[openssl-commits] Build failed: openssl 1.0.531
Build openssl 1.0.531 failed Commit caac183632 by FdaSilvaYY on 6/27/2016 10:11 PM: Add sk_new_num & sk_new_null_num methods Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.530
Build openssl 1.0.530 failed Commit 200ce4a409 by FdaSilvaYY on 6/26/2016 7:24 PM: Fix of various "warning: missing field 'one-field' initializer" in crypto. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.529
Build openssl 1.0.529 failed Commit 20d802d2ae by FdaSilvaYY on 6/27/2016 10:09 PM: Fix allocation failure in OCSP_accept_responses_new Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.528
Build openssl 1.0.528 failed Commit d77db8ed35 by FdaSilvaYY on 6/27/2016 10:03 PM: Deprecate BIO_set() method Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: FdaSilvaYY/openssl#1261 (constify_2 - cb77b60)
Build Update for FdaSilvaYY/openssl - Build: #1261 Status: Still Failing Duration: 1 minute and 35 seconds Commit: cb77b60 (constify_2) Author: FdaSilvaYY Message: Useless Typedef's View the changeset: https://github.com/FdaSilvaYY/openssl/compare/941a468ba219...cb77b609ba19 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140666576 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: FdaSilvaYY/openssl#1260 (sk_num_alloc - caac183)
Build Update for FdaSilvaYY/openssl - Build: #1260 Status: Still Failing Duration: 16 minutes and 19 seconds Commit: caac183 (sk_num_alloc) Author: FdaSilvaYY Message: Add sk_new_num & sk_new_null_num methods View the changeset: https://github.com/FdaSilvaYY/openssl/compare/fc65e72ca1d9...caac1836327a View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140662883 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.527
Build openssl 1.0.527 failed Commit 91be092ddd by FdaSilvaYY on 6/27/2016 9:43 PM: Constify a bit more OPENSSL_sk_ API Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4049
Build openssl master.4049 failed Commit 0ff32f9644 by Rich Salz on 6/27/2016 8:32 PM: set CC directly Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.526
Build openssl 1.0.526 failed Commit bfd0eb4c52 by FdaSilvaYY on 6/27/2016 9:42 PM: Clean pem.h header file include Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.525
Build openssl 1.0.525 failed Commit aa4a97a641 by FdaSilvaYY on 6/27/2016 9:42 PM: Clean pem.h header file include Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.4047
Build openssl master.4047 completed Commit f44a5510dc by FdaSilvaYY on 6/26/2016 7:20 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.524
Build openssl 1.0.524 failed Commit c2fefe0a50 by FdaSilvaYY on 6/27/2016 9:39 PM: Deprecate BIO_set() method Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.523
Build openssl 1.0.523 failed Commit 7a53360031 by Andy Polyakov on 6/27/2016 9:32 PM: engines/e_capi.c: accommodate recent DSA_SIG_[get|set]0 changes. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Fixed: FdaSilvaYY/openssl#1255 (include_cleanup - bfd0eb4)
Build Update for FdaSilvaYY/openssl - Build: #1255 Status: Fixed Duration: 3 minutes and 50 seconds Commit: bfd0eb4 (include_cleanup) Author: FdaSilvaYY Message: Clean pem.h header file include View the changeset: https://github.com/FdaSilvaYY/openssl/compare/aa4a97a641dd...bfd0eb4c52ab View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140656574 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: FdaSilvaYY/openssl#1253 (Deprecate-BIO_set - c2fefe0)
Build Update for FdaSilvaYY/openssl - Build: #1253 Status: Errored Duration: 26 seconds Commit: c2fefe0 (Deprecate-BIO_set) Author: FdaSilvaYY Message: Deprecate BIO_set() method It is now deprecated as : - BIO type is now opaque, so no more stack-allocable. - the new locking API is locking now each BIO object individually. View the changeset: https://github.com/FdaSilvaYY/openssl/compare/89a0115ed658...c2fefe0a50f1 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140655926 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4046
Build openssl master.4046 failed Commit 7cf3588474 by Rich Salz on 6/27/2016 4:39 PM: use file command Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.522
Build openssl 1.0.522 failed Commit 941a468ba2 by FdaSilvaYY on 6/27/2016 9:36 PM: Useless Typedef's Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.521
Build openssl 1.0.521 failed Commit c3fd55d4a6 by Matt Caswell on 6/27/2016 1:51 PM: Add a test for fragmented alerts Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4045
Build openssl master.4045 failed Commit 1f5fdb61d2 by mmiyashita on 6/27/2016 4:07 PM: Misuse of 64-bit instruction causes segfault in 32-bit application Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: FdaSilvaYY/openssl#1251 (constify_2 - 941a468)
Build Update for FdaSilvaYY/openssl - Build: #1251 Status: Errored Duration: 14 minutes and 8 seconds Commit: 941a468 (constify_2) Author: FdaSilvaYY Message: Useless Typedef's View the changeset: https://github.com/FdaSilvaYY/openssl/compare/f9c1a0104b1a...941a468ba219 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140655350 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4044
Build openssl master.4044 failed Commit 5f14880d36 by Rich Salz on 6/27/2016 4:39 PM: use file command Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.520
Build openssl 1.0.520 failed Commit aecdc9b09c by FdaSilvaYY on 6/27/2016 9:19 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: FdaSilvaYY/openssl#1249 (crypto-add-checks-on-sk_type_push - aecdc9b)
Build Update for FdaSilvaYY/openssl - Build: #1249 Status: Errored Duration: 24 minutes and 11 seconds Commit: aecdc9b (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/b591f6942932...aecdc9b09caf View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140650643 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 57ade5711b8b80c19f3d33f46d0e0acd48e68e0a (commit) from 7a53360031a505d4bb55f3c7877ded5d165bef5a (commit) - Log - commit 57ade5711b8b80c19f3d33f46d0e0acd48e68e0a Author: Roumen PetrovDate: Mon Jun 27 21:24:07 2016 +0200 Use include paths to our source before any other cflags This is just in case someone passed an inclusion path with the configuration, and there are OpenSSL headers from another version in there. Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte --- Summary of changes: Configurations/unix-Makefile.tmpl| 10 +- Configurations/windows-makefile.tmpl | 8 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 2ec5076..c5d59b8 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -871,7 +871,7 @@ EOF $target: $args{generator}->[0] $deps ( trap "rm -f \$@.*" INT 0; \\ $generator \$@.S; \\ - \$(CC) \$(CFLAGS) $incs -E \$@.S | \\ + \$(CC) $incs \$(CFLAGS) -E \$@.S | \\ \$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@.i && \\ mv -f \$@.i \$@ ) EOF @@ -884,7 +884,7 @@ EOF } return <<"EOF"; $args{src}: $args{generator}->[0] $deps - \$(CC) \$(CFLAGS) $incs -E \$< | \\ + \$(CC) $incs \$(CFLAGS) -E \$< | \\ \$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@ EOF } @@ -918,7 +918,7 @@ EOF if (!$disabled{makedepend} && $makedepprog =~ /\/makedepend/) { $recipe .= <<"EOF"; $obj$depext: $deps - -\$(MAKEDEPEND) -f- -o"|$obj$objext" -- \$(CFLAGS) $ecflags$incs -- $srcs \\ + -\$(MAKEDEPEND) -f- -o"|$obj$objext" -- $incs \$(CFLAGS) $ecflags -- $srcs \\ >\$\@.tmp 2>/dev/null -\$(PERL) -i -pe 's/^.*\\|//; s/ \\/(.|[^ ])*//; \$\$_ = undef if (/: *\$\$/ || /^(#.*| *)\$\$/); \$\$_.="\\n" unless !defined(\$\$_) or /\\R\$\$/g;' \$\@.tmp \@if cmp \$\@.tmp \$\@ > /dev/null 2> /dev/null; then \\ @@ -932,13 +932,13 @@ EOF if ($disabled{makedepend} || $makedepprog =~ /\/makedepend/) { $recipe .= <<"EOF"; $obj$objext: $deps - \$(CC) \$(CFLAGS) $ecflags$incs -c -o \$\@ $srcs + \$(CC) $incs \$(CFLAGS) $ecflags -c -o \$\@ $srcs EOF } if (!$disabled{makedepend} && $makedepprog !~ /\/makedepend/) { $recipe .= <<"EOF"; $obj$objext: $deps - \$(CC) \$(CFLAGS) $ecflags$incs -MMD -MF $obj$depext.tmp -MT \$\@ -c -o \$\@ $srcs + \$(CC) $incs \$(CFLAGS) $ecflags -MMD -MF $obj$depext.tmp -MT \$\@ -c -o \$\@ $srcs \@touch $obj$depext.tmp \@if cmp $obj$depext.tmp $obj$depext > /dev/null 2> /dev/null; then \\ rm -f $obj$depext.tmp; \\ diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index aae7de3..776109f 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -349,7 +349,7 @@ EOF $target: "$args{generator}->[0]" $deps set ASM=\$(AS) $generator \$@.S - \$(CC) \$(CFLAGS) $incs /EP /C \$@.S > \$@.i && move /Y \$@.i \$@ + \$(CC) $incs \$(CFLAGS) /EP /C \$@.S > \$@.i && move /Y \$@.i \$@ del /Q \$@.S EOF } @@ -362,7 +362,7 @@ EOF } return <<"EOF"; $target: "$args{generator}->[0]" $deps - \$(CC) \$(CFLAGS) $incs /EP /C "$args{generator}->[0]" > \$@.i && move /Y \$@.i \$@ + \$(CC) $incs \$(CFLAGS) /EP /C "$args{generator}->[0]" > \$@.i && move /Y \$@.i \$@ EOF } } @@ -400,13 +400,13 @@ s/^Note: including file: *//; END { print '$obj$objext: ',join(" ", sort keys \%collect),"\\n" } << $obj$objext: $obj$depext - \$(CC) \$(CFLAGS) $ecflags$incs -c \$(COUTFLAG)\$\@ @<< + \$(CC) $incs \$(CFLAGS) $ecflags -c \$(COUTFLAG)\$\@ @<< $srcs << EOF return <<"EOF" if ($disabled{makedepend}); $obj$objext: $deps - \$(CC) \$(CFLAGS) $ecflags$incs -c \$(COUTFLAG)\$\@ $srcs + \$(CC) $incs \$(CFLAGS) $ecflags -c \$(COUTFLAG)\$\@ $srcs EOF } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1254 (include_cleanup - aa4a97a)
Build Update for FdaSilvaYY/openssl - Build: #1254 Status: Canceled Duration: ? Commit: aa4a97a (include_cleanup) Author: FdaSilvaYY Message: Clean pem.h header file include View the changeset: https://github.com/FdaSilvaYY/openssl/compare/edc1d586a608...aa4a97a641dd View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140656433 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1247 (crypto-add-checks-on-sk_type_push - f7e86c9)
Build Update for FdaSilvaYY/openssl - Build: #1247 Status: Canceled Duration: ? Commit: f7e86c9 (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/7b0ffdf263b7...f7e86c971f09 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140645277 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7a53360031a505d4bb55f3c7877ded5d165bef5a (commit) via e0685d2473a88056e848900abaec3e19b8a447d3 (commit) from dbbb6a87a716765f4f9ef9fe48b634c23bbe8636 (commit) - Log - commit 7a53360031a505d4bb55f3c7877ded5d165bef5a Author: Andy PolyakovDate: Sun Jun 26 22:00:37 2016 +0200 engines/e_capi.c: accommodate recent DSA_SIG_[get|set]0 changes. Reviewed-by: Rich Salz commit e0685d2473a88056e848900abaec3e19b8a447d3 Author: Andy Polyakov Date: Sun Jun 26 21:55:03 2016 +0200 rsa/rsa_lib.c: const-ify RSA_get0_engine(). Reviewed-by: Rich Salz --- Summary of changes: crypto/rsa/rsa_lib.c | 2 +- engines/e_capi.c | 18 +- include/openssl/rsa.h | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 14750d1..48e9100 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -304,7 +304,7 @@ void RSA_set_flags(RSA *r, int flags) r->flags |= flags; } -ENGINE *RSA_get0_engine(RSA *r) +ENGINE *RSA_get0_engine(const RSA *r) { return r->engine; } diff --git a/engines/e_capi.c b/engines/e_capi.c index f2d5c3e..4923eef 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -1029,17 +1029,17 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, capi_addlasterror(); goto err; } else { -BIGNUM *r = NULL, *s = NULL; -ret = DSA_SIG_new(); -if (ret == NULL) -goto err; -DSA_SIG_get0(, , ret); -if (!lend_tobn(r, csigbuf, 20) -|| !lend_tobn(s, csigbuf + 20, 20)) { -DSA_SIG_free(ret); -ret = NULL; +BIGNUM *r = BN_new(), *s = BN_new(); + +if (r == NULL || s == NULL +|| !lend_tobn(r, csigbuf, 20) +|| !lend_tobn(s, csigbuf + 20, 20) +|| (ret = DSA_SIG_new()) == NULL) { +BN_free(r); /* BN_free checks for BIGNUM * being NULL */ +BN_free(s); goto err; } +DSA_SIG_set0(ret, r, s); } /* Now cleanup */ diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index cd17385..b9d14e4 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -187,7 +187,7 @@ void RSA_get0_crt_params(const RSA *r, void RSA_clear_flags(RSA *r, int flags); int RSA_test_flags(const RSA *r, int flags); void RSA_set_flags(RSA *r, int flags); -ENGINE *RSA_get0_engine(RSA *r); +ENGINE *RSA_get0_engine(const RSA *r); /* Deprecated version */ DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.518
