcc565fbe90b1f9d2526640fcc55832bbeb6 # timeout=10
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson8612363500592841405.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

perl> Configure 
VC-WIN32 
Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L)
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]   OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE 
(skip dir)
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-egd  [default]  OPENSSL_NO_EGD (skip dir)
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS (skip dir)
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl3 [default]  OPENSSL_NO_SSL3 (skip dir)
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD (skip dir)
no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir)
no-zlib [default] 
no-zlib-dynamic [default] 
Configuring for VC-WIN32
CC=cl
CFLAG =-W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WIN32 
-DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE 
-D_UNICODE /MD /Ox /O2 /Ob2 
SHARED_CFLAG  =
DEFINES   =OPENSSL_USE_APPLINK DSO_WIN32 NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_BN_ASM_PART_WORDS 
OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM 
SHA512_ASM MD5_ASM RMD160_ASM AES_ASM VPAES_ASM WHIRLPOOL_ASM GHASH_ASM 
ECP_NISTZ256_ASM POLY1305_ASM
LFLAG =/nologo /debug
PLIB_LFLAG=
EX_LIBS   =ws2_32.lib gdi32.lib advapi32.lib crypt32.lib user32.lib 
APPS_OBJ  =../ms/applink.o
CPUID_OBJ =x86cpuid.o
UPLINK_OBJ=../ms/uplink.o
BN_ASM=bn-586.o co-586.o x86-mont.o x86-gf2m.o
EC_ASM=ecp_nistz256.o ecp_nistz256-x86.o
DES_ENC   =des-586.o crypt586.o
AES_ENC   =aes-586.o vpaes-x86.o aesni-x86.o
BF_ENC=bf-586.o
CAST_ENC  =c_enc.o
RC4_ENC   =rc4-586.o
RC5_ENC   =rc5-586.o
MD5_OBJ_ASM   =md5-586.o
SHA1_OBJ_ASM  =sha1-586.o sha256-586.o sha512-586.o
RMD160_OBJ_ASM=rmd-586.o
CMLL_ENC  =cmll-x86.o
MODES_OBJ =ghash-x86.o
PADLOCK_OBJ   =e_padlock-x86.o
CHACHA_ENC=chacha-x86.o
POLY1305_OBJ  =poly1305-x86.o
BLAKE2_OBJ=
PROCESSOR =
RANLIB=true
ARFLAGS   =/nologo
PERL  =C:\Perl64\bin\perl.exe

THIRTY_TWO_BIT mode
BN_LLONG mode

Configured for VC-WIN32.

exit> 0 
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson7965372897926981996.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

nmake>

Microsoft (R) Program 

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  c73aa309049c4f04ec81f0f1cf552eab8456a16e (commit)
  from  e6c5dbc8e82214f659d5b905d7b4a04a8d1faa8d (commit)


- Log -
commit c73aa309049c4f04ec81f0f1cf552eab8456a16e
Author: Richard Levitte 
Date:   Wed May 4 14:44:10 2016 +0200

Check return of PEM_write_* functions and report possible errors

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/1025)

---

Summary of changes:
 apps/pkcs12.c | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 406b103..af5f670 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -674,6 +674,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 PKCS8_PRIV_KEY_INFO *p8;
 X509 *x509;
 STACK_OF(X509_ATTRIBUTE) *attrs;
+int ret = 0;
 
 attrs = PKCS12_SAFEBAG_get0_attrs(bag);
 
@@ -688,7 +689,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 if ((pkey = EVP_PKCS82PKEY(p8)) == NULL)
 return 0;
 print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
-PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
 EVP_PKEY_free(pkey);
 break;
 
@@ -713,7 +714,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 }
 print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
 PKCS8_PRIV_KEY_INFO_free(p8);
-PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
 EVP_PKEY_free(pkey);
 break;
 
@@ -733,7 +734,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL)
 return 0;
 dump_cert_text(out, x509);
-PEM_write_bio_X509(out, x509);
+ret = PEM_write_bio_X509(out, x509);
 X509_free(x509);
 break;
 
@@ -750,7 +751,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, 
char *pass,
 BIO_printf(bio_err, "\n");
 return 1;
 }
-return 1;
+return ret;
 }
 
 /* Given a single certificate return a verified chain or NULL if error */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  e6c5dbc8e82214f659d5b905d7b4a04a8d1faa8d (commit)
  from  ad9a05621ac75b6b9db1e8856d7f434276b1a7af (commit)


- Log -
commit e6c5dbc8e82214f659d5b905d7b4a04a8d1faa8d
Author: Marek Klein 
Date:   Tue May 3 08:48:47 2016 +

DEFINE_STACK_OF(ASN1_UTF8STRING) moved from ts_lcl.h to asn1.h

Reviewed-by: Rich Salz 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/1020)

---

Summary of changes:
 crypto/ts/ts_lcl.h | 2 --
 include/openssl/asn1.h | 2 ++
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/ts/ts_lcl.h b/crypto/ts/ts_lcl.h
index e3f915c..657fbbb 100644
--- a/crypto/ts/ts_lcl.h
+++ b/crypto/ts/ts_lcl.h
@@ -144,8 +144,6 @@ struct TS_status_info_st {
 ASN1_BIT_STRING *failure_info;
 };
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
-
 /*-
  * IssuerSerial ::= SEQUENCE {
  * issuer   GeneralNames,
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 4c30a74..5fbe042 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -473,6 +473,8 @@ DEFINE_STACK_OF(ASN1_INTEGER)
 
 DEFINE_STACK_OF(ASN1_GENERALSTRING)
 
+DEFINE_STACK_OF(ASN1_UTF8STRING)
+
 typedef struct asn1_type_st {
 int type;
 union {
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  ad9a05621ac75b6b9db1e8856d7f434276b1a7af (commit)
  from  d5975c8d5a171551dd42ffa18ca12e84f29ad106 (commit)


- Log -
commit ad9a05621ac75b6b9db1e8856d7f434276b1a7af
Author: Matt Caswell 
Date:   Wed May 4 10:38:02 2016 +0100

Handle malloc failures in BIO_accept

The old BIO_accept() function can encounter errors during malloc. We need
to ensure we properly clean up if that occurs.

GH Issue #817

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/bio/b_sock.c | 18 ++
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index 071acda..dc14a1b 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -311,10 +311,20 @@ int BIO_accept(int sock, char **ip_port)
 if (ip_port != NULL) {
 char *host = BIO_ADDR_hostname_string(, 1);
 char *port = BIO_ADDR_service_string(, 1);
-*ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
-strcpy(*ip_port, host);
-strcat(*ip_port, ":");
-strcat(*ip_port, port);
+if (host != NULL && port != NULL)
+*ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
+else
+*ip_port = NULL;
+
+if (*ip_port == NULL) {
+BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
+BIO_closesocket(ret);
+ret = (int)INVALID_SOCKET;
+} else {
+strcpy(*ip_port, host);
+strcat(*ip_port, ":");
+strcat(*ip_port, port);
+}
 OPENSSL_free(host);
 OPENSSL_free(port);
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  d5975c8d5a171551dd42ffa18ca12e84f29ad106 (commit)
   via  6dccec2b5990cd282725393c21b5524f4f774615 (commit)
  from  b1b3e14fbeb373a288ba20402600e071e6f402f8 (commit)


- Log -
commit d5975c8d5a171551dd42ffa18ca12e84f29ad106
Author: Dr. Stephen Henson 
Date:   Wed May 4 13:13:24 2016 +0100

reject zero block length in PKCS12 keygen

Reviewed-by: Richard Levitte 

commit 6dccec2b5990cd282725393c21b5524f4f774615
Author: Dr. Stephen Henson 
Date:   Wed May 4 13:11:30 2016 +0100

Fix Blake block length

PR#4514

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/blake2/m_blake2b.c | 2 +-
 crypto/blake2/m_blake2s.c | 2 +-
 crypto/pkcs12/p12_key.c   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c
index 2135c7a..f613bff 100644
--- a/crypto/blake2/m_blake2b.c
+++ b/crypto/blake2/m_blake2b.c
@@ -49,7 +49,7 @@ static const EVP_MD blake2b_md = {
 final,
 NULL,
 NULL,
-0,
+BLAKE2B_BLOCKBYTES,
 sizeof(EVP_MD *) + sizeof(BLAKE2B_CTX),
 };
 
diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c
index e699184..3fbb232 100644
--- a/crypto/blake2/m_blake2s.c
+++ b/crypto/blake2/m_blake2s.c
@@ -49,7 +49,7 @@ static const EVP_MD blake2s_md = {
 final,
 NULL,
 NULL,
-0,
+BLAKE2S_BLOCKBYTES,
 sizeof(EVP_MD *) + sizeof(BLAKE2S_CTX),
 };
 
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 1a1ea70..764f91b 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -128,7 +128,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, 
unsigned char *salt,
 #endif
 v = EVP_MD_block_size(md_type);
 u = EVP_MD_size(md_type);
-if (u < 0)
+if (u < 0 || v <= 0)
 goto err;
 D = OPENSSL_malloc(v);
 Ai = OPENSSL_malloc(u);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Dr . Stephen Henson]

The branch OpenSSL_1_0_1-stable has been updated
   via  28dab7cfba522603d88ca95aab16b335060b6c3d (commit)
   via  c3011e3e1d60babb18ffdf3af4b5e9cb2cfd832c (commit)
  from  c33e68971fa5a37ecb443755da22db9af5c35c80 (commit)


- Log -
commit 28dab7cfba522603d88ca95aab16b335060b6c3d
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:05:31 2016 +0100

Fix double free in d2i_PrivateKey().

