[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 053aedf1536267b621cb8d7bceaafece4df03c41 (commit) from 952d813eeaa6baf01bf25b057f760a6f21147c7e (commit) - Log - commit 053aedf1536267b621cb8d7bceaafece4df03c41 Author: Dr. Matthias St. Pierre Date: Mon Jan 7 01:21:56 2019 +0100 doc/man1/x509.pod: fix typo This looks like a copy&paste error from req.pod to x509.pod. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7995) (cherry picked from commit 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0) --- Summary of changes: doc/man1/x509.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index 547da5d..0ab7384 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -173,7 +173,7 @@ options. See the B section for more information. =item B<-noout> -This option prevents output of the encoded version of the request. +This option prevents output of the encoded version of the certificate. =item B<-pubkey> _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0 (commit) from 673e0bbbe4b9cbd19a247c0b18c171bb0421915a (commit) - Log - commit 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0 Author: Dr. Matthias St. Pierre Date: Mon Jan 7 01:21:56 2019 +0100 doc/man1/x509.pod: fix typo This looks like a copy&paste error from req.pod to x509.pod. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7995) --- Summary of changes: doc/man1/x509.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index 8c096ed..75919ca 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -173,7 +173,7 @@ options. See the B section for more information. =item B<-noout> -This option prevents output of the encoded version of the request. +This option prevents output of the encoded version of the certificate. =item B<-pubkey> _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 673e0bbbe4 Restore compatibility with GOST2001 implementations. 5e9072ed99 Fix no-sock 87bbbfb1e4 Fix no-cmac e74be3d497 crypto/evp/e_aes.c: build again on s390x f760137b21 crypto/chacha/asm/chacha-s390x.pl: add vx code path. c66bb88cb0 s390x assembly pack: perlasm support. de2debc524 Support _onexit() in preference to atexit() on Windows 41999e7d35 Introduce a no-pinshared option 88d57bf83f Test atexit handlers d0f2f202c5 Don't link shlibloadtest against libcrypto 8f6a5c56c1 Implement OPENSSL_INIT_NO_ATEXIT 660a1e0434 Fix a RUN_ONCE bug df5228e3b2 Fix shlibloadtest to properly execute the dso_ref test Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... o
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cmac
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: 673e0bbbe4 Restore compatibility with GOST2001 implementations. 5e9072ed99 Fix no-sock 87bbbfb1e4 Fix no-cmac e74be3d497 crypto/evp/e_aes.c: build again on s390x f760137b21 crypto/chacha/asm/chacha-s390x.pl: add vx code path. c66bb88cb0 s390x assembly pack: perlasm support. de2debc524 Support _onexit() in preference to atexit() on Windows 41999e7d35 Introduce a no-pinshared option 88d57bf83f Test atexit handlers d0f2f202c5 Don't link shlibloadtest against libcrypto 8f6a5c56c1 Implement OPENSSL_INIT_NO_ATEXIT 660a1e0434 Fix a RUN_ONCE bug df5228e3b2 Fix shlibloadtest to properly execute the dso_ref test _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 952d813eeaa6baf01bf25b057f760a6f21147c7e (commit) from 980f7419cb3d7343d4f76ff648f5785b75a2efc4 (commit) - Log - commit 952d813eeaa6baf01bf25b057f760a6f21147c7e Author: Dmitry Belyavskiy Date: Fri Jan 4 20:38:29 2019 +0300 Restore compatibility with GOST2001 implementations. Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7985) (cherry picked from commit 673e0bbbe4b9cbd19a247c0b18c171bb0421915a) --- Summary of changes: ssl/statem/extensions.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 716d6d2..11feae5 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -623,7 +623,12 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, && type != TLSEXT_TYPE_cookie && type != TLSEXT_TYPE_renegotiate && type != TLSEXT_TYPE_signed_certificate_timestamp -&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0) { +&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0 +#ifndef OPENSSL_NO_GOST +&& !((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0 + && type == TLSEXT_TYPE_cryptopro_bug) +#endif + ) { SSLfatal(s, SSL_AD_UNSUPPORTED_EXTENSION, SSL_F_TLS_COLLECT_EXTENSIONS, SSL_R_UNSOLICITED_EXTENSION); goto err; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 673e0bbbe4b9cbd19a247c0b18c171bb0421915a (commit) from 5e9072ed99971fa5e47326c2f8ffa4bc9624a584 (commit) - Log - commit 673e0bbbe4b9cbd19a247c0b18c171bb0421915a Author: Dmitry Belyavskiy Date: Fri Jan 4 20:38:29 2019 +0300 Restore compatibility with GOST2001 implementations. Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7985) --- Summary of changes: ssl/statem/extensions.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index c549218..ffa4b46 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -623,7 +623,12 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, && type != TLSEXT_TYPE_cookie && type != TLSEXT_TYPE_renegotiate && type != TLSEXT_TYPE_signed_certificate_timestamp -&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0) { +&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0 +#ifndef OPENSSL_NO_GOST +&& !((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0 + && type == TLSEXT_TYPE_cryptopro_bug) +#endif + ) { SSLfatal(s, SSL_AD_UNSUPPORTED_EXTENSION, SSL_F_TLS_COLLECT_EXTENSIONS, SSL_R_UNSOLICITED_EXTENSION); goto err; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 5e9072ed99971fa5e47326c2f8ffa4bc9624a584 (commit) from 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218 (commit) - Log - commit 5e9072ed99971fa5e47326c2f8ffa4bc9624a584 Author: Matt Caswell Date: Fri Jan 4 11:13:39 2019 + Fix no-sock Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7981) --- Summary of changes: test/sslapitest.c | 6 -- test/ssltestlib.c | 9 ++--- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/test/sslapitest.c b/test/sslapitest.c index d52380c..1868eb3 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -657,7 +657,8 @@ static int execute_test_large_message(const SSL_METHOD *smeth, return testresult; } -#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) +#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) \ +&& !defined(OPENSSL_NO_SOCK) /* sock must be connected */ static int ktls_chk_platform(int sock) @@ -6053,7 +6054,8 @@ int setup_tests(void) #endif } -#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) +#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) \ +&& !defined(OPENSSL_NO_SOCK) ADD_TEST(test_ktls_client_server); ADD_TEST(test_ktls_no_client_server); ADD_TEST(test_ktls_client_no_server); diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 50c7112..8187513 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -663,7 +663,7 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, #define MAXLOOPS100 -#ifndef OPENSSL_NO_KTLS +#if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK) static int set_nb(int fd) { int flags; @@ -736,12 +736,6 @@ success: close(afd); return ret; } -#else -int create_test_sockets(int *cfd, int *sfd) -{ -return 0; -} -#endif int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, SSL **cssl, int sfd, int cfd) @@ -775,6 +769,7 @@ int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, BIO_free(c_to_s_bio); return 0; } +#endif /* * NOTE: Transfers control of the BIOs - this function will free them on error _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218 (commit) from e74be3d497e5ef60515c186100f3abef832a9f9d (commit) - Log - commit 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218 Author: Matt Caswell Date: Fri Jan 4 10:24:19 2019 + Fix no-cmac Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7979) --- Summary of changes: test/recipes/90-test_gost.t | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/recipes/90-test_gost.t b/test/recipes/90-test_gost.t index ac214e2..d4f27b8 100644 --- a/test/recipes/90-test_gost.t +++ b/test/recipes/90-test_gost.t @@ -12,11 +12,11 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_gost"); # The GOST ciphers are dynamically loaded via the GOST engine, so we must be -# able to support that. The engine also uses DSA and CMS symbols, so we skip -# this test on no-dsa or no-cms. +# able to support that. The engine also uses DSA, CMS and CMAC symbols, so we +# skip this test on no-dsa, no-cms or no-cmac. plan skip_all => "GOST support is disabled in this OpenSSL build" if disabled("gost") || disabled("engine") || disabled("dynamic-engine") - || disabled("dsa") || disabled("cms"); + || disabled("dsa") || disabled("cms") || disabled("cmac"); plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build" if disabled("tls1_3") || disabled("tls1_2"); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 980f7419cb3d7343d4f76ff648f5785b75a2efc4 (commit) from 56806f432b6c0cabbc46ebcdf6a9a6009489c0c0 (commit) - Log - commit 980f7419cb3d7343d4f76ff648f5785b75a2efc4 Author: Matt Caswell Date: Fri Jan 4 10:24:19 2019 + Fix no-cmac Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7979) (cherry picked from commit 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218) --- Summary of changes: test/recipes/90-test_gost.t | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/recipes/90-test_gost.t b/test/recipes/90-test_gost.t index c7bbb4e..0e33f5a 100644 --- a/test/recipes/90-test_gost.t +++ b/test/recipes/90-test_gost.t @@ -12,11 +12,11 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_gost"); # The GOST ciphers are dynamically loaded via the GOST engine, so we must be -# able to support that. The engine also uses DSA and CMS symbols, so we skip -# this test on no-dsa or no-cms. +# able to support that. The engine also uses DSA, CMS and CMAC symbols, so we +# skip this test on no-dsa, no-cms or no-cmac. plan skip_all => "GOST support is disabled in this OpenSSL build" if disabled("gost") || disabled("engine") || disabled("dynamic-engine") - || disabled("dsa") || disabled("cms"); + || disabled("dsa") || disabled("cms") || disabled("cmac"); plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build" if disabled("tls1_3") || disabled("tls1_2"); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits