[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 7835e97b6f Don't artificially limit the size of the ClientHello 87d06aed64 Fix compilation on sparc 760e2d60e6 Fix CID 1434549: Unchecked return value in test/evp_test.c Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_d
[openssl-commits] Build completed: openssl master.21928
Build openssl master.21928 completed Commit 1d2a027472 by Antonio Iacono on 1/8/2019 5:59 PM: Sync util/libcrypto.num with upstream Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.21927
Build openssl master.21927 failed Commit 80efd3ea18 by David Woodhouse on 1/8/2019 4:44 PM: Don't send extms when resuming a session which didn't use it. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#22529 (OpenSSL_1_1_1-stable - bbcfd60)
Build Update for openssl/openssl - Build: #22529 Status: Errored Duration: 8 mins and 53 secs Commit: bbcfd60 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Don't artificially limit the size of the ClientHello We were setting a limit of SSL3_RT_MAX_PLAIN_LENGTH on the size of the ClientHello. AFAIK there is nothing in the standards that requires this limit. The limit goes all the way back to when support for extensions was first added for TLSv1.0. It got converted into a WPACKET max size in 1.1.1. Most likely it was originally added to avoid the complexity of having to grow the init_buf in the middle of adding extensions. With WPACKET this is irrelevant since it will grow automatically. This issue came up when an attempt was made to send a very large certificate_authorities extension in the ClientHello. We should just remove the limit. Reviewed-by: Paul Dale Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/7424) (cherry picked from commit 7835e97b6ff5cd94a10c5aeac439f4aa145a77b2) View the changeset: https://github.com/openssl/openssl/compare/37cad7e65641...bbcfd60e388a View the full build log and details: https://travis-ci.org/openssl/openssl/builds/476936224?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#22528 (master - 7835e97)
Build Update for openssl/openssl - Build: #22528 Status: Errored Duration: 10 mins and 19 secs Commit: 7835e97 (master) Author: Matt Caswell Message: Don't artificially limit the size of the ClientHello We were setting a limit of SSL3_RT_MAX_PLAIN_LENGTH on the size of the ClientHello. AFAIK there is nothing in the standards that requires this limit. The limit goes all the way back to when support for extensions was first added for TLSv1.0. It got converted into a WPACKET max size in 1.1.1. Most likely it was originally added to avoid the complexity of having to grow the init_buf in the middle of adding extensions. With WPACKET this is irrelevant since it will grow automatically. This issue came up when an attempt was made to send a very large certificate_authorities extension in the ClientHello. We should just remove the limit. Reviewed-by: Paul Dale Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/7424) View the changeset: https://github.com/openssl/openssl/compare/87d06aed6439...7835e97b6ff5 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/476936072?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via bbcfd60e388ab9aa244d652453b52ff490be9b27 (commit) from 37cad7e65641e83d9f92b47fd0e34ea2d8c3b277 (commit) - Log - commit bbcfd60e388ab9aa244d652453b52ff490be9b27 Author: Matt Caswell Date: Wed Oct 17 16:17:25 2018 +0100 Don't artificially limit the size of the ClientHello We were setting a limit of SSL3_RT_MAX_PLAIN_LENGTH on the size of the ClientHello. AFAIK there is nothing in the standards that requires this limit. The limit goes all the way back to when support for extensions was first added for TLSv1.0. It got converted into a WPACKET max size in 1.1.1. Most likely it was originally added to avoid the complexity of having to grow the init_buf in the middle of adding extensions. With WPACKET this is irrelevant since it will grow automatically. This issue came up when an attempt was made to send a very large certificate_authorities extension in the ClientHello. We should just remove the limit. Reviewed-by: Paul Dale Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/7424) (cherry picked from commit 7835e97b6ff5cd94a10c5aeac439f4aa145a77b2) --- Summary of changes: ssl/statem/statem_clnt.c | 7 --- 1 file changed, 7 deletions(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a0e495d..bb2d98e 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1112,13 +1112,6 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) SSL_SESSION *sess = s->session; unsigned char *session_id; -if (!WPACKET_set_max_size(pkt, SSL3_RT_MAX_PLAIN_LENGTH)) { -/* Should not happen */ -SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); -return 0; -} - /* Work out what SSL/TLS/DTLS version to use */ protverr = ssl_set_client_hello_version(s); if (protverr != 0) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7835e97b6ff5cd94a10c5aeac439f4aa145a77b2 (commit) from 87d06aed64395afcd9ee4e7c699950dd57278259 (commit) - Log - commit 7835e97b6ff5cd94a10c5aeac439f4aa145a77b2 Author: Matt Caswell Date: Wed Oct 17 16:17:25 2018 +0100 Don't artificially limit the size of the ClientHello We were setting a limit of SSL3_RT_MAX_PLAIN_LENGTH on the size of the ClientHello. AFAIK there is nothing in the standards that requires this limit. The limit goes all the way back to when support for extensions was first added for TLSv1.0. It got converted into a WPACKET max size in 1.1.1. Most likely it was originally added to avoid the complexity of having to grow the init_buf in the middle of adding extensions. With WPACKET this is irrelevant since it will grow automatically. This issue came up when an attempt was made to send a very large certificate_authorities extension in the ClientHello. We should just remove the limit. Reviewed-by: Paul Dale Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/7424) --- Summary of changes: ssl/statem/statem_clnt.c | 7 --- 1 file changed, 7 deletions(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 3b6cbb7..53bc5ef 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1112,13 +1112,6 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) SSL_SESSION *sess = s->session; unsigned char *session_id; -if (!WPACKET_set_max_size(pkt, SSL3_RT_MAX_PLAIN_LENGTH)) { -/* Should not happen */ -SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); -return 0; -} - /* Work out what SSL/TLS/DTLS version to use */ protverr = ssl_set_client_hello_version(s); if (protverr != 0) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 87d06aed64395afcd9ee4e7c699950dd57278259 (commit) from 760e2d60e62511a6fb96f547f6730d05eb5f47ec (commit) - Log - commit 87d06aed64395afcd9ee4e7c699950dd57278259 Author: Matt Caswell Date: Mon Jan 7 15:16:23 2019 + Fix compilation on sparc Fixes #7966 Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/7997) --- Summary of changes: crypto/des/asm/des_enc.m4 | 2 -- crypto/evp/e_aes.c| 5 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/crypto/des/asm/des_enc.m4 b/crypto/des/asm/des_enc.m4 index 92b9678..9a17fac 100644 --- a/crypto/des/asm/des_enc.m4 +++ b/crypto/des/asm/des_enc.m4 @@ -29,8 +29,6 @@ .ident "des_enc.m4 2.1" .file "des_enc-sparc.S" -#include - #if defined(__SUNPRO_C) && defined(__sparcv9) # define ABI64 /* They've said -xarch=v9 at command line */ #elif defined(__GNUC__) && defined(__arch64__) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 6080d16..8dc5235 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -927,6 +927,11 @@ static int aes_t4_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len); # endif/* OPENSSL_NO_OCB */ +# ifndef OPENSSL_NO_SIV +# define aes_t4_siv_init_key aes_siv_init_key +# define aes_t4_siv_cipher aes_siv_cipher +# endif /* OPENSSL_NO_SIV */ + # define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ static const EVP_CIPHER aes_t4_##keylen##_##mode = { \ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits