[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 053aedf1536267b621cb8d7bceaafece4df03c41 (commit) from 952d813eeaa6baf01bf25b057f760a6f21147c7e (commit) - Log - commit 053aedf1536267b621cb8d7bceaafece4df03c41 Author: Dr. Matthias St. Pierre Date: Mon Jan 7 01:21:56 2019 +0100 doc/man1/x509.pod: fix typo This looks like a copy&paste error from req.pod to x509.pod. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7995) (cherry picked from commit 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0) --- Summary of changes: doc/man1/x509.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index 547da5d..0ab7384 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -173,7 +173,7 @@ options. See the B section for more information. =item B<-noout> -This option prevents output of the encoded version of the request. +This option prevents output of the encoded version of the certificate. =item B<-pubkey> _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0 (commit) from 673e0bbbe4b9cbd19a247c0b18c171bb0421915a (commit) - Log - commit 67ee899cb51d3e3d7b5f00b878f8f82a097b93f0 Author: Dr. Matthias St. Pierre Date: Mon Jan 7 01:21:56 2019 +0100 doc/man1/x509.pod: fix typo This looks like a copy&paste error from req.pod to x509.pod. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7995) --- Summary of changes: doc/man1/x509.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index 8c096ed..75919ca 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -173,7 +173,7 @@ options. See the B section for more information. =item B<-noout> -This option prevents output of the encoded version of the request. +This option prevents output of the encoded version of the certificate. =item B<-pubkey> _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 673e0bbbe4 Restore compatibility with GOST2001 implementations. 5e9072ed99 Fix no-sock 87bbbfb1e4 Fix no-cmac e74be3d497 crypto/evp/e_aes.c: build again on s390x f760137b21 crypto/chacha/asm/chacha-s390x.pl: add vx code path. c66bb88cb0 s390x assembly pack: perlasm support. de2debc524 Support _onexit() in preference to atexit() on Windows 41999e7d35 Introduce a no-pinshared option 88d57bf83f Test atexit handlers d0f2f202c5 Don't link shlibloadtest against libcrypto 8f6a5c56c1 Implement OPENSSL_INIT_NO_ATEXIT 660a1e0434 Fix a RUN_ONCE bug df5228e3b2 Fix shlibloadtest to properly execute the dso_ref test Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... o
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cmac
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: 673e0bbbe4 Restore compatibility with GOST2001 implementations. 5e9072ed99 Fix no-sock 87bbbfb1e4 Fix no-cmac e74be3d497 crypto/evp/e_aes.c: build again on s390x f760137b21 crypto/chacha/asm/chacha-s390x.pl: add vx code path. c66bb88cb0 s390x assembly pack: perlasm support. de2debc524 Support _onexit() in preference to atexit() on Windows 41999e7d35 Introduce a no-pinshared option 88d57bf83f Test atexit handlers d0f2f202c5 Don't link shlibloadtest against libcrypto 8f6a5c56c1 Implement OPENSSL_INIT_NO_ATEXIT 660a1e0434 Fix a RUN_ONCE bug df5228e3b2 Fix shlibloadtest to properly execute the dso_ref test _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 952d813eeaa6baf01bf25b057f760a6f21147c7e (commit)
from 980f7419cb3d7343d4f76ff648f5785b75a2efc4 (commit)
- Log -
commit 952d813eeaa6baf01bf25b057f760a6f21147c7e
Author: Dmitry Belyavskiy
Date: Fri Jan 4 20:38:29 2019 +0300
Restore compatibility with GOST2001 implementations.
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/7985)
(cherry picked from commit 673e0bbbe4b9cbd19a247c0b18c171bb0421915a)
---
Summary of changes:
ssl/statem/extensions.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 716d6d2..11feae5 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -623,7 +623,12 @@ int tls_collect_extensions(SSL *s, PACKET *packet,
unsigned int context,
&& type != TLSEXT_TYPE_cookie
&& type != TLSEXT_TYPE_renegotiate
&& type != TLSEXT_TYPE_signed_certificate_timestamp
-&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0) {
+&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0
+#ifndef OPENSSL_NO_GOST
+&& !((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0
+ && type == TLSEXT_TYPE_cryptopro_bug)
+#endif
+ ) {
SSLfatal(s, SSL_AD_UNSUPPORTED_EXTENSION,
SSL_F_TLS_COLLECT_EXTENSIONS,
SSL_R_UNSOLICITED_EXTENSION);
goto err;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 673e0bbbe4b9cbd19a247c0b18c171bb0421915a (commit)
from 5e9072ed99971fa5e47326c2f8ffa4bc9624a584 (commit)
- Log -
commit 673e0bbbe4b9cbd19a247c0b18c171bb0421915a
Author: Dmitry Belyavskiy
Date: Fri Jan 4 20:38:29 2019 +0300
Restore compatibility with GOST2001 implementations.
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/7985)
---
Summary of changes:
ssl/statem/extensions.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index c549218..ffa4b46 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -623,7 +623,12 @@ int tls_collect_extensions(SSL *s, PACKET *packet,
unsigned int context,
&& type != TLSEXT_TYPE_cookie
&& type != TLSEXT_TYPE_renegotiate
&& type != TLSEXT_TYPE_signed_certificate_timestamp
-&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0) {
+&& (s->ext.extflags[idx] & SSL_EXT_FLAG_SENT) == 0
+#ifndef OPENSSL_NO_GOST
+&& !((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0
+ && type == TLSEXT_TYPE_cryptopro_bug)
+#endif
+ ) {
SSLfatal(s, SSL_AD_UNSUPPORTED_EXTENSION,
SSL_F_TLS_COLLECT_EXTENSIONS,
SSL_R_UNSOLICITED_EXTENSION);
goto err;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 5e9072ed99971fa5e47326c2f8ffa4bc9624a584 (commit)
from 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218 (commit)
- Log -
commit 5e9072ed99971fa5e47326c2f8ffa4bc9624a584
Author: Matt Caswell
Date: Fri Jan 4 11:13:39 2019 +
Fix no-sock
Reviewed-by: Tim Hudson
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7981)
---
Summary of changes:
test/sslapitest.c | 6 --
test/ssltestlib.c | 9 ++---
2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/test/sslapitest.c b/test/sslapitest.c
index d52380c..1868eb3 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -657,7 +657,8 @@ static int execute_test_large_message(const SSL_METHOD
*smeth,
return testresult;
}
-#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS)
+#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) \
+&& !defined(OPENSSL_NO_SOCK)
/* sock must be connected */
static int ktls_chk_platform(int sock)
@@ -6053,7 +6054,8 @@ int setup_tests(void)
#endif
}
-#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS)
+#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_KTLS) \
+&& !defined(OPENSSL_NO_SOCK)
ADD_TEST(test_ktls_client_server);
ADD_TEST(test_ktls_no_client_server);
ADD_TEST(test_ktls_client_no_server);
diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 50c7112..8187513 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -663,7 +663,7 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const
SSL_METHOD *cm,
#define MAXLOOPS100
-#ifndef OPENSSL_NO_KTLS
+#if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK)
static int set_nb(int fd)
{
int flags;
@@ -736,12 +736,6 @@ success:
close(afd);
return ret;
}
-#else
-int create_test_sockets(int *cfd, int *sfd)
-{
-return 0;
-}
-#endif
int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl,
SSL **cssl, int sfd, int cfd)
@@ -775,6 +769,7 @@ int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX
*clientctx, SSL **sssl,
BIO_free(c_to_s_bio);
return 0;
}
+#endif
/*
* NOTE: Transfers control of the BIOs - this function will free them on error
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218 (commit)
from e74be3d497e5ef60515c186100f3abef832a9f9d (commit)
- Log -
commit 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218
Author: Matt Caswell
Date: Fri Jan 4 10:24:19 2019 +
Fix no-cmac
Reviewed-by: Tim Hudson
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7979)
---
Summary of changes:
test/recipes/90-test_gost.t | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/test/recipes/90-test_gost.t b/test/recipes/90-test_gost.t
index ac214e2..d4f27b8 100644
--- a/test/recipes/90-test_gost.t
+++ b/test/recipes/90-test_gost.t
@@ -12,11 +12,11 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_gost");
# The GOST ciphers are dynamically loaded via the GOST engine, so we must be
-# able to support that. The engine also uses DSA and CMS symbols, so we skip
-# this test on no-dsa or no-cms.
+# able to support that. The engine also uses DSA, CMS and CMAC symbols, so we
+# skip this test on no-dsa, no-cms or no-cmac.
plan skip_all => "GOST support is disabled in this OpenSSL build"
if disabled("gost") || disabled("engine") || disabled("dynamic-engine")
- || disabled("dsa") || disabled("cms");
+ || disabled("dsa") || disabled("cms") || disabled("cmac");
plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build"
if disabled("tls1_3") || disabled("tls1_2");
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 980f7419cb3d7343d4f76ff648f5785b75a2efc4 (commit)
from 56806f432b6c0cabbc46ebcdf6a9a6009489c0c0 (commit)
- Log -
commit 980f7419cb3d7343d4f76ff648f5785b75a2efc4
Author: Matt Caswell
Date: Fri Jan 4 10:24:19 2019 +
Fix no-cmac
Reviewed-by: Tim Hudson
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7979)
(cherry picked from commit 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218)
---
Summary of changes:
test/recipes/90-test_gost.t | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/test/recipes/90-test_gost.t b/test/recipes/90-test_gost.t
index c7bbb4e..0e33f5a 100644
--- a/test/recipes/90-test_gost.t
+++ b/test/recipes/90-test_gost.t
@@ -12,11 +12,11 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_gost");
# The GOST ciphers are dynamically loaded via the GOST engine, so we must be
-# able to support that. The engine also uses DSA and CMS symbols, so we skip
-# this test on no-dsa or no-cms.
+# able to support that. The engine also uses DSA, CMS and CMAC symbols, so we
+# skip this test on no-dsa, no-cms or no-cmac.
plan skip_all => "GOST support is disabled in this OpenSSL build"
if disabled("gost") || disabled("engine") || disabled("dynamic-engine")
- || disabled("dsa") || disabled("cms");
+ || disabled("dsa") || disabled("cms") || disabled("cmac");
plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build"
if disabled("tls1_3") || disabled("tls1_2");
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
