Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1
doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1
doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1
doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1
doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1
doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1
doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1
doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1
doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1
doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1
doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1
doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1
doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1
doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1
doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1
doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1
doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/ma
n/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1
doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1
doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1
doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1
doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1
doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1
doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1
doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1
doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1
doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1
doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1
doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3
doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3
doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3
doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3
doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/
ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3
doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3
doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3
doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3
doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3
doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3
doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3
doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3
doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3
doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3
doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3
doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3
Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
../../../../../enable-fuzz-afl/util/wrap.pl
../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf
-section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key ""
-keypass "" -unprotected_requests => 0
not ok 38 - unprotected request
# --
# Failed test 'unprotected request'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
# Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# --
OPENSSL_FUNC:../openssl/apps/cmp.c:3119:CMP info: received from 127.0.0.1
PKIStatus: accepted
# OPENSSL_FUNC:../openssl/apps/cmp.c:2895:CMP info: using OpenSSL configuration
file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2501:CMP warning: argument of -proxy
option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2112:CMP info: will contact
http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received
IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending
CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received
PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2276:CMP info: received 1 enrolled
certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl
../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf
-section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey
new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted
root.crt => 0
not ok 43 - popo RAVERIFIED
# --
OPENSSL_FUNC:../openssl/apps/cmp.c:3119:CMP info: received from 127.0.0.1
PKIStatus: accepted
# OPENSSL_FUNC:../openssl/apps/cmp.c:2895:CMP info: using OpenSSL configuration
file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2501:CMP warning: argument of -proxy
option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2112:CMP info: will contact
http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received
IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending
CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received
PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2276:CMP info: received 1 enrolled
certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl
../../../../../enable-fuzz-afl/apps/openssl cmp
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
# Failed test 'p10cr csr empty file'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key
-newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr
wrong.csr.pem => 139
not ok 78 - p10cr wrong csr
# --
# Failed test 'p10cr wrong csr'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key
-newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5
=> 139
not ok 79 - ir + ignored revocation
# --
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key
-newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
not ok 82 - cr command
# --
# Failed test 'cr command'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key
-newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert
test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key
-extracerts issuing.crt => 139
not ok 83 - kur command explicit options
# --
# Failed test 'kur command explicit options'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout
test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert
test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
not ok 84 - kur command minimal options
# --
../../../../../no-ui-console/util/wrap.pl
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/
-newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert
test.cert.pem -server
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
65-test_cmp_status.t ... ok
65-test_cmp_vfy.t .. ok
70-test_asyncio.t .. ok
70-test_bad_dtls.t . ok
70-test_clienthello.t .. ok
70-test_comp.t . ok
70-test_key_share.t ok
70-test_packet.t ... ok
70-test_recordlen.t ok
70-test_renegotiation.t ok
70-test_servername.t ... ok
70-test_sslcbcpadding.t ok
70-test_sslcertstatus.t ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t ok
70-test_tls13messages.t ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok
# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok
# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t ok
90-test_async.t ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec2m
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ec2m
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
70-test_sslversions.t(Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_sslvertol.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13alerts.t(Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13cookie.t(Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13downgrade.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13hrr.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13kexmodes.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13messages.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tls13psk.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
70-test_tlsextms.t (Wstat: 34304 Tests: 0 Failed: 0)
Non-zero exit status: 134
Parse errors: No plan found in TAP output
71-test_ssl_ctx.t(Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_cipherbytes.t(Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_cipherlist.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_ciphername.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_dane.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_dtlsv1listen.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
80-test_ssl_new.t(Wstat: 6912 Tests: 31 Failed: 27)
Failed tests: 2-14, 16-22, 24-29, 31
Non-zero exit status: 27
80-test_ssl_old.t(Wstat: 1024 Tests: 12 Failed: 4)
Failed tests: 3, 5-7
Non-zero exit status: 4
80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
90-test_fatalerr.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
90-test_gost.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
90-test_shlibload.t
Still Failing: openssl/openssl#36315 (master - ae89578)
Build Update for openssl/openssl - Build: #36315 Status: Still Failing Duration: 1 hr, 18 mins, and 19 secs Commit: ae89578 (master) Author: Shane Lontis Message: Test RSA oaep in fips mode Added RSA oaep test that uses the pkeyutl application. Added an openssl application option to support loading a (fips) provider via the '-config' option. Added openssl application related environment variable 'OPENSSL_TEST_LIBCTX' (for testing purposes only), that creates a non default library context. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/11948) View the changeset: https://github.com/openssl/openssl/compare/a27cb956c022...ae89578be293 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/176827644?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dsa
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dsa
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include
-pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED
-DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes
-Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality
-Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF
test/cipherlist_test-bin-cipherlist_test.d.tmp -MT
test/cipherlist_test-bin-cipherlist_test.o -c -o
test/cipherlist_test-bin-cipherlist_test.o ../openssl/test/cipherlist_test.c
clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include
-pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED
-DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes
-Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality
-Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF
test/ciphername_test-bin-ciphername_test.d.tmp -MT
test/ciphername_test-bin-ciphername_test.o -c -o
test/ciphername_test-bin-ciphername_test.o ../openssl/test/ciphername_test.c
clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include
-pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED
-DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes
-Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality
-Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF
test/clienthellotest-bin-clienthellotest.d.tmp -MT
test/clienthellotest-bin-clienthellotest.o -c -o
test/clienthellotest-bin-clienthellotest.o ../openssl/test/clienthellotest.c
clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include
-pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED
-DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat
-Wtype-limits -Wundef -Werror -Wmissing-prototypes
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dh
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
test/cmp_protect_test-bin-cmp_testlib.o \
test/libtestutil.a libcrypto.a -ldl -pthread
rm -f test/cmp_server_test
${LDCMD:-clang} -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g
-DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra
-Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare
-Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes
-Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default
-Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations \
-o test/cmp_server_test \
test/cmp_server_test-bin-cmp_server_test.o \
test/cmp_server_test-bin-cmp_testlib.o \
test/libtestutil.a libcrypto.a -ldl -pthread
rm -f test/cmp_status_test
${LDCMD:-clang} -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g
-DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra
-Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare
-Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes
-Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default
-Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations \
-o test/cmp_status_test \
test/cmp_status_test-bin-cmp_status_test.o \
test/cmp_status_test-bin-cmp_testlib.o \
test/libtestutil.a libcrypto.a -ldl -pthread
rm -f test/cmp_vfy_test
${LDCMD:-clang} -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g
-DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra
-Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare
-Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes
-Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default
-Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers
-Wmissing-variable-declarations \
-o test/cmp_vfy_test \
test/cmp_vfy_test-bin-cmp_testlib.o \
test/cmp_vfy_test-bin-cmp_vfy_test.o \
test/libtestutil.a libcrypto.a -ldl -pthread
rm -f test/context_internal_test
${LDCMD:-clang} -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g
-DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra
-Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare
-Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes
-Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default
-Wno-parentheses-equality -Wno-language-extension-token
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . skipped: No DTLS protocols are supported
by this OpenSSL build
80-test_dtls_mtu.t . skipped: test_dtls_mtu needs DTLS and PSK
support enabled
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 7 - iteration 7
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 8 - iteration 8
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 9 - iteration 9
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 10 - iteration 10
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 11 - iteration 11
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @
../openssl/test/ssl_test.c:479
# 0x0
not ok 12 - iteration 12
# --
not ok 1 - test_handshake
# --
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips
../../../openssl/test/fips.cnf => 1
not ok 9 - running ssl_test 04-client_auth.cnf
# --
# Failed test 'running ssl_test 04-client_auth.cnf'
# at ../openssl/test/recipes/80-test_ssl_new.t line 173.
# Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# --
# Looks like you failed 1 test of 31.80-test_ssl_new.t ..
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok
# 81-test_cmp_cli.t
[openssl] master update
The branch master has been updated
via ae89578be2930c726d6ef56451233757a89f224f (commit)
from a27cb956c02220c502449176a8834b1d9643ac23 (commit)
- Log -
commit ae89578be2930c726d6ef56451233757a89f224f
Author: Shane Lontis
Date: Thu Jul 23 17:40:40 2020 +1000
Test RSA oaep in fips mode
Added RSA oaep test that uses the pkeyutl application.
Added an openssl application option to support loading a (fips) provider
via the '-config' option.
Added openssl application related environment variable
'OPENSSL_TEST_LIBCTX' (for testing purposes only),
that creates a non default library context.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/11948)
---
Summary of changes:
apps/include/apps.h | 4 +
apps/include/opt.h | 3 +
apps/lib/app_provider.c | 21 ++--
apps/lib/apps.c | 46 +++-
apps/openssl.c | 17 ++-
apps/pkeyutl.c | 30 +-
doc/man1/openssl-pkeyutl.pod.in | 3 +
doc/man1/openssl.pod | 20 ++--
doc/perlvars.pm | 8 ++
test/recipes/15-test_rsaoaep.t | 155 +++
test/recipes/15-test_rsaoaep_data/plain_text | 1 +
11 files changed, 282 insertions(+), 26 deletions(-)
create mode 100644 test/recipes/15-test_rsaoaep.t
create mode 100644 test/recipes/15-test_rsaoaep_data/plain_text
diff --git a/apps/include/apps.h b/apps/include/apps.h
index 87d1b47150..9a76dcd339 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -65,6 +65,7 @@ CONF *app_load_config_bio(BIO *in, const char *filename);
CONF *app_load_config(const char *filename);
CONF *app_load_config_quiet(const char *filename);
int app_load_modules(const CONF *config);
+CONF *app_load_config_modules(const char *configfile);
void unbuffer(FILE *fp);
void wait_for_async(SSL *s);
# if defined(OPENSSL_SYS_MSDOS)
@@ -290,9 +291,12 @@ typedef struct verify_options_st {
extern VERIFY_CB_ARGS verify_args;
+OPENSSL_CTX *app_create_libctx(void);
+OPENSSL_CTX *app_get0_libctx(void);
OSSL_PARAM *app_params_new_from_opts(STACK_OF(OPENSSL_STRING) *opts,
const OSSL_PARAM *paramdefs);
void app_params_free(OSSL_PARAM *params);
+int app_provider_load(OPENSSL_CTX *libctx, const char *provider_name);
void app_providers_cleanup(void);
#endif
diff --git a/apps/include/opt.h b/apps/include/opt.h
index 5afbad1bbe..ad629c0199 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -273,6 +273,9 @@
OPT_PROV_PROVIDER, OPT_PROV_PROVIDER_PATH, \
OPT_PROV__LAST
+# define OPT_CONFIG_OPTION \
+{ "config", OPT_CONFIG, '<', "Load a configuration file (this may load
modules)" }
+
# define OPT_PROV_OPTIONS \
OPT_SECTION("Provider"), \
{ "provider_path", OPT_PROV_PROVIDER_PATH, 's', "Provider load path
(must be before 'provider' argument if required)" }, \
diff --git a/apps/lib/app_provider.c b/apps/lib/app_provider.c
index ca24328a2e..60645e21d7 100644
--- a/apps/lib/app_provider.c
+++ b/apps/lib/app_provider.c
@@ -8,6 +8,7 @@
*/
#include "apps.h"
+#include
#include
#include
#include
@@ -21,14 +22,19 @@ enum prov_range { OPT_PROV_ENUM };
static STACK_OF(OSSL_PROVIDER) *app_providers = NULL;
-static int opt_provider_load(const char *provider)
+static void provider_free(OSSL_PROVIDER *prov)
+{
+OSSL_PROVIDER_unload(prov);
+}
+
+int app_provider_load(OPENSSL_CTX *libctx, const char *provider_name)
{
OSSL_PROVIDER *prov;
-prov = OSSL_PROVIDER_load(NULL, provider);
+prov = OSSL_PROVIDER_load(libctx, provider_name);
if (prov == NULL) {
opt_printf_stderr("%s: unable to load provider %s\n",
- opt_getprog(), provider);
+ opt_getprog(), provider_name);
return 0;
}
if (app_providers == NULL)
@@ -41,11 +47,6 @@ static int opt_provider_load(const char *provider)
return 1;
}
-static void provider_free(OSSL_PROVIDER *prov)
-{
-OSSL_PROVIDER_unload(prov);
-}
-
void app_providers_cleanup(void)
{
sk_OSSL_PROVIDER_pop_free(app_providers, provider_free);
@@ -56,7 +57,7 @@ static int opt_provider_path(const char *path)
{
if (path != NULL && *path == '\0')
path = NULL;
-return OSSL_PROVIDER_set_default_search_path(NULL, path);
+return OSSL_PROVIDER_set_default_search_path(app_get0_libctx(), path);
}
int opt_provider(int opt)
@@ -66,7 +67,7 @@ int opt_provider(int opt)
case OPT_PROV__LAST:
return 1;
case OPT_PROV_PROVIDER:
-return opt_provider_load(opt_arg());
+return
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command:
$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des
Commit log since last time:
dcb71e1c21 Cleanup fips provider init
7b9f218838 document the deprecation of the '-public-key-methods' option to list
41bbba5375 EVP: deprecate the EVP_X_meth_ functions.
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
9e5f344a87 evp_test: use correct deallocation for EVP_CIPHER
340f82a4e7 evp_test: use correct deallocation for EVP_MD
1d864f0f53 Specific the engine pointer
490c87110c Align documentation with recommendations of Linux Documentation
Project
bf19b64aae Fix UI method setup, which should be independent of (deprecated)
engine use
4f8fbf372e 81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of
'lsof'
f91624d380 Skip test_cmp_cli if 'lsof' or 'kill' command is not available
90409da6a5 Fix provider cipher reinit issue
7717459892 Avoid errors with a priori inapplicable protocol bounds
5ac582d949 DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
8eca461731 util/find-doc-nits: Relax check of function declarations in
name_synopsis()
904f42509f PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
7e4f01d8ba fixed swapped parameter descriptions for x509
9f7bdcf37f Add ERR_raise() errors to fips OSSL_provider_init and self tests.
823a113574 Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
02e14a65fd man3: Drop warning about using security levels higher than 1.
16c6534b96 check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
174f4a4d6a check-format.pl: Report empty lines only if -s (--sloppy-spc) is not
used
dc18781550 check-format.pl: Add check for essentially empty line at beginning
of file
43b2e9e008 check-format.pl: Add check for multiples essentially empty lines in
a row
a77571c34f check-format.pl: Allow comment start '/*' after opening '(','[','{'
5304331156 Fix linking against non-system zlib on macOS
Build log ended with (last 100 lines):
C0B037A2777F:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0B037A2777F:error::asn1 encoding routines:asn1_template_noexp_d2i:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey,
Type=PKCS8_PRIV_KEY_INFO
C0B037A2777F:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1
lib:../openssl/crypto/asn1/d2i_pr.c:67:
C0B037A2777F:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1
lib:../openssl/crypto/asn1/d2i_pr.c:67:
C0B037A2777F:error::asn1 encoding routines:asn1_check_tlen:wrong
tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0B037A2777F:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0B037A2777F:error::asn1 encoding routines:asn1_template_noexp_d2i:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey,
Type=PKCS8_PRIV_KEY_INFO
C0B037A2777F:error::asn1 encoding routines:asn1_check_tlen:wrong
tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0B037A2777F:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0B037A2777F:error::asn1 encoding routines:asn1_template_noexp_d2i:nested
asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey,
Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:3053:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2895:CMP info: using OpenSSL configuration
file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2501:CMP warning: argument of -proxy
option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2112:CMP info: will contact
http://127.0.0.1:1700/pkix/
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp
-config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy
127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem
-out_trusted root.crt => 1
not ok 82 - cr command
# --
# Failed test 'cr command'
# at ../openssl/test/recipes/81-test_cmp_cli.t line 182.
Could not open file or uri test.cert.pem for loading CMP client certificate
(and optionally extra certs)
C0A01C0C8C7F:error::system library:file_open:No such file or
directory:../openssl/crypto/store/loader_file.c:927:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3053:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2895:CMP info: using OpenSSL configuration
file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2501:CMP warning: argument of -proxy
option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2112:CMP info: will contact
