Still Failing: openssl/openssl#29373 (master - f6dead1)
Build Update for openssl/openssl - Build: #29373 Status: Still Failing Duration: 23 mins and 35 secs Commit: f6dead1 (master) Author: Robbie Harwood Message: [KDF] Add feedback-mode and CMAC support to KBKDF Implement SP800-108 section 5.2 with CMAC support. As a side effect, enable 5.1 with CMAC and 5.2 with HMAC. Add test vectors from RFC 6803. Add OSSL_KDF_PARAM_CIPHER and PROV_R_INVALID_SEED_LENGTH. Signed-off-by: Robbie Harwood Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/10143) View the changeset: https://github.com/openssl/openssl/compare/028687c08b20...f6dead1b72a0 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598960935?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via f6dead1b72a04b113b4b198ac98a8b9b994ad86f (commit) from 028687c08b20ecc463afaf2d692542b88ebfe8bc (commit) - Log - commit f6dead1b72a04b113b4b198ac98a8b9b994ad86f Author: Robbie Harwood Date: Thu Oct 17 12:45:03 2019 +1000 [KDF] Add feedback-mode and CMAC support to KBKDF Implement SP800-108 section 5.2 with CMAC support. As a side effect, enable 5.1 with CMAC and 5.2 with HMAC. Add test vectors from RFC 6803. Add OSSL_KDF_PARAM_CIPHER and PROV_R_INVALID_SEED_LENGTH. Signed-off-by: Robbie Harwood Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/10143) --- Summary of changes: crypto/cmac/cmac.c| 3 +- crypto/err/openssl.txt| 1 + doc/man7/EVP_KDF-KB.pod | 67 ++-- include/openssl/core_names.h | 1 + providers/common/include/prov/providercommonerr.h | 1 + providers/common/provider_err.c | 2 + providers/common/provider_util.c | 2 +- providers/implementations/kdfs/kbkdf.c| 83 ++ test/evp_kdf_test.c | 127 ++ 9 files changed, 254 insertions(+), 33 deletions(-) diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c index b1be991f87..ec12970cb2 100644 --- a/crypto/cmac/cmac.c +++ b/crypto/cmac/cmac.c @@ -199,7 +199,8 @@ int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) return 0; if ((bl = EVP_CIPHER_CTX_block_size(ctx->cctx)) < 0) return 0; -*poutlen = (size_t)bl; +if (poutlen != NULL) +*poutlen = (size_t)bl; if (!out) return 1; lb = ctx->nlast_block; diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index ac170dea6a..46d2eaa2eb 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2694,6 +2694,7 @@ PROV_R_INVALID_MAC:151:invalid mac PROV_R_INVALID_MODE:125:invalid mode PROV_R_INVALID_MODE_INT:126:invalid mode int PROV_R_INVALID_SALT_LENGTH:112:invalid salt length +PROV_R_INVALID_SEED_LENGTH:154:invalid seed length PROV_R_INVALID_TAG:110:invalid tag PROV_R_INVALID_TAGLEN:118:invalid taglen PROV_R_MISSING_CEK_ALG:144:missing cek alg diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod index 6fb5415dc1..8a079b2358 100644 --- a/doc/man7/EVP_KDF-KB.pod +++ b/doc/man7/EVP_KDF-KB.pod @@ -21,23 +21,36 @@ The supported parameters are: =over 4 -=item B ("properties") +=item "properties" (B) -=item B ("digest") +=item "mode" (B) -=item B ("mac") +=item "mac" (B) -=item B ("key") +=item "digest" (B) -=item B ("salt") +=item "cipher" (B) -=item B ("info") +=item "key" (B) + +=item "salt" (B) + +=item "info (B) + +=item "seed" (B) =back -The parameters key, salt, and info correspond to KI, Label, and Context -(respectively) in SP800-108. As in that document, salt and info are optional -and may be omitted. Currently, only HMAC is supported for mac. +The mode parameter determines which flavor of KBKDF to use - currently the +choices are "counter" and "feedback". Counter is the default, and will be +used if unspecified. The seed parameter is unused in counter mode. + +The parameters key, salt, info, and seed correspond to KI, Label, Context, and +IV (respectively) in SP800-108. As in that document, salt, info, and seed are +optional and may be omitted. + +Depending on whether mac is CMAC or HMAC, either digest or cipher is required +(respectively) and the other is unused. =head1 NOTES @@ -49,7 +62,7 @@ A context for KBKDF can be obtained by calling: The output length of an KBKDF is specified via the C parameter to the L function. -Note that currently OpenSSL only implements Counter mode with HMAC. Other +Note that currently OpenSSL only implements counter and feedback modes. Other variants may be supported in the future. =head1 EXAMPLES @@ -84,9 +97,41 @@ Label "label", and Context "context". EVP_KDF_CTX_free(kctx); +This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", +Label "label", and IV "sixteen bytes iv". + + EVP_KDF *kdf; + EVP_KDF_CTX *kctx; + unsigned char out[10]; + OSSL_PARAM params[8], *p = params; + unsigned char *iv = "sixteen bytes iv"; + + kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); + kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_free(kdf); + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, "AES256", 0); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, "CMAC", 0); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE, "FEEDBACK", 0); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, + "secret",
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dsa
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dsa Commit log since last time: 028687c08b doc/man3/EVP_PKEY_CTX_new.pod: change markup according to conventions a07c17ef57 Add EVP_PKEY_CTX_new_provided() 1af26e53bc Fix typo and create compatibility macro c3885102f5 Correctly handle SSL3 Master Secret when calling providers 3d5a7578e0 Add ChaCha related ciphers to default provider 64fd90fbe9 Fix missing Assembler defines Build log ended with (last 100 lines): /usr/bin/perl ../openssl/test/generate_buildtest.pl types > test/buildtest_types.c /usr/bin/perl ../openssl/test/generate_buildtest.pl ui > test/buildtest_ui.c /usr/bin/perl ../openssl/test/generate_buildtest.pl whrlpool > test/buildtest_whrlpool.c /usr/bin/perl ../openssl/test/generate_buildtest.pl x509 > test/buildtest_x509.c /usr/bin/perl ../openssl/test/generate_buildtest.pl x509_vfy > test/buildtest_x509_vfy.c /usr/bin/perl ../openssl/test/generate_buildtest.pl x509v3 > test/buildtest_x509v3.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/casttest-bin-casttest.d.tmp -MT test/casttest-bin-casttest.o -c -o test/casttest-bin-casttest.o ../openssl/test/casttest.c clang -I. -Iinclude -Iapps/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/apps/include -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/chacha_internal_test-bin-chacha_internal_test.d.tmp -MT test/chacha_internal_test-bin-chacha_internal_test.o -c -o test/chacha_internal_test-bin-chacha_internal_test.o ../openssl/test/chacha_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/cipherbytes_test-bin-cipherbytes_test.d.tmp -MT test/cipherbytes_test-bin-cipherbytes_test.o -c -o test/cipherbytes_test-bin-cipherbytes_test.o ../openssl/test/cipherbytes_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/cipherlist_test-bin-cipherlist_test.d.tmp -MT test/cipherlist_test-bin-cipherlist_test.o -c -o test/cipherlist_test-bin-cipherlist_test.o ../openssl/test/cipherlist_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized
Build completed: openssl master.28798
Build openssl master.28798 completed Commit 71998962d6 by Richard Levitte on 10/16/2019 10:37 PM: fixup! Added functions for easy getting and setting all RSA parameters. Configure your notification preferences
Build failed: openssl master.28797
Build openssl master.28797 failed Commit 98df791479 by FdaSilvaYY on 10/15/2019 9:33 PM: apps/speed: factorize ec test curves declarations Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm3
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: f97a8af2f3 [ec_asn1.c] Avoid injecting seed when built-in matches a397aca435 Refactor many common flags into openssl.pod a9b5929d56 Remove duplicated line in 'openssl list' output Build log ended with (last 100 lines): CC="clang" /usr/bin/perl ../openssl/engines/asm/e_padlock-x86_64.pl "elf" -Iinclude -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DPADLOCK_ASM engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DPADLOCK_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF engines/padlock-dso-e_padlock.d.tmp -MT engines/padlock-dso-e_padlock.o -c -o engines/padlock-dso-e_padlock.o ../openssl/engines/e_padlock.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/engines.num --name engines/padlock --OS linux > engines/padlock.ld clang -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/fips/fips-dso-fipsprov.d.tmp -MT providers/fips/fips-dso-fipsprov.o -c -o providers/fips/fips-dso-fipsprov.o ../openssl/providers/fips/fipsprov.c clang -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/fips/fips-dso-selftest.d.tmp -MT providers/fips/fips-dso-selftest.o -c -o providers/fips/fips-dso-selftest.o ../openssl/providers/fips/selftest.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/providers.num --name providers/fips --OS linux > providers/fips.ld clang -Iinclude -Iproviders/implementations/include -I../openssl/include -I../openssl/providers/implementations/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/legacy-dso-legacyprov.d.tmp -MT providers/legacy-dso-legacyprov.o -c -o providers/legacy-dso-legacyprov.o ../openssl/providers/legacyprov.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/providers.num --name providers/legacy --OS linux > providers/legacy.ld clang -Iinclude -I../openssl/include -fPIC -pthread
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm2
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: f97a8af2f3 [ec_asn1.c] Avoid injecting seed when built-in matches a397aca435 Refactor many common flags into openssl.pod a9b5929d56 Remove duplicated line in 'openssl list' output Build log ended with (last 100 lines): clang -Iinclude -I../openssl/include -DPADLOCK_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF engines/padlock-dso-e_padlock.d.tmp -MT engines/padlock-dso-e_padlock.o -c -o engines/padlock-dso-e_padlock.o ../openssl/engines/e_padlock.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/engines.num --name engines/padlock --OS linux > engines/padlock.ld clang -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/fips/fips-dso-fipsprov.d.tmp -MT providers/fips/fips-dso-fipsprov.o -c -o providers/fips/fips-dso-fipsprov.o ../openssl/providers/fips/fipsprov.c clang -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/fips/fips-dso-selftest.d.tmp -MT providers/fips/fips-dso-selftest.o -c -o providers/fips/fips-dso-selftest.o ../openssl/providers/fips/selftest.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/providers.num --name providers/fips --OS linux > providers/fips.ld clang -Iinclude -Iproviders/implementations/include -I../openssl/include -I../openssl/providers/implementations/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF providers/legacy-dso-legacyprov.d.tmp -MT providers/legacy-dso-legacyprov.o -c -o providers/legacy-dso-legacyprov.o ../openssl/providers/legacyprov.c /usr/bin/perl ../openssl/util/mkdef.pl --ordinals ../openssl/util/providers.num --name providers/legacy --OS linux > providers/legacy.ld clang -Iinclude -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/p_test-dso-p_test.d.tmp -MT test/p_test-dso-p_test.o -c -o test/p_test-dso-p_test.o ../openssl/test/p_test.c /usr/bin/perl ../openssl/util/mkdef.pl
Build completed: openssl master.28765
Build openssl master.28765 completed Commit fa43cd6c26 by jayaram on 8/22/2019 5:21 AM: fixed the RETURN VALUES section in the EC_GROUP documentation Configure your notification preferences
Build failed: openssl master.28764
Build openssl master.28764 failed Commit 2657fc917f by Richard Levitte on 10/16/2019 1:38 PM: fixup! Add EVP functionality to create domain params and keys by user data Configure your notification preferences
Build failed: openssl master.28756
Build openssl master.28756 failed Commit 7569708744 by David Woodhouse on 10/16/2019 11:31 AM: Add X509_V_FLAG_NO_CHECK_SUBJECT and change default to be safe Configure your notification preferences
Still Failing: openssl/openssl#29332 (master - 028687c)
Build Update for openssl/openssl - Build: #29332 Status: Still Failing Duration: 32 mins and 9 secs Commit: 028687c (master) Author: Richard Levitte Message: doc/man3/EVP_PKEY_CTX_new.pod: change markup according to conventions Convention source is man-pages(7) Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10184) View the changeset: https://github.com/openssl/openssl/compare/1af26e53bce7...028687c08b20 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598646126?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#29331 (OpenSSL_1_1_1-stable - bf585d6)
Build Update for openssl/openssl - Build: #29331 Status: Still Failing Duration: 20 mins and 9 secs Commit: bf585d6 (OpenSSL_1_1_1-stable) Author: Cesar Pereida Garcia Message: [crypto/asn1/x_bignum.c] Explicit test against NULL As a fixup to https://github.com/openssl/openssl/pull/9779 to better conform to the project code style guidelines, this commit amends the original changeset to explicitly test against NULL, i.e. writing ``` if (p != NULL) ``` rather than ``` if (!p) ``` Reviewed-by: Nicola Tuveri Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9881) View the changeset: https://github.com/openssl/openssl/compare/7bcd13cebd9e...bf585d60fc4d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598644073?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 0159a1bb41b385a00836e9e7baeadad2f014b788 (commit) from 4e545c6a256fb1ab08cc5a3aabb00963dac3191b (commit) - Log - commit 0159a1bb41b385a00836e9e7baeadad2f014b788 Author: Cesar Pereida Garcia Date: Thu Sep 12 17:09:51 2019 +0300 [crypto/asn1/x_bignum.c] Explicit test against NULL As a fixup to https://github.com/openssl/openssl/pull/9779 to better conform to the project code style guidelines, this commit amends the original changeset to explicitly test against NULL, i.e. writing ``` if (p != NULL) ``` rather than ``` if (!p) ``` (This is a backport of https://github.com/openssl/openssl/pull/9881) Reviewed-by: Nicola Tuveri Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9882) --- Summary of changes: crypto/asn1/x_bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c index c644199c9f..f2de3de4de 100644 --- a/crypto/asn1/x_bignum.c +++ b/crypto/asn1/x_bignum.c @@ -102,7 +102,7 @@ ASN1_ITEM_end(CBIGNUM) static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it) { *pval = (ASN1_VALUE *)BN_new(); -if (*pval) +if (*pval != NULL) return 1; else return 0; @@ -110,7 +110,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it) static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it) { -if (!*pval) +if (*pval == NULL) return; if (it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval); @@ -124,7 +124,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, { BIGNUM *bn; int pad; -if (!*pval) +if (*pval == NULL) return -1; bn = (BIGNUM *)*pval; /* If MSB set in an octet we need a padding byte */
[openssl] master update
The branch master has been updated via 028687c08b20ecc463afaf2d692542b88ebfe8bc (commit) via a07c17ef57da20b7c6d075b303a6506f625dcd4e (commit) from 1af26e53bce7f075e27e2fa6a78764fa6620b8ab (commit) - Log - commit 028687c08b20ecc463afaf2d692542b88ebfe8bc Author: Richard Levitte Date: Tue Oct 15 16:55:00 2019 +0200 doc/man3/EVP_PKEY_CTX_new.pod: change markup according to conventions Convention source is man-pages(7) Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10184) commit a07c17ef57da20b7c6d075b303a6506f625dcd4e Author: Richard Levitte Date: Tue Oct 15 13:08:17 2019 +0200 Add EVP_PKEY_CTX_new_provided() This works as much as possible EVP_PKEY_CTX_new_id(), except it takes data that's relevant for providers, algorithm name and property query string instead of NID and engine. Additionally, if EVP_PKEY_CTX_new() or EVP_PKEY_CTX_new_id() was called, the algorithm name in the EVP_PKEY context will be set to the short name of the given NID (explicit or the one of the given EVP_PKEY), thereby giving an easier transition from legacy methods to provided methods. The intent is that operations will use this information to fetch provider methods implicitly as needed. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10184) --- Summary of changes: CHANGES | 8 crypto/evp/pmeth_lib.c| 20 +--- doc/man3/EVP_PKEY_CTX_new.pod | 29 + include/crypto/evp.h | 4 include/openssl/evp.h | 2 ++ util/libcrypto.num| 1 + 6 files changed, 53 insertions(+), 11 deletions(-) diff --git a/CHANGES b/CHANGES index 442807f1d3..20e170c493 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,14 @@ Changes between 1.1.1 and 3.0.0 [xx XXX ] + *) Added functionality to create an EVP_PKEY context based on data + for methods from providers. This takes an algorithm name and a + property query string and simply stores them, with the intent + that any operation that uses this context will use those strings + to fetch the needed methods implicitly, thereby making the port + of application written for pre-3.0 OpenSSL easier. + [Richard Levitte] + *) The undocumented function NCONF_WIN32() has been deprecated; for conversion details see the HISTORY section of doc/man5/config.pod [Rich Salz] diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 1ae22a7df4..c840a12b00 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -111,7 +111,9 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) return (**ret)(); } -static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) +static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, + const char *name, const char *propquery, + int id) { EVP_PKEY_CTX *ret; const EVP_PKEY_METHOD *pmeth = NULL; @@ -130,6 +132,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) return 0; id = pkey->type; } +name = OBJ_nid2sn(id); +propquery = NULL; #ifndef OPENSSL_NO_ENGINE if (e == NULL && pkey != NULL) e = pkey->pmeth_engine != NULL ? pkey->pmeth_engine : pkey->engine; @@ -171,6 +175,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; } +ret->algorithm = name; +ret->propquery = propquery; ret->engine = e; ret->pmeth = pmeth; ret->operation = EVP_PKEY_OP_UNDEFINED; @@ -277,12 +283,18 @@ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) { -return int_ctx_new(pkey, e, -1); +return int_ctx_new(pkey, e, NULL, NULL, -1); } EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) { -return int_ctx_new(NULL, e, id); +return int_ctx_new(NULL, e, NULL, NULL, id); +} + +EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name, +const char *propquery) +{ +return int_ctx_new(NULL, NULL, name, propquery, -1); } EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx) @@ -312,6 +324,8 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx) EVP_PKEY_up_ref(pctx->pkey); rctx->pkey = pctx->pkey; rctx->operation = pctx->operation; +rctx->algorithm = pctx->algorithm; +rctx->propquery = pctx->propquery; if (EVP_PKEY_CTX_IS_DERIVE_OP(pctx)) { if (pctx->op.kex.exchange != NULL) { diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod index
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via bf585d60fc4de00724a099faa66229ddafbebe00 (commit) from 7bcd13cebd9ebc6cf6026fff999beb34504a8068 (commit) - Log - commit bf585d60fc4de00724a099faa66229ddafbebe00 Author: Cesar Pereida Garcia Date: Thu Sep 12 16:58:50 2019 +0300 [crypto/asn1/x_bignum.c] Explicit test against NULL As a fixup to https://github.com/openssl/openssl/pull/9779 to better conform to the project code style guidelines, this commit amends the original changeset to explicitly test against NULL, i.e. writing ``` if (p != NULL) ``` rather than ``` if (!p) ``` Reviewed-by: Nicola Tuveri Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9881) --- Summary of changes: crypto/asn1/x_bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c index 6c93ea7510..c6b3accd3a 100644 --- a/crypto/asn1/x_bignum.c +++ b/crypto/asn1/x_bignum.c @@ -82,7 +82,7 @@ static int bn_secure_new(ASN1_VALUE **pval, const ASN1_ITEM *it) static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it) { -if (!*pval) +if (*pval == NULL) return; if (it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval); @@ -96,7 +96,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, { BIGNUM *bn; int pad; -if (!*pval) +if (*pval == NULL) return -1; bn = (BIGNUM *)*pval; /* If MSB set in an octet we need a padding byte */ @@ -133,7 +133,7 @@ static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int ret; BIGNUM *bn; -if (!*pval && !bn_secure_new(pval, it)) +if (*pval == NULL && !bn_secure_new(pval, it)) return 0; ret = bn_c2i(pval, cont, len, utype, free_cont, it);
Build failed: openssl master.28749
Build openssl master.28749 failed Commit f7424c49a6 by Richard Levitte on 10/16/2019 8:19 AM: fixup! Add EVP functionality to create domain params and keys by user data Configure your notification preferences
Still Failing: openssl/openssl#29323 (master - 1af26e5)
Build Update for openssl/openssl - Build: #29323 Status: Still Failing Duration: 31 mins and 56 secs Commit: 1af26e5 (master) Author: Andreas Schnebinger Message: Fix typo and create compatibility macro CLA:trivial Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/9472) View the changeset: https://github.com/openssl/openssl/compare/c3885102f59d...1af26e53bce7 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598589947?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 1af26e53bce7f075e27e2fa6a78764fa6620b8ab (commit) from c3885102f59dd7313597d1405babd06f75a94f8c (commit) - Log - commit 1af26e53bce7f075e27e2fa6a78764fa6620b8ab Author: Andreas Schnebinger Date: Sat Oct 12 18:48:40 2019 +0200 Fix typo and create compatibility macro CLA:trivial Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/9472) --- Summary of changes: apps/ts.c | 2 +- crypto/ts/ts_verify_ctx.c | 2 +- include/openssl/ts.h | 5 - util/libcrypto.num| 2 +- util/missingcrypto.txt| 2 +- util/missingmacro.txt | 1 + 6 files changed, 9 insertions(+), 5 deletions(-) diff --git a/apps/ts.c b/apps/ts.c index aef74adce8..b45c262789 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -921,7 +921,7 @@ static TS_VERIFY_CTX *create_verify_ctx(const char *data, const char *digest, /* Loading untrusted certificates. */ if (untrusted -&& TS_VERIFY_CTS_set_certs(ctx, TS_CONF_load_certs(untrusted)) == NULL) +&& TS_VERIFY_CTX_set_certs(ctx, TS_CONF_load_certs(untrusted)) == NULL) goto err; ret = 1; diff --git a/crypto/ts/ts_verify_ctx.c b/crypto/ts/ts_verify_ctx.c index e2a4ee477b..3c8340137f 100644 --- a/crypto/ts/ts_verify_ctx.c +++ b/crypto/ts/ts_verify_ctx.c @@ -60,7 +60,7 @@ X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *s) return ctx->store; } -STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, +STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs) { ctx->certs = certs; diff --git a/include/openssl/ts.h b/include/openssl/ts.h index 231d6052f9..6bd1f89152 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -421,7 +421,10 @@ BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *b); unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, unsigned char *hexstr, long len); X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *s); -STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs); +# if !OPENSSL_API_3 +# define TS_VERIFY_CTS_set_certs(ctx, cert) TS_VERIFY_CTX_set_certs(ctx,cert) +# endif +STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs); /*- * If ctx is NULL, it allocates and returns a new object, otherwise diff --git a/util/libcrypto.num b/util/libcrypto.num index 5db70cfef8..d818197965 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -916,7 +916,7 @@ TS_TST_INFO_ext_free938 3_0_0 EXIST::FUNCTION:TS i2d_X509_CRL_fp 9393_0_0 EXIST::FUNCTION:STDIO PKCS7_get0_signers 9403_0_0 EXIST::FUNCTION: X509_STORE_CTX_set_ex_data 9413_0_0 EXIST::FUNCTION: -TS_VERIFY_CTS_set_certs 9423_0_0 EXIST::FUNCTION:TS +TS_VERIFY_CTX_set_certs 9423_0_0 EXIST::FUNCTION:TS BN_MONT_CTX_copy9433_0_0 EXIST::FUNCTION: OPENSSL_INIT_new9453_0_0 EXIST::FUNCTION: TS_ACCURACY_dup 9463_0_0 EXIST::FUNCTION:TS diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index 08dc6be186..408e6ffc63 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -1080,7 +1080,7 @@ TS_TST_INFO_set_serial TS_TST_INFO_set_time TS_TST_INFO_set_tsa TS_TST_INFO_set_version -TS_VERIFY_CTS_set_certs +TS_VERIFY_CTX_set_certs TS_VERIFY_CTX_add_flags TS_VERIFY_CTX_cleanup TS_VERIFY_CTX_free diff --git a/util/missingmacro.txt b/util/missingmacro.txt index db4ce86eb3..4b7cdd77df 100644 --- a/util/missingmacro.txt +++ b/util/missingmacro.txt @@ -214,3 +214,4 @@ X509V3_set_ctx_test X509V3_set_ctx_nodb EXT_BITSTRING EXT_IA5STRING +TS_VERIFY_CTS_set_certs
Still Failing: openssl/openssl#29322 (master - c388510)
Build Update for openssl/openssl - Build: #29322 Status: Still Failing Duration: 25 mins and 8 secs Commit: c388510 (master) Author: Matt Caswell Message: Correctly handle SSL3 Master Secret when calling providers We need to pass the SSL3 Master Secret down to the provider code in order for SSLv3 to work correctly. Fixes #10182 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/10186) View the changeset: https://github.com/openssl/openssl/compare/3d5a7578e09a...c3885102f59d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598561247?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via c3885102f59dd7313597d1405babd06f75a94f8c (commit) from 3d5a7578e09a984c6475b1c008f5c76f850328cb (commit) - Log - commit c3885102f59dd7313597d1405babd06f75a94f8c Author: Matt Caswell Date: Tue Oct 15 13:27:21 2019 +0100 Correctly handle SSL3 Master Secret when calling providers We need to pass the SSL3 Master Secret down to the provider code in order for SSLv3 to work correctly. Fixes #10182 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/10186) --- Summary of changes: crypto/evp/digest.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 5ff43fdd64..c2a6e83ad5 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -675,6 +675,10 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) params[0] = OSSL_PARAM_construct_utf8_string(OSSL_DIGEST_PARAM_MICALG, p2, p1 ? p1 : ); break; +case EVP_CTRL_SSL3_MASTER_SECRET: +params[0] = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS, + p2, p1); +break; default: return EVP_CTRL_RET_UNSUPPORTED; }
Still Failing: openssl/openssl#29313 (master - 3d5a757)
Build Update for openssl/openssl - Build: #29313 Status: Still Failing Duration: 19 mins and 58 secs Commit: 3d5a757 (master) Author: Shane Lontis Message: Add ChaCha related ciphers to default provider Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10081) View the changeset: https://github.com/openssl/openssl/compare/64fd90fbe99d...3d5a7578e09a View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598501780?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#29310 (master - 64fd90f)
Build Update for openssl/openssl - Build: #29310 Status: Still Failing Duration: 26 mins and 54 secs Commit: 64fd90f (master) Author: Shane Lontis Message: Fix missing Assembler defines Implementations are now spread across several libraries, so the assembler related defines need to be applied to all affected libraries and modules. AES_ASM define was missing from libimplementations.a which disabled AESNI aarch64 changes were made by xkqian. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10180) View the changeset: https://github.com/openssl/openssl/compare/f97a8af2f3f3...64fd90fbe99d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/598499726?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 64fd90fbe99dde18de3fc7c3a6b06793d87a4aad (commit) from f97a8af2f3f3573f0759693117c9d33d2a63c27e (commit) - Log - commit 64fd90fbe99dde18de3fc7c3a6b06793d87a4aad Author: Shane Lontis Date: Tue Oct 15 12:35:41 2019 +1000 Fix missing Assembler defines Implementations are now spread across several libraries, so the assembler related defines need to be applied to all affected libraries and modules. AES_ASM define was missing from libimplementations.a which disabled AESNI aarch64 changes were made by xkqian. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10180) --- Summary of changes: crypto/aes/build.info | 8 +++- crypto/bn/build.info | 5 - crypto/build.info | 8 ++-- crypto/ec/build.info | 6 +- crypto/md5/build.info | 4 crypto/modes/build.info| 6 +- crypto/poly1305/build.info | 4 crypto/ripemd/build.info | 4 crypto/sha/build.info | 8 ++-- crypto/whrlpool/build.info | 4 10 files changed, 49 insertions(+), 8 deletions(-) diff --git a/crypto/aes/build.info b/crypto/aes/build.info index 59c009761e..291bf2af9b 100644 --- a/crypto/aes/build.info +++ b/crypto/aes/build.info @@ -61,9 +61,15 @@ ENDIF $COMMON=aes_misc.c aes_ecb.c $AESASM SOURCE[../../libcrypto]=$COMMON aes_cfb.c aes_ofb.c aes_ige.c aes_wrap.c -DEFINE[../../libcrypto]=$AESDEF SOURCE[../../providers/libfips.a]=$COMMON + +# Implementations are now spread across several libraries, so the defines +# need to be applied to all affected libraries and modules. +DEFINE[../../libcrypto]=$AESDEF DEFINE[../../providers/libfips.a]=$AESDEF +DEFINE[../../providers/libimplementations.a]=$AESDEF +# fipsprov.c needs access to AESNI. +DEFINE[../../providers/fips]=$AESDEF GENERATE[aes-ia64.s]=asm/aes-ia64.S diff --git a/crypto/bn/build.info b/crypto/bn/build.info index 75b84d0df6..5ad8bf14d3 100644 --- a/crypto/bn/build.info +++ b/crypto/bn/build.info @@ -108,9 +108,12 @@ $COMMON=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ bn_const.c bn_x931p.c bn_intern.c bn_dh.c \ bn_rsa_fips186_4.c $BNASM SOURCE[../../libcrypto]=$COMMON bn_print.c bn_err.c bn_depr.c bn_srp.c -DEFINE[../../libcrypto]=$BNDEF SOURCE[../../providers/libfips.a]=$COMMON +# Implementations are now spread across several libraries, so the defines +# need to be applied to all affected libraries and modules. +DEFINE[../../libcrypto]=$BNDEF DEFINE[../../providers/libfips.a]=$BNDEF +DEFINE[../../providers/libimplementations.a]=$BNDEF INCLUDE[../../libcrypto]=../../crypto/include diff --git a/crypto/build.info b/crypto/build.info index f41ecf448f..7d3eb29570 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -77,10 +77,14 @@ SOURCE[../libcrypto]=$UTIL_COMMON \ cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \ o_fopen.c getenv.c o_init.c o_fips.c init.c trace.c provider.c \ $UPLINKSRC -DEFINE[../libcrypto]=$UTIL_DEFINE $UPLINKDEF SOURCE[../providers/libfips.a]=$UTIL_COMMON -DEFINE[../providers/libfips.a]=$UTIL_DEFINE +# Implementations are now spread across several libraries, so the defines +# need to be applied to all affected libraries and modules. +DEFINE[../libcrypto]=$UTIL_DEFINE $UPLINKDEF +DEFINE[../providers/libfips.a]=$UTIL_DEFINE +DEFINE[../providers/fips]=$UTIL_DEFINE +DEFINE[../providers/libimplementations.a]=$UTIL_DEFINE DEPEND[info.o]=buildinf.h DEPEND[cversion.o]=buildinf.h diff --git a/crypto/ec/build.info b/crypto/ec/build.info index 40aef36798..90aea66a14 100644 --- a/crypto/ec/build.info +++ b/crypto/ec/build.info @@ -56,9 +56,13 @@ $COMMON=ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ $ECASM SOURCE[../../libcrypto]=$COMMON ec_ameth.c ec_pmeth.c ecx_meth.c ec_err.c \ ecdh_kdf.c eck_prn.c -DEFINE[../../libcrypto]=$ECDEF SOURCE[../../providers/libfips.a]=$COMMON + +# Implementations are now spread across several libraries, so the defines +# need to be applied to all affected libraries and modules. +DEFINE[../../libcrypto]=$ECDEF DEFINE[../../providers/libfips.a]=$ECDEF +DEFINE[../../providers/libimplementations.a]=$ECDEF GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl diff --git a/crypto/md5/build.info b/crypto/md5/build.info index 081e0b08bd..d4494b274d 100644 --- a/crypto/md5/build.info +++ b/crypto/md5/build.info @@ -15,7 +15,11 @@ IF[{- !$disabled{asm} -}] ENDIF SOURCE[../../libcrypto]=md5_dgst.c md5_one.c md5_sha1.c $MD5ASM + +# Implementations are now spread across several libraries, so the defines +# need to be applied to all affected libraries and modules. DEFINE[../../libcrypto]=$MD5DEF +DEFINE[../../providers/libimplementations.a]=$MD5DEF