Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rc2

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok

Could not read any cert of certificates from -in file from 
../../../openssl/test/certs/v3-certs-RC2.p12
C0F06EA38F7F:error::asn1 encoding routines:ASN1_get_object:header too 
long:../openssl/crypto/asn1/asn1_lib.c:103:
../../util/wrap.pl ../../apps/openssl pkcs12 -export -in 
../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider 
default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 
=> 1
not ok 5 - test_pkcs12_passcert
# --
#   Failed test 'test_pkcs12_passcert'
#   at ../openssl/test/recipes/80-test_pkcs12.t line 93.
# Looks like you failed 1 test of 5.80-test_pkcs12.t ... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/5 subtests 
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t 

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in 
> doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in 
> doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in 
> doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in 
> doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-fipsinstall.pod.in > 
doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in 
> doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in 
> 

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-pic

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-pic

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

$ CC=clang ../openssl/config -d --strict-warnings no-pic
Configuring OpenSSL version 3.0.0-alpha7-dev for target linux-x86_64
Using os-specific seed configuration
md5_dgst.o appears 2 times for the product libcrypto
md5-x86_64.o appears 2 times for the product libcrypto
md5_one.o appears 2 times for the product libcrypto
md5_sha1.o appears 2 times for the product libcrypto

Failure!  Makefile wasn't produced.
Please read INSTALL.md and associated NOTES-* files.  You may also have to
look over your available compiler tool chain or change your configuration.

Died at ../openssl/Configure line 2427.

Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module
Configuring OpenSSL version 3.0.0-alpha7-dev for target linux-x86_64
Using os-specific seed configuration
md5_one.o appears 2 times for the product libcrypto
md5_sha1.o appears 2 times for the product libcrypto
md5_dgst.o appears 2 times for the product libcrypto
md5-x86_64.o appears 2 times for the product libcrypto

Failure!  Makefile wasn't produced.
Please read INSTALL.md and associated NOTES-* files.  You may also have to
look over your available compiler tool chain or change your configuration.

Died at ../openssl/Configure line 2427.

Errored: openssl/openssl#37561 (master - 28833f1)

[Travis CI]

Build Update for openssl/openssl
-

Build: #37561
Status: Errored

Duration: 1 hr, 20 mins, and 37 secs
Commit: 28833f1 (master)
Author: Matt Caswell
Message: Update the EdDSA docs with information about Algorithm Identifiers

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/12884)

View the changeset: 
https://github.com/openssl/openssl/compare/991a6bb58182...28833f1465a2

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/185220498?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

#   Failed test 'p10cr csr non-existing file'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key 
-newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr 
empty.txt => 139
not ok 78 - p10cr csr empty file
# --
#   Failed test 'p10cr csr empty file'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key 
-newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt 
-revreason 5 => 139
not ok 79 - ir + ignored revocation
# --
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key 
-newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139
not ok 82 - cr
# --
#   Failed test 'cr'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key 
-newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt 
-oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert 
test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139
not ok 83 - kur explicit options
# --
#   Failed test 'kur explicit options'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout 
test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert 
test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139
not ok 84 - kur minimal options
# --
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ 
-newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt 
-oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139
not ok 86 - kur newkey is directory
# --
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key 
-newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt 

Build completed: openssl master.37017

[AppVeyor]

Build openssl master.37017 completed



Commit 7db44afaad by Matt Caswell on 9/18/2020 11:10 AM:

Document the provider side SM2 Asymmetric Cipher support


Configure your notification preferences

Build failed: openssl master.37016

[AppVeyor]

Build openssl master.37016 failed


Commit 4d1546dcdf by Dr. David von Oheimb on 9/18/2020 9:38 AM:

fixup! Prune low-level ASN.1 parse errors from error queue in decoder_process()


Configure your notification preferences

Errored: openssl/openssl#37558 (master - 991a6bb)

[Travis CI]

Build Update for openssl/openssl
-

Build: #37558
Status: Errored

Duration: 1 hr, 31 mins, and 2 secs
Commit: 991a6bb (master)
Author: Shane Lontis
Message: Add option to fipsinstall to disable fips security checks at run time.

Changes merged from a patch by @richsalz.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/12745)

View the changeset: 
https://github.com/openssl/openssl/compare/282de1cc2d71...991a6bb58182

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/185203171?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Errored: openssl/openssl#37557 (master - 282de1c)

[Travis CI]

Build Update for openssl/openssl
-

Build: #37557
Status: Errored

Duration: 1 hr, 37 mins, and 18 secs
Commit: 282de1c (master)
Author: Matt Caswell
Message: Fix some doc-nits and make update errors

The new lhash changes have confused some of the perl scripts so we add
some fixes.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

View the changeset: 
https://github.com/openssl/openssl/compare/ecf15b16ee82...282de1cc2d71

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/185195803?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

[Matt Caswell]

The branch master has been updated
   via  28833f1465a2dd197f8df80a69095d1913e6e85e (commit)
   via  4c6348c23ade5ce8d3ce89bbcf61b666afc2b555 (commit)
   via  d12a2fe4e73439af46cd545c3e04d80667dc0297 (commit)
  from  991a6bb58182d4d2077a68eb813c897b7de73462 (commit)


- Log -
commit 28833f1465a2dd197f8df80a69095d1913e6e85e
Author: Matt Caswell 
Date:   Thu Sep 17 14:11:21 2020 +0100

Update the EdDSA docs with information about Algorithm Identifiers

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/12884)

commit 4c6348c23ade5ce8d3ce89bbcf61b666afc2b555
Author: Matt Caswell 
Date:   Tue Sep 15 16:48:55 2020 +0100

Make sure we properly test for EdDSA with alg ids

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/12884)

commit d12a2fe4e73439af46cd545c3e04d80667dc0297
Author: Matt Caswell 
Date:   Tue Sep 15 16:20:51 2020 +0100

Teach EdDSA signature algorithms about AlgorithmIdentifiers

The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.

Fixes #11875

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/12884)

---

Summary of changes:
 .gitignore |  2 +
 doc/man7/EVP_SIGNATURE-ED25519.pod | 13 
 providers/common/der/ECX.asn1  | 11 
 providers/common/der/build.info| 17 ++
 .../common/der/{der_dsa.h.in => der_ecx.h.in}  | 12 ++--
 .../der/{der_dsa_gen.c.in => der_ecx_gen.c.in} |  4 +-
 providers/common/der/der_ecx_key.c | 48 +++
 providers/implementations/signature/build.info |  1 +
 providers/implementations/signature/eddsa.c| 69 ++
 test/recipes/25-test_req.t | 12 ++--
 10 files changed, 175 insertions(+), 14 deletions(-)
 create mode 100644 providers/common/der/ECX.asn1
 copy providers/common/der/{der_dsa.h.in => der_ecx.h.in} (58%)
 copy providers/common/der/{der_dsa_gen.c.in => der_ecx_gen.c.in} (85%)
 create mode 100644 providers/common/der/der_ecx_key.c

diff --git a/.gitignore b/.gitignore
index a463fc3c96..0e9405a7ff 100644
--- a/.gitignore
+++ b/.gitignore
@@ -54,10 +54,12 @@ doc/man1/openssl-*.pod
 providers/common/der/der_digests_gen.c
 providers/common/der/der_dsa_gen.c
 providers/common/der/der_ec_gen.c
+providers/common/der/der_ecx_gen.c
 providers/common/der/der_rsa_gen.c
 providers/common/der/der_wrap_gen.c
 providers/common/include/prov/der_dsa.h
 providers/common/include/prov/der_ec.h
+providers/common/include/prov/der_ecx.h
 providers/common/include/prov/der_rsa.h
 providers/common/include/prov/der_digests.h
 providers/common/include/prov/der_wrap.h
diff --git a/doc/man7/EVP_SIGNATURE-ED25519.pod 
b/doc/man7/EVP_SIGNATURE-ED25519.pod
index e3d9cd47e2..bb91ae2434 100644
--- a/doc/man7/EVP_SIGNATURE-ED25519.pod
+++ b/doc/man7/EVP_SIGNATURE-ED25519.pod
@@ -15,11 +15,24 @@ one-shot digest sign and digest verify using PureEdDSA and 
B or B be specified 
when
 signing or verifying.
 See L for information related to B and B 
keys.
 
+The following signature parameters can be retrieved using
+EVP_PKEY_CTX_get_params().
+
+=over 4
+
+=item "algorithm-id" (B) 
+
+The parameters are described in L.
+
+=back
+
 =head1 NOTES
 
 The PureEdDSA algorithm does not support the streaming mechanism
diff --git a/providers/common/der/ECX.asn1 b/providers/common/der/ECX.asn1
new file mode 100644
index 00..72d1b451ae
--- /dev/null
+++ b/providers/common/der/ECX.asn1
@@ -0,0 +1,11 @@
+
+-- ---
+-- Taken from RFC 8410, 9  ASN.1 Module
+-- (https://tools.ietf.org/html/rfc8410#section-9)
+
+id-edwards-curve-algs OBJECT IDENTIFIER ::= { 1 3 101 }
+
+id-X25519OBJECT IDENTIFIER ::= { id-edwards-curve-algs 110 }
+id-X448  OBJECT IDENTIFIER ::= { id-edwards-curve-algs 111 }
+id-Ed25519   OBJECT IDENTIFIER ::= { id-edwards-curve-algs 112 }
+id-Ed448 OBJECT IDENTIFIER ::= { id-edwards-curve-algs 113 }
diff --git a/providers/common/der/build.info b/providers/common/der/build.info
index f7eb86fdfb..60c0d8e66c 100644
--- a/providers/common/der/build.info
+++ b/providers/common/der/build.info
@@ -50,6 +50,19 @@ DEPEND[${DER_EC_GEN/.c/.o}]=$DER_EC_H
 GENERATE[$DER_EC_H]=der_ec.h.in
 DEPEND[$DER_EC_H]=oids_to_c.pm
 
+#- ECX
+$DER_ECX_H=../include/prov/der_ecx.h
+$DER_ECX_GEN=der_ecx_gen.c
+$DER_ECX_AUX=der_ecx_key.c
+
+GENERATE[$DER_ECX_GEN]=der_ecx_gen.c.in
+DEPEND[$DER_ECX_GEN]=oids_to_c.pm
+
+DEPEND[${DER_ECX_AUX/.c/.o}]=$DER_ECX_H
+DEPEND[${DER_ECX_GEN/.c/.o}]=$DER_ECX_H
+GENERATE[$DER_ECX_H]=der_ecx.h.in
+DEPEND[$DER_ECX_H]=oids_to_c.pm
+
 #- KEY WRAP
 

[openssl] master update

[Matt Caswell]

The branch master has been updated
   via  282de1cc2d71a95482ce431b9ed620f85eb6acbd (commit)
   via  028b31b32da97ada44140120297511eae518ed42 (commit)
   via  efffd8a6e452102dbf25b1f801c9312211c5fe4a (commit)
   via  2ca697ce0006efa0a7b3662a1360eea10a56d2ab (commit)
   via  726b3293399cee7b1eedcfb3a524b91537bd5118 (commit)
  from  ecf15b16ee8223a9a383b97ee41126fbedf89bb5 (commit)


- Log -
commit 282de1cc2d71a95482ce431b9ed620f85eb6acbd
Author: Matt Caswell 
Date:   Tue Sep 15 14:00:37 2020 +0100

Fix some doc-nits and make update errors

The new lhash changes have confused some of the perl scripts so we add
some fixes.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

commit 028b31b32da97ada44140120297511eae518ed42
Author: Matt Caswell 
Date:   Fri Sep 11 14:04:51 2020 +0100

Remove some unneeded code from lhash.h

lhash.h had some workaround code for the issue where static inline
functions contained references to libcrypto symbols in public header
files. Since this issue no longer exists this workaround code can be
removed.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

commit efffd8a6e452102dbf25b1f801c9312211c5fe4a
Author: Matt Caswell 
Date:   Fri Sep 11 13:51:58 2020 +0100

Update err.h to use the new lhash generation code

Generate the lhash macros for the ERR_STRING_DATA type

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

commit 2ca697ce0006efa0a7b3662a1360eea10a56d2ab
Author: Matt Caswell 
Date:   Fri Sep 11 13:48:31 2020 +0100

Update conf.h.in to use the new lhash generation code

Generate the lhash macros for the CONF_VALUE type

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

commit 726b3293399cee7b1eedcfb3a524b91537bd5118
Author: Matt Caswell 
Date:   Fri Sep 11 13:22:40 2020 +0100

Provide basis for fixing lhash code

Following on from the earlier safestack work we provide the basis for
fixing the lhash code such that unused static inline functions do not
cause linker errors for applications including those headers.

This brings the lhash code into line with the safestack code.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/12860)

---

Summary of changes:
 .gitignore  |  1 +
 build.info  |  2 ++
 include/openssl/conf.h.in   |  7 ++---
 include/openssl/{err.h => err.h.in} |  8 -
 include/openssl/lhash.h | 62 +
 util/find-doc-nits  |  2 ++
 util/perl/OpenSSL/ParseC.pm |  2 +-
 util/perl/OpenSSL/stackhash.pm  | 27 +++-
 8 files changed, 78 insertions(+), 33 deletions(-)
 rename include/openssl/{err.h => err.h.in} (99%)

diff --git a/.gitignore b/.gitignore
index 8f4bc6af85..a463fc3c96 100644
--- a/.gitignore
+++ b/.gitignore
@@ -32,6 +32,7 @@
 /include/openssl/crmf.h
 /include/openssl/crypto.h
 /include/openssl/ct.h
+/include/openssl/err.h
 /include/openssl/ess.h
 /include/openssl/fipskey.h
 /include/openssl/ocsp.h
diff --git a/build.info b/build.info
index 8aa668e913..dc239a706d 100644
--- a/build.info
+++ b/build.info
@@ -23,6 +23,7 @@ DEPEND[]=include/openssl/asn1.h \
  include/openssl/crmf.h \
  include/openssl/crypto.h \
  include/openssl/ct.h \
+ include/openssl/err.h \
  include/openssl/ess.h \
  include/openssl/fipskey.h \
  include/openssl/opensslv.h \
@@ -49,6 +50,7 @@ 
GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in
 GENERATE[include/openssl/crmf.h]=include/openssl/crmf.h.in
 GENERATE[include/openssl/crypto.h]=include/openssl/crypto.h.in
 GENERATE[include/openssl/ct.h]=include/openssl/ct.h.in
+GENERATE[include/openssl/err.h]=include/openssl/err.h.in
 GENERATE[include/openssl/ess.h]=include/openssl/ess.h.in
 GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in
 GENERATE[include/openssl/ocsp.h]=include/openssl/ocsp.h.in
diff --git a/include/openssl/conf.h.in b/include/openssl/conf.h.in
index 2f1fceb2fb..6e3a10ed55 100644
--- a/include/openssl/conf.h.in
+++ b/include/openssl/conf.h.in
@@ -10,7 +10,7 @@
  */
 
 {-
-use OpenSSL::stackhash qw(generate_stack_macros);
+use OpenSSL::stackhash qw(generate_stack_macros generate_lhash_macros);
 -}
 
 #ifndef  OPENSSL_CONF_H
@@ -40,11 +40,10 @@ typedef struct {
 } CONF_VALUE;
 
 {-
-generate_stack_macros("CONF_VALUE");
+generate_stack_macros("CONF_VALUE")
+.generate_lhash_macros("CONF_VALUE");
 -}
 
-DEFINE_LHASH_OF(CONF_VALUE);
-
 struct conf_st;
 struct conf_method_st;
 typedef 

Build completed: openssl OpenSSL_1_1_1-stable.37010

[AppVeyor]

Build openssl OpenSSL_1_1_1-stable.37010 completed



Commit d7eb78ff6a by Tomas Mraz on 9/11/2020 7:09 AM:

Disallow certs with explicit curve in verification chain


Configure your notification preferences

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-engine

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-certs -noout ../../../../openssl/test/testcrl.pem => 1
not ok 410 - Checking that -certs returns 0 objects on a CRL file
# --
#   Failed test 'Checking that -certs returns 0 objects on a CRL file'
#   at ../openssl/test/recipes/90-test_store.t line 208.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls 
-noout ../../../../openssl/test/testx509.pem => 1
not ok 411 - Checking that -crls returns 0 objects on a certificate file
# --
#   Failed test 'Checking that -crls returns 0 objects on a certificate file'
#   at ../openssl/test/recipes/90-test_store.t line 212.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls 
-noout ../../../../openssl/test/testcrl.pem => 1
not ok 412 - Checking that -crls returns 1 object on a CRL file
# --
#   Failed test 'Checking that -crls returns 1 object on a CRL file'
#   at ../openssl/test/recipes/90-test_store.t line 215.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 413
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 226.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification 
Authority' rehash => 1
not ok 414
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 229.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 415
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 233.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 416
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 236.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server 
Certification Authority' rehash => 1
not ok 417
# --
#   Failed test at 

Build failed: openssl master.37009

[AppVeyor]

Build openssl master.37009 failed


Commit b4f706ea3d by Richard Levitte on 9/17/2020 6:49 AM:

fixup! DECODER: Small cleanups


Configure your notification preferences

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec2m

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ec2m

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

65-test_cmp_vfy.t .. ok
66-test_ossl_store.t ... ok
70-test_asyncio.t .. ok
70-test_bad_dtls.t . ok
70-test_clienthello.t .. ok
70-test_comp.t . ok
70-test_key_share.t  ok
70-test_packet.t ... ok
70-test_recordlen.t  ok
70-test_renegotiation.t  ok
70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this 
configuration
95-test_external_gost_engine.t . skipped: No external tests in this 
configuration

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dsa

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dsa

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

65-test_cmp_vfy.t .. ok
66-test_ossl_store.t ... ok
70-test_asyncio.t .. ok
70-test_bad_dtls.t . ok
70-test_clienthello.t .. ok
70-test_comp.t . ok
70-test_key_share.t  ok
70-test_packet.t ... ok
70-test_recordlen.t  ok
70-test_renegotiation.t  ok
70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . skipped: GOST support is disabled in this 
OpenSSL build
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this 
configuration
95-test_external_gost_engine.t . 

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dh

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

65-test_cmp_vfy.t .. ok
66-test_ossl_store.t ... ok
70-test_asyncio.t .. ok
70-test_bad_dtls.t . ok
70-test_clienthello.t .. ok
70-test_comp.t . ok
70-test_key_share.t  ok
70-test_packet.t ... ok
70-test_recordlen.t  ok
70-test_renegotiation.t  ok
70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . skipped: dh is not supported by this 
OpenSSL build
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . skipped: dh is not supported by this 
OpenSSL build
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this 
configuration

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):


# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . skipped: No DTLS protocols are supported 
by this OpenSSL build
80-test_dtls_mtu.t . skipped: test_dtls_mtu needs DTLS and PSK 
support enabled
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok

# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 7 - iteration 7
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 8 - iteration 8
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 9 - iteration 9
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 10 - iteration 10
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 11 - iteration 11
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:477
# 0x0
not ok 12 - iteration 12
# --
not ok 1 - test_handshake
# --
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips 
../../../openssl/test/fips-and-base.cnf => 1
not ok 9 - running ssl_test 04-client_auth.cnf
# --
#   Failed test 'running ssl_test 04-client_auth.cnf'
#   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
# Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# --
# Looks like you failed 1 test of 31.80-test_ssl_new.t .. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

7f9e744036 Add selftest callback to CRNG output test
4b51903d86 Fix AES_XTS on x86-64 platforms with BSAES and VPAES support.
f80d0d2fd6 HMAC should work with non-provided digests
67ecd65cc4 Rename check_chain_extensions to check_chain
cccf532fef Disallow certs with explicit curve in verification chain
fe2f8aecfe EC_KEY: add EC_KEY_decoded_from_explicit_params()
bde4aa8dc1 Fix Coverity CID 1466708 - correct pointer calculation in one case
ebcae87f6b FIX strncpy warning in apps/cmp.c.
1cae59d14b Make KDFs fail if requesting a zero-length key.
0010870536 Allow zero-length secret for EVP_KDF API
ec4c86d9ec Fix typo in bind_loader_attic comment
3f96b687f7 Document 2 newly added functions
7fc6168b6f Test HMAC output from the dgst CLI
d8025f4ac0 Correctly display the signing/hmac algorithm in the dgst app
b0002eb09a Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate
b8e5622809 Don't send -1 as the length of the hmac key
067a3057c3 Annotate potential -Wunused-function violations in err.h
4bb73d5409 Add a NULL check to EVP_PKEY_assign
8230710f04 Update AES GCM IV max length to be 1024 bits (was 512)
eb750219f2 undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters
5d94202884 Configurations/unix-Makefile.tmpl: Don't specify headers twice
fc661b50df OpenSSL::ParseC: recognise inline function bodies
4343a4187d Add self tests for rsa encryption

Build log ended with (last 100 lines):

Unable to load private key for CMP client certificate
cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context
# cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp 
-config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 
127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout 
test.certout_csr_ignored.pem -out_trusted root.crt -csr idontexist => 1
not ok 72 - csr ignored for ir
# --
#   Failed test 'csr ignored for ir'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not read any key of private key for CMP client certificate from signer.p12
C0901355397F:error::asn1 encoding routines:ASN1_get_object:header too 
long:../openssl/crypto/asn1/asn1_lib.c:103:
Unable to load private key for CMP client certificate
cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context
# cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp 
-config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 
127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout 
test.certout_p10cr.pem -out_trusted root.crt -csr csr.pem => 1
not ok 73 - p10cr csr
# --
Could not read any key of private key for CMP client certificate from signer.p12
C030E17DA87F:error::asn1 encoding routines:ASN1_get_object:header too 
long:../openssl/crypto/asn1/asn1_lib.c:103:
Unable to load private key for CMP client certificate
cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context
# cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp 
-config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 
127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout 
test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 1
not ok 79 - ir + ignored revocation
# --
Could not read any key of private key for CMP client certificate from signer.p12
C0108E54CA7F:error::asn1 encoding routines:ASN1_get_object:header too 
long:../openssl/crypto/asn1/asn1_lib.c:103:
Unable to load private key for CMP client