Build openssl 1.0.518 failed Commit f7e86c971f by FdaSilvaYY on 6/27/2016 8:55 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via dbbb6a87a716765f4f9ef9fe48b634c23bbe8636 (commit) via cfef7e9e681bb981ebd5af08eac3432eec336032 (commit) from c3fd55d4a6ed1025c471603b67fbbbce606a5171 (commit) - Log - commit dbbb6a87a716765f4f9ef9fe48b634c23bbe8636 Author: Andy PolyakovDate: Sun Jun 26 18:20:39 2016 +0200 unix-Makefile.tmpl: omit lib.a updates from directory targets. Since corresponding rule was removed from windows-makefile.tmpl out of necessity, question popped if it's appropriate to harmonize even unix-Makefile.tmpl. Note that as long as you work on single directory 'make lib.a' is effectively equivalent to 'make ' prior this modification. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte commit cfef7e9e681bb981ebd5af08eac3432eec336032 Author: Andy Polyakov Date: Sun Jun 26 14:40:35 2016 +0200 windows-makefile.tmpl: don't use $? in library targets. Problem with Microsoft lib.exe is that it doesn't *update* modules in .lib archive, but creates new one upon every invocation. As result if a source file was updated and nmake was executed, a useless archive with only one module was created. In other words one has to always pass all .obj modules on command line, not only recently recompiled. [This also creates dilemma for directory targets, e.g. crypto\aes, that were added to simplify every-day life for developer. Since whole idea behind those targets is to minimize the re-compile time upon single file modification, the only sensible thing to do is to omit intended library update.] Reviewed-by: Rich Salz Reviewed-by: Richard Levitte --- Summary of changes: Configurations/unix-Makefile.tmpl| 5 + Configurations/windows-makefile.tmpl | 8 ++-- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 34971a9..2ec5076 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -1086,10 +1086,7 @@ EOF next unless defined($unified_info{dirinfo}->{$dir}->{products}->{$type}); if ($type eq "lib") { foreach my $lib (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) { - push @actions, <<"EOF"; - \$(AR) $lib$libext \$\? - \$(RANLIB) $lib$libext || echo Never mind. -EOF + push @actions, ""; } } else { foreach my $prod (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) { diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index 0d21c50..aae7de3 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -484,7 +484,7 @@ EOF return <<"EOF"; $lib$libext: $deps \$(AR) \$(ARFLAGS) \$(AROUTFLAG)$lib$libext @<< -\$\? +\$** << EOF } @@ -530,11 +530,7 @@ EOF next unless defined($unified_info{dirinfo}->{$dir}->{products}->{$type}); if ($type eq "lib") { foreach my $lib (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) { - push @actions, <<"EOF"; - \$(AR) \$(ARFLAGS) \$(AROUTFLAG)$lib$libext @<< -\$\? -<< -EOF + push @actions, ""; } } else { foreach my $prod (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1248 (crypto-add-checks-on-sk_type_push - b591f69)
Build Update for FdaSilvaYY/openssl - Build: #1248 Status: Canceled Duration: ? Commit: b591f69 (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/f7e86c971f09...b591f6942932 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140648572 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1247 (crypto-add-checks-on-sk_type_push - f7e86c9)
Build Update for FdaSilvaYY/openssl - Build: #1247 Status: Canceled Duration: 9 minutes and 40 seconds Commit: f7e86c9 (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/7b0ffdf263b7...f7e86c971f09 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140645277 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1245 (crypto-add-checks-on-sk_type_push - fe353af)
Build Update for FdaSilvaYY/openssl - Build: #1245 Status: Canceled Duration: ? Commit: fe353af (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/17d0a80fcab5...fe353af08894 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140632518 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.517
Build openssl 1.0.517 failed Commit 7b0ffdf263 by FdaSilvaYY on 6/27/2016 8:49 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1245 (crypto-add-checks-on-sk_type_push - fe353af)
Build Update for FdaSilvaYY/openssl - Build: #1245 Status: Canceled Duration: ? Commit: fe353af (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/17d0a80fcab5...fe353af08894 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140632518 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Canceled: FdaSilvaYY/openssl#1246 (crypto-add-checks-on-sk_type_push - 7b0ffdf)
Build Update for FdaSilvaYY/openssl - Build: #1246 Status: Canceled Duration: 16 minutes and 33 seconds Commit: 7b0ffdf (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/fe353af08894...7b0ffdf263b7 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140643637 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.516
Build openssl 1.0.516 failed Commit fe353af088 by FdaSilvaYY on 6/27/2016 8:14 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: FdaSilvaYY/openssl#1244 (crypto-add-checks-on-sk_type_push - 17d0a80)
Build Update for FdaSilvaYY/openssl - Build: #1244 Status: Errored Duration: 25 minutes and 44 seconds Commit: 17d0a80 (crypto-add-checks-on-sk_type_push) Author: FdaSilvaYY Message: Fix mem error handling in PKCS7_simple_smimecap View the changeset: https://github.com/FdaSilvaYY/openssl/compare/a83078b29dd9...17d0a80fcab5 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140628634 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.515
Build openssl 1.0.515 failed Commit 17d0a80fca by FdaSilvaYY on 6/27/2016 7:58 PM: Fix mem error handling in PKCS7_simple_smimecap Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: mouse07410/openssl#23 (OpenSSL_1_0_2-stable - ad64a69)
Build Update for mouse07410/openssl - Build: #23 Status: Still Failing Duration: 18 minutes and 29 seconds Commit: ad64a69 (OpenSSL_1_0_2-stable) Author: Matt Caswell Message: Change usage of RAND_pseudo_bytes to RAND_bytes RAND_pseudo_bytes() allows random data to be returned even in low entropy conditions. Sometimes this is ok. Many times it is not. For the avoidance of any doubt, replace existing usage of RAND_pseudo_bytes() with RAND_bytes(). Reviewed-by: Rich SalzView the changeset: https://github.com/mouse07410/openssl/compare/1bb0918c3d27...ad64a69e02f7 View the full build log and details: https://travis-ci.org/mouse07410/openssl/builds/140574246 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4038
Build openssl master.4038 failed Commit c3fd55d4a6 by Matt Caswell on 6/27/2016 1:51 PM: Add a test for fragmented alerts Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#4720 (OpenSSL_1_0_2-stable - ad64a69)
Build Update for openssl/openssl - Build: #4720 Status: Still Failing Duration: 5 minutes and 11 seconds Commit: ad64a69 (OpenSSL_1_0_2-stable) Author: Matt Caswell Message: Change usage of RAND_pseudo_bytes to RAND_bytes RAND_pseudo_bytes() allows random data to be returned even in low entropy conditions. Sometimes this is ok. Many times it is not. For the avoidance of any doubt, replace existing usage of RAND_pseudo_bytes() with RAND_bytes(). Reviewed-by: Rich SalzView the changeset: https://github.com/openssl/openssl/compare/f3dbce6634de...ad64a69e02f7 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/140542205 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via 05200ee5c61ecd38cdcacf9c547b0c3877e8cfef (commit) from 3681a4558c13198944e6f7f149c4be188e076e14 (commit) - Log - commit 05200ee5c61ecd38cdcacf9c547b0c3877e8cfef Author: Matt CaswellDate: Mon Apr 25 17:06:56 2016 +0100 Change usage of RAND_pseudo_bytes to RAND_bytes RAND_pseudo_bytes() allows random data to be returned even in low entropy conditions. Sometimes this is ok. Many times it is not. For the avoidance of any doubt, replace existing usage of RAND_pseudo_bytes() with RAND_bytes(). Reviewed-by: Rich Salz --- Summary of changes: apps/enc.c | 2 +- apps/passwd.c| 4 ++-- apps/s_server.c | 2 +- crypto/asn1/asn_mime.c | 2 +- crypto/asn1/p5_pbe.c | 2 +- crypto/asn1/p5_pbev2.c | 4 ++-- crypto/bio/bf_nbio.c | 4 ++-- crypto/bn/bn_rand.c | 10 +++--- crypto/cms/cms_enc.c | 2 +- crypto/cms/cms_ess.c | 3 +-- crypto/cms/cms_pwri.c| 4 ++-- crypto/des/des.c | 2 +- crypto/des/enc_writ.c| 2 +- crypto/dsa/dsa_gen.c | 2 +- crypto/evp/bio_ok.c | 2 +- crypto/ocsp/ocsp_ext.c | 2 +- crypto/pem/pem_lib.c | 2 +- crypto/pkcs12/p12_mutl.c | 2 +- crypto/pkcs7/pk7_doit.c | 2 +- crypto/srp/srp_vfy.c | 6 +++--- ssl/d1_both.c| 6 +++--- ssl/d1_pkt.c | 3 ++- ssl/d1_srvr.c| 5 - ssl/s23_clnt.c | 8 ssl/s2_clnt.c| 4 ++-- ssl/s2_srvr.c| 12 ssl/s3_srvr.c| 7 ++- ssl/ssl_lib.c| 2 +- ssl/ssl_sess.c | 2 +- ssl/t1_lib.c | 6 +++--- 30 files changed, 54 insertions(+), 62 deletions(-) diff --git a/apps/enc.c b/apps/enc.c index 7b7c70b..8e2ef27 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -509,7 +509,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "invalid hex salt value\n"); goto end; } -} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0) +} else if (RAND_bytes(salt, sizeof salt) <= 0) goto end; /* * If -P option then don't bother writing diff --git a/apps/passwd.c b/apps/passwd.c index 5ff53b5..798a6d5 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } -if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0) +if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0) goto err; (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */ (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */ @@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } -if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0) +if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0) goto err; for (i = 0; i < 8; i++) diff --git a/apps/s_server.c b/apps/s_server.c index a53cadd..40782bb 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2968,7 +2968,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id, { unsigned int count = 0; do { -if (RAND_pseudo_bytes(id, *id_len) < 0) +if (RAND_bytes(id, *id_len) <= 0) return 0; /* * Prefix the session_id with the required prefix. NB: If our prefix diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 96110c5..9fd5bef 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -289,7 +289,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, if ((flags & SMIME_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ -if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0) +if (RAND_bytes((unsigned char *)bound, 32) <= 0) return 0; for (i = 0; i < 32; i++) { c = bound[i] & 0xf; diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index bdbfdcd..e2a1def 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, sstr = ASN1_STRING_data(pbe->salt); if (salt) memcpy(sstr, salt, saltlen); -else if (RAND_pseudo_bytes(sstr, saltlen) < 0) +else if (RAND_bytes(sstr, saltlen) <= 0) goto err; if
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via ad64a69e02f7dda422d0f4f53dce7b1278715380 (commit) from f3dbce6634dee43dcb0243544db05e101104fe6b (commit) - Log - commit ad64a69e02f7dda422d0f4f53dce7b1278715380 Author: Matt CaswellDate: Mon Apr 25 17:06:56 2016 +0100 Change usage of RAND_pseudo_bytes to RAND_bytes RAND_pseudo_bytes() allows random data to be returned even in low entropy conditions. Sometimes this is ok. Many times it is not. For the avoidance of any doubt, replace existing usage of RAND_pseudo_bytes() with RAND_bytes(). Reviewed-by: Rich Salz --- Summary of changes: apps/enc.c | 2 +- apps/passwd.c| 4 ++-- apps/s_server.c | 2 +- crypto/asn1/asn_mime.c | 2 +- crypto/asn1/p5_pbe.c | 2 +- crypto/asn1/p5_pbev2.c | 4 ++-- crypto/bio/bf_nbio.c | 4 ++-- crypto/bn/bn_rand.c | 10 +++--- crypto/cms/cms_enc.c | 2 +- crypto/cms/cms_ess.c | 3 +-- crypto/cms/cms_pwri.c| 4 ++-- crypto/des/des.c | 2 +- crypto/des/enc_writ.c| 2 +- crypto/dsa/dsa_gen.c | 4 ++-- crypto/evp/bio_ok.c | 2 +- crypto/ocsp/ocsp_ext.c | 2 +- crypto/pem/pem_lib.c | 2 +- crypto/pkcs12/p12_mutl.c | 2 +- crypto/pkcs7/pk7_doit.c | 2 +- crypto/srp/srp_vfy.c | 6 +++--- ssl/d1_both.c| 6 +++--- ssl/s23_clnt.c | 8 ssl/s2_clnt.c| 4 ++-- ssl/s2_srvr.c| 12 ssl/s3_srvr.c| 7 ++- ssl/ssl_lib.c| 2 +- ssl/ssl_sess.c | 2 +- ssl/t1_lib.c | 6 +++--- 28 files changed, 49 insertions(+), 61 deletions(-) diff --git a/apps/enc.c b/apps/enc.c index 7b7c70b..8e2ef27 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -509,7 +509,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "invalid hex salt value\n"); goto end; } -} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0) +} else if (RAND_bytes(salt, sizeof salt) <= 0) goto end; /* * If -P option then don't bother writing diff --git a/apps/passwd.c b/apps/passwd.c index 5ff53b5..798a6d5 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } -if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0) +if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0) goto err; (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */ (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */ @@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } -if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0) +if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0) goto err; for (i = 0; i < 8; i++) diff --git a/apps/s_server.c b/apps/s_server.c index d6c53d9..2c1e5ee 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -3364,7 +3364,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id, { unsigned int count = 0; do { -if (RAND_pseudo_bytes(id, *id_len) < 0) +if (RAND_bytes(id, *id_len) <= 0) return 0; /* * Prefix the session_id with the required prefix. NB: If our prefix diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 96110c5..9fd5bef 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -289,7 +289,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, if ((flags & SMIME_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ -if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0) +if (RAND_bytes((unsigned char *)bound, 32) <= 0) return 0; for (i = 0; i < 32; i++) { c = bound[i] & 0xf; diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index bdbfdcd..e2a1def 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, sstr = ASN1_STRING_data(pbe->salt); if (salt) memcpy(sstr, salt, saltlen); -else if (RAND_pseudo_bytes(sstr, saltlen) < 0) +else if (RAND_bytes(sstr, saltlen) <= 0) goto err; if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), _str)) { diff --git
[openssl-commits] [openssl] master update
The branch master has been updated via c3fd55d4a6ed1025c471603b67fbbbce606a5171 (commit) via 63916e9a234c1e6bbf82cc21b7d2e39cdecb30d0 (commit) from 6f4a6a5cd472d56937a8e9d6665e7c9cc6b1b2e2 (commit) - Log - commit c3fd55d4a6ed1025c471603b67fbbbce606a5171 Author: Matt CaswellDate: Tue Jun 21 16:33:52 2016 +0100 Add a test for fragmented alerts The previous commit fixed a problem where fragmented alerts would cause an infinite loop. This commit adds a test for these fragmented alerts. Reviewed-by: Andy Polyakov commit 63916e9a234c1e6bbf82cc21b7d2e39cdecb30d0 Author: Matt Caswell Date: Tue Jun 21 15:25:53 2016 +0100 Ensure read records are marked as read In some situations (such as when we receive a fragment of an alert) we try to get the next packet but did not mark the current one as read, meaning that we got the same record back again - leading to an infinite loop. Found using the BoringSSL test suite. Reviewed-by: Andy Polyakov --- Summary of changes: ssl/record/rec_layer_s3.c | 9 +- test/recipes/70-test_sslrecords.t | 62 ++- util/TLSProxy/Message.pm | 3 +- 3 files changed, 71 insertions(+), 3 deletions(-) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index bce82a7..fa20b35 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1232,8 +1232,10 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, SSL3_RECORD_add_length(rr, -1); } -if (*dest_len < dest_maxlen) +if (*dest_len < dest_maxlen) { +SSL3_RECORD_set_read(rr); goto start; /* fragment was too small */ +} } } @@ -1316,6 +1318,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, (s->session != NULL) && (s->session->cipher != NULL) && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { SSL3_RECORD_set_length(rr, 0); +SSL3_RECORD_set_read(rr); ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); goto start; } @@ -1342,6 +1345,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (alert_level == SSL3_AL_WARNING) { s->s3->warn_alert = alert_descr; +SSL3_RECORD_set_read(rr); if (alert_descr == SSL_AD_CLOSE_NOTIFY) { s->shutdown |= SSL_RECEIVED_SHUTDOWN; return (0); @@ -1372,6 +1376,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; +SSL3_RECORD_set_read(rr); SSL_CTX_remove_session(s->session_ctx, s->session); return (0); } else { @@ -1387,6 +1392,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * shutdown */ s->rwstate = SSL_NOTHING; SSL3_RECORD_set_length(rr, 0); +SSL3_RECORD_set_read(rr); return (0); } @@ -1443,6 +1449,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION) { SSL3_RECORD_set_length(rr, 0); +SSL3_RECORD_set_read(rr); goto start; } al = SSL_AD_UNEXPECTED_MESSAGE; diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t index b0e3739..94aabdc 100644 --- a/test/recipes/70-test_sslrecords.t +++ b/test/recipes/70-test_sslrecords.t @@ -38,7 +38,7 @@ my $proxy = TLSProxy::Proxy->new( my $content_type = TLSProxy::Record::RT_APPLICATION_DATA; my $inject_recs_num = 1; $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 3; +plan tests => 4; ok(TLSProxy::Message->fail(), "Out of context empty records test"); #Test 2: Injecting in context empty records should succeed @@ -54,6 +54,14 @@ $inject_recs_num = 33; $proxy->start(); ok(TLSProxy::Message->fail(), "Too many in context empty records test"); +#Test 4: Injecting a fragmented fatal alert should fail. We actually expect no +#alerts to be sent from either side because *we* injected the fatal +#alert, i.e. this will look like a disorderly close +$proxy->clear(); +$proxy->filter(\_frag_alert_filter); +$proxy->start(); +ok(!TLSProxy::Message->end(), "Fragmented alert records test"); + sub add_empty_recs_filter {
[openssl-commits] Build failed: openssl master.4037
Build openssl master.4037 failed Commit 6f4a6a5cd4 by Rich Salz on 6/27/2016 11:39 AM: RT4586: Remove RSA_memory_lock; unused, not needed Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4036
Build openssl master.4036 failed Commit 56add338b1 by Matt Caswell on 6/27/2016 10:51 AM: Fix one more instance of incorrect OPENSSL_API_COMPAT value Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4035
Build openssl master.4035 failed Commit 1aca3618ff by Matt Caswell on 6/27/2016 10:28 AM: Fix some OPENSSL_API_COMPAT values Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 6f4a6a5cd472d56937a8e9d6665e7c9cc6b1b2e2 (commit) from 56add338b12246fd8670ce3da719a39767a25182 (commit) - Log - commit 6f4a6a5cd472d56937a8e9d6665e7c9cc6b1b2e2 Author: Rich SalzDate: Fri Jun 24 09:49:51 2016 -0400 RT4586: Remove RSA_memory_lock; unused, not needed Reviewed-by: Ben Laurie --- Summary of changes: crypto/rsa/rsa_err.c | 1 - crypto/rsa/rsa_lib.c | 44 include/openssl/rsa.h | 4 util/libcrypto.num| 1 - 4 files changed, 50 deletions(-) diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index a92ea5d..0bde045 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -32,7 +32,6 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"}, {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"}, {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"}, -{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"}, {ERR_FUNC(RSA_F_RSA_METH_NEW), "RSA_meth_new"}, {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"}, diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 9ba86d8..14750d1 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -180,50 +180,6 @@ void *RSA_get_ex_data(const RSA *r, int idx) return (CRYPTO_get_ex_data(>ex_data, idx)); } -int RSA_memory_lock(RSA *r) -{ -int i, j, k, off; -char *p; -BIGNUM *bn, **t[6], *b; -BN_ULONG *ul; - -if (r->d == NULL) -return (1); -t[0] = >d; -t[1] = >p; -t[2] = >q; -t[3] = >dmp1; -t[4] = >dmq1; -t[5] = >iqmp; -k = bn_sizeof_BIGNUM() * 6; -off = k / sizeof(BN_ULONG) + 1; -j = 1; -for (i = 0; i < 6; i++) -j += bn_get_top(*t[i]); -if ((p = OPENSSL_malloc((off + j) * sizeof(*p))) == NULL) { -RSAerr(RSA_F_RSA_MEMORY_LOCK, ERR_R_MALLOC_FAILURE); -return (0); -} -memset(p, 0, sizeof(*p) * (off + j)); -bn = (BIGNUM *)p; -ul = (BN_ULONG *)&(p[off]); -for (i = 0; i < 6; i++) { -b = *(t[i]); -*(t[i]) = bn_array_el(bn, i); -memcpy(bn_array_el(bn, i), b, bn_sizeof_BIGNUM()); -memcpy(ul, bn_get_words(b), sizeof(*ul) * bn_get_top(b)); -bn_set_static_words(bn_array_el(bn, i), ul, bn_get_top(b)); -ul += bn_get_top(b); -BN_clear_free(b); -} - -/* I should fix this so it can still be done */ -r->flags &= ~(RSA_FLAG_CACHE_PRIVATE | RSA_FLAG_CACHE_PUBLIC); - -r->bignum_data = p; -return (1); -} - int RSA_security_bits(const RSA *rsa) { return BN_security_bits(BN_num_bits(rsa->n), -1); diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index 70d3755..cd17385 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -226,9 +226,6 @@ const RSA_METHOD *RSA_get_default_method(void); const RSA_METHOD *RSA_get_method(const RSA *rsa); int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); -/* This function needs the memory locking malloc callbacks to be installed */ -int RSA_memory_lock(RSA *r); - /* these are the actual RSA functions */ const RSA_METHOD *RSA_PKCS1_OpenSSL(void); @@ -477,7 +474,6 @@ void ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY_EX 160 # define RSA_F_RSA_CMS_DECRYPT159 # define RSA_F_RSA_ITEM_VERIFY148 -# define RSA_F_RSA_MEMORY_LOCK130 # define RSA_F_RSA_METH_DUP 161 # define RSA_F_RSA_METH_NEW 162 # define RSA_F_RSA_METH_SET1_NAME 163 diff --git a/util/libcrypto.num b/util/libcrypto.num index fc118b1..e9966eb 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1396,7 +1396,6 @@ SCT_set_timestamp 1380 1_1_0 EXIST::FUNCTION:CT UI_new 1381 1_1_0 EXIST::FUNCTION:UI TS_REQ_get_msg_imprint 1382 1_1_0 EXIST::FUNCTION:TS i2d_PKCS12_BAGS 1383 1_1_0 EXIST::FUNCTION: -RSA_memory_lock 1384 1_1_0 EXIST::FUNCTION:RSA CERTIFICATEPOLICIES_free1385 1_1_0 EXIST::FUNCTION: X509V3_get_section 1386 1_1_0 EXIST::FUNCTION: BIO_parse_hostserv 1387 1_1_0 EXIST::FUNCTION:SOCK _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 56add338b12246fd8670ce3da719a39767a25182 (commit) from 1aca3618ff86358c659c856b10e2270c3d4230d2 (commit) - Log - commit 56add338b12246fd8670ce3da719a39767a25182 Author: Matt CaswellDate: Mon Jun 27 11:51:50 2016 +0100 Fix one more instance of incorrect OPENSSL_API_COMPAT value Reviewed-by: Richard Levitte --- Summary of changes: crypto/rand/rand_win.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index c5d0aa1..1be0ed3 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -82,7 +82,7 @@ int RAND_poll(void) return (1); } -#if OPENSSL_API_COMPAT < 0x00101000L +#if OPENSSL_API_COMPAT < 0x1010L int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) { RAND_poll(); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4034
Build openssl master.4034 failed Commit cd359b2564 by Brian Smith on 6/27/2016 8:15 AM: Clarify use of |$end0| in stitched x86-64 AES-GCM code. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 1aca3618ff86358c659c856b10e2270c3d4230d2 (commit) from cd359b2564b77230a1201a200683dac622c923af (commit) - Log - commit 1aca3618ff86358c659c856b10e2270c3d4230d2 Author: Matt CaswellDate: Mon Jun 27 11:28:29 2016 +0100 Fix some OPENSSL_API_COMPAT values There are 3 OPENSSL_API_COMPAT values that are incorrect in the header files, and one inconsistency between the header and the .c Reviewed-by: Richard Levitte --- Summary of changes: crypto/err/err.c | 2 +- include/openssl/bn.h | 2 +- include/openssl/idea.h | 2 +- include/openssl/x509v3.h | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/err/err.c b/crypto/err/err.c index 9b679d9..836fac4 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -632,7 +632,7 @@ void err_delete_thread_state(void) ERR_STATE_free(state); } -#if OPENSSL_API_COMPAT < 0x1000L +#if OPENSSL_API_COMPAT < 0x1010L void ERR_remove_thread_state(void *dummy) { } diff --git a/include/openssl/bn.h b/include/openssl/bn.h index e0f656a..82552b6 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -469,7 +469,7 @@ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn); -# if OPENSSL_API_COMPAT < 0x00101000L +# if OPENSSL_API_COMPAT < 0x1010L # define get_rfc2409_prime_768 BN_get_rfc2409_prime_768 # define get_rfc2409_prime_1024 BN_get_rfc2409_prime_1024 # define get_rfc3526_prime_1536 BN_get_rfc3526_prime_1536 diff --git a/include/openssl/idea.h b/include/openssl/idea.h index d527675..4334f3e 100644 --- a/include/openssl/idea.h +++ b/include/openssl/idea.h @@ -45,7 +45,7 @@ void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out, int *num); void IDEA_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); -# if OPENSSL_API_COMPAT < 0x00101000L +# if OPENSSL_API_COMPAT < 0x1010L # define idea_options IDEA_options # define idea_ecb_encrypt IDEA_ecb_encrypt # define idea_set_encrypt_key IDEA_set_encrypt_key diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index 36d11a7..29b7194 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -631,7 +631,7 @@ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); -#if OPENSSL_API_COMPAT < 0x00101000L +#if OPENSSL_API_COMPAT < 0x1010L /* The new declarations are in crypto.h, but the old ones were here. */ # define hex_to_string OPENSSL_buf2hexstr # define string_to_hex OPENSSL_hexstr2buf _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4033
Build openssl master.4033 failed Commit 0b919cc5d5 by Andy Polyakov on 6/27/2016 8:12 AM: Configurations/10-main.conf: fix PA-RISC commentary. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.513
Build openssl 1.0.513 failed Commit 89a0115ed6 by FdaSilvaYY on 6/27/2016 6:26 AM: Deprecate BIO_set() method Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.4032
Build openssl master.4032 failed Commit 5fc77684f1 by Andy Polyakov on 6/27/2016 8:09 AM: evp/evp_enc.c: refine partial buffer overlap detection. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via cd359b2564b77230a1201a200683dac622c923af (commit) from 0b919cc5d5832ddcc041440b279e27fcfcb01282 (commit) - Log - commit cd359b2564b77230a1201a200683dac622c923af Author: Brian SmithDate: Tue Mar 1 20:16:26 2016 -1000 Clarify use of |$end0| in stitched x86-64 AES-GCM code. There was some uncertainty about what the code is doing with |$end0| and whether it was necessary for |$len| to be a multiple of 16 or 96. Hopefully these added comments make it clear that the code is correct except for the caveat regarding low memory addresses. Change-Id: Iea546a59dc7aeb400f50ac5d2d7b9cb88ace9027 Reviewed-on: https://boringssl-review.googlesource.com/7194 Reviewed-by: Adam Langley Signed-off-by: Andy Polyakov Reviewed-by: Rich Salz --- Summary of changes: crypto/modes/asm/aesni-gcm-x86_64.pl | 41 1 file changed, 41 insertions(+) diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl b/crypto/modes/asm/aesni-gcm-x86_64.pl index 810876c..5ad62b3 100644 --- a/crypto/modes/asm/aesni-gcm-x86_64.pl +++ b/crypto/modes/asm/aesni-gcm-x86_64.pl @@ -116,6 +116,23 @@ _aesni_ctr32_ghash_6x: vpxor $rndkey,$inout3,$inout3 vmovups 0x10-0x80($key),$T2 # borrow $T2 for $rndkey vpclmulqdq \$0x01,$Hkey,$Z3,$Z2 + + # At this point, the current block of 96 (0x60) bytes has already been + # loaded into registers. Concurrently with processing it, we want to + # load the next 96 bytes of input for the next round. Obviously, we can + # only do this if there are at least 96 more bytes of input beyond the + # input we're currently processing, or else we'd read past the end of + # the input buffer. Here, we set |%r12| to 96 if there are at least 96 + # bytes of input beyond the 96 bytes we're already processing, and we + # set |%r12| to 0 otherwise. In the case where we set |%r12| to 96, + # we'll read in the next block so that it is in registers for the next + # loop iteration. In the case where we set |%r12| to 0, we'll re-read + # the current block and then ignore what we re-read. + # + # At this point, |$in0| points to the current (already read into + # registers) block, and |$end0| points to 2*96 bytes before the end of + # the input. Thus, |$in0| > |$end0| means that we do not have the next + # 96-byte block to read in, and |$in0| <= |$end0| means we do. xor %r12,%r12 cmp $in0,$end0 @@ -408,6 +425,9 @@ $code.=<<___; .align 32 aesni_gcm_decrypt: xor $ret,$ret + + # We call |_aesni_ctr32_ghash_6x|, which requires at least 96 (0x60) + # bytes of input. cmp \$0x60,$len # minimal accepted length jb .Lgcm_dec_abort @@ -462,7 +482,15 @@ $code.=<<___; vmovdqu 0x50($inp),$Z3 # I[5] lea ($inp),$in0 vmovdqu 0x40($inp),$Z0 + + # |_aesni_ctr32_ghash_6x| requires |$end0| to point to 2*96 (0xc0) + # bytes before the end of the input. Note, in particular, that this is + # correct even if |$len| is not an even multiple of 96 or 16. XXX: This + # seems to require that |$inp| + |$len| >= 2*96 (0xc0); i.e. |$inp| must + # not be near the very beginning of the address space when |$len| < 2*96 + # (0xc0). lea -0xc0($inp,$len),$end0 + vmovdqu 0x30($inp),$Z1 shr \$4,$len xor $ret,$ret @@ -618,6 +646,10 @@ _aesni_ctr32_6x: .align 32 aesni_gcm_encrypt: xor $ret,$ret + + # We call |_aesni_ctr32_6x| twice, each call consuming 96 bytes of + # input. Then we call |_aesni_ctr32_ghash_6x|, which requires at + # least 96 more bytes of input. cmp \$0x60*3,$len # minimal accepted length jb .Lgcm_enc_abort @@ -667,7 +699,16 @@ $code.=<<___; .Lenc_no_key_aliasing: lea ($out),$in0 + + # |_aesni_ctr32_ghash_6x| requires |$end0| to point to 2*96 (0xc0) + # bytes before the end of the input. Note, in particular, that this is + # correct even if |$len| is not an even multiple of 96 or 16. Unlike in + # the decryption case, there's no caveat that |$out| must not be near + # the very beginning of the address space, because we know that + # |$len| >= 3*96 from the check above, and so we know + # |$out| + |$len| >= 2*96 (0xc0). lea -0xc0($out,$len),$end0 + shr \$4,$len call_aesni_ctr32_6x _
[openssl-commits] [openssl] master update
The branch master has been updated via 0b919cc5d5832ddcc041440b279e27fcfcb01282 (commit) from 5fc77684f1bfa87d0cf9f7a84de92550fa854a84 (commit) - Log - commit 0b919cc5d5832ddcc041440b279e27fcfcb01282 Author: Andy PolyakovDate: Sun Jun 26 19:08:51 2016 +0200 Configurations/10-main.conf: fix PA-RISC commentary. Reviewed-by: Rich Salz --- Summary of changes: Configurations/10-main.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf index 86dd411..e28fb12 100644 --- a/Configurations/10-main.conf +++ b/Configurations/10-main.conf @@ -399,9 +399,9 @@ sub vms_info { # crypto/sha/sha_lcl.h. # - originally there were 32-bit hpux-parisc2-* targets. They were # scrapped, because a) they were not interchangeable with other 32-bit -# targets; a) when critical 32-bit assembly modules detect if they -# are executed on PA-RISC 2.0 and thus adequate performance is -# provided. +# targets; b) performance-critical 32-bit assembly modules implement +# even PA-RISC 2.0-specific code paths, which are chosen at run-time, +# thus adequate performance is provided even with PA-RISC 1.1 build. # "hpux-parisc-gcc" => { inherit_from => [ "BASE_unix" ], _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 5fc77684f1bfa87d0cf9f7a84de92550fa854a84 (commit) via c3a73daf0acc1272905db954b92a23146aad82f0 (commit) from dca5eeb4d06262b5e48f21af5e5d4dd672a8c5af (commit) - Log - commit 5fc77684f1bfa87d0cf9f7a84de92550fa854a84 Author: Andy PolyakovDate: Mon Jun 20 11:11:25 2016 +0200 evp/evp_enc.c: refine partial buffer overlap detection. Reviewed-by: Matt Caswell commit c3a73daf0acc1272905db954b92a23146aad82f0 Author: Andy Polyakov Date: Fri Jun 17 13:55:01 2016 +0200 evp/evp_enc.c: check for partially[!] overlapping buffers in EVP_EncryptUpdate and EVP_DecryptUpdate. It is argued that in general case it's impossible to provide guarantee that partially[!] overlapping buffers can be tolerated. Reviewed-by: Matt Caswell --- Summary of changes: crypto/evp/evp_enc.c | 57 -- doc/crypto/EVP_EncryptInit.pod | 4 ++- 2 files changed, 58 insertions(+), 3 deletions(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index acb6b8b..e43a5d2 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -8,6 +8,7 @@ */ #include +#include #include "internal/cryptlib.h" #include #include @@ -252,12 +253,53 @@ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); } +/* + * According to the letter of standard difference between pointers + * is specified to be valid only within same object. This makes + * it formally challenging to determine if input and output buffers + * are not partially overlapping with standard pointer arithmetic. + */ +#ifdef PTRDIFF_T +# undef PTRDIFF_T +#endif +#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE==64 +/* + * Then we have VMS that distinguishes itself by adhering to + * sizeof(size_t)==4 even in 64-bit builds, which means that + * difference between two pointers might be truncated to 32 bits. + * In the context one can even wonder how comparison for + * equality is implemented. To be on the safe side we adhere to + * PTRDIFF_T even for comparison for equality. + */ +# define PTRDIFF_T uint64_t +#else +# define PTRDIFF_T size_t +#endif + +static int is_partially_overlapping(const void *ptr1, const void *ptr2, +int len) +{ +PTRDIFF_T diff = (PTRDIFF_T)ptr1-(PTRDIFF_T)ptr2; +/* + * Check for partially overlapping buffers. [Binary logical + * operations are used instead of boolean to minimize number + * of conditional branches.] + */ +int condition = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) | + (diff > (0 - (PTRDIFF_T)len))); +assert(!condition); +return condition; +} + int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { int i, j, bl; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { +if (is_partially_overlapping(out, in, inl)) +return 0; + i = ctx->cipher->do_cipher(ctx, out, in, inl); if (i < 0) return 0; @@ -270,6 +312,8 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, *outl = 0; return inl == 0; } +if (is_partially_overlapping(out, in, inl)) +return 0; if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) { if (ctx->cipher->do_cipher(ctx, out, in, inl)) { @@ -292,10 +336,12 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, } else { j = bl - i; memcpy(&(ctx->buf[i]), in, j); -if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl)) -return 0; inl -= j; in += j; +if (is_partially_overlapping(out, in, bl)) +return 0; +if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl)) +return 0; out += bl; *outl = bl; } @@ -371,6 +417,9 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned int b; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { +if (is_partially_overlapping(out, in, inl)) +return 0; + fix_len = ctx->cipher->do_cipher(ctx, out, in, inl); if (fix_len < 0) { *outl = 0; @@ -392,6 +441,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, OPENSSL_assert(b <= sizeof ctx->final); if (ctx->final_used) { +/* see comment about PTRDIFF_T comparison above */ +if (((PTRDIFF_T)out == (PTRDIFF_T)in) +||
[openssl-commits] Build failed: openssl 1.0.511
Build openssl 1.0.511 failed Commit f9c1a0104b by FdaSilvaYY on 6/27/2016 6:25 AM: Useless Typedef's Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Passed: FdaSilvaYY/openssl#1243 (fix_set_dup_exdata - c9af7d7)
Build Update for FdaSilvaYY/openssl - Build: #1243 Status: Passed Duration: 13 minutes and 40 seconds Commit: c9af7d7 (fix_set_dup_exdata) Author: FdaSilvaYY Message: Fix possible malloc failure inside CRYPTO_dup_ex_data() Fix related docs. View the changeset: https://github.com/FdaSilvaYY/openssl/compare/f483c2eb1831...c9af7d78abbe View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140460247 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.510
Build openssl 1.0.510 failed Commit dca5eeb4d0 by Rich Salz on 6/26/2016 9:28 PM: RT2680: Public EC key is shown as private Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: FdaSilvaYY/openssl#1240 (constify_2 - f9c1a01)
Build Update for FdaSilvaYY/openssl - Build: #1240 Status: Still Failing Duration: 13 minutes and 50 seconds Commit: f9c1a01 (constify_2) Author: FdaSilvaYY Message: Useless Typedef's View the changeset: https://github.com/FdaSilvaYY/openssl/compare/67519ec72ea3...f9c1a0104b1a View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/140460042 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits