[openssl-commits] Build failed: openssl master.3461

2016-05-23 Thread AppVeyor 



Build openssl master.3461 failed


Commit 7d37818dac by Matt Caswell on 5/23/2016 10:26 PM:

Use strerror_r()/strerror_s() instead of strerror() where possible


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Matt Caswell 
The branch master has been updated
   via  0a618df059d93bf7fe9e3ec92e04db8bc1eeff07 (commit)
  from  308ff28673ae1a4a1b346761224b4a8851d41f58 (commit)


- Log -
commit 0a618df059d93bf7fe9e3ec92e04db8bc1eeff07
Author: Matt Caswell 
Date:   Mon May 9 17:44:26 2016 +0100

Fix a mem leak on an error path in OBJ_NAME_add()

If lh_OBJ_NAME_insert() fails then the allocated |onp| value is leaked.

RT#2238

Reviewed-by: Richard Levitte 

---

Summary of changes:
 crypto/objects/o_names.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index e43fb30..c655a90 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -191,7 +191,7 @@ int OBJ_NAME_add(const char *name, int type, const char 
*data)
 onp = OPENSSL_malloc(sizeof(*onp));
 if (onp == NULL) {
 /* ERROR */
-return (0);
+return 0;
 }
 
 onp->name = name;
@@ -216,10 +216,11 @@ int OBJ_NAME_add(const char *name, int type, const char 
*data)
 } else {
 if (lh_OBJ_NAME_error(names_lh)) {
 /* ERROR */
-return (0);
+OPENSSL_free(onp);
+return 0;
 }
 }
-return (1);
+return 1;
 }
 
 int OBJ_NAME_remove(const char *name, int type)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2016-05-23 Thread Matt Caswell 
The branch OpenSSL_1_0_2-stable has been updated
   via  649af484c8a15ad916c101aba86c7529dac7eccb (commit)
  from  e117522e752478a1fbb87117e4660ee20b85acc2 (commit)


- Log -
commit 649af484c8a15ad916c101aba86c7529dac7eccb
Author: Matt Caswell 
Date:   Mon May 9 17:44:26 2016 +0100

Fix a mem leak on an error path in OBJ_NAME_add()

If lh_OBJ_NAME_insert() fails then the allocated |onp| value is leaked.

RT#2238

Reviewed-by: Richard Levitte 
(cherry picked from commit 0a618df059d93bf7fe9e3ec92e04db8bc1eeff07)

---

Summary of changes:
 crypto/objects/o_names.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 2485992..f106905 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -191,7 +191,7 @@ int OBJ_NAME_add(const char *name, int type, const char 
*data)
 onp = (OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
 if (onp == NULL) {
 /* ERROR */
-return (0);
+return 0;
 }
 
 onp->name = name;
@@ -216,10 +216,11 @@ int OBJ_NAME_add(const char *name, int type, const char 
*data)
 } else {
 if (lh_OBJ_NAME_error(names_lh)) {
 /* ERROR */
-return (0);
+OPENSSL_free(onp);
+return 0;
 }
 }
-return (1);
+return 1;
 }
 
 int OBJ_NAME_remove(const char *name, int type)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2016-05-23 Thread Matt Caswell 
The branch OpenSSL_1_0_2-stable has been updated
   via  e117522e752478a1fbb87117e4660ee20b85acc2 (commit)
  from  d384bf39b17fa879dd91138d08105114b5a25370 (commit)


- Log -
commit e117522e752478a1fbb87117e4660ee20b85acc2
Author: Matt Caswell 
Date:   Mon Apr 25 16:22:31 2016 +0100

Fix error return value in SRP functions

The functions SRP_Calc_client_key() and SRP_Calc_server_key() were
incorrectly returning a valid pointer in the event of error.

Issue reported by Yuan Jochen Kang

Reviewed-by: Richard Levitte 
(cherry picked from commit 308ff28673ae1a4a1b346761224b4a8851d41f58)

---

Summary of changes:
 crypto/srp/srp_lib.c | 20 +---
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index b3e5fbb..6df3b1c 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -159,8 +159,7 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM 
*u, BIGNUM *b,
 if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
 return NULL;
 
-if ((bn_ctx = BN_CTX_new()) == NULL ||
-(tmp = BN_new()) == NULL || (S = BN_new()) == NULL)
+if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)
 goto err;
 
 /* S = (A*v**u) ** b */
@@ -169,8 +168,12 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM 
*u, BIGNUM *b,
 goto err;
 if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
 goto err;
-if (!BN_mod_exp(S, tmp, b, N, bn_ctx))
-goto err;
+
+S = BN_new();
+if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {
+BN_free(S);
+S = NULL;
+}
  err:
 BN_CTX_free(bn_ctx);
 BN_clear_free(tmp);
@@ -267,7 +270,7 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM 
*g, BIGNUM *x,
 
 if ((tmp = BN_new()) == NULL ||
 (tmp2 = BN_new()) == NULL ||
-(tmp3 = BN_new()) == NULL || (K = BN_new()) == NULL)
+(tmp3 = BN_new()) == NULL)
 goto err;
 
 if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
@@ -283,8 +286,11 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM 
*g, BIGNUM *x,
 goto err;
 if (!BN_add(tmp2, a, tmp3))
 goto err;
-if (!BN_mod_exp(K, tmp, tmp2, N, bn_ctx))
-goto err;
+K = BN_new();
+if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {
+BN_free(K);
+K = NULL;
+}
 
  err:
 BN_CTX_free(bn_ctx);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

2016-05-23 Thread Matt Caswell 
The branch OpenSSL_1_0_1-stable has been updated
   via  051b9604f1421fe54d10185bc5c348bd343388da (commit)
  from  eea595ff6b554b3876bab51b2560df5fb0006696 (commit)


- Log -
commit 051b9604f1421fe54d10185bc5c348bd343388da
Author: Matt Caswell 
Date:   Mon Apr 25 16:22:31 2016 +0100

Fix error return value in SRP functions

The functions SRP_Calc_client_key() and SRP_Calc_server_key() were
incorrectly returning a valid pointer in the event of error.

Issue reported by Yuan Jochen Kang

Reviewed-by: Richard Levitte 
(cherry picked from commit 308ff28673ae1a4a1b346761224b4a8851d41f58)

---

Summary of changes:
 crypto/srp/srp_lib.c | 20 +---
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index e9a2e05..e310946 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -159,8 +159,7 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM 
*u, BIGNUM *b,
 if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
 return NULL;
 
-if ((bn_ctx = BN_CTX_new()) == NULL ||
-(tmp = BN_new()) == NULL || (S = BN_new()) == NULL)
+if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)
 goto err;
 
 /* S = (A*v**u) ** b */
@@ -169,8 +168,12 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM 
*u, BIGNUM *b,
 goto err;
 if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
 goto err;
-if (!BN_mod_exp(S, tmp, b, N, bn_ctx))
-goto err;
+
+S = BN_new();
+if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {
+BN_free(S);
+S = NULL;
+}
  err:
 BN_CTX_free(bn_ctx);
 BN_clear_free(tmp);
@@ -267,7 +270,7 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM 
*g, BIGNUM *x,
 
 if ((tmp = BN_new()) == NULL ||
 (tmp2 = BN_new()) == NULL ||
-(tmp3 = BN_new()) == NULL || (K = BN_new()) == NULL)
+(tmp3 = BN_new()) == NULL)
 goto err;
 
 if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
@@ -283,8 +286,11 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM 
*g, BIGNUM *x,
 goto err;
 if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
 goto err;
-if (!BN_mod_exp(K, tmp, tmp2, N, bn_ctx))
-goto err;
+K = BN_new();
+if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {
+BN_free(K);
+K = NULL;
+}
 
  err:
 BN_CTX_free(bn_ctx);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Matt Caswell 
The branch master has been updated
   via  a93e0e78db78e03bdcd29acf9bbc8a812ee50cb6 (commit)
  from  1c7bfec5982210b2666a91771777c56338cf4d8d (commit)


- Log -
commit a93e0e78db78e03bdcd29acf9bbc8a812ee50cb6
Author: J Mohan Rao Arisankala 
Date:   Mon May 23 23:37:47 2016 +0530

#4342: few missing malloc return checks and free in error paths

ossl_hmac_cleanup, pkey_hmac_cleanup:
 - allow to invoke with NULL data
 - using EVP_PKEY_CTX_[get|set]_data

EVP_DigestInit_ex:
 - remove additional check for ‘type’ and doing clear free instead of
free

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/engine/eng_openssl.c | 25 -
 crypto/evp/digest.c |  8 +++-
 crypto/hmac/hm_pmeth.c  | 24 ++--
 3 files changed, 41 insertions(+), 16 deletions(-)

diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index 75fd23d..7e28604 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -441,6 +441,10 @@ static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
 return 0;
 hctx->ktmp.type = V_ASN1_OCTET_STRING;
 hctx->ctx = HMAC_CTX_new();
+if (hctx->ctx == NULL) {
+OPENSSL_free(hctx);
+return 0;
+}
 EVP_PKEY_CTX_set_data(ctx, hctx);
 EVP_PKEY_CTX_set0_keygen_info(ctx, NULL, 0);
 # ifdef TEST_ENG_OPENSSL_HMAC_INIT
@@ -449,31 +453,42 @@ static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
 return 1;
 }
 
+static void ossl_hmac_cleanup(EVP_PKEY_CTX *ctx);
+
 static int ossl_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
 {
 OSSL_HMAC_PKEY_CTX *sctx, *dctx;
+
+/* allocate memory for dst->data and a new HMAC_CTX in dst->data->ctx */
 if (!ossl_hmac_init(dst))
 return 0;
 sctx = EVP_PKEY_CTX_get_data(src);
 dctx = EVP_PKEY_CTX_get_data(dst);
 dctx->md = sctx->md;
 if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))
-return 0;
+goto err;
 if (sctx->ktmp.data) {
 if (!ASN1_OCTET_STRING_set(>ktmp,
sctx->ktmp.data, sctx->ktmp.length))
-return 0;
+goto err;
 }
 return 1;
+err:
+/* release HMAC_CTX in dst->data->ctx and memory allocated for dst->data */
+ossl_hmac_cleanup(dst);
+return 0;
 }
 
 static void ossl_hmac_cleanup(EVP_PKEY_CTX *ctx)
 {
 OSSL_HMAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
 
-HMAC_CTX_free(hctx->ctx);
-OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
-OPENSSL_free(hctx);
+if (hctx) {
+HMAC_CTX_free(hctx->ctx);
+OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
+OPENSSL_free(hctx);
+EVP_PKEY_CTX_set_data(ctx, NULL);
+}
 }
 
 static int ossl_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 051fc7b..c594a0a 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -68,10 +68,8 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, 
ENGINE *impl)
  * previous handle, re-querying for an ENGINE, and having a
  * reinitialisation, when it may all be unnecessary.
  */
-if (ctx->engine && ctx->digest && (!type ||
-   (type
-&& (type->type ==
-ctx->digest->type
+if (ctx->engine && ctx->digest &&
+(type == NULL || (type->type == ctx->digest->type)))
 goto skip_to_init;
 if (type) {
 /*
@@ -117,7 +115,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, 
ENGINE *impl)
 #endif
 if (ctx->digest != type) {
 if (ctx->digest && ctx->digest->ctx_size) {
-OPENSSL_free(ctx->md_data);
+OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
 ctx->md_data = NULL;
 }
 ctx->digest = type;
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index 55493be..5b98477 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -32,6 +32,10 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
 return 0;
 hctx->ktmp.type = V_ASN1_OCTET_STRING;
 hctx->ctx = HMAC_CTX_new();
+if (hctx->ctx == NULL) {
+OPENSSL_free(hctx);
+return 0;
+}
 
 ctx->data = hctx;
 ctx->keygen_info_count = 0;
@@ -39,33 +43,41 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
 return 1;
 }
 
+static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx);
+
 static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
 {
 HMAC_PKEY_CTX *sctx, *dctx;
+
+/* allocate memory for dst->data and a new HMAC_CTX in dst->data->ctx */
 if (!pkey_hmac_init(dst))
 return 0;
-sctx = src->data;

[openssl-commits] Errored: openssl/openssl#4135 (master - 050a36a)

2016-05-23 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #4135
Status: Errored

Duration: 32 minutes and 46 seconds
Commit: 050a36a (master)
Author: Todd Short
Message: Add buf-freelists to deprecated options

The buf-freelists option was removed in master. There may be some
things that try to disable it, so don't error out.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

View the changeset: 
https://github.com/openssl/openssl/compare/0cd0a820abc6...050a36a9a1af

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/132362039

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Richard Levitte 
The branch master has been updated
   via  1c7bfec5982210b2666a91771777c56338cf4d8d (commit)
  from  7285ac09563d19842fb2bce1a818598ebb278be4 (commit)


- Log -
commit 1c7bfec5982210b2666a91771777c56338cf4d8d
Author: Richard Levitte 
Date:   Mon May 23 22:24:13 2016 +0200

Windows notes: add a few lines on gaining admin privs for installing

Reviewed-by: Rich Salz 

---

Summary of changes:
 NOTES.WIN | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/NOTES.WIN b/NOTES.WIN
index a2e9120..b3d1967 100644
--- a/NOTES.WIN
+++ b/NOTES.WIN
@@ -47,6 +47,12 @@
  PREFIX:  %ProgramFiles%\OpenSSL
  OPENSSLDIR:  %CommonProgramFiles%\SSL
 
+ ALSO NOTE that those directories are usually write protected, even if
+ your account is in the Administrators group.  To work around that,
+ start the command prompt by right-clicking on it and choosing "Run as
+ Administrator" before running 'nmake install'.  The other solution
+ is, of course, to choose a different set of directories by using
+ --prefix and --openssldir when configuring.
 
  GNU C (Cygwin)
  --
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Richard Levitte 
The branch master has been updated
   via  7285ac09563d19842fb2bce1a818598ebb278be4 (commit)
   via  2ff4d2933e55408d91fcdb8093792952a9f72dad (commit)
   via  5f94746fa476150b0279d980991fbdf19eaa538d (commit)
   via  34f5d44f6a4eb09f4d41041091a20c2bf4bf9bf7 (commit)
   via  35b060fcc994bc019acdfa96f30cf8aa4f41881a (commit)
  from  050a36a9a1af1e3f76597df7cf9ff33f8101 (commit)


- Log -
commit 7285ac09563d19842fb2bce1a818598ebb278be4
Author: Richard Levitte 
Date:   Mon May 23 18:35:23 2016 +0200

VMS: show the ossl_dataroot logical as well when doing "mms debug_logicals"

Reviewed-by: Rich Salz 

commit 2ff4d2933e55408d91fcdb8093792952a9f72dad
Author: Richard Levitte 
Date:   Mon May 23 16:46:45 2016 +0200

Install the scripts the same way on Windows and VMS as on Unix

Reviewed-by: Rich Salz 

commit 5f94746fa476150b0279d980991fbdf19eaa538d
Author: Richard Levitte 
Date:   Mon May 23 15:51:19 2016 +0200

Make sure tsget.pl and c_rehash.pl get installed on VMS and Windows.

Reviewed-by: Rich Salz 

commit 34f5d44f6a4eb09f4d41041091a20c2bf4bf9bf7
Author: Richard Levitte 
Date:   Mon May 23 15:49:25 2016 +0200

Make sure tsget and c_rehash are named with .pl suffix on Windows and VMS

Especially on Windows, the .pl suffix is associated with the perl
interpreter, and therefore make those scripts usable as commands of
their own.  On VMS, it simply looks better.

Reviewed-by: Rich Salz 

commit 35b060fcc994bc019acdfa96f30cf8aa4f41881a
Author: Richard Levitte 
Date:   Mon May 23 15:47:43 2016 +0200

Make sure to initialize all CA.pl variables properly

Reviewed-by: Rich Salz 

---

Summary of changes:
 Configurations/descrip.mms.tmpl  | 14 +-
 Configurations/windows-makefile.tmpl |  9 +
 VMS/openssl_utils.com|  5 ++---
 apps/CA.pl.in|  4 ++--
 apps/build.info  |  8 +---
 tools/build.info |  7 +--
 6 files changed, 32 insertions(+), 15 deletions(-)

diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index 7c4715d..3314a17 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -113,6 +113,10 @@ DEPS={- our @deps = map { (my $x = $_) =~ 
s|\.o$|\$(DEP_EXT)|; $x; }
 keys %{$unified_info{sources}};
 join(", ", map { "-\n\t".$_ } @deps); -}
 {- output_on() if $disabled{makedepend}; "" -}
+{- output_off() if $disabled{apps}; "" -}
+BIN_SCRIPTS=[.tools]c_rehash.pl
+MISC_SCRIPTS=[.apps]CA.pl, [.apps]tsget.pl
+{- output_on() if $disabled{apps}; "" -}
 
 # DESTDIR is for package builders so that they can configure for, say,
 # SYS$COMMON:[OPENSSL] and yet have everything installed in STAGING:[USER].
@@ -347,8 +351,7 @@ install_runtime : check_INSTALLTOP
 COPY/PROT=W:RE [.APPS]openssl.EXE ossl_installroot:[EXE.'arch']
 @ ! Install scripts
 - CREATE/DIR ossl_installroot:[EXE]
-COPY/PROT=W:RE [.APPS]CA.pl ossl_installroot:[EXE]
-COPY/PROT=W:RE [.TOOLS]c_rehash. ossl_installroot:[EXE]c_rehash.pl
+COPY/PROT=W:RE $(BIN_SCRIPTS) ossl_installroot:[EXE]
 @ ! {- output_on() if $disabled{apps}; "" -}
 @ ! Install configuration file
 - CREATE/DIR ossl_dataroot:[00]
@@ -370,6 +373,8 @@ install_config : [.VMS]openssl_startup.com 
[.VMS]openssl_shutdown.com -
 CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[CERTS]
 IF F$SEARCH("OSSL_DATAROOT:[00]PRIVATE.DIR;1") .EQS. "" THEN -
 CREATE/DIR/PROT=(S:RWED,O:RWE,G,W) OSSL_DATAROOT:[PRIVATE]
+IF F$SEARCH("OSSL_DATAROOT:[00]MISC.DIR;1") .EQS. "" THEN -
+CREATE/DIR/PROT=(S:RWED,O:RWE,G,W) OSSL_DATAROOT:[MISC]
 - CREATE/DIR ossl_installroot:[SYS$STARTUP]
 COPY/PROT=W:RE -
 [.VMS]openssl_startup.com,openssl_shutdown.com -
@@ -377,6 +382,7 @@ install_config : [.VMS]openssl_startup.com 
[.VMS]openssl_shutdown.com -
 COPY/PROT=W:RE -
 {- sourcefile("VMS", "openssl_utils.com") -} -
 ossl_installroot:[SYS$STARTUP]
+COPY/PROT=W:RE $(MISC_SCRIPTS) OSSL_DATAROOT:[MISC]
 
 [.VMS]openssl_startup.com : vmsconfig.pm {- sourcefile("VMS", 
"openssl_startup.com.in") -}
 - CREATE/DIR [.VMS]
@@ -433,9 +439,7 @@ check_INSTALLTOP :
 # Developer targets ##
 
 debug_logicals :
-SH LOGICAL/PROC openssl,internal,ossl_installroot
-IF "$(DESTDIR)" .EQS. "" THEN -
-SH LOGICAL/PROC

[openssl-commits] [openssl] master update

2016-05-23 Thread Matt Caswell 
The branch master has been updated
   via  050a36a9a1af1e3f76597df7cf9ff33f8101 (commit)
  from  0cd0a820abc6124cf8e176fa92d620a2abf9e419 (commit)


- Log -
commit 050a36a9a1af1e3f76597df7cf9ff33f8101
Author: Todd Short 
Date:   Mon May 23 08:50:32 2016 -0400

Add buf-freelists to deprecated options

The buf-freelists option was removed in master. There may be some
things that try to disable it, so don't error out.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 Configure | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Configure b/Configure
index 4d3346e..215ffb8 100755
--- a/Configure
+++ b/Configure
@@ -356,6 +356,7 @@ foreach my $proto ((@tls, @dtls))
 
 my @deprecated_disablables = (
 "ssl2",
+"buf-freelists",
 );
 
 # All of the following is disabled by default (RC5 was enabled before 0.9.8):
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build completed: openssl master.3446

2016-05-23 Thread AppVeyor 


Build openssl master.3446 completed



Commit 07930a75a1 by Richard Levitte on 5/23/2016 2:02 PM:

Slight cleanup of the collection of READMEs, INSTALLs and NOTES


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Dr . Stephen Henson 
The branch master has been updated
   via  f65a8c1e66f43b642d5d1709a933615aac62cebd (commit)
   via  77ab2b0193a5b53112af3e99409e3ac57e6b (commit)
  from  f3fcd4d5e79bdb2b9dbeac73603a52de38bba5ab (commit)


- Log -
commit f65a8c1e66f43b642d5d1709a933615aac62cebd
Author: Dr. Stephen Henson 
Date:   Mon May 23 18:13:16 2016 +0100

Support -no-CAfile -no-CApath in ctx2

Reviewed-by: Viktor Dukhovni 

commit 77ab2b0193a5b53112af3e99409e3ac57e6b
Author: Dr. Stephen Henson 
Date:   Mon May 23 18:23:33 2016 +0100

remove encrypt then mac ifdefs

Reviewed-by: Rich Salz 

---

Summary of changes:
 apps/s_server.c |  5 +++--
 ssl/ssl_locl.h  |  4 
 ssl/t1_lib.c| 12 
 3 files changed, 3 insertions(+), 18 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index dd12475..35baac9 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1760,9 +1760,10 @@ int s_server_main(int argc, char *argv[])
 if (async)
 SSL_CTX_set_mode(ctx2, SSL_MODE_ASYNC);
 
-if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
-(!SSL_CTX_set_default_verify_paths(ctx2))) {
+if (!ctx_set_verify_locations(ctx2, CAfile, CApath, noCAfile,
+  noCApath)) {
 ERR_print_errors(bio_err);
+goto end;
 }
 if (vpmtouched && !SSL_CTX_set1_param(ctx2, vpm)) {
 BIO_printf(bio_err, "Error setting verify params\n");
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index a1f5774..243535f 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -363,11 +363,7 @@
 # define SSL_CLIENT_USE_SIGALGS(s)\
 SSL_CLIENT_USE_TLS1_2_CIPHERS(s)
 
-# ifdef TLSEXT_TYPE_encrypt_then_mac
 #  define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC)
-# else
-#  define SSL_USE_ETM(s) (0)
-# endif
 
 /* Mostly for SSLv3 */
 # define SSL_PKEY_RSA_ENC0
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2e0b35e..8f16668 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1367,10 +1367,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, 
unsigned char *buf,
 /* Add custom TLS Extensions to ClientHello */
 if (!custom_ext_add(s, 0, , limit, al))
 return NULL;
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 s2n(TLSEXT_TYPE_encrypt_then_mac, ret);
 s2n(0, ret);
-#endif
 #ifndef OPENSSL_NO_CT
 if (s->ct_validation_callback != NULL) {
 s2n(TLSEXT_TYPE_signed_certificate_timestamp, ret);
@@ -1597,7 +1595,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, 
unsigned char *buf,
 #endif
 if (!custom_ext_add(s, 1, , limit, al))
 return NULL;
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 if (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) {
 /*
  * Don't use encrypt_then_mac if AEAD or RC4 might want to disable
@@ -1613,7 +1610,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, 
unsigned char *buf,
 s2n(0, ret);
 }
 }
-#endif
 if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
 s2n(TLSEXT_TYPE_extended_master_secret, ret);
 s2n(0, ret);
@@ -1826,9 +1822,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET 
*pkt, int *al)
 /* Clear any signature algorithms extension received */
 OPENSSL_free(s->s3->tmp.peer_sigalgs);
 s->s3->tmp.peer_sigalgs = NULL;
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
-#endif
 
 #ifndef OPENSSL_NO_SRP
 OPENSSL_free(s->srp_ctx.login);
@@ -2165,10 +2159,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET 
*pkt, int *al)
 return 0;
 }
 #endif
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 else if (type == TLSEXT_TYPE_encrypt_then_mac)
 s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC;
-#endif
 /*
  * Note: extended master secret extension handled in
  * tls_check_serverhello_tlsext_early()
@@ -2268,9 +2260,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET 
*pkt, int *al)
  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS);
 #endif
 
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
-#endif
 
 s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS;
 
@@ -2482,14 +2472,12 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET 
*pkt, int *al)
 return 0;
 }
 #endif
-#ifdef TLSEXT_TYPE_encrypt_then_mac
 else if (type == TLSEXT_TYPE_encrypt_then_mac) {
 /* Ignore if inappropriate ciphersuite */
 if (s->s3->tmp.new_cipher->algorithm_mac != SSL_AEAD
 && s->s3->tmp.new_cipher->algorithm_enc != SSL_RC4)
 s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC;
 }
-#endif
 else if (type ==

[openssl-commits] [openssl] master update

2016-05-23 Thread Richard Levitte 
The branch master has been updated
   via  f3fcd4d5e79bdb2b9dbeac73603a52de38bba5ab (commit)
  from  60980390b1275fb236e98d5e618a86ecaab6f490 (commit)


- Log -
commit f3fcd4d5e79bdb2b9dbeac73603a52de38bba5ab
Author: Richard Levitte 
Date:   Mon May 23 19:11:39 2016 +0200

VMS: remove last VAX vestiges

Reviewed-by: Rich Salz 

---

Summary of changes:
 Configurations/10-main.conf |   12 -
 crypto/bn/asm/vms.mar   | 6440 ---
 crypto/bn/vms-helper.c  |   22 -
 3 files changed, 6474 deletions(-)
 delete mode 100644 crypto/bn/asm/vms.mar
 delete mode 100644 crypto/bn/vms-helper.c

diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index e0dad4f..86dd411 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1736,18 +1736,6 @@ sub vms_info {
 apps_aux_src => "vms_decc_init.c",
 },
 
-# VMS on VAX is *unsupported*
-#"vms-asm" => {
-#   template  => 1,
-#   bn_obj=> "[.asm]vms.obj vms-helper.obj"
-#},
-#"vms-vax" => {
-#   inherit_from  => [ "vms-generic", asm("vms-asm") ],
-#   as=> "MACRO",
-#   debug_aflags  => "/NOOPTIMIZE/DEBUG",
-#   release_aflags=> "/OPTIMIZE/NODEBUG",
-#   bn_opts   => "THIRTY_TWO_BIT RC4_CHAR RC4_CHUNK DES_PTR 
BF_PTR",
-#},
 "vms-alpha" => {
 inherit_from => [ "vms-generic" ],
 cflags   => add(sub { my @warnings =
diff --git a/crypto/bn/asm/vms.mar b/crypto/bn/asm/vms.mar
deleted file mode 100644
index aefab15..000
--- a/crypto/bn/asm/vms.mar
+++ /dev/null
@@ -1,6440 +0,0 @@
-   .title  vax_bn_mul_add_words  unsigned multiply & add, 32*32+32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
-;  ULONG c = 0;
-;  int i;
-;  for(i = 0; i < n; i++)  := r[i] + c + a[i] * w ;
-;  return c;
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP) n   by value (input)
-w=16 ;(AP) w   by value (input)
-
-
-   .psect  code,nowrt
-
-.entry bn_mul_add_words,^m
-
-   moval   @r(ap),r2
-   moval   @a(ap),r3
-   movln(ap),r4; assumed >0 by C code
-   movlw(ap),r5
-   clrlr6  ; c
-
-0$:
-   emulr5,(r3),(r2),r0 ; w, a[], r[] considered signed
-
-   ; fixup for "negative" r[]
-   tstl(r2)
-   bgeq10$
-   inclr1
-10$:
-
-   ; add in c
-   addl2   r6,r0
-   adwc#0,r1
-
-   ; combined fixup for "negative" w, a[]
-   tstlr5
-   bgeq20$
-   addl2   (r3),r1
-20$:
-   tstl(r3)
-   bgeq30$
-   addl2   r5,r1
-30$:
-
-   movlr0,(r2)+; store lo result in r[] & advance
-   addl#4,r3   ; advance a[]
-   movlr1,r6   ; store hi result => c
-
-   sobgtr  r4,0$
-
-   movlr6,r0   ; return c
-   ret
-
-   .title  vax_bn_mul_words  unsigned multiply & add, 32*32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
-;  ULONG c = 0;
-;  int i;
-;  for(i = 0; i < num; i++)  := a[i] * w + c ;
-;  return(c);
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP) n   by value (input)
-w=16 ;(AP) w   by value (input)
-
-
-   .psect  code,nowrt
-
-.entry bn_mul_words,^m
-
-   moval   @r(ap),r2   ; r2 -> r[]
-   moval   @a(ap),r3   ; r3 -> a[]
-   movln(ap),r4; r4 = loop count (assumed >0 by C code)
-   movlw(ap),r5; r5 = w
-   clrlr6  ; r6 = c
-
-0$:
-   ;  := w * a[] + c
-   emulr5,(r3),r6,r0   ; w, a[], c considered signed
-
-   ; fixup for "negative" c
-   tstlr6  ; c
-   bgeq10$
-   inclr1
-10$:
-
-   ; combined fixup for "negative" w, a[]
-   tstlr5  ; w
-   bgeq20$
-   addl2   (r3),r1 ; a[]
-20$:
-   tstl(r3); a[]
-   bgeq30$
-   addl2   r5,r1   ; w
-30$:
-
-   movlr0,(r2)+; store lo result in r[] & advance
-   addl#4,r3   ; advance a[]
-   movlr1,r6   ; store hi result => c
-
-   sobgtr  r4,0$
-
-   movlr6,r0   ; return c
-   ret
-
-   .title  vax_bn_sqr_words  unsigned square, 32*32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
-;  int i;
-;  for(i = 0; i < n; i++)

[openssl-commits] [openssl] master update

2016-05-23 Thread Dr . Stephen Henson 
The branch master has been updated
   via  60980390b1275fb236e98d5e618a86ecaab6f490 (commit)
   via  05dba8151bd418cdc111d62102aaf9f4e7bd2f3f (commit)
  from  07930a75a1f82fd359d0af7849f01990b73659dd (commit)


- Log -
commit 60980390b1275fb236e98d5e618a86ecaab6f490
Author: Dr. Stephen Henson 
Date:   Thu May 19 17:59:17 2016 +0100

make update

Reviewed-by: Matt Caswell 

commit 05dba8151bd418cdc111d62102aaf9f4e7bd2f3f
Author: Dr. Stephen Henson 
Date:   Tue May 17 14:15:20 2016 +0100

Support for traditional format private keys.

Add new function PEM_write_bio_PrivateKey_traditional() to enforce the
use of legacy "traditional" private key format. Add -traditional option
to pkcs8 and pkey utilities.

Reviewed-by: Matt Caswell 

---

Summary of changes:
 apps/pkcs8.c  | 21 ++-
 apps/pkey.c   | 18 ++---
 crypto/pem/pem_pkey.c | 11 ++--
 doc/apps/pkcs8.pod| 74 ++-
 doc/apps/pkey.pod |  7 +
 doc/crypto/pem.pod| 41 +---
 include/openssl/pem.h |  5 
 util/libcrypto.num|  1 +
 8 files changed, 126 insertions(+), 52 deletions(-)

diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index cd6b537..22b5866 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -23,7 +23,8 @@ typedef enum OPTION_choice {
 #ifndef OPENSSL_NO_SCRYPT
 OPT_SCRYPT, OPT_SCRYPT_N, OPT_SCRYPT_R, OPT_SCRYPT_P,
 #endif
-OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT
+OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT,
+OPT_TRADITIONAL
 } OPTION_CHOICE;
 
 OPTIONS pkcs8_options[] = {
@@ -41,6 +42,7 @@ OPTIONS pkcs8_options[] = {
 {"iter", OPT_ITER, 'p', "Specify the iteration count"},
 {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
 {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
+{"traditional", OPT_TRADITIONAL, '-', "use traditional format private 
key"},
 #ifndef OPENSSL_NO_ENGINE
 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
@@ -70,7 +72,7 @@ int pkcs8_main(int argc, char **argv)
 OPTION_CHOICE o;
 int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
 int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
-int private = 0;
+int private = 0, traditional = 0;
 #ifndef OPENSSL_NO_SCRYPT
 long scrypt_N = 0, scrypt_r = 0, scrypt_p = 0;
 #endif
@@ -110,6 +112,9 @@ int pkcs8_main(int argc, char **argv)
 case OPT_NOCRYPT:
 nocrypt = 1;
 break;
+case OPT_TRADITIONAL:
+traditional = 1;
+break;
 case OPT_V2:
 if (!opt_cipher(opt_arg(), ))
 goto opthelp;
@@ -320,11 +325,15 @@ int pkcs8_main(int argc, char **argv)
 }
 
 assert(private);
-if (outformat == FORMAT_PEM)
-PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
-else if (outformat == FORMAT_ASN1)
+if (outformat == FORMAT_PEM) {
+if (traditional)
+PEM_write_bio_PrivateKey_traditional(out, pkey, NULL, NULL, 0,
+ NULL, passout);
+else
+PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
+} else if (outformat == FORMAT_ASN1) {
 i2d_PrivateKey_bio(out, pkey);
-else {
+} else {
 BIO_printf(bio_err, "Bad format specified for key\n");
 goto end;
 }
diff --git a/apps/pkey.c b/apps/pkey.c
index 6abd63c..50ee05f 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -18,7 +18,7 @@ typedef enum OPTION_choice {
 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
 OPT_INFORM, OPT_OUTFORM, OPT_PASSIN, OPT_PASSOUT, OPT_ENGINE,
 OPT_IN, OPT_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_TEXT_PUB,
-OPT_TEXT, OPT_NOOUT, OPT_MD
+OPT_TEXT, OPT_NOOUT, OPT_MD, OPT_TRADITIONAL
 } OPTION_CHOICE;
 
 OPTIONS pkey_options[] = {
@@ -36,6 +36,8 @@ OPTIONS pkey_options[] = {
 {"text", OPT_TEXT, '-', "Output in plaintext as well"},
 {"noout", OPT_NOOUT, '-', "Don't output the key"},
 {"", OPT_MD, '-', "Any supported cipher"},
+{"traditional", OPT_TRADITIONAL, '-',
+ "Use traditional format for private keys"},
 #ifndef OPENSSL_NO_ENGINE
 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
@@ -53,7 +55,7 @@ int pkey_main(int argc, char **argv)
 OPTION_CHOICE o;
 int informat = FORMAT_PEM, outformat = FORMAT_PEM;
 int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0, ret = 1;
-int private = 0;
+int private = 0, traditional = 0;
 
 prog = opt_init(argc, argv, pkey_options);
 while ((o = opt_next()) != OPT_EOF) {
@@ -105,6 +107,9 @@ int

[openssl-commits] Build failed in Jenkins: master_make_errors #1791

2016-05-23 Thread openssl . sanity 
See 

Changes:

[rsalz] Remove INSTALL.WCE and refs to it.

[Richard Levitte] Slight cleanup of the collection of READMEs, INSTALLs and 
NOTES

--
Started by upstream project "master_basic" build number 1902
originally caused by:
 Started by an SCM change
Building on master in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > https://github.com/openssl/openssl.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 07930a75a1f82fd359d0af7849f01990b73659dd 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 07930a75a1f82fd359d0af7849f01990b73659dd
 > git rev-list 482441097a523db8ee7e323905ccc947e03e5043 # timeout=10
[master_make_errors] $ /bin/sh -xe /tmp/hudson7233736117557675740.sh
+ ./config
Operating system: x86_64-whatever-linux2
Configuring for linux-x86_64
Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L)
no-asan [default]  OPENSSL_NO_ASAN (skip dir)
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]   OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE 
(skip dir)
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-egd  [default]  OPENSSL_NO_EGD (skip dir)
no-fuzz [default]  OPENSSL_NO_FUZZ (skip dir)
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS (skip dir)
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl3 [default]  OPENSSL_NO_SSL3 (skip dir)
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD (skip dir)
no-ubsan[default]  OPENSSL_NO_UBSAN (skip dir)
no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir)
no-zlib [default] 
no-zlib-dynamic [default] 
Configuring for linux-x86_64
CC=gcc
CFLAG =-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack
SHARED_CFLAG  =-fPIC
DEFINES   =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT 
OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM MD5_ASM 
AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM POLY1305_ASM
LFLAG =
PLIB_LFLAG=
EX_LIBS   =-ldl 
APPS_OBJ  =
CPUID_OBJ =x86_64cpuid.o
UPLINK_OBJ=
BN_ASM=asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o 
rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o
DES_ENC   =des_enc.o fcrypt_b.o
AES_ENC   =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o 
aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o
BF_ENC=bf_enc.o
CAST_ENC  =c_enc.o
RC4_ENC   =rc4-x86_64.o rc4-md5-x86_64.o
RC5_ENC   =rc5_enc.o
MD5_OBJ_ASM   =md5-x86_64.o
SHA1_OBJ_ASM  =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o 
sha256-mb-x86_64.o
RMD160_OBJ_ASM=
CMLL_ENC  =cmll-x86_64.o cmll_misc.o
MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o
PADLOCK_OBJ   =e_padlock-x86_64.o
CHACHA_ENC=chacha-x86_64.o
POLY1305_OBJ  =poly1305-x86_64.o
BLAKE2_OBJ=
PROCESSOR =
RANLIB=ranlib
ARFLAGS   =
PERL  =/usr/bin/perl

SIXTY_FOUR_BIT_LONG mode

Configured for linux-x86_64.
+ make depend
+ make errors
( cd .; /usr/bin/perl util/ck_errf.pl -strict */*.c */*/*.c )
unable to open test/shatest.c
make: *** [errors] Error 2
Build step 'Execute shell' marked build as failure
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Richard Levitte 
The branch master has been updated
   via  07930a75a1f82fd359d0af7849f01990b73659dd (commit)
  from  20ab55f4941755ced3ff6c99abc63a68914a3cb1 (commit)


- Log -
commit 07930a75a1f82fd359d0af7849f01990b73659dd
Author: Richard Levitte 
Date:   Mon May 23 15:11:04 2016 +0200

Slight cleanup of the collection of READMEs, INSTALLs and NOTES

README is a fairly independent document, and so is INSTALL.  NOTES are
merely addendums to INSTALL.  Therefore , INSTALL.DJGPP and
README.PERL get renamed to NOTES.DJGPP and NOTES.PERL.

Reviewed-by: Rich Salz 

---

Summary of changes:
 INSTALL  | 13 +++--
 INSTALL.DJGPP => NOTES.DJGPP |  2 +-
 README.PERL => NOTES.PERL|  0
 NOTES.WIN|  5 -
 README   |  4 ++--
 5 files changed, 14 insertions(+), 10 deletions(-)
 rename INSTALL.DJGPP => NOTES.DJGPP (98%)
 rename README.PERL => NOTES.PERL (100%)

diff --git a/INSTALL b/INSTALL
index bdf67a6..ab35353 100644
--- a/INSTALL
+++ b/INSTALL
@@ -2,15 +2,15 @@
  OPENSSL INSTALLATION
  
 
- [This document describes installation on the main supported operating
-  systems, currently the Linux/Unix family, OpenVMS and Windows.
-  Installation on DOS (with djgpp) is described in INSTALL.DJGPP.]
+ [This document describes installation on all supported operating
+  systems (currently mainly the Linux/Unix family, OpenVMS and
+  Windows)]
 
  To install OpenSSL, you will need:
 
-  * make
-  * Perl 5 with core modules (please read README.PERL)
-  * The perl module Text::Template (please read README.PERL)
+  * A make implementation
+  * Perl 5 with core modules (please read NOTES.PERL)
+  * The perl module Text::Template (please read NOTES.PERL)
   * an ANSI C compiler
   * a development environment in the form of development libraries and C
 header files
@@ -21,6 +21,7 @@
 
   * NOTES.VMS (OpenVMS)
   * NOTES.WIN (any supported Windows)
+  * NOTES.DJGPP (DOS platform with DJGPP)
 
  Quick Start
  ---
diff --git a/INSTALL.DJGPP b/NOTES.DJGPP
similarity index 98%
rename from INSTALL.DJGPP
rename to NOTES.DJGPP
index 4fd94e4..bbe63dc 100644
--- a/INSTALL.DJGPP
+++ b/NOTES.DJGPP
@@ -12,7 +12,7 @@
  You should have a full DJGPP environment installed, including the
  latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
  requires that PERL and the PERL module Text::Template also be
- installed.
+ installed (see NOTES.PERL).
 
  All of these can be obtained from the usual DJGPP mirror sites or
  directly at "http://www.delorie.com/pub/djgpp;. For help on which
diff --git a/README.PERL b/NOTES.PERL
similarity index 100%
rename from README.PERL
rename to NOTES.PERL
diff --git a/NOTES.WIN b/NOTES.WIN
index bed5037..a2e9120 100644
--- a/NOTES.WIN
+++ b/NOTES.WIN
@@ -5,10 +5,13 @@
  Requirement details for native (Visual C++) builds
  --
 
+ In addition to the requirements and instructions listed in INSTALL,
+ this are required as well:
+
  - You need Perl.  We recommend ActiveState Perl, available from
http://www.activestate.com/ActivePerl.
You also need the perl module Text::Template, available on CPAN.
-   Please read README.PERL for more information.
+   Please read NOTES.PERL for more information.
 
  - You need a C compiler.  OpenSSL has been tested to build with these:
 
diff --git a/README b/README
index e32844e..1672580 100644
--- a/README
+++ b/README
@@ -48,8 +48,8 @@
  
 
  See the appropriate file:
-INSTALL Linux, Unix, Windows, OpenVMS
-INSTALL.DJGPP   DOS platform with DJGPP
+INSTALL Linux, Unix, Windows, OpenVMS, ...
+NOTES.* INSTALL addendums for different platforms
 
  SUPPORT
  ---
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Rich Salz 
The branch master has been updated
   via  20ab55f4941755ced3ff6c99abc63a68914a3cb1 (commit)
  from  482441097a523db8ee7e323905ccc947e03e5043 (commit)


- Log -
commit 20ab55f4941755ced3ff6c99abc63a68914a3cb1
Author: Rich Salz 
Date:   Mon May 23 08:55:57 2016 -0400

Remove INSTALL.WCE and refs to it.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 INSTALL |  5 ++--
 INSTALL.WCE | 93 -
 NOTES.WIN   |  2 --
 README  |  1 -
 4 files changed, 2 insertions(+), 99 deletions(-)
 delete mode 100644 INSTALL.WCE

diff --git a/INSTALL b/INSTALL
index 4283e9d..bdf67a6 100644
--- a/INSTALL
+++ b/INSTALL
@@ -4,8 +4,7 @@
 
  [This document describes installation on the main supported operating
   systems, currently the Linux/Unix family, OpenVMS and Windows.
-  Installation on DOS (with djgpp), MacOS (before MacOS X)
-  is described in INSTALL.DJGPP or INSTALL.MacOS, respectively.]
+  Installation on DOS (with djgpp) is described in INSTALL.DJGPP.]
 
  To install OpenSSL, you will need:
 
@@ -21,7 +20,7 @@
  please read one of these:
 
   * NOTES.VMS (OpenVMS)
-  * NOTES.WIN (any Windows except for Windows CE)
+  * NOTES.WIN (any supported Windows)
 
  Quick Start
  ---
diff --git a/INSTALL.WCE b/INSTALL.WCE
deleted file mode 100644
index fe1431a..000
--- a/INSTALL.WCE
+++ /dev/null
@@ -1,93 +0,0 @@
- 
- INSTALLATION FOR THE WINDOWS CE PLATFORM
- 
-
- Building OpenSSL for Windows CE requires the following external tools:
-
-  * Microsoft eMbedded Visual C++ 3.0 or later
-  * Appropriate SDK might be required
-  * Perl for Win32 [commonly recommended ActiveState Perl is available
-from http://www.activestate.com/Products/ActivePerl/]
-You also need the perl module Text::Template.
-Please read README.PERL for more information.
-
-  * wcecompat compatibility library available at
-http://www.essemer.com.au/windowsce/
-  * Optionally ceutils for running automated tests (same location)
-
-  _or_
-
-  * PocketConsole driver and PortSDK available at
-http://www.symbolictools.de/public/pocketconsole/
-  * CMD command interpreter (same location)
-
- As Windows CE support in OpenSSL relies on 3rd party compatibility
- library, it's appropriate to check corresponding URL for updates. For
- example if you choose wcecompat, note that as for the moment of this
- writing version 1.2 is available and actually required for WCE 4.2
- and newer platforms. All wcecompat issues should be directed to
- www.essemer.com.au.
-
- Why compatibility library at all? The C Runtime Library implementation
- for Windows CE that is included with Microsoft eMbedded Visual C++ is
- incomplete and in some places incorrect.  Compatibility library plugs
- the holes and tries to bring the Windows CE CRT to [more] usable level.
- Most gaping hole in CRT is support for stdin/stdout/stderr IO, which
- proposed compatibility libraries solve in two different ways: wcecompat
- redirects IO to active sync link, while PortSDK - to NT-like console
- driver on the handheld itself.
-
- Building
- 
-
- Setup the eMbedded Visual C++ environment.  There are batch files for doing
- this installed with eVC++.  For an ARM processor, for example, execute:
-
- > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
-
- Next pick compatibility library according to your preferences.
-
- 1. To choose wcecompat set up WCECOMPAT environment variable pointing
-at the location of wcecompat tree "root":
-
-> set WCECOMPAT=C:\wcecompat
-> set PORTSDK_LIBPATH=
-
- 2. To choose PortSDK set up PORTSDK_LIBPATH to point at hardware-
-specific location where your portlib.lib is installed:
-
-> set PORTSDK_LIBPATH=C:\PortSDK\lib\ARM
-> set WCECOMPAT=
-
- Note that you may not set both variables.
-
- Next you should run Configure:
-
- > perl Configure VC-CE
-
- Next you need to build the Makefiles:
-
- > ms\do_ms
-
- Then from the VC++ environment at a prompt do:
-
-   > nmake -f ms\cedll.mak
-
- [note that static builds are not supported under CE]
-
- If all is well it should compile and you will have some DLLs and executables
- in out32dll*. 
-
- <<< everyting below needs revision in respect to wcecompat vs. PortSDK >>>
-
- If you want
- to try the tests then make sure the ceutils are in the path and do:
- 
- > cd out32
- > ..\ms\testce
-
- This will copy each of the test programs to the Windows CE device and execute
- them, displaying the output of the tests on this computer.  The output should
- look similar to the output produced by running the tests for a regular Windows
- build.
-
diff --git a/NOTES.WIN b/NOTES.WIN
index f2fb087..bed5037 100644
--- a/NOTES.WIN
+++ b/NOTES.WIN
@@ -2,8 +2,6 @@
  NOTES FOR

[openssl-commits] [openssl] master update

2016-05-23 Thread Matt Caswell 
The branch master has been updated
   via  e5a5e3f3db5832f7ba4eff8016bad00f37dada58 (commit)
   via  a98810bfac37a77750592611bb9f5a22e4634692 (commit)
  from  11ed851db0c49f9fdd534fbd8a2791266f32c5b8 (commit)


- Log -
commit e5a5e3f3db5832f7ba4eff8016bad00f37dada58
Author: FdaSilvaYY 
Date:   Sun Feb 14 10:42:29 2016 +0100

Add checks on CRYPTO_set_ex_data return value
Fix possible leak in danetest.c

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

commit a98810bfac37a77750592611bb9f5a22e4634692
Author: FdaSilvaYY 
Date:   Sat Feb 13 19:01:14 2016 +0100

Fix some malloc failure crashes on X509_STORE_CTX_set_ex_data

from BoringSSL 306ece31bcaaed49e0240a2ef8901ebb2d45

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/engine/eng_dyn.c | 11 +++
 ssl/ssl_cert.c  |  4 +++-
 test/danetest.c |  8 +---
 util/indent.pro |  3 ---
 4 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index af9942c..718599f 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -154,6 +154,7 @@ static void dynamic_data_ctx_free_func(void *parent, void 
*ptr,
 static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
 {
 dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c));
+int ret = 1;
 
 if (c == NULL) {
 ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
@@ -173,9 +174,11 @@ static int dynamic_set_data_ctx(ENGINE *e, 
dynamic_data_ctx **ctx)
dynamic_ex_data_idx))
 == NULL) {
 /* Good, we're the first */
-ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
-*ctx = c;
-c = NULL;
+ret = ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
+if (ret) {
+*ctx = c;
+c = NULL;
+}
 }
 CRYPTO_THREAD_unlock(global_engine_lock);
 /*
@@ -185,7 +188,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx 
**ctx)
 if (c)
 sk_OPENSSL_STRING_free(c->dirs);
 OPENSSL_free(c);
-return 1;
+return ret;
 }
 
 /*
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index f285fbe..7481705 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -409,7 +409,9 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
 
 /* Set suite B flags if needed */
 X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
-X509_STORE_CTX_set_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
+if (!X509_STORE_CTX_set_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), 
s)) {
+goto end;
+}
 
 /* Verify via DANE if enabled */
 if (DANETLS_ENABLED(>dane))
diff --git a/test/danetest.c b/test/danetest.c
index d914c45..d473b12 100644
--- a/test/danetest.c
+++ b/test/danetest.c
@@ -74,7 +74,7 @@ static void print_errors(void)
 
 static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
 {
-int ret;
+int ret = -1;
 X509_STORE_CTX *store_ctx;
 SSL_CTX *ssl_ctx = SSL_get_SSL_CTX(ssl);
 X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx);
@@ -85,8 +85,9 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
 return -1;
 
 if (!X509_STORE_CTX_init(store_ctx, store, cert, chain))
-return 0;
-X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl);
+goto end;
+if (!X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl))
+goto end;
 
 X509_STORE_CTX_set_default(store_ctx,
 SSL_is_server(ssl) ? "ssl_client" : "ssl_server");
@@ -101,6 +102,7 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
 
 SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx));
 X509_STORE_CTX_cleanup(store_ctx);
+end:
 X509_STORE_CTX_free(store_ctx);
 
 return (ret);
diff --git a/util/indent.pro b/util/indent.pro
index b7958e3..71997cb 100644
--- a/util/indent.pro
+++ b/util/indent.pro
@@ -187,11 +187,8 @@
 -T CRYPTO_EX_DATA_FUNCS
 -T CRYPTO_EX_DATA_IMPL
 -T CRYPTO_EX_dup
--T CRYPTO_EX_dup
--T CRYPTO_EX_free
 -T CRYPTO_EX_free
 -T CRYPTO_EX_new
--T CRYPTO_EX_new
 -T CRYPTO_MEM_LEAK_CB
 -T CRYPTO_THREADID
 -T CRYPTO_dynlock_value
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-05-23 Thread Matt Caswell 
The branch master has been updated
   via  11ed851db0c49f9fdd534fbd8a2791266f32c5b8 (commit)
   via  aca6dae94b5bb298b05081a876e30370d82e22b5 (commit)
  from  7d52e55457eb8e888c3441a5b1de328238a7d9fb (commit)


- Log -
commit 11ed851db0c49f9fdd534fbd8a2791266f32c5b8
Author: FdaSilvaYY 
Date:   Tue May 17 21:21:46 2016 +0200

Fix and simplify error handling in (RSA/EC_kmeth)_new_method()

Inspired from PR #873.
Nearly same as 2bbf0ba.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

commit aca6dae94b5bb298b05081a876e30370d82e22b5
Author: FdaSilvaYY 
Date:   Sat May 7 18:54:01 2016 +0200

Remove useless NULL checks

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/dh/dh_meth.c   |  3 +--
 crypto/dsa/dsa_meth.c |  3 +--
 crypto/ec/ec_kmeth.c  | 29 -
 crypto/rsa/rsa_lib.c  | 44 +++-
 crypto/rsa/rsa_meth.c |  3 +--
 5 files changed, 34 insertions(+), 48 deletions(-)

diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c
index afd47ab..45753b6 100644
--- a/crypto/dh/dh_meth.c
+++ b/crypto/dh/dh_meth.c
@@ -31,8 +31,7 @@ DH_METHOD *DH_meth_new(const char *name, int flags)
 void DH_meth_free(DH_METHOD *dhm)
 {
 if (dhm != NULL) {
-if (dhm->name != NULL)
-OPENSSL_free(dhm->name);
+OPENSSL_free(dhm->name);
 OPENSSL_free(dhm);
 }
 }
diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c
index 5ce9339..1d27cea 100644
--- a/crypto/dsa/dsa_meth.c
+++ b/crypto/dsa/dsa_meth.c
@@ -39,8 +39,7 @@ DSA_METHOD *DSA_meth_new(const char *name, int flags)
 void DSA_meth_free(DSA_METHOD *dsam)
 {
 if (dsam != NULL) {
-if (dsam->name != NULL)
-OPENSSL_free(dsam->name);
+OPENSSL_free(dsam->name);
 OPENSSL_free(dsam);
 }
 }
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index fead014..eb469ba 100644
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -78,15 +78,11 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 return NULL;
 }
-if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, >ex_data)) {
-OPENSSL_free(ret);
-return NULL;
-}
 
+ret->references = 1;
 ret->lock = CRYPTO_THREAD_lock_new();
 if (ret->lock == NULL) {
 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, >ex_data);
 OPENSSL_free(ret);
 return NULL;
 }
@@ -96,10 +92,7 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
 if (engine != NULL) {
 if (!ENGINE_init(engine)) {
 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
-CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, >ex_data);
-CRYPTO_THREAD_lock_free(ret->lock);
-OPENSSL_free(ret);
-return NULL;
+goto err;
 }
 ret->engine = engine;
 } else
@@ -108,25 +101,27 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
 ret->meth = ENGINE_get_EC(ret->engine);
 if (ret->meth == NULL) {
 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
-ENGINE_finish(ret->engine);
-CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, >ex_data);
-CRYPTO_THREAD_lock_free(ret->lock);
-OPENSSL_free(ret);
-return NULL;
+goto err;
 }
 }
 #endif
 
 ret->version = 1;
 ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
-ret->references = 1;
+
+if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, >ex_data)) {
+goto err;
+}
 
 if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_INIT_FAIL);
-EC_KEY_free(ret);
-return NULL;
+goto err;
 }
 return ret;
+
+err:
+EC_KEY_free(ret);
+return NULL;
 }
 
 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 0ccb3ce..4f93cbc 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -70,21 +70,28 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
 
 RSA *RSA_new_method(ENGINE *engine)
 {
-RSA *ret;
+RSA *ret = OPENSSL_zalloc(sizeof(*ret));
 
-ret = OPENSSL_zalloc(sizeof(*ret));
 if (ret == NULL) {
 RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 return NULL;
 }
 
+ret->references = 1;
+ret->lock = CRYPTO_THREAD_lock_new();
+if (ret->lock == NULL) {
+RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+OPENSSL_free(ret);
+return NULL;
+

[openssl-commits] [openssl] master update

2016-05-23 Thread Richard Levitte 
The branch master has been updated
   via  7d52e55457eb8e888c3441a5b1de328238a7d9fb (commit)
  from  154fe2b4be294050b9975edbbe2d83294a83d6b6 (commit)


- Log -
commit 7d52e55457eb8e888c3441a5b1de328238a7d9fb
Author: Richard Levitte 
Date:   Mon May 23 09:36:02 2016 +0200

Windows: shut DEL up

Reviewed-by: Matt Caswell 

---

Summary of changes:
 Configurations/windows-makefile.tmpl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Configurations/windows-makefile.tmpl 
b/Configurations/windows-makefile.tmpl
index 3f92f14..258421d 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -394,8 +394,8 @@ $target: $deps $ordinalsfile $mkdef_pl
/implib:\$@ \$(LDOUTFLAG)$shlib$shlibext /def:$shlib.def @<< || 
(DEL /Q \$(\@B).* $shlib.* && EXIT 1)
 $objs $shlib.res$linklibs \$(EX_LIBS)
 <<
-   DEL /Q /F apps\\$shlib$shlibext
-   DEL /Q /F test\\$shlib$shlibext
+   IF EXIST apps\\$shlib$shlibext DEL /Q /F apps\\$shlib$shlibext
+   IF EXIST test\\$shlib$shlibext DEL /Q /F test\\$shlib$shlibext
COPY $shlib$shlibext apps
COPY $shlib$shlibext test
 EOF
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed in Jenkins: master_make_errors #1789

2016-05-23 Thread openssl . sanity 
See 

Changes:

[Matt Caswell] Fix Windows 64 bit crashes

[rsalz] Doc nits cleanup, round 2

[rsalz] Add OpenSSL copyright to .pl files

[rsalz] Indent and dead code cleanup

[steve] Constify stack and lhash macros.

[Richard Levitte] Have doc-nit-check look for mandatory manual sections

[kurt] Avoid creating an illegal pointer

[kurt] Avoid creating an illegal pointer

[Richard Levitte] Add the missing NAME header in the OCSP docs

[Richard Levitte] Add a missing comma in OPENSSL_malloc.pod

[Richard Levitte] process_docs.pl: When starting to read a new head1 section, 
remove

[Richard Levitte] HTML docs on Unix: Add a HTML title

[Richard Levitte] Improve the checking of pod sections

[Richard Levitte] util/process_docs.pl: Add more debugging output

[Richard Levitte] Complete the rename of LHASH functions and types

--
Started by upstream project "master_basic" build number 1900
originally caused by:
 Started by an SCM change
Building on master in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > https://github.com/openssl/openssl.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 154fe2b4be294050b9975edbbe2d83294a83d6b6 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 154fe2b4be294050b9975edbbe2d83294a83d6b6
 > git rev-list 739a1eb1961cdc3b1597a040766f3cb359d095f6 # timeout=10
[master_make_errors] $ /bin/sh -xe /tmp/hudson372337268141577630.sh
+ ./config
Operating system: x86_64-whatever-linux2
Configuring for linux-x86_64
Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L)
no-asan [default]  OPENSSL_NO_ASAN (skip dir)
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]   OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE 
(skip dir)
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-egd  [default]  OPENSSL_NO_EGD (skip dir)
no-fuzz [default]  OPENSSL_NO_FUZZ (skip dir)
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS (skip dir)
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl3 [default]  OPENSSL_NO_SSL3 (skip dir)
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD (skip dir)
no-ubsan[default]  OPENSSL_NO_UBSAN (skip dir)
no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir)
no-zlib [default] 
no-zlib-dynamic [default] 
Configuring for linux-x86_64
CC=gcc
CFLAG =-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack
SHARED_CFLAG  =-fPIC
DEFINES   =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT 
OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM MD5_ASM 
AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM POLY1305_ASM
LFLAG =
PLIB_LFLAG=
EX_LIBS   =-ldl 
APPS_OBJ  =
CPUID_OBJ =x86_64cpuid.o
UPLINK_OBJ=
BN_ASM=asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o 
rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o
DES_ENC   =des_enc.o fcrypt_b.o
AES_ENC   =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o 
aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o
BF_ENC=bf_enc.o
CAST_ENC  =c_enc.o
RC4_ENC   =rc4-x86_64.o rc4-md5-x86_64.o
RC5_ENC   =rc5_enc.o
MD5_OBJ_ASM   =md5-x86_64.o
SHA1_OBJ_ASM  =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o 
sha256-mb-x86_64.o
RMD160_OBJ_ASM=
CMLL_ENC  =cmll-x86_64.o cmll_misc.o
MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o
PADLOCK_OBJ   =e_padlock-x86_64.o
CHACHA_ENC=chacha-x86_64.o
POLY1305_OBJ  =poly1305-x86_64.o
BLAKE2_OBJ=
PROCESSOR =
RANLIB=ranlib
ARFLAGS   =
PERL  =/usr/bin/perl

SIXTY_FOUR_BIT_LONG mode

Configured for linux-x86_64.
+ make depend
+ make errors
( cd .; /usr/bin/perl util/ck_errf.pl -strict */*.c */*/*.c )
unable to open test/shatest.c
make: *** [errors] Error 2
Build step 'Execute shell' marked build as failure
_
openssl-commits mailing list
To