RT#4527

Reviewed-by: Matt Caswell 
(cherry picked from commit 3340e8bb186f689df5720352f65a9c0c42b6046b)

commit c3011e3e1d60babb18ffdf3af4b5e9cb2cfd832c
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:21:41 2016 +0100

add documentation

Reviewed-by: Matt Caswell 
(cherry picked from commit b1b3e14fbeb373a288ba20402600e071e6f402f8)

---

Summary of changes:
 crypto/asn1/d2i_pr.c  |  8 +++---
 doc/crypto/d2i_PrivateKey.pod | 59 +++
 2 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 doc/crypto/d2i_PrivateKey.pod

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index d21829a..86dcf5f 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -97,15 +97,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const 
unsigned char **pp,
 if (!ret->ameth->old_priv_decode ||
 !ret->ameth->old_priv_decode(ret, , length)) {
 if (ret->ameth->priv_decode) {
+EVP_PKEY *tmp;
 PKCS8_PRIV_KEY_INFO *p8 = NULL;
 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
 if (!p8)
 goto err;
-EVP_PKEY_free(ret);
-ret = EVP_PKCS82PKEY(p8);
+tmp = EVP_PKCS82PKEY(p8);
 PKCS8_PRIV_KEY_INFO_free(p8);
-if (ret == NULL)
+if (tmp == NULL)
 goto err;
+EVP_PKEY_free(ret);
+ret = tmp;
 } else {
 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
 goto err;
diff --git a/doc/crypto/d2i_PrivateKey.pod b/doc/crypto/d2i_PrivateKey.pod
new file mode 100644
index 000..e06ab6c
--- /dev/null
+++ b/doc/crypto/d2i_PrivateKey.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode
+functions for reading and saving EVP_PKEY structures.
+
+=head1 SYNOPSIS
+
+ #include 
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_PrivateKey() decodes a private key using algorithm B. It attempts to
+use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The
+B parameter should be a public key algorithm constant such as
+B. An error occurs if the decoded key does not match B.
+
+d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
+automatically detect the private key format.
+
+i2d_PrivateKey() encodes B. It uses a key specific format or, if none is
+defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
+
+These functions are similar to the d2i_X509() functions, and you should refer 
to
+that page for a detailed description (see L).
+
+=head1 NOTES
+
+All these functions use DER format and unencrypted keys. Applications wishing
+to encrypt or decrypt private keys should use other functions such as
+d2i_PKC8PrivateKey() instead.
+
+If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
+(i.e. an existing structure is being reused) and the key format is PKCS#8
+then B<*a> will be freed and replaced on a successful call.
+
+=head1 RETURN VALUES
+
+d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid B structure
+or B if an error occurs. The error code can be obtained by calling
+L.
+
+i2d_PrivateKey() returns the number of bytes successfully encoded or a
+negative value if an error occurs. The error code can be obtained by calling
+L.
+
+=head1 SEE ALSO
+
+L,
+L
+
+=cut
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Dr . Stephen Henson]

The branch OpenSSL_1_0_2-stable has been updated
   via  b8c75aab217842e527bd6dbe21d1908484edfb03 (commit)
   via  9dfd498af8f3993e1b72080a6fdeb723f4523ed8 (commit)
  from  5c6944593d3125800ae1a9b28d2efb6f870273c2 (commit)


- Log -
commit b8c75aab217842e527bd6dbe21d1908484edfb03
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:05:31 2016 +0100

Fix double free in d2i_PrivateKey().

RT#4527

Reviewed-by: Matt Caswell 
(cherry picked from commit 3340e8bb186f689df5720352f65a9c0c42b6046b)

commit 9dfd498af8f3993e1b72080a6fdeb723f4523ed8
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:21:41 2016 +0100

add documentation

Reviewed-by: Matt Caswell 
(cherry picked from commit b1b3e14fbeb373a288ba20402600e071e6f402f8)

---

Summary of changes:
 crypto/asn1/d2i_pr.c  |  8 +++---
 doc/crypto/d2i_PrivateKey.pod | 59 +++
 2 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 doc/crypto/d2i_PrivateKey.pod

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index d21829a..86dcf5f 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -97,15 +97,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const 
unsigned char **pp,
 if (!ret->ameth->old_priv_decode ||
 !ret->ameth->old_priv_decode(ret, , length)) {
 if (ret->ameth->priv_decode) {
+EVP_PKEY *tmp;
 PKCS8_PRIV_KEY_INFO *p8 = NULL;
 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
 if (!p8)
 goto err;
-EVP_PKEY_free(ret);
-ret = EVP_PKCS82PKEY(p8);
+tmp = EVP_PKCS82PKEY(p8);
 PKCS8_PRIV_KEY_INFO_free(p8);
-if (ret == NULL)
+if (tmp == NULL)
 goto err;
+EVP_PKEY_free(ret);
+ret = tmp;
 } else {
 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
 goto err;
diff --git a/doc/crypto/d2i_PrivateKey.pod b/doc/crypto/d2i_PrivateKey.pod
new file mode 100644
index 000..e06ab6c
--- /dev/null
+++ b/doc/crypto/d2i_PrivateKey.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode
+functions for reading and saving EVP_PKEY structures.
+
+=head1 SYNOPSIS
+
+ #include 
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_PrivateKey() decodes a private key using algorithm B. It attempts to
+use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The
+B parameter should be a public key algorithm constant such as
+B. An error occurs if the decoded key does not match B.
+
+d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
+automatically detect the private key format.
+
+i2d_PrivateKey() encodes B. It uses a key specific format or, if none is
+defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
+
+These functions are similar to the d2i_X509() functions, and you should refer 
to
+that page for a detailed description (see L).
+
+=head1 NOTES
+
+All these functions use DER format and unencrypted keys. Applications wishing
+to encrypt or decrypt private keys should use other functions such as
+d2i_PKC8PrivateKey() instead.
+
+If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
+(i.e. an existing structure is being reused) and the key format is PKCS#8
+then B<*a> will be freed and replaced on a successful call.
+
+=head1 RETURN VALUES
+
+d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid B structure
+or B if an error occurs. The error code can be obtained by calling
+L.
+
+i2d_PrivateKey() returns the number of bytes successfully encoded or a
+negative value if an error occurs. The error code can be obtained by calling
+L.
+
+=head1 SEE ALSO
+
+L,
+L
+
+=cut
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  b1b3e14fbeb373a288ba20402600e071e6f402f8 (commit)
   via  3340e8bb186f689df5720352f65a9c0c42b6046b (commit)
  from  16e1b281b2e16ff6deb8ca431dfc5743de31d0e2 (commit)


- Log -
commit b1b3e14fbeb373a288ba20402600e071e6f402f8
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:21:41 2016 +0100

add documentation

Reviewed-by: Matt Caswell 

commit 3340e8bb186f689df5720352f65a9c0c42b6046b
Author: Dr. Stephen Henson 
Date:   Tue May 3 15:05:31 2016 +0100

Fix double free in d2i_PrivateKey().

RT#4527

Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/asn1/d2i_pr.c  |  8 +++---
 doc/crypto/d2i_PrivateKey.pod | 59 +++
 2 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 doc/crypto/d2i_PrivateKey.pod

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 85567ce..48a845f 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -93,15 +93,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const 
unsigned char **pp,
 if (!ret->ameth->old_priv_decode ||
 !ret->ameth->old_priv_decode(ret, , length)) {
 if (ret->ameth->priv_decode) {
+EVP_PKEY *tmp;
 PKCS8_PRIV_KEY_INFO *p8 = NULL;
 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
 if (!p8)
 goto err;
-EVP_PKEY_free(ret);
-ret = EVP_PKCS82PKEY(p8);
+tmp = EVP_PKCS82PKEY(p8);
 PKCS8_PRIV_KEY_INFO_free(p8);
-if (ret == NULL)
+if (tmp == NULL)
 goto err;
+EVP_PKEY_free(ret);
+ret = tmp;
 } else {
 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
 goto err;
diff --git a/doc/crypto/d2i_PrivateKey.pod b/doc/crypto/d2i_PrivateKey.pod
new file mode 100644
index 000..e06ab6c
--- /dev/null
+++ b/doc/crypto/d2i_PrivateKey.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode
+functions for reading and saving EVP_PKEY structures.
+
+=head1 SYNOPSIS
+
+ #include 
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+  long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_PrivateKey() decodes a private key using algorithm B. It attempts to
+use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The
+B parameter should be a public key algorithm constant such as
+B. An error occurs if the decoded key does not match B.
+
+d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
+automatically detect the private key format.
+
+i2d_PrivateKey() encodes B. It uses a key specific format or, if none is
+defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
+
+These functions are similar to the d2i_X509() functions, and you should refer 
to
+that page for a detailed description (see L).
+
+=head1 NOTES
+
+All these functions use DER format and unencrypted keys. Applications wishing
+to encrypt or decrypt private keys should use other functions such as
+d2i_PKC8PrivateKey() instead.
+
+If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
+(i.e. an existing structure is being reused) and the key format is PKCS#8
+then B<*a> will be freed and replaced on a successful call.
+
+=head1 RETURN VALUES
+
+d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid B structure
+or B if an error occurs. The error code can be obtained by calling
+L.
+
+i2d_PrivateKey() returns the number of bytes successfully encoded or a
+negative value if an error occurs. The error code can be obtained by calling
+L.
+
+=head1 SEE ALSO
+
+L,
+L
+
+=cut
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  16e1b281b2e16ff6deb8ca431dfc5743de31d0e2 (commit)
  from  b273fcc565fbe90b1f9d2526640fcc55832bbeb6 (commit)


- Log -
commit 16e1b281b2e16ff6deb8ca431dfc5743de31d0e2
Author: FdaSilvaYY 
Date:   Sun Mar 20 21:14:10 2016 +0100

GH932: Add more help messages to some apps options.

Reviewed-by: Matt Caswell 
Reviewed-by: Rich Salz 

---

Summary of changes:
 apps/asn1pars.c |  2 +-
 apps/ca.c   | 12 ++--
 apps/cms.c  |  8 
 apps/crl.c  |  8 
 apps/dhparam.c  |  2 +-
 apps/dsa.c  |  4 ++--
 apps/ec.c   |  4 ++--
 apps/ocsp.c | 11 ++-
 apps/pkeyutl.c  |  2 +-
 apps/rsautl.c   |  2 +-
 apps/smime.c|  2 +-
 apps/ts.c   |  2 +-
 apps/x509.c |  6 +++---
 13 files changed, 33 insertions(+), 32 deletions(-)

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 3da7e3b..3b29801 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -82,7 +82,7 @@ OPTIONS asn1parse_options[] = {
 {"in", OPT_IN, '<', "input file"},
 {"out", OPT_OUT, '>', "output file (output format is always DER)"},
 {"i", OPT_INDENT, 0, "indents the output"},
-{"noout", OPT_NOOUT, 0, "don't produce any output"},
+{"noout", OPT_NOOUT, 0, "do not produce any output"},
 {"offset", OPT_OFFSET, 'p', "offset into file"},
 {"length", OPT_LENGTH, 'p', "length of section in file"},
 {"oid", OPT_OID, '<', "file of extra oid definitions"},
diff --git a/apps/ca.c b/apps/ca.c
index 95801fb..0e7bfdc 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -220,7 +220,7 @@ OPTIONS ca_options[] = {
 {"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
 {"keyfile", OPT_KEYFILE, 's', "Private key"},
 {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
-{"passin", OPT_PASSIN, 's'},
+{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
 {"key", OPT_KEY, 's', "Key to decode the private key if it is encrypted"},
 {"cert", OPT_CERT, '<', "The CA cert"},
 {"selfsign", OPT_SELFSIGN, '-',
@@ -228,17 +228,17 @@ OPTIONS ca_options[] = {
 {"in", OPT_IN, '<', "The input PEM encoded cert request(s)"},
 {"out", OPT_OUT, '>', "Where to put the output file(s)"},
 {"outdir", OPT_OUTDIR, '/', "Where to put output cert"},
-{"sigopt", OPT_SIGOPT, 's'},
-{"notext", OPT_NOTEXT, '-'},
+{"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
+{"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
 {"batch", OPT_BATCH, '-', "Don't ask questions"},
 {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
 {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
 {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
 {"msie_hack", OPT_MSIE_HACK, '-',
  "msie modifications to handle all those universal strings"},
-{"crldays", OPT_CRLDAYS, 'p', "Days is when the next CRL is due"},
-{"crlhours", OPT_CRLHOURS, 'p', "Hours is when the next CRL is due"},
-{"crlsec", OPT_CRLSEC, 'p'},
+{"crldays", OPT_CRLDAYS, 'p', "Days until the next CRL is due"},
+{"crlhours", OPT_CRLHOURS, 'p', "Hours until the next CRL is due"},
+{"crlsec", OPT_CRLSEC, 'p', "Seconds until the next CRL is due"},
 {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
 {"ss_cert", OPT_SS_CERT, '<', "File contains a self signed cert to sign"},
 {"spkac", OPT_SPKAC, '<',
diff --git a/apps/cms.c b/apps/cms.c
index 95f2124..7bc40d5 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -142,7 +142,7 @@ OPTIONS cms_options[] = {
 {"encrypt", OPT_ENCRYPT, '-', "Encrypt message"},
 {"decrypt", OPT_DECRYPT, '-', "Decrypt encrypted message"},
 {"sign", OPT_SIGN, '-', "Sign message"},
-{"sign_receipt", OPT_SIGN_RECEIPT, '-'},
+{"sign_receipt", OPT_SIGN_RECEIPT, '-', "Generate a signed receipt for the 
message"},
 {"resign", OPT_RESIGN, '-'},
 {"verify", OPT_VERIFY, '-', "Verify signed message"},
 {"verify_retcode", OPT_VERIFY_RETCODE, '-'},
@@ -177,7 +177,7 @@ OPTIONS cms_options[] = {
 {"noindef", OPT_NOINDEF, '-'},
 {"nooldmime", OPT_NOOLDMIME, '-'},
 {"crlfeol", OPT_CRLFEOL, '-'},
-{"noout", OPT_NOOUT, '-'},
+{"noout", OPT_NOOUT, '-', "For the -cmsout operation do not output the 
parsed CMS structure"},
 {"receipt_request_print", OPT_RR_PRINT, '-'},
 {"receipt_request_all", OPT_RR_ALL, '-'},
 {"receipt_request_first", OPT_RR_FIRST, '-'},
@@ -191,7 +191,7 @@ OPTIONS cms_options[] = {
  "Do not load certificates from the default certificates directory"},
 {"content", OPT_CONTENT, '<',
  "Supply or override content for detached signature"},
-{"print", OPT_PRINT, '-'},
+{"print", OPT_PRINT, '-', "For the -cmsout operation 

[openssl-commits] Build failed in Jenkins: master_windows #1600

[openssl . sanity]

See 

Changes:

[Matt Caswell] Remove stale errors from early connection attempts in a client

[Matt Caswell] Fix the no-tls option

--
Started by upstream project "master_basic" build number 1865
originally caused by:
 Started by an SCM change
Building remotely on windows-slave in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > https://github.com/openssl/openssl.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse "refs/remotes/origin/master^{commit}" # timeout=10
 > git rev-parse "refs/remotes/origin/origin/master^{commit}" # timeout=10
Checking out Revision b273fcc565fbe90b1f9d2526640fcc55832bbeb6 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f b273fcc565fbe90b1f9d2526640fcc55832bbeb6
 > git rev-list 1697a81bafcc9a65012b62ba01c1661bf40e5edb # timeout=10
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson2122588289172731123.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

perl> Configure 
VC-WIN32 
Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L)
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]   OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE 
(skip dir)
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-egd  [default]  OPENSSL_NO_EGD (skip dir)
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS (skip dir)
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl3 [default]  OPENSSL_NO_SSL3 (skip dir)
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD (skip dir)
no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir)
no-zlib [default] 
no-zlib-dynamic [default] 
Configuring for VC-WIN32
CC=cl
CFLAG =-W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WIN32 
-DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE 
-D_UNICODE /MD /Ox /O2 /Ob2 
SHARED_CFLAG  =
DEFINES   =OPENSSL_USE_APPLINK DSO_WIN32 NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_BN_ASM_PART_WORDS 
OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM 
SHA512_ASM MD5_ASM RMD160_ASM AES_ASM VPAES_ASM WHIRLPOOL_ASM GHASH_ASM 
ECP_NISTZ256_ASM POLY1305_ASM
LFLAG =/nologo /debug
PLIB_LFLAG=
EX_LIBS   =ws2_32.lib gdi32.lib advapi32.lib crypt32.lib user32.lib 
APPS_OBJ  =../ms/applink.o
CPUID_OBJ =x86cpuid.o
UPLINK_OBJ=../ms/uplink.o
BN_ASM=bn-586.o co-586.o x86-mont.o x86-gf2m.o
EC_ASM=ecp_nistz256.o ecp_nistz256-x86.o
DES_ENC   =des-586.o crypt586.o
AES_ENC   =aes-586.o vpaes-x86.o aesni-x86.o
BF_ENC=bf-586.o
CAST_ENC  =c_enc.o
RC4_ENC   =rc4-586.o
RC5_ENC   =rc5-586.o
MD5_OBJ_ASM   =md5-586.o
SHA1_OBJ_ASM  =sha1-586.o sha256-586.o sha512-586.o
RMD160_OBJ_ASM=rmd-586.o
CMLL_ENC  =cmll-x86.o
MODES_OBJ =ghash-x86.o
PADLOCK_OBJ   =e_padlock-x86.o
CHACHA_ENC=chacha-x86.o
POLY1305_OBJ  =poly1305-x86.o
BLAKE2_OBJ=
PROCESSOR =
RANLIB=true
ARFLAGS   =/nologo
PERL  =C:\Perl64\bin\perl.exe

THIRTY_TWO_BIT mode
BN_LLONG mode

Configured for VC-WIN32.

exit> 0 
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson2039781485438286243.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

nmake>

Microsoft (R) Program Maintenance Utility Version 12.00.21005.1
Copyright (C) Microsoft Corporation.  All rights reserved.

C:\Perl64\bin\perl.exe util\mkbuildinf.pl "cl " "VC-WIN32" > 
crypto\buildinf.h
cl -DOPENSSL_USE_APPLINK -DDSO_WIN32 -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC 

[openssl-commits] Build completed: openssl 1.0.17

[AppVeyor]

Build openssl 1.0.17 completed



Commit d208da45f9 by Andrea Grandi on 5/3/2016 2:24 AM:

Fix error in the loop of ECDH


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  ea837d79f91f481d7b07ea7a985b35c24e9dcc79 (commit)
  from  1697a81bafcc9a65012b62ba01c1661bf40e5edb (commit)


- Log -
commit ea837d79f91f481d7b07ea7a985b35c24e9dcc79
Author: Matt Caswell 
Date:   Wed May 4 09:12:27 2016 +0100

Remove stale errors from early connection attempts in a client

The init_client() function in the apps sets up the client connection. It
may try multiple addresses until it finds one that works. We should clear
the error queue if we eventually get a successful connection because
otherwise we get stale errors hanging around. This can cause problems in
subsequent calls to SSL_get_error(), i.e. non-fatal NBIO events appear as
fatal.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 apps/s_socket.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apps/s_socket.c b/apps/s_socket.c
index 4653217..6d77d82 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -195,6 +195,8 @@ int init_client(int *sock, const char *host, const char 
*port,
 if (*sock == INVALID_SOCKET) {
 ERR_print_errors(bio_err);
 } else {
+/* Remove any stale errors from previous connection attempts */
+ERR_clear_error();
 ret = 1;
 }
 BIO_ADDRINFO_free(res);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed in Jenkins: master_windows #1599

[openssl . sanity]

See 

Changes:

[appro] Tru64 fixes.

[appro] Configurations/unix-Makefile.tmpl: don't count on -E -P.

[appro] MIPS assembly pack: fix MIPS64 assembler warnings.

[appro] Alpha assembly pack: make it work on Linux.

[Richard Levitte] Allow spaces in filenames when using perl's glob

--
Started by upstream project "master_basic" build number 1864
originally caused by:
 Started by an SCM change
Building remotely on windows-slave in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > https://github.com/openssl/openssl.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse "refs/remotes/origin/master^{commit}" # timeout=10
 > git rev-parse "refs/remotes/origin/origin/master^{commit}" # timeout=10
Checking out Revision 1697a81bafcc9a65012b62ba01c1661bf40e5edb 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 1697a81bafcc9a65012b62ba01c1661bf40e5edb
 > git rev-list 7b7eb4725ead9440e5f68c999e0792098ea82239 # timeout=10
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson1541209756992144850.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

perl> Configure 
VC-WIN32 
Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L)
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]   OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE 
(skip dir)
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-egd  [default]  OPENSSL_NO_EGD (skip dir)
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS (skip dir)
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl3 [default]  OPENSSL_NO_SSL3 (skip dir)
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD (skip dir)
no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir)
no-zlib [default] 
no-zlib-dynamic [default] 
Configuring for VC-WIN32
CC=cl
CFLAG =-W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WIN32 
-DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE 
-D_UNICODE /MD /Ox /O2 /Ob2 
SHARED_CFLAG  =
DEFINES   =OPENSSL_USE_APPLINK DSO_WIN32 NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_BN_ASM_PART_WORDS 
OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM 
SHA512_ASM MD5_ASM RMD160_ASM AES_ASM VPAES_ASM WHIRLPOOL_ASM GHASH_ASM 
ECP_NISTZ256_ASM POLY1305_ASM
LFLAG =/nologo /debug
PLIB_LFLAG=
EX_LIBS   =ws2_32.lib gdi32.lib advapi32.lib crypt32.lib user32.lib 
APPS_OBJ  =../ms/applink.o
CPUID_OBJ =x86cpuid.o
UPLINK_OBJ=../ms/uplink.o
BN_ASM=bn-586.o co-586.o x86-mont.o x86-gf2m.o
EC_ASM=ecp_nistz256.o ecp_nistz256-x86.o
DES_ENC   =des-586.o crypt586.o
AES_ENC   =aes-586.o vpaes-x86.o aesni-x86.o
BF_ENC=bf-586.o
CAST_ENC  =c_enc.o
RC4_ENC   =rc4-586.o
RC5_ENC   =rc5-586.o
MD5_OBJ_ASM   =md5-586.o
SHA1_OBJ_ASM  =sha1-586.o sha256-586.o sha512-586.o
RMD160_OBJ_ASM=rmd-586.o
CMLL_ENC  =cmll-x86.o
MODES_OBJ =ghash-x86.o
PADLOCK_OBJ   =e_padlock-x86.o
CHACHA_ENC=chacha-x86.o
POLY1305_OBJ  =poly1305-x86.o
BLAKE2_OBJ=
PROCESSOR =
RANLIB=true
ARFLAGS   =/nologo
PERL  =C:\Perl64\bin\perl.exe

THIRTY_TWO_BIT mode
BN_LLONG mode

Configured for VC-WIN32.

exit> 0 
[master_windows] $ cmd /c call 
C:\Users\ADMINI~1\AppData\Local\Temp\1\hudson2927915191518226442.bat

call> "c:\program 
files (x86)\microsoft visual studio 12.0\vc\bin\vcvars32.bat" 

set> 
PROCESSOR_ARCHITECTURE=x86 

nmake>

Microsoft (R) Program Maintenance Utility Version 12.00.21005.1
Copyright (C) Microsoft Corporation.  All rights reserved.

C:\Perl64\bin\perl.exe util\mkbuildinf.pl "cl " "VC-WIN32" > 

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  1697a81bafcc9a65012b62ba01c1661bf40e5edb (commit)
  from  c6cb8e3ca455d6a23be35bc3e076e91da665a292 (commit)


- Log -
commit 1697a81bafcc9a65012b62ba01c1661bf40e5edb
Author: Richard Levitte 
Date:   Tue May 3 23:58:38 2016 +0200

Allow spaces in filenames when using perl's glob

Reviewed-by: Matt Caswell 

---

Summary of changes:
 util/copy-if-different.pl | 2 +-
 util/copy.pl  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/util/copy-if-different.pl b/util/copy-if-different.pl
index 63a9a05..2bf7835 100755
--- a/util/copy-if-different.pl
+++ b/util/copy-if-different.pl
@@ -18,7 +18,7 @@ my @filelist;
 
 foreach my $arg (@ARGV) {
$arg =~ s|\\|/|g;   # compensate for bug/feature in cygwin glob...
-   foreach (glob $arg)
+   foreach (glob qq("$arg"))
{
push @filelist, $_;
}
diff --git a/util/copy.pl b/util/copy.pl
index c4bcccd..ef4d870 100644
--- a/util/copy.pl
+++ b/util/copy.pl
@@ -26,7 +26,7 @@ foreach $arg (@ARGV) {
next;
}
$arg =~ s|\\|/|g;   # compensate for bug/feature in cygwin glob...
-   foreach (glob $arg)
+   foreach (glob qq("$arg"))
{
push @filelist, $_;
}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Errored: openssl/openssl#3679 (master - f7dc4a3)

[Travis CI]

Build Update for openssl/openssl
-

Build: #3679
Status: Errored

Duration: 28 minutes and 58 seconds
Commit: f7dc4a3 (master)
Author: Andy Polyakov
Message: MIPS assembly pack: fix MIPS64 assembler warnings.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/39199fb3b052...f7dc4a3bd7a2

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/127718295

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
   via  c6cb8e3ca455d6a23be35bc3e076e91da665a292 (commit)
  from  f7dc4a3bd7a2dd8c35c128032d3fabb700f4d851 (commit)


- Log -
commit c6cb8e3ca455d6a23be35bc3e076e91da665a292
Author: Andy Polyakov 
Date:   Tue May 3 13:17:30 2016 +0200

Alpha assembly pack: make it work on Linux.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 Configurations/00-base-templates.conf | 6 +++---
 crypto/bn/build.info  | 2 +-
 crypto/modes/build.info   | 2 +-
 crypto/sha/asm/sha1-alpha.pl  | 2 +-
 crypto/sha/build.info | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Configurations/00-base-templates.conf 
b/Configurations/00-base-templates.conf
index 83d38e03..47b8021 100644
--- a/Configurations/00-base-templates.conf
+++ b/Configurations/00-base-templates.conf
@@ -203,9 +203,9 @@
 alpha_asm => {
template=> 1,
cpuid_asm_src   => "alphacpuid.s",
-   bn_asm_src  => "bn_asm.c alpha-mont.s",
-   sha1_asm_src=> "sha1-alpha.s",
-   modes_asm_src   => "ghash-alpha.s",
+   bn_asm_src  => "bn_asm.c alpha-mont.S",
+   sha1_asm_src=> "sha1-alpha.S",
+   modes_asm_src   => "ghash-alpha.S",
perlasm_scheme  => "void"
 },
 mips32_asm => {
diff --git a/crypto/bn/build.info b/crypto/bn/build.info
index 83a5b81..f657db2 100644
--- a/crypto/bn/build.info
+++ b/crypto/bn/build.info
@@ -57,7 +57,7 @@ GENERATE[bn-ppc.s]=asm/ppc.pl $(PERLASM_SCHEME)
 GENERATE[ppc-mont.s]=asm/ppc-mont.pl $(PERLASM_SCHEME)
 GENERATE[ppc64-mont.s]=asm/ppc64-mont.pl $(PERLASM_SCHEME)
 
-GENERATE[alpha-mont.s]=asm/alpha-mont.pl
+GENERATE[alpha-mont.S]=asm/alpha-mont.pl $(PERLASM_SCHEME)
 
 GENERATE[armv4-mont.S]=asm/armv4-mont.pl $(PERLASM_SCHEME)
 INCLUDE[armv4-mont.o]=..
diff --git a/crypto/modes/build.info b/crypto/modes/build.info
index 43282c4..38195c4 100644
--- a/crypto/modes/build.info
+++ b/crypto/modes/build.info
@@ -12,7 +12,7 @@ GENERATE[ghash-x86_64.s]=asm/ghash-x86_64.pl $(PERLASM_SCHEME)
 GENERATE[aesni-gcm-x86_64.s]=asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME)
 GENERATE[ghash-sparcv9.S]=asm/ghash-sparcv9.pl $(PERLASM_SCHEME)
 INCLUDE[ghash-sparcv9.o]=..
-GENERATE[ghash-alpha.s]=asm/ghash-alpha.pl
+GENERATE[ghash-alpha.S]=asm/ghash-alpha.pl $(PERLASM_SCHEME)
 GENERATE[ghash-parisc.s]=asm/ghash-parisc.pl $(PERLASM_SCHEME)
 GENERATE[ghashp8-ppc.s]=asm/ghashp8-ppc.pl $(PERLASM_SCHEME)
 GENERATE[ghash-armv4.S]=asm/ghash-armv4.pl $(PERLASM_SCHEME)
diff --git a/crypto/sha/asm/sha1-alpha.pl b/crypto/sha/asm/sha1-alpha.pl
index 6c4b925..02d30b5 100644
--- a/crypto/sha/asm/sha1-alpha.pl
+++ b/crypto/sha/asm/sha1-alpha.pl
@@ -317,6 +317,6 @@ $code.=<<___;
 .ascii "SHA1 block transform for Alpha, CRYPTOGAMS by "
 .align 2
 ___
-$output=shift and open STDOUT,">$output";
+$output=pop and open STDOUT,">$output";
 print $code;
 close STDOUT;
diff --git a/crypto/sha/build.info b/crypto/sha/build.info
index 7aa3a91..5843e50 100644
--- a/crypto/sha/build.info
+++ b/crypto/sha/build.info
@@ -13,7 +13,7 @@ GENERATE[sha1-ia64.s]=asm/sha1-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
 GENERATE[sha256-ia64.s]=asm/sha512-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
 GENERATE[sha512-ia64.s]=asm/sha512-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
 
-GENERATE[sha1-alpha.s]=asm/sha1-alpha.pl
+GENERATE[sha1-alpha.S]=asm/sha1-alpha.pl $(PERLASM_SCHEME)
 
 GENERATE[sha1-x86_64.s]=asm/sha1-x86_64.pl $(PERLASM_SCHEME)
 GENERATE[sha1-mb-x86_64.s]=asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits