[openssl-commits] Build failed: openssl 1.0.904
Build openssl 1.0.904 failed Commit 8f6b218d8f by FdaSilvaYY on 8/4/2016 10:07 PM: Upgrade hmac speed test to sha1 Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl 1.0.903
Build openssl 1.0.903 completed Commit e52c6611ca by FdaSilvaYY on 8/4/2016 9:53 PM: Constifiy some input strings Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: FdaSilvaYY/openssl#1626 (oss_constify_api - b9f9b21)
Build Update for FdaSilvaYY/openssl - Build: #1626 Status: Errored Duration: 13 minutes and 8 seconds Commit: b9f9b21 (oss_constify_api) Author: FdaSilvaYY Message: ASN1_buf_print, asn1_print_, X509_NAME_oneline, X509_NAME_print Constify some X509_NAME, ASN1 printing code View the changeset: https://github.com/FdaSilvaYY/openssl/compare/dcae3de5794b...b9f9b214fa81 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/149878409 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: FdaSilvaYY/openssl#1625 (constify_2 - 8180560)
Build Update for FdaSilvaYY/openssl - Build: #1625 Status: Still Failing Duration: 15 minutes and 39 seconds Commit: 8180560 (constify_2) Author: FdaSilvaYY Message: Constify ASN1_PCTX_* ... add a static keyword. View the changeset: https://github.com/FdaSilvaYY/openssl/compare/37bbe02e86dc...818056012e58 View the full build log and details: https://travis-ci.org/FdaSilvaYY/openssl/builds/149876299 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 715d69b0d5fb5b873a923fc3f5c7b441ad73003c (commit) from 2b58c83e6271cd9ca4cde02d58cb428c351908f9 (commit) - Log - commit 715d69b0d5fb5b873a923fc3f5c7b441ad73003c Author: Richard LevitteDate: Thu Aug 4 18:31:51 2016 +0200 When tr gets bracketed arguments, they need to be quoted Reviewed-by: Rich Salz --- Summary of changes: Configurations/unix-Makefile.tmpl | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 3b6914c..608c204 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -578,7 +578,7 @@ PROCESS_PODS=\ [ -z "$$SEC" ] && SEC=$$defsec; \ fn=`basename $$p .pod`; \ Name=$$fn; \ - NAME=`echo $$fn | tr [a-z] [A-Z]`; \ + NAME=`echo $$fn | tr '[a-z]' '[A-Z]'`; \ suf=`eval "echo $$OUTSUFFIX"`; \ top=`eval "echo $$OUTTOP"`; \ $(PERL) $(SRCDIR)/util/mkdir-p.pl $$top/man$$SEC; \ @@ -591,8 +591,8 @@ PROCESS_PODS=\ comp_n="$$n"; \ comp_fn="$$fn"; \ case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \ - comp_n=`echo "$$n" | tr [A-Z] [a-z]`; \ - comp_fn=`echo "$$fn" | tr [A-Z] [a-z]`; \ + comp_n=`echo "$$n" | tr '[A-Z]' '[a-z]'`; \ + comp_fn=`echo "$$fn" | tr '[A-Z]' '[a-z]'`; \ ;; \ esac; \ if [ "$$comp_n" != "$$comp_fn" ]; then \ @@ -621,8 +621,8 @@ UNINSTALL_DOCS=\ comp_n="$$n"; \ comp_fn="$$fn"; \ case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \ - comp_n=`echo "$$n" | tr [A-Z] [a-z]`; \ - comp_fn=`echo "$$fn" | tr [A-Z] [a-z]`; \ + comp_n=`echo "$$n" | tr '[A-Z]' '[a-z]'`; \ + comp_fn=`echo "$$fn" | tr '[A-Z]' '[a-z]'`; \ ;; \ esac; \ if [ "$$comp_n" != "$$comp_fn" ]; then \ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 2b58c83e6271cd9ca4cde02d58cb428c351908f9 (commit) from dc57696ceec4643da1cbb69f9d1491a96e5126c4 (commit) - Log - commit 2b58c83e6271cd9ca4cde02d58cb428c351908f9 Author: Benjamin KadukDate: Wed Aug 3 15:07:55 2016 -0500 Remove some unused options from 10-main.conf The options RC4_CHUNK_LL, DES_PTR, and BF_PTR were removed by Rich in commit 3e9e810f2e047effb1056211794d2d12ec2b04e7 but were still sticking around in a coupule configuration entries. Since they're unused, remove them. Reviewed-by: Tim Hudson Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1390) --- Summary of changes: Configurations/10-main.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf index ec7a7d9..cc1a207 100644 --- a/Configurations/10-main.conf +++ b/Configurations/10-main.conf @@ -1755,7 +1755,7 @@ sub vms_info { #as => "???", #debug_aflags => "/NOOPTIMIZE/DEBUG", #release_aflags => "/OPTIMIZE/NODEBUG", -bn_opts => "SIXTY_FOUR_BIT RC4_INT RC4_CHUNK_LL DES_PTR BF_PTR", +bn_opts => "SIXTY_FOUR_BIT RC4_INT", }, "vms-alpha-p32" => { inherit_from => [ "vms-generic" ], @@ -1807,7 +1807,7 @@ sub vms_info { #as => "I4S", #debug_aflags => "/NOOPTIMIZE/DEBUG", #release_aflags => "/OPTIMIZE/NODEBUG", -bn_opts => "SIXTY_FOUR_BIT RC4_INT RC4_CHUNK_LL DES_PTR BF_PTR", +bn_opts => "SIXTY_FOUR_BIT RC4_INT", }, "vms-ia64-p32" => { inherit_from => [ "vms-generic" ], _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via dc57696ceec4643da1cbb69f9d1491a96e5126c4 (commit) from 219116d8667cd208a92323a9b95a20e3c7e3f9eb (commit) - Log - commit dc57696ceec4643da1cbb69f9d1491a96e5126c4 Author: Rich SalzDate: Thu Aug 4 14:29:53 2016 -0400 Fix output text to avoid gratuitious git diff Reviewed-by: Richard Levitte --- Summary of changes: apps/progs.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/progs.pl b/apps/progs.pl index 3ec16d5..21baf17 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -48,7 +48,7 @@ typedef enum FUNC_TYPE { typedef struct function_st { FUNC_TYPE type; const char *name; -int (*func)(int argc,char *argv[]); +int (*func)(int argc, char *argv[]); const OPTIONS *help; } FUNCTION; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 219116d8667cd208a92323a9b95a20e3c7e3f9eb (commit) via 412c8507ee61aeb1fcac4b6e84cd7e6501789124 (commit) from 20fc103f782bb0bcd41d211c6423187b02146b9d (commit) - Log - commit 219116d8667cd208a92323a9b95a20e3c7e3f9eb Author: Rich SalzDate: Wed Aug 3 15:24:57 2016 -0400 Remove get_hash completely Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/1389) commit 412c8507ee61aeb1fcac4b6e84cd7e6501789124 Author: Rich Salz Date: Wed Aug 3 15:15:20 2016 -0400 Remove "lockit" from internal error-hash function Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/1389) --- Summary of changes: apps/errstr.c | 13 + crypto/err/err.c | 48 +--- include/openssl/err.h | 2 -- util/libcrypto.num| 1 - 4 files changed, 10 insertions(+), 54 deletions(-) diff --git a/apps/errstr.c b/apps/errstr.c index ae7acf5..5fda799 100644 --- a/apps/errstr.c +++ b/apps/errstr.c @@ -17,16 +17,13 @@ #include typedef enum OPTION_choice { -OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, -OPT_STATS +OPT_ERR = -1, OPT_EOF = 0, OPT_HELP } OPTION_CHOICE; OPTIONS errstr_options[] = { {OPT_HELP_STR, 1, '-', "Usage: %s [options] errnum...\n"}, {OPT_HELP_STR, 1, '-', " errnum Error number\n"}, {"help", OPT_HELP, '-', "Display this summary"}, -{"stats", OPT_STATS, '-', - "Print internal hashtable statistics (long!)"}, {NULL} }; @@ -48,14 +45,6 @@ int errstr_main(int argc, char **argv) opt_help(errstr_options); ret = 0; goto end; -case OPT_STATS: -lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(), - bio_out); -lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), bio_out); -lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(), -bio_out); -ret = 0; -goto end; } } diff --git a/crypto/err/err.c b/crypto/err/err.c index dc721c2..584bb9e 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -125,8 +125,6 @@ static CRYPTO_THREAD_LOCAL err_thread_local; static CRYPTO_ONCE err_string_init = CRYPTO_ONCE_STATIC_INIT; static CRYPTO_RWLOCK *err_string_lock; -/* Predeclarations of the "err_defaults" functions */ -static LHASH_OF(ERR_STRING_DATA) *get_hash(int create, int lockit); static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); /* @@ -155,33 +153,13 @@ static int err_string_data_cmp(const ERR_STRING_DATA *a, return (int)(a->error - b->error); } -static LHASH_OF(ERR_STRING_DATA) *get_hash(int create, int lockit) -{ -LHASH_OF(ERR_STRING_DATA) *ret = NULL; - -if (lockit) -CRYPTO_THREAD_write_lock(err_string_lock); -if (!int_error_hash && create) { -int_error_hash = lh_ERR_STRING_DATA_new(err_string_data_hash, -err_string_data_cmp); -} -if (int_error_hash != NULL) -ret = int_error_hash; -if (lockit) -CRYPTO_THREAD_unlock(err_string_lock); - -return ret; -} - static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) { ERR_STRING_DATA *p = NULL; -LHASH_OF(ERR_STRING_DATA) *hash; CRYPTO_THREAD_read_lock(err_string_lock); -hash = get_hash(0, 0); -if (hash) -p = lh_ERR_STRING_DATA_retrieve(hash, d); +if (int_error_hash != NULL) +p = lh_ERR_STRING_DATA_retrieve(int_error_hash, d); CRYPTO_THREAD_unlock(err_string_lock); return p; @@ -300,15 +278,15 @@ int ERR_load_ERR_strings(void) static void err_load_strings(int lib, ERR_STRING_DATA *str) { -LHASH_OF(ERR_STRING_DATA) *hash; - CRYPTO_THREAD_write_lock(err_string_lock); -hash = get_hash(1, 0); -if (hash) { +if (int_error_hash == NULL) +int_error_hash = lh_ERR_STRING_DATA_new(err_string_data_hash, +err_string_data_cmp); +if (int_error_hash != NULL) { for (; str->error; str++) { if (lib) str->error |= ERR_PACK(lib, 0, 0); -(void)lh_ERR_STRING_DATA_insert(hash, str); +(void)lh_ERR_STRING_DATA_insert(int_error_hash, str); } } CRYPTO_THREAD_unlock(err_string_lock); @@ -324,18 +302,15 @@ int ERR_load_strings(int lib, ERR_STRING_DATA *str) int ERR_unload_strings(int lib, ERR_STRING_DATA *str) { -LHASH_OF(ERR_STRING_DATA) *hash; - if (!RUN_ONCE(_string_init, do_err_strings_init)) return 0;
[openssl-commits] Build failed: openssl ct_pods.263
Build openssl ct_pods.263 failed Commit 486226b36b by Rob Percival on 8/4/2016 5:42 PM: fixup! Adds history section to CT PODs Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via 6592de7c8c090bbb7ec82bad07b3249153bb692f (commit) from 5db2a579b72b94aa0dacb08530768a1a5759237d (commit) - Log - commit 6592de7c8c090bbb7ec82bad07b3249153bb692f Author: Dr. Stephen HensonDate: Thu Aug 4 13:54:51 2016 +0100 Check for overflows in i2d_ASN1_SET() Thanks to Shi Lei for reporting this issue. Reviewed-by: Rich Salz (cherry picked from commit af601b83198771a4ad54ac0f415964b90aab4b5f) --- Summary of changes: crypto/asn1/a_set.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index bf3f971..5fb5865 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -57,6 +57,7 @@ */ #include +#include #include "cryptlib.h" #include @@ -98,10 +99,14 @@ int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, if (a == NULL) return (0); -for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) +for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) { +int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL); +if (tmplen > INT_MAX - ret) +return -1; ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL); +} r = ASN1_object_size(1, ret, ex_tag); -if (pp == NULL) +if (pp == NULL || r == -1) return (r); p = *pp; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: ekasper/openssl#13 (test-coverage - 8262c89)
Build Update for ekasper/openssl - Build: #13 Status: Errored Duration: 39 minutes and 46 seconds Commit: 8262c89 (test-coverage) Author: Emilia Kasper Message: Add a coverage target Run tests with coverage and report to coveralls.io For simplicity, this currently only adds a single target in a configuration that attempts to maximize coverage. The true CI coverage from all the various builds may be a little larger. The coverage run has the following configuration: - no-asm: since we can't track asm coverage anyway, might as well measure the non-asm code coverage. - Enable various disabled-by-default options: - rc5 - md2 - ec_nistp_64_gcc_128 - ssl3 - ssl3-method - weak-ssl-ciphers Finally, observe that no-pic implies no-shared, and therefore running both builds in the matrix is redundant. View the changeset: https://github.com/ekasper/openssl/compare/ab47d0308805...8262c89bc4fa View the full build log and details: https://travis-ci.org/ekasper/openssl/builds/149791205 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Broken: openssl/openssl#5309 (master - 262ee9a)
Build Update for openssl/openssl - Build: #5309 Status: Broken Duration: 46 minutes and 48 seconds Commit: 262ee9a (master) Author: Richard Levitte Message: Travis: When testing installation, build in separate dir, otherwise in checkout The rationale is that installation from a tarball is a common task that everyone performs. For all other builds, we do specialised tests, and might as well build them directly in the checkout, which also gives us fuzz corpora. Reviewed-by: Emilia KäsperView the changeset: https://github.com/openssl/openssl/compare/81dd99902869...262ee9a2c205 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/149780091 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via acc00492130d53d2d6a25bbe5409240aeba98420 (commit) from e7932c1eb7daa1f8778df57687f6983fe6712734 (commit) - Log - commit acc00492130d53d2d6a25bbe5409240aeba98420 Author: FdaSilvaYYDate: Mon Aug 1 21:30:57 2016 +0200 Pack globals variables used to control apps/verify_callback() into a structure , to avoid any accident . Plus some few cleanups Reviewed-by: Rich Salz Reviewed-by: Richard Levitte --- Summary of changes: apps/apps.h | 13 - apps/s_cb.c | 22 ++ apps/s_client.c | 24 +--- apps/s_server.c | 21 ++--- apps/s_time.c | 13 - 5 files changed, 41 insertions(+), 52 deletions(-) diff --git a/apps/apps.h b/apps/apps.h index 22eead3..33a2f68 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -551,11 +551,14 @@ int raw_write_stdout(const void *, int); # define TM_STOP 1 double app_tminterval(int stop, int usertime); -/* this is an accident waiting to happen (-Wshadow is your friend) */ -extern int verify_depth; -extern int verify_quiet; -extern int verify_error; -extern int verify_return_error; +typedef struct verify_options_st { +int depth; +int quiet; +int error; +int return_error; +} VERIFY_CB_ARGS; + +extern VERIFY_CB_ARGS verify_args; # include "progs.h" diff --git a/apps/s_cb.c b/apps/s_cb.c index 9481fa5..330dedb 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -26,10 +26,8 @@ #define COOKIE_SECRET_LENGTH16 -int verify_depth = 0; -int verify_quiet = 0; -int verify_error = X509_V_OK; -int verify_return_error = 0; +VERIFY_CB_ARGS verify_args = { 0, 0, X509_V_OK, 0 }; + #ifndef OPENSSL_NO_SOCK static unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; static int cookie_initialized = 0; @@ -52,7 +50,7 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) err = X509_STORE_CTX_get_error(ctx); depth = X509_STORE_CTX_get_error_depth(ctx); -if (!verify_quiet || !ok) { +if (!verify_args.quiet || !ok) { BIO_printf(bio_err, "depth=%d ", depth); if (err_cert) { X509_NAME_print_ex(bio_err, @@ -65,13 +63,13 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) if (!ok) { BIO_printf(bio_err, "verify error:num=%d:%s\n", err, X509_verify_cert_error_string(err)); -if (verify_depth >= depth) { -if (!verify_return_error) +if (verify_args.depth >= depth) { +if (!verify_args.return_error) ok = 1; -verify_error = err; +verify_args.error = err; } else { ok = 0; -verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; +verify_args.error = X509_V_ERR_CERT_CHAIN_TOO_LONG; } } switch (err) { @@ -94,13 +92,13 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) BIO_printf(bio_err, "\n"); break; case X509_V_ERR_NO_EXPLICIT_POLICY: -if (!verify_quiet) +if (!verify_args.quiet) policies_print(ctx); break; } -if (err == X509_V_OK && ok == 2 && !verify_quiet) +if (err == X509_V_OK && ok == 2 && !verify_args.quiet) policies_print(ctx); -if (ok && !verify_quiet) +if (ok && !verify_args.quiet) BIO_printf(bio_err, "verify return:%d\n", ok); return (ok); } diff --git a/apps/s_client.c b/apps/s_client.c index 0488a27..46fa87b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -83,11 +83,6 @@ typedef unsigned int u_int; #define BUFSIZZ 1024*8 #define S_CLIENT_IRC_READ_TIMEOUT 8 -extern int verify_depth; -extern int verify_error; -extern int verify_return_error; -extern int verify_quiet; - static char *prog; static int c_nbio = 0; static int c_tlsextdebug = 0; @@ -879,12 +874,7 @@ int s_client_main(int argc, char **argv) c_msg = 0; c_showcerts = 0; c_nbio = 0; -verify_depth = 0; -verify_error = X509_V_OK; vpm = X509_VERIFY_PARAM_new(); -cbuf = app_malloc(BUFSIZZ, "cbuf"); -sbuf = app_malloc(BUFSIZZ, "sbuf"); -mbuf = app_malloc(BUFSIZZ, "mbuf"); cctx = SSL_CONF_CTX_new(); if (vpm == NULL || cctx == NULL) { @@ -892,6 +882,10 @@ int s_client_main(int argc, char **argv) goto end; } +cbuf = app_malloc(BUFSIZZ, "cbuf"); +sbuf = app_malloc(BUFSIZZ, "sbuf"); +mbuf = app_malloc(BUFSIZZ, "mbuf"); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT | SSL_CONF_FLAG_CMDLINE); prog = opt_init(argc, argv, s_client_options); @@ -975,9 +969,9 @@ int s_client_main(int argc, char **argv) break; case OPT_VERIFY: verify = SSL_VERIFY_PEER; -verify_depth = atoi(opt_arg()); +
[openssl-commits] [openssl] master update
The branch master has been updated via e7932c1eb7daa1f8778df57687f6983fe6712734 (commit) from c47ba4e96c7aa9c2f741f8c89b6440ed2c13b91c (commit) - Log - commit e7932c1eb7daa1f8778df57687f6983fe6712734 Author: JimCDate: Wed Aug 3 13:53:21 2016 -0400 Ignore windows generated manifests - Commit a95ce7f builds *.manifest files on windows -- added them to .gitignore. - ignore pod -> html temp file Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte --- Summary of changes: .gitignore | 4 1 file changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 7deae39..e55ab65 100644 --- a/.gitignore +++ b/.gitignore @@ -169,3 +169,7 @@ Makefile.save *.bak cscope.* *.d +pod2htmd.tmp + +# Windows manifest files +*.manifest _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via c47ba4e96c7aa9c2f741f8c89b6440ed2c13b91c (commit) via cfc5e0aa739abeb8861d2127ca31addcc1149a3e (commit) via 924212a67020be9ab7a62af6bddd9d4db2635ffc (commit) via 69b017f66b2b743c827fe885aa575066fef71ec9 (commit) via f48ebf9f4cc5be2624389583be19f1c8895be194 (commit) from 547a19cf4fcb581bd0c310bd69141031c7118295 (commit) - Log - commit c47ba4e96c7aa9c2f741f8c89b6440ed2c13b91c Author: FdaSilvaYYDate: Sun Jul 31 19:38:09 2016 +0200 Constify some ASN1_OBJECT *obj input parameters Reviewed-by: Rich Salz Reviewed-by: Richard Levitte commit cfc5e0aa739abeb8861d2127ca31addcc1149a3e Author: FdaSilvaYY Date: Sun Jul 31 19:19:49 2016 +0200 Constify inputs of two X509_LOOKUP_METHOD methods ... get_by_fingerprint() and get_by_alias() Reviewed-by: Rich Salz Reviewed-by: Richard Levitte commit 924212a67020be9ab7a62af6bddd9d4db2635ffc Author: FdaSilvaYY Date: Sun Jul 31 19:14:09 2016 +0200 Constify input buffer of X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_ENTRY_create_by_NID Reviewed-by: Rich Salz Reviewed-by: Richard Levitte commit 69b017f66b2b743c827fe885aa575066fef71ec9 Author: FdaSilvaYY Date: Fri Jul 29 12:51:35 2016 +0200 Constify two internal methods - append_ia5 - old_entry_print Reviewed-by: Rich Salz Reviewed-by: Richard Levitte commit f48ebf9f4cc5be2624389583be19f1c8895be194 Author: FdaSilvaYY Date: Mon Jul 4 20:40:27 2016 +0200 Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get Reviewed-by: Rich Salz Reviewed-by: Richard Levitte --- Summary of changes: apps/ca.c | 4 +-- crypto/asn1/a_int.c | 2 +- crypto/cms/cms_att.c | 8 +++--- crypto/evp/evp_pkey.c | 2 +- crypto/ocsp/ocsp_ext.c| 9 --- crypto/ts/ts_req_utils.c | 4 +-- crypto/ts/ts_rsp_sign.c | 4 +-- crypto/ts/ts_rsp_utils.c | 2 +- crypto/ts/ts_rsp_verify.c | 12 + crypto/x509/x509_att.c| 7 +++-- crypto/x509/x509_ext.c| 7 ++--- crypto/x509/x509_lcl.h| 4 +-- crypto/x509/x509_lu.c | 4 +-- crypto/x509/x509_req.c| 2 +- crypto/x509/x509_v3.c | 6 ++--- crypto/x509/x509name.c| 11 crypto/x509/x_x509a.c | 4 +-- crypto/x509v3/v3_utl.c| 4 +-- doc/crypto/ASN1_INTEGER_get_int64.pod | 4 +-- doc/crypto/X509_EXTENSION_set_object.pod | 4 +-- doc/crypto/X509_NAME_ENTRY_get_object.pod | 2 +- doc/crypto/X509_NAME_add_entry_by_txt.pod | 4 +-- doc/crypto/X509_NAME_get_index_by_NID.pod | 4 +-- doc/crypto/X509v3_get_ext_by_NID.pod | 8 +++--- doc/crypto/crypto.pod | 2 +- include/openssl/asn1.h| 2 +- include/openssl/cms.h | 8 +++--- include/openssl/ocsp.h| 8 +++--- include/openssl/ts.h | 11 include/openssl/x509.h| 44 +-- include/openssl/x509_vfy.h| 4 +-- 31 files changed, 105 insertions(+), 96 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 376c8a5..8059575 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -131,7 +131,7 @@ static int do_updatedb(CA_DB *db); static int check_time_format(const char *str); char *make_revocation_str(int rev_type, char *rev_arg); int make_revoked(X509_REVOKED *rev, const char *str); -static int old_entry_print(ASN1_OBJECT *obj, ASN1_STRING *str); +static int old_entry_print(const ASN1_OBJECT *obj, const ASN1_STRING *str); static CONF *extconf = NULL; static int preserve = 0; @@ -2412,7 +2412,7 @@ int make_revoked(X509_REVOKED *rev, const char *str) return ret; } -static int old_entry_print(ASN1_OBJECT *obj, ASN1_STRING *str) +static int old_entry_print(const ASN1_OBJECT *obj, const ASN1_STRING *str) { char buf[25], *pbuf, *p; int j; diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 43174f7..36248df 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -595,7 +595,7 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) return ASN1_ENUMERATED_set_int64(a, v); } -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
[openssl-commits] [openssl] master update
The branch master has been updated via 5fc2c6896d5050735c7d99dc80275c72fc58c49c (commit) via fda27673477b3667b96ff7156671d40ea8f283e8 (commit) from 262ee9a2c205515b9a3afcde126bea866aa55d6a (commit) - Log - commit 5fc2c6896d5050735c7d99dc80275c72fc58c49c Author: Richard LevitteDate: Wed Aug 3 21:45:06 2016 +0200 VSI submission: make the VMS version of RAND_poll() faster and more secure Reviewed-by: Rich Salz commit fda27673477b3667b96ff7156671d40ea8f283e8 Author: Richard Levitte Date: Wed Aug 3 21:33:31 2016 +0200 VSI submisson: make better use of item lists in o_time.c Reviewed-by: Rich Salz --- Summary of changes: crypto/o_time.c| 73 + crypto/rand/rand_vms.c | 122 + 2 files changed, 128 insertions(+), 67 deletions(-) mode change 100644 => 100755 crypto/o_time.c diff --git a/crypto/o_time.c b/crypto/o_time.c old mode 100644 new mode 100755 index b73fe1f..e785525 --- a/crypto/o_time.c +++ b/crypto/o_time.c @@ -24,7 +24,28 @@ # include # include # endif /* ndef VMS_GMTIME_OK */ -#endif + + +/* + * Needed to pick up the correct definitions and declarations in some of the + * DEC C Header Files (*.H). + */ +# define __NEW_STARLET 1 + +# if (defined(__alpha) || defined(__ia64)) +# include +# else + +/* VAX */ +typedef struct _ile3 { /* Copied from ILEDEF.H for Alpha */ +# pragma __nomember_alignment +unsigned short int ile3$w_length;/* Length of buffer in bytes */ +unsigned short int ile3$w_code; /* Item code value */ +void *ile3$ps_bufaddr; /* Buffer address */ +unsigned short int *ile3$ps_retlen_addr; /* Address of word for returned length */ +} ILE3; +# endif /* alpha || ia64*/ +#endif/* OPENSSL_SYS_VMS */ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) { @@ -51,26 +72,42 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL"); char logvalue[256]; unsigned int reslen = 0; -struct { -short buflen; -short code; -void *bufaddr; -unsigned int *reslen; -} itemlist[] = { -{ -0, LNM$_STRING, 0, 0 -}, -{ -0, 0, 0, 0 -}, -}; +# if __INITIAL_POINTER_SIZE == 64 +ILEB_64 itemlist[2], *pitem; +# else +ILE3 itemlist[2], *pitem; +# endif int status; time_t t; + +/* + * Setup an itemlist for the call to $TRNLNM - Translate Logical Name. + */ +pitem = itemlist; + +# if __INITIAL_POINTER_SIZE == 64 +pitem->ileb_64$w_mbo = 1; +pitem->ileb_64$w_code = LNM$_STRING; +pitem->ileb_64$l_mbmo = -1; +pitem->ileb_64$q_length = sizeof (logvalue); +pitem->ileb_64$pq_bufaddr = logvalue; +pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) +pitem++; +/* Last item of the item list is null terminated */ +pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0; +# else +pitem->ile3$w_length = sizeof (logvalue); +pitem->ile3$w_code = LNM$_STRING; +pitem->ile3$ps_bufaddr = logvalue; +pitem->ile3$ps_retlen_addr = (unsigned short int *) +pitem++; +/* Last item of the item list is null terminated */ +pitem->ile3$w_length = pitem->ile3$w_code = 0; +# endif + + /* Get the value for SYS$TIMEZONE_DIFFERENTIAL */ -itemlist[0].buflen = sizeof(logvalue); -itemlist[0].bufaddr = logvalue; -itemlist[0].reslen = status = sys$trnlnm(0, , , 0, itemlist); if (!(status & 1)) return NULL; @@ -78,7 +115,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) t = *timer; -/* The following is extracted from the DEC C header time.h */ +/* The following is extracted from the DEC C header time.h */ /* ** Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime ** have two implementations. One implementation is provided diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c index ae6f17d..9c462dd 100644 --- a/crypto/rand/rand_vms.c +++ b/crypto/rand/rand_vms.c @@ -7,15 +7,21 @@ * https://www.openssl.org/source/license.html */ +/* + * Modified by VMS Software, Inc (2016) + *Eliminate looping through all processes (performance) + *Add additional randomizations using rand() function + */ + #include #include "rand_lcl.h" #if defined(OPENSSL_SYS_VMS) - # include # include # include
[openssl-commits] [openssl] master update
The branch master has been updated via 262ee9a2c205515b9a3afcde126bea866aa55d6a (commit) from 81dd99902869c666932ece1e5a39d3b18f2f4b04 (commit) - Log - commit 262ee9a2c205515b9a3afcde126bea866aa55d6a Author: Richard LevitteDate: Thu Aug 4 11:50:39 2016 +0200 Travis: When testing installation, build in separate dir, otherwise in checkout The rationale is that installation from a tarball is a common task that everyone performs. For all other builds, we do specialised tests, and might as well build them directly in the checkout, which also gives us fuzz corpora. Reviewed-by: Emilia Käsper --- Summary of changes: .travis.yml | 32 ++-- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/.travis.yml b/.travis.yml index a278cb2..aee34cf 100644 --- a/.travis.yml +++ b/.travis.yml @@ -59,26 +59,38 @@ matrix: compiler: gcc before_script: -- sh .travis-create-release.sh $TRAVIS_OS_NAME -- tar -xvzf _srcdist.tar.gz -- mkdir _build; -- cd _build; +- if [ -n "$DESTDIR" ]; then + sh .travis-create-release.sh $TRAVIS_OS_NAME; + tar -xvzf _srcdist.tar.gz; + mkdir _build; + cd _build; + srcdir=../_srcdist; + top=..; + else + srcdir=.; + top=.; + fi - if [ "$CC" == i686-w64-mingw32-gcc ]; then export CROSS_COMPILE=${CC%%gcc}; unset CC; - ../_srcdist/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format; + $srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format; elif [ "$CC" == x86_64-w64-mingw32-gcc ]; then export CROSS_COMPILE=${CC%%gcc}; unset CC; - ../_srcdist/Configure mingw64 $CONFIG_OPTS -Wno-pedantic-ms-format; + $srcdir/Configure mingw64 $CONFIG_OPTS -Wno-pedantic-ms-format; else if which ccache >/dev/null && [ "$CC" != clang-3.6 ]; then CC="ccache $CC"; fi; - ../_srcdist/config $CONFIG_OPTS; + $srcdir/config $CONFIG_OPTS; fi -- cd .. +- cd $top script: -- cd _build; +- if [ -n "$DESTDIR" ]; then + cd _build; + top=..; + else + top=.; + fi - make update - make - if [ -z "$BUILDONLY" ]; then @@ -93,7 +105,7 @@ script: mkdir "../$DESTDIR"; make install install_docs DESTDIR="../$DESTDIR"; fi -- cd .. +- cd $top notifications: email: _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-pre6 create
The annotated tag OpenSSL_1_1_0-pre6 has been created at 04a54629c2bb904e9bd9a1d98381b1259147cc0d (tag) tagging 2f554efe20d1fe05b242f41f593362965ae89912 (commit) replaces OpenSSL_1_1_0-pre5 tagged by Matt Caswell on Thu Aug 4 15:00:44 2016 +0100 - Log - OpenSSL 1.1.0-pre6 release tag -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJXo0qMAAoJENnE0m0OYESRgVAIAK+BAvJKlFEDgmeyXXffcDJT Gxbf856um65DN5eeKzIj69IqFFC1c+EI9Dy6YACYndiOXrG4O9sfOFYmpnkaUh68 8Wcqmobat3sl29FknMhRoq3KfavyPp4jIDOVV+6j2bspPawP9r6/094/usQFhyKD w7q6D+l4hkfjGqcQ3R8RNTLh7RxrIcOT1GgiwmOYLh3u6tywEK5NuAx3hg6Q4KZ4 DpmXZC9R/SWkuX1pN+nOpBYMCqilWoaCXFb9OnETjdkxAlbQrn2T1brCVni1sLsB OrTXpcM79ccxrIt4Q6Ks77jTPDvObuSKZIHTg+KU/hj7tfS0yPBkLR1om0WT82U= =aQJk -END PGP SIGNATURE- Alessandro Ghedini (5): Increment size limit for ClientHello messages Add SSL_client_version() getter function Do not access SSL struct directly in TLS1_get_version and TLS1_get_client_version macros Add SSL_get_tlsext_status_type() method Fix printing private EC_KEY Alex Gaynor (1): Add comment about X509_print Andrea Grandi (1): Fix error in the loop of ECDH Andreas Karlsson (1): Fix broken loading of client CAs Andy Polyakov (101): poly1305/asm/poly1305-x86_64.pl: not all assemblers manage << in constants. perlasm/x86_64-xlate.pl: make latest ml64 work. Configuration: add unsupported masm target. Add AES assembly module for Fujitsu SPARC64 X/X+. sparcv9cap.c: add Fujitsu SPARC64 X AES capability detection. evp/aes_aes.c: engage Fujitsu SPARC64 X AES support. Configurations: fix typo in 50-masm.conf. chacha/asm/chacha-ppc.pl: get misalignment corner case right on big-endian. crypto/sparc_arch.h: reserve more SPARCv9 capability bits. s390x assembly pack: cache capability query results. crypto/poly1305/asm: chase overflow bit on x86 and ARM platforms. camellia/build.info: fix typo SPARCv9 assembly pack: fine-tune run-time switch. crypto/ppccap.c: permit build with no-chacha and no-poly1305. crypto/ppccap.c: fix missing declaration warning. chacha/asm/chacha-x86.pl: make it compile on legacy systems. Remove obsolete defined(__INTEL__) condition. Android build fixes. ssl/record/rec_layer_s3.c: fix typo from previous commit. Tru64 fixes. Configurations/unix-Makefile.tmpl: don't count on -E -P. MIPS assembly pack: fix MIPS64 assembler warnings. Alpha assembly pack: make it work on Linux. test/evp_test.c: exercise different combinations of data misalignment. testlib/OpenSSL/Test.pm: address 5.10 warnings. poly1305/asm/poly1305-x86_64.pl: make it cross-compile. poly1305/asm/poly1305-x86_64.pl: contain symbols within shared lib. README.PERL: clarify "matching" Perl requirement on Windows. Configurations/windows-makefile.tmpl: expand environments early. IRIX fixes. Configure: make it work with Perl 5.10. Configure: adhere to $(CROSS_COMPILE)ranlib. util/mkdef.pl: omit ordinals from Windows DLLs. windows-makefile.tmpl: minor adjustments. Configure: replace which() with IPC::Cmd::can_run. MIPS64 assembly pack: add Poly1305 module. Configurations: engage MIPS64 Poly1305 module. crypto/des: remove obsolete functions. ARMv8 assembly pack: add OPENSSL_cleanse. test/evp_test.c: exercise in-place encryption. rand/randfile.c: remove _XOPEN_SOURCE definition. Add assembly CRYPTO_memcmp. Move Haiku configuration to separate config file to denote the fact that it's community-supported target. Makefile.shared: revert Haiku support commit. Configure: pull 'which' back. bf/build.info: engage assembly module. bn/bn_exp.c: explain 'volatile' in MOD_EXP_CTIME_COPY_FROM_PREBUF. crypto/o_str.c: strerror_s is provided by specific compiler run-time, not by OS [as was implied by guarding #if condition]. crypto/o_str.c: add _GNU_SOURCE strerror_r case. include/openssl/e_os2.h: fix 'noreturn' pre-processor logic. SPARC assembly pack: add missing .type directives. poly1305/asm/poly1305-mips.pl: adhere to standard frame layout. Configure,test/recipes: "pin" glob to File::Glob::glob. x86_64 assembly pack: tolerate spaces in source directory name. chacha/chacha_enc.c: harmonize counter width with subroutine name. s390x assembly pack: improve portability. hmac/hmac.c: fix sizeof typo in hmac_ctx_cleanup. doc/crypto/OPENSSL_ia32cap.pod update. bn/bn_add.c: favour counted loops over ifs and breaks. perlasm/x86_64-xlate.pl: refactor argument parsing loop. perlasm/x86_64-xlate.pl: add commentary. aes/asm/aesp8-ppc.pl: add XTS subroutines. evp/e_aes.c: wire hardware-assisted XTS
[openssl-commits] [web] master update
The branch master has been updated via 219e4d1e6dd48b4f0e0cd88992544979149a61ef (commit) from 00bd611e7746aa69bc83b56f64e9c358c94a78c5 (commit) - Log - commit 219e4d1e6dd48b4f0e0cd88992544979149a61ef Author: Matt CaswellDate: Thu Aug 4 15:11:00 2016 +0100 Add beta 3 announcement to newsflash --- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index 44bbdea..8b3b8f7 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,7 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +04-Aug-2016: Beta 3 (pre-release 6) of OpenSSL 1.1.0 is now available: please download and test it 03-May-2016: Security Advisory: several security fixes 03-May-2016: OpenSSL 1.0.2h is now available, including bug and security fixes 03-May-2016: OpenSSL 1.0.1t is now available, including bug and security fixes _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 81dd99902869c666932ece1e5a39d3b18f2f4b04 (commit) via 2f554efe20d1fe05b242f41f593362965ae89912 (commit) via a3507a11070868d6c10f1b5b3408e9c2634da29f (commit) from c98740f8a6e2d8341bf42e4e3c8435fe0ea35bcd (commit) - Log - commit 81dd99902869c666932ece1e5a39d3b18f2f4b04 Author: Matt CaswellDate: Thu Aug 4 15:02:43 2016 +0100 Prepare for 1.1.0-pre7-dev Reviewed-by: Richard Levitte commit 2f554efe20d1fe05b242f41f593362965ae89912 Author: Matt Caswell Date: Thu Aug 4 15:00:44 2016 +0100 Prepare for 1.1.0-pre6 release Reviewed-by: Richard Levitte commit a3507a11070868d6c10f1b5b3408e9c2634da29f Author: Matt Caswell Date: Thu Aug 4 15:00:43 2016 +0100 make update Reviewed-by: Richard Levitte --- Summary of changes: README | 2 +- apps/progs.h | 2 +- include/openssl/opensslv.h | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README b/README index 7e623a1..a4026ef 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 1.1.0-pre6-dev + OpenSSL 1.1.0-pre7-dev Copyright (c) 1998-2016 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/apps/progs.h b/apps/progs.h index 5f6f07f..ac9d208 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -18,7 +18,7 @@ typedef enum FUNC_TYPE { typedef struct function_st { FUNC_TYPE type; const char *name; -int (*func)(int argc, char *argv[]); +int (*func)(int argc,char *argv[]); const OPTIONS *help; } FUNCTION; diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h index 2dd067f..1abd522 100644 --- a/include/openssl/opensslv.h +++ b/include/openssl/opensslv.h @@ -39,11 +39,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1016L +# define OPENSSL_VERSION_NUMBER 0x1017L # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.0-pre6-fips-dev xx XXX " +# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.0-pre7-fips-dev xx XXX " # else -# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.0-pre6-dev xx XXX " +# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.0-pre7-dev xx XXX " # endif /*- _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl 1.0.899
Build openssl 1.0.899 failed Commit 3c456ca1c0 by FdaSilvaYY on 8/1/2016 7:03 PM: Add sk_new_num & sk_new_null_num methods Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl OpenSSL_1_0_2-stable.4622
Build openssl OpenSSL_1_0_2-stable.4622 completed Commit ae1f19eea1 by David Woodhouse on 8/3/2016 5:25 PM: Add basic test for Cisco DTLS1_BAD_VER and record replay handling Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits