Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars
Errored: openssl/openssl#37725 (master - 25b1656)
Build Update for openssl/openssl - Build: #37725 Status: Errored Duration: 1 hr, 32 mins, and 41 secs Commit: 25b1656 (master) Author: Richard Levitte Message: Hide ECX_KEY again ECX_KEY was not meant for public consumption, it was only to be accessed indirectly via EVP routines. However, we still need internal access for our decoders. This partially reverts 7c664b1f1b5f60bf896f5fdea5c08c401c541dfe Fixes #12880 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12956) View the changeset: https://github.com/openssl/openssl/compare/21e5be854deb...25b16562d386 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186579262?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Build completed: openssl master.37179
Build openssl master.37179 completed Commit 35e1b00514 by Randall S. Becker on 9/24/2020 1:16 PM: Modified rand_cpu_x86.c to support builtin hardware randomizer on HPE NonStop. Configure your notification preferences
Build failed: openssl master.37178
Build openssl master.37178 failed Commit d87f81054c by Daniel Bevenius on 9/24/2020 8:48 AM: provider: add input_type pem for RSA decoder Configure your notification preferences
[openssl] master update
The branch master has been updated via 25b16562d386bfd30c7059366d09864260d9f271 (commit) from 21e5be854deb65f54661c8231a9a30a453a173e0 (commit) - Log - commit 25b16562d386bfd30c7059366d09864260d9f271 Author: Richard Levitte Date: Fri Sep 25 12:12:22 2020 +1000 Hide ECX_KEY again ECX_KEY was not meant for public consumption, it was only to be accessed indirectly via EVP routines. However, we still need internal access for our decoders. This partially reverts 7c664b1f1b5f60bf896f5fdea5c08c401c541dfe Fixes #12880 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12956) --- Summary of changes: crypto/evp/p_lib.c | 26 +++- doc/internal/man3/evp_pkey_get1_ED25519.pod| 43 +++ doc/man3/EVP_PKEY_set1_RSA.pod | 49 -- include/crypto/ecx.h | 5 +++ include/openssl/evp.h | 21 -- .../implementations/encode_decode/decode_der2key.c | 8 ++-- util/libcrypto.num | 12 -- util/other.syms| 4 -- 8 files changed, 66 insertions(+), 102 deletions(-) create mode 100644 doc/internal/man3/evp_pkey_get1_ED25519.pod diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index aae71b30e2..73502f1f62 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -870,15 +870,7 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) return ret; } -static int EVP_PKEY_set1_ECX_KEY(EVP_PKEY *pkey, int type, ECX_KEY *key) -{ -int ret = EVP_PKEY_assign(pkey, type, key); -if (ret) -ecx_key_up_ref(key); -return ret; -} - -static ECX_KEY *EVP_PKEY_get0_ECX_KEY(const EVP_PKEY *pkey, int type) +static ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type) { if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) { ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY); @@ -891,26 +883,18 @@ static ECX_KEY *EVP_PKEY_get0_ECX_KEY(const EVP_PKEY *pkey, int type) return pkey->pkey.ecx; } -static ECX_KEY *EVP_PKEY_get1_ECX_KEY(EVP_PKEY *pkey, int type) +static ECX_KEY *evp_pkey_get1_ECX_KEY(EVP_PKEY *pkey, int type) { -ECX_KEY *ret = EVP_PKEY_get0_ECX_KEY(pkey, type); +ECX_KEY *ret = evp_pkey_get0_ECX_KEY(pkey, type); if (ret != NULL) ecx_key_up_ref(ret); return ret; } # define IMPLEMENT_ECX_VARIANT(NAME) \ -int EVP_PKEY_set1_##NAME(EVP_PKEY *pkey, ECX_KEY *key) \ -{ \ -return EVP_PKEY_set1_ECX_KEY(pkey, EVP_PKEY_##NAME, key); \ -} \ -ECX_KEY *EVP_PKEY_get0_##NAME(const EVP_PKEY *pkey) \ -{ \ -return EVP_PKEY_get0_ECX_KEY(pkey, EVP_PKEY_##NAME);\ -} \ -ECX_KEY *EVP_PKEY_get1_##NAME(EVP_PKEY *pkey) \ +ECX_KEY *evp_pkey_get1_##NAME(EVP_PKEY *pkey) \ { \ -return EVP_PKEY_get1_ECX_KEY(pkey, EVP_PKEY_##NAME);\ +return evp_pkey_get1_ECX_KEY(pkey, EVP_PKEY_##NAME);\ } IMPLEMENT_ECX_VARIANT(X25519) IMPLEMENT_ECX_VARIANT(X448) diff --git a/doc/internal/man3/evp_pkey_get1_ED25519.pod b/doc/internal/man3/evp_pkey_get1_ED25519.pod new file mode 100644 index 00..37b41e4591 --- /dev/null +++ b/doc/internal/man3/evp_pkey_get1_ED25519.pod @@ -0,0 +1,43 @@ +=pod + +=head1 NAME + +evp_pkey_get1_ED25519, evp_pkey_get1_ED448, +evp_pkey_get1_X25519, evp_pkey_get1_X448 +- internal ECX from EVP_PKEY getter functions + +=head1 SYNOPSIS + + #include "internal/evp.h" + + ECX_KEY *evp_pkey_get1_ED25519(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_ED448(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_X25519(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_X448(EVP_PKEY *pkey); + +=head1 DESCRIPTION + +evp_pkey_get1_ED25519(), evp_pkey_get1_ED448(), evp_pkey_get1_X25519() and +evp_pkey_get1_X448() return the referenced key in I or NULL if the key +is not of the correct type. The returned key must be freed after use. + +=head1 RETURN VALUES + +evp_pkey_get1_ED25519(), evp_pkey_get1_ED448(), evp_pkey_get1_X25519() and +evp_pkey_get1_X448() return the referenced key or NULL if an error +occurred. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License").
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok Could not read any cert of certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C090CA6CDA7F:error::asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:103: ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # -- # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-pic
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-pic Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): $ CC=clang ../openssl/config -d --strict-warnings no-pic Configuring OpenSSL version 3.0.0-alpha7-dev for target linux-x86_64 Using os-specific seed configuration md5-x86_64.o appears 2 times for the product libcrypto md5_one.o appears 2 times for the product libcrypto md5_dgst.o appears 2 times for the product libcrypto md5_sha1.o appears 2 times for the product libcrypto Failure! Makefile wasn't produced. Please read INSTALL.md and associated NOTES-* files. You may also have to look over your available compiler tool chain or change your configuration. Died at ../openssl/Configure line 2428.
Build completed: openssl master.37173
Build openssl master.37173 completed Commit 8ee3e439be by Matt Caswell on 9/24/2020 12:16 PM: squash! Move SM2 asymmetric encryption to be available in the default provider Configure your notification preferences
Build failed: openssl master.37172
Build openssl master.37172 failed Commit 10917ed240 by Matt Caswell on 9/24/2020 11:50 AM: fixup! Fix some things the rename script didn't quite get right Configure your notification preferences
Build failed: openssl master.37169
Build openssl master.37169 failed Commit 59de2b0379 by Jon Spillett on 8/20/2020 5:10 AM: Fix serialization of DSA keys to text. Print function requires parameters as well as keypair Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Configuring OpenSSL version 3.0.0-alpha7-dev for target linux-x86_64 Using os-specific seed configuration md5_dgst.o appears 2 times for the product libcrypto md5-x86_64.o appears 2 times for the product libcrypto md5_one.o appears 2 times for the product libcrypto md5_sha1.o appears 2 times for the product libcrypto Failure! Makefile wasn't produced. Please read INSTALL.md and associated NOTES-* files. You may also have to look over your available compiler tool chain or change your configuration. Died at ../openssl/Configure line 2428.
Errored: openssl/openssl#37713 (master - 21e5be8)
Build Update for openssl/openssl - Build: #37713 Status: Errored Duration: 1 hr, 21 mins, and 7 secs Commit: 21e5be8 (master) Author: Shane Lontis Message: Add key length check to rsa_kem operation. This uses similiar code used by other rsa related operations. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12955) View the changeset: https://github.com/openssl/openssl/compare/4e0723bc9337...21e5be854deb View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186447302?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # -- # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # -- ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # -- # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # -- # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # -- ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config
Build completed: openssl master.37167
Build openssl master.37167 completed Commit 4cf5a9d728 by Shane Lontis on 9/24/2020 8:59 AM: fixup! Update openssl list to support new provider objects. Configure your notification preferences
Errored: openssl/openssl#37710 (master - 4e0723b)
Build Update for openssl/openssl - Build: #37710 Status: Errored Duration: 1 hr, 10 mins, and 59 secs Commit: 4e0723b (master) Author: Dr. David von Oheimb Message: Test.pm: Some clarifications added to the documentation Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12893) View the changeset: https://github.com/openssl/openssl/compare/254b5dcabd20...4e0723bc9337 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186446384?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Build failed: openssl master.37166
Build openssl master.37166 failed Commit 587dc5d548 by Dr. David von Oheimb on 9/23/2020 8:19 AM: apps/cms.c: Make -sign and -verify handle binary input correctly Configure your notification preferences
Errored: openssl/openssl#37706 (master - 254b5dc)
Build Update for openssl/openssl - Build: #37706 Status: Errored Duration: 1 hr, 20 mins, and 12 secs Commit: 254b5dc (master) Author: Pauli Message: ACVP: add test case for DRBG Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12905) View the changeset: https://github.com/openssl/openssl/compare/cdb5129e5c5f...254b5dcabd20 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186426162?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[web] master update
The branch master has been updated via 5fdc4406e53ff3af0a5e5c4db55a9565fcd29015 (commit) from 1a99da7d86438c88211a32f48d5627ec2aa77f87 (commit) - Log - commit 5fdc4406e53ff3af0a5e5c4db55a9565fcd29015 Author: Matt Caswell Date: Tue Jun 16 10:33:46 2020 +0100 Update the Release schedule in the release strategy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/web/pull/184) --- Summary of changes: policies/releasestrat.html | 17 +++-- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index 2fd9ad9..4b3f4f0 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -107,20 +107,9 @@ Bug fixes only - The following alpha and beta releases for OpenSSL 3.0 are currently - scheduled. Note that these dates are subject to change and alpha or beta - releases may be inserted or removed as required: - - alpha1, 2020-03-31: Basic functionality plus basic FIPS module - alpha2, 2020-04-21: Complete external provider support (serialization, - support for new algs, support for providers which only include - operations in a class) - alpha3, 2020-05-21: Aiming to test the API completeness before beta1 - freezes it) - beta1, 2020-06-02: Code complete (API stable, feature freeze) - betaN: Other beta releases TBD - Final: 2020 early Q4 - + The OpenSSL 3.0 release schedule is documented on the + https://wiki.openssl.org/index.php/OpenSSL_3.0_Release_Schedule;>OpenSSL 3.0 Release Schedule + wiki page. We expect the final release to be in early Q4 2020. For any major or minor release, we have defined the following
[web] master update
The branch master has been updated via 1a99da7d86438c88211a32f48d5627ec2aa77f87 (commit) from 73e69696a67ccd706dae5b8359bb423febde25aa (commit) - Log - commit 1a99da7d86438c88211a32f48d5627ec2aa77f87 Author: Matt Caswell Date: Wed Jun 10 09:18:01 2020 +0100 CLA page clarifications Fix a typo and clarify we require CLAs from all original authors. Reviewed-by: Mark J. Cox (Merged from https://github.com/openssl/web/pull/183) --- Summary of changes: policies/cla.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policies/cla.html b/policies/cla.html index e29cf7d..cdbd592 100644 --- a/policies/cla.html +++ b/policies/cla.html @@ -12,9 +12,9 @@ Contributor Agreements -Every non-trivial contribution to be +Every non-trivial contribution needs to be covered by a signed - Contributor License Agreement (CLA). +Contributor License Agreement (CLA) from all original authors. We have modelled our policy based on the practice of https://www.apache.org;>the Apache Software Foundation. You can see their CLA policy
[web] master update
The branch master has been updated via 73e69696a67ccd706dae5b8359bb423febde25aa (commit) from 272b74db20a3cec1c9882f58161efa93accad094 (commit) - Log - commit 73e69696a67ccd706dae5b8359bb423febde25aa Author: Matt Caswell Date: Mon Sep 14 11:26:49 2020 +0100 Add a new section to the Coding Style about argument ordering We also add a section about how to extend existing functions. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/web/pull/195) --- Summary of changes: policies/codingstyle.txt | 17 + 1 file changed, 17 insertions(+) diff --git a/policies/codingstyle.txt b/policies/codingstyle.txt index db21c44..a9958f1 100644 --- a/policies/codingstyle.txt +++ b/policies/codingstyle.txt @@ -295,6 +295,23 @@ because it is a simple way to add valuable information for the reader. The name in the prototype declaration should match the name in the function definition. +Chapter 6.1: Extending existing functions + +From time to time it is necessary to extend an existing function. Typically this +will mean adding additional arguments, but it may also include removal of some. + +Where an extended function should be added the original function should be kept +and a new version created with the same name and an "_ex" suffix. For example, +the "RAND_bytes" function has an extended form called "RAND_bytes_ex". + +Where an extended version of a function already exists and a second extended +version needs to be created then it should have an "_ex2" suffix, and so on for +further extensions. + +When an extended version of a function is created the order of existing +parameters from the original function should be retained. However new parameters +may be inserted at any point (they do not have to be at the end), and no longer +required parameters may be removed. Chapter 7: Centralized exiting of functions
[openssl] master update
The branch master has been updated via 21e5be854deb65f54661c8231a9a30a453a173e0 (commit) from 4e0723bc93373da6affd1c2ce7dcad39281ebb9b (commit) - Log - commit 21e5be854deb65f54661c8231a9a30a453a173e0 Author: Shane Lontis Date: Wed Sep 23 11:49:38 2020 +1000 Add key length check to rsa_kem operation. This uses similiar code used by other rsa related operations. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12955) --- Summary of changes: providers/implementations/kem/rsa_kem.c | 27 +-- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index 7cf0e918c8..c6f95dc017 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -25,11 +25,12 @@ #include "prov/providercommonerr.h" #include "prov/provider_ctx.h" #include "prov/implementations.h" +#include "prov/securitycheck.h" static OSSL_FUNC_kem_newctx_fn rsakem_newctx; -static OSSL_FUNC_kem_encapsulate_init_fn rsakem_init; +static OSSL_FUNC_kem_encapsulate_init_fn rsakem_encapsulate_init; static OSSL_FUNC_kem_encapsulate_fn rsakem_generate; -static OSSL_FUNC_kem_decapsulate_init_fn rsakem_init; +static OSSL_FUNC_kem_decapsulate_init_fn rsakem_decapsulate_init; static OSSL_FUNC_kem_decapsulate_fn rsakem_recover; static OSSL_FUNC_kem_freectx_fn rsakem_freectx; static OSSL_FUNC_kem_dupctx_fn rsakem_dupctx; @@ -116,7 +117,7 @@ static void *rsakem_dupctx(void *vprsactx) return dstctx; } -static int rsakem_init(void *vprsactx, void *vrsa) +static int rsakem_init(void *vprsactx, void *vrsa, int operation) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -124,10 +125,24 @@ static int rsakem_init(void *vprsactx, void *vrsa) return 0; RSA_free(prsactx->rsa); prsactx->rsa = vrsa; -/* TODO(3.0) Add a RSA keylength check here for fips */ + +if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) { +ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); +return 0; +} return 1; } +static int rsakem_encapsulate_init(void *vprsactx, void *vrsa) +{ +return rsakem_init(vprsactx, vrsa, EVP_PKEY_OP_ENCAPSULATE); +} + +static int rsakem_decapsulate_init(void *vprsactx, void *vrsa) +{ +return rsakem_init(vprsactx, vrsa, EVP_PKEY_OP_DECAPSULATE); +} + static int rsakem_get_ctx_params(void *vprsactx, OSSL_PARAM *params) { PROV_RSA_CTX *ctx = (PROV_RSA_CTX *)vprsactx; @@ -322,10 +337,10 @@ static int rsakem_recover(void *vprsactx, unsigned char *out, size_t *outlen, const OSSL_DISPATCH rsa_asym_kem_functions[] = { { OSSL_FUNC_KEM_NEWCTX, (void (*)(void))rsakem_newctx }, { OSSL_FUNC_KEM_ENCAPSULATE_INIT, - (void (*)(void))rsakem_init }, + (void (*)(void))rsakem_encapsulate_init }, { OSSL_FUNC_KEM_ENCAPSULATE, (void (*)(void))rsakem_generate }, { OSSL_FUNC_KEM_DECAPSULATE_INIT, - (void (*)(void))rsakem_init }, + (void (*)(void))rsakem_decapsulate_init }, { OSSL_FUNC_KEM_DECAPSULATE, (void (*)(void))rsakem_recover }, { OSSL_FUNC_KEM_FREECTX, (void (*)(void))rsakem_freectx }, { OSSL_FUNC_KEM_DUPCTX, (void (*)(void))rsakem_dupctx },
[openssl] master update
The branch master has been updated via 4e0723bc93373da6affd1c2ce7dcad39281ebb9b (commit) via 1061baf64662aaa16e9e086f469126e1819e0805 (commit) via 29844ea5b3d2b7240d99b043a0d82cb177f0762d (commit) via 50eb2a507732b4d32879709dbfa335ccb542f676 (commit) from 254b5dcabd205b2229439020c768a0c9da0d8d7b (commit) - Log - commit 4e0723bc93373da6affd1c2ce7dcad39281ebb9b Author: Dr. David von Oheimb Date: Fri Sep 18 10:36:15 2020 +0200 Test.pm: Some clarifications added to the documentation Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12893) commit 1061baf64662aaa16e9e086f469126e1819e0805 Author: Dr. David von Oheimb Date: Thu Sep 17 09:55:28 2020 +0200 apps/ca.c: Rename confusing variable 'req' to 'template_cert' in certify_cert() Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12893) commit 29844ea5b3d2b7240d99b043a0d82cb177f0762d Author: Dr. David von Oheimb Date: Wed Sep 16 12:52:09 2020 +0200 Prune low-level ASN.1 parse errors from error queue in decoder_process() Fixes #12840 Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12893) commit 50eb2a507732b4d32879709dbfa335ccb542f676 Author: Dr. David von Oheimb Date: Thu Sep 17 01:39:00 2020 +0200 load_key_certs_crls(): Restore output of fatal errors Also improve credentials loading diagnostics for many apps. Fixes #12840 Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12893) --- Summary of changes: apps/ca.c | 17 +++--- apps/cms.c | 4 +- apps/dgst.c| 4 +- apps/dsa.c | 4 +- apps/ec.c | 4 +- apps/lib/apps.c| 65 +++--- apps/lib/s_cb.c| 6 +- apps/pkeyutl.c | 6 +- apps/req.c | 2 +- apps/rsa.c | 4 +- apps/rsautl.c | 4 +- apps/s_client.c| 4 +- apps/s_server.c| 12 ++-- apps/smime.c | 4 +- apps/x509.c| 10 ++-- crypto/dh/dh_ameth.c | 4 +- crypto/ec/ec_ameth.c | 4 +- crypto/ec/ec_asn1.c| 7 +-- crypto/ec/ec_err.c | 4 -- crypto/err/openssl.txt | 5 -- crypto/evp/evp_err.c | 1 - crypto/evp/evp_pbe.c | 7 +-- crypto/pkcs12/p12_decr.c | 10 +--- crypto/pkcs12/p12_kiss.c | 6 +- crypto/pkcs12/pk12err.c| 4 -- crypto/rsa/rsa_ameth.c | 8 +-- crypto/store/store_result.c| 10 +++- include/openssl/ecerr.h| 2 - include/openssl/evperr.h | 1 - include/openssl/pkcs12err.h| 2 - .../implementations/encode_decode/decode_der2key.c | 17 +- .../implementations/storemgmt/file_store_der2obj.c | 17 +- test/recipes/25-test_x509.t| 26 - util/perl/OpenSSL/Test.pm | 14 +++-- 34 files changed, 175 insertions(+), 124 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 74113cdd67..58126b95a0 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1269,7 +1269,8 @@ end_of_options: } else { X509 *revcert; -revcert = load_cert_pass(infile, certformat, passin, infile); +revcert = load_cert_pass(infile, certformat, passin, + "certificate to be revoked"); if (revcert == NULL) goto end; if (dorevoke == 2) @@ -1398,23 +1399,23 @@ static int certify_cert(X509 **xret, const char *infile, int certformat, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy) { -X509 *req = NULL; +X509 *template_cert = NULL; X509_REQ *rreq = NULL; EVP_PKEY *pktmp = NULL; int ok = -1, i; -if ((req = load_cert_pass(infile, certformat, passin,
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # -- # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # -- # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # -- # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # -- # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # -- # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # -- # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine
[openssl] master update
The branch master has been updated via 254b5dcabd205b2229439020c768a0c9da0d8d7b (commit) from cdb5129e5c5fd8ad678c5efb1e87c91595d907b4 (commit) - Log - commit 254b5dcabd205b2229439020c768a0c9da0d8d7b Author: Pauli Date: Fri Sep 18 12:12:33 2020 +1000 ACVP: add test case for DRBG Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12905) --- Summary of changes: test/acvp_test.c | 81 ++ test/acvp_test.inc | 54 2 files changed, 135 insertions(+) diff --git a/test/acvp_test.c b/test/acvp_test.c index 3e9631065a..de1a2e1fbc 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -1338,6 +1338,85 @@ err: return ret; } +static int drbg_test(int id) +{ +OSSL_PARAM params[3]; +EVP_RAND *rand = NULL; +EVP_RAND_CTX *ctx = NULL, *parent = NULL; +unsigned char returned_bits[64]; +const size_t returned_bits_len = sizeof(returned_bits); +unsigned int strength = 256; +const struct drbg_st *tst = _data[id]; +int res = 0; + +/* Create the seed source */ +if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips")) +|| !TEST_ptr(parent = EVP_RAND_CTX_new(rand, NULL))) +goto err; +EVP_RAND_free(rand); +rand = NULL; + +params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, ); +params[1] = OSSL_PARAM_construct_end(); +if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) +goto err; + +/* Get the DRBG */ +if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, tst->drbg_name, "")) +|| !TEST_ptr(ctx = EVP_RAND_CTX_new(rand, parent))) +goto err; + +/* Set the DRBG up */ +params[0] = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF, + (int *)>use_df); +params[1] = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER, + (char *)tst->cipher, 0); +params[2] = OSSL_PARAM_construct_end(); +if (!TEST_true(EVP_RAND_set_ctx_params(ctx, params))) +goto err; + +/* Feed in the entropy and nonce */ +params[0] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, + (void *)tst->entropy_input, + tst->entropy_input_len); +params[1] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE, + (void *)tst->nonce, + tst->nonce_len); +params[2] = OSSL_PARAM_construct_end(); +if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) +goto err; + +/* + * Run the test + * A NULL personalisation string defaults to the built in so something + * non-NULL is needed if there is no personalisation string + */ +if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0)) +|| !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, +0, 0, NULL, 0)) +|| !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, +0, 0, NULL, 0))) +goto err; + +test_output_memory("returned bits", returned_bits, returned_bits_len); + +/* Clean up */ +if (!TEST_true(EVP_RAND_uninstantiate(ctx)) +|| !TEST_true(EVP_RAND_uninstantiate(parent))) +goto err; + +/* Verify the output */ +if (!TEST_mem_eq(returned_bits, returned_bits_len, + tst->returned_bits, tst->returned_bits_len)) +goto err; +res = 1; +err: +EVP_RAND_CTX_free(ctx); +EVP_RAND_CTX_free(parent); +EVP_RAND_free(rand); +return res; +} + int setup_tests(void) { char *config_file = NULL; @@ -1404,6 +1483,8 @@ int setup_tests(void) ADD_ALL_TESTS(ecdsa_siggen_test, OSSL_NELEM(ecdsa_siggen_data)); ADD_ALL_TESTS(ecdsa_sigver_test, OSSL_NELEM(ecdsa_sigver_data)); #endif /* OPENSSL_NO_EC */ + +ADD_ALL_TESTS(drbg_test, OSSL_NELEM(drbg_data)); return 1; } diff --git a/test/acvp_test.inc b/test/acvp_test.inc index 01f6d0d668..eea66c0802 100644 --- a/test/acvp_test.inc +++ b/test/acvp_test.inc @@ -1982,3 +1982,57 @@ static const struct rsa_decrypt_prim_st rsa_decrypt_prim_data[] = { }; #endif /* OPENSSL_NO_RSA */ + +struct drbg_st { +const char *drbg_name; +const char *cipher; +int use_df; + +const unsigned char *entropy_input; +size_t entropy_input_len; +const unsigned char *nonce; +size_t nonce_len; +const unsigned char *returned_bits; +size_t returned_bits_len; +}; + +static const unsigned char drbg_entropy_input[] = { +0x36, 0x40, 0x19, 0x40, 0xfa, 0x8b, 0x1f, 0xba, +
Errored: openssl/openssl#37696 (master - cdb5129)
Build Update for openssl/openssl - Build: #37696 Status: Errored Duration: 51 mins and 12 secs Commit: cdb5129 (master) Author: Richard Levitte Message: Use OPENSSL_SYS_TANDEM instead of OPENSSL_SYSNAME_TANDEM This streamlines with all other config targets, and draws from the 'sys_id' config attribute. Fixes #12858 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/12933) View the changeset: https://github.com/openssl/openssl/compare/3eb99601b148...cdb5129e5c5f View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186397096?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec2m
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec2m Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok
Errored: openssl/openssl#37695 (master - 3eb9960)
Build Update for openssl/openssl - Build: #37695 Status: Errored Duration: 1 hr, 28 mins, and 46 secs Commit: 3eb9960 (master) Author: Hu Keping Message: Simplify the tarball generating scripts As per discussed in issue #12364 [1], since the format of git archive is inferred from the output file, it's safe to remove the pipe for gzip. [1] https://github.com/openssl/openssl/issues/12364 Fixes #12364 Signed-off-by: Hu Keping Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12841) View the changeset: https://github.com/openssl/openssl/compare/b0614f0ae3c3...3eb99601b148 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/186396817?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dsa
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dsa Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . skipped: dh is not supported by this OpenSSL build 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t . skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 7 - iteration 7 # -- # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 8 - iteration 8 # -- # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 9 - iteration 9 # -- # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 10 - iteration 10 # -- # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 11 - iteration 11 # -- # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 12 - iteration 12 # -- not ok 1 - test_handshake # -- ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # -- # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # -- # Looks like you failed 1 test of 31.80-test_ssl_new.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: b0614f0ae3 drbg: revert renamings of the generate and reseed counter 0ce47b35c7 Configurations/unix-Makefile.tmpl: make cleanup kinder e771249c4f Fix propq in x942kdf 0ecec0fa08 Fix missing propq in sm2 851886b061 Fix missing propq in ffc_params_generate c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info() 8dbef010e7 Fix ecx so that is uses a settable propertyquery 7f80980fb7 Fix ssl_hmac_new() so that it uses the propq 26496f5a5c Fix EVP_KDF_scrypt so that is uses a propq for its fetch. 719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST 81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c ced5231b04 Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() 965d3f36c4 Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() ad2dbfb543 Fix CID 1466713 : Dead code in encode_key2text.c d65ab22efd Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() 78ef571707 Fix CID 1467068 : Null pointer dereference in self_test.c 2e9ab56edc rand: add a test case for configuration based random 2ff4e15dc2 list: add capability to print details about the current DRBGs 0ed26fb63c drbg: gettable parameters for cipher/digest/mac type. c9452d74a4 kdf/mac: add name query calls for KDFs and MACs d8e52fd05e evp_rand: fix bug in gettable_ctx/settable_ctx calls 44d2482ba6 Add a "random" configuration section. 11b93a1c82 DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new 4640cd00c3 rand: reference count the EVP_RAND contexts. 8e3a64fdb6 Add auto-gen SM2 der files into .gitignore e9aa4a16a6 refactor get params functions 1d03db9085 support PARAM_SECURITY_BITS for SM2 b3d267caac Address review comments d0b79f8631 Add SM2 signature algorithm to default provider 7ee511d093 Add SM2 key management 6b1428ac12 Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Build log ended with (last 100 lines): Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_csr_ignored.pem -out_trusted root.crt -csr idontexist => 1 not ok 72 - csr ignored for ir # -- # Failed test 'csr ignored for ir' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. Could not read any key of private key for CMP client certificate from signer.p12 C0B01C74C57F:error::asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:103: Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr.pem -out_trusted root.crt -csr csr.pem => 1 not ok 73 - p10cr csr # -- Could not read any key of private key for CMP client certificate from signer.p12 C0B0BAEAB97F:error::asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:103: Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
[openssl] master update
The branch master has been updated via cdb5129e5c5fd8ad678c5efb1e87c91595d907b4 (commit) via 37fe90ad17fcaaeb33d01c660ed1c12db723d833 (commit) via c60330cb0efcde5fea80113c110499d352b2abca (commit) from 3eb99601b148e0019905b660d344508cccfc6943 (commit) - Log - commit cdb5129e5c5fd8ad678c5efb1e87c91595d907b4 Author: Richard Levitte Date: Mon Sep 21 13:14:26 2020 +0200 Use OPENSSL_SYS_TANDEM instead of OPENSSL_SYSNAME_TANDEM This streamlines with all other config targets, and draws from the 'sys_id' config attribute. Fixes #12858 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/12933) commit 37fe90ad17fcaaeb33d01c660ed1c12db723d833 Author: Richard Levitte Date: Mon Sep 21 13:13:25 2020 +0200 Configure: Show 'enable' and 'disable' config attributes This makes a difference for './Configure HASH' and './Configure TABLE' Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/12933) commit c60330cb0efcde5fea80113c110499d352b2abca Author: Richard Levitte Date: Mon Sep 21 13:11:28 2020 +0200 Configuration: Streamline NonStop entries Because there are many combinations and much repetition, we add a large number of templates to cover all aspects, and make the actual config entries inherit from the templates combined. Fixes #12858 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/12933) --- Summary of changes: Configurations/50-nonstop.conf | 438 + Configure | 2 + apps/ca.c | 2 +- apps/lib/apps.c| 2 +- crypto/rand/rand_egd.c | 6 +- include/internal/sockets.h | 2 +- 6 files changed, 275 insertions(+), 177 deletions(-) diff --git a/Configurations/50-nonstop.conf b/Configurations/50-nonstop.conf index 51034c70aa..e11bc77083 100644 --- a/Configurations/50-nonstop.conf +++ b/Configurations/50-nonstop.conf @@ -1,176 +1,272 @@ Nonstop configurations -"nonstop-common" => { -inherit_from => [ "BASE_unix" ], -template => 1, -cc => "c99", -cflags => add_before(picker(debug => "-g -O0", - release => "-g -O2") ,"-Wextensions -Wnowarn=203,220,272,734,770,1506 -Wbuild_neutral_library"), -perl => "/usr/bin/perl", -lflags => "-lrld", -shared_target=> "self", -shared_cflag => "", -shared_ldflag=> "-Wshared", +# Common for all +'nonstop-common' => { +inherit_from => [ 'BASE_unix' ], +template => 1, +cc => 'c99', +cflags => add_before(picker(debug => '-g -O0', + release => '-g -O2'), + '-Wextensions', + '-Wnowarn=203,220,272,734,770,1506', + '-Wbuild_neutral_library', + '-Wverbose'), +defines => add('OPENSSL_VPROC=$(OPENSSL_VPROC)', +'_XOPEN_SOURCE', +'_XOPEN_SOURCE_EXTENDED=1', +'_TANDEM_SOURCE', +'B_ENDIAN'), +perl => '/usr/bin/perl', +shared_target=> 'self', shared_extension => ".so", -enable => ["egd"], -dso_scheme => "DLFCN", -}, -"nonstop-nsx" => { -inherit_from => [ "nonstop-common" ], -cflags => sub { join(" ",@_,"-Wverbose -I/usr/local/include") }, -shared_cflag => sub { join(" ",@_,"-Wverbose -I/usr/local/include") }, -lflags => sub { join(" ",@_,"-lfloss -Wxld='-set floattype neutral_float' -Wsystype=oss") }, -shared_ldflag=> sub { join(" ",@_,"-lfloss -Wxld='-export_all -set floattype neutral_float -set systype oss' -Wsystype=oss") }, -defines => ["OPENSSL_VPROC=\$(OPENSSL_VPROC)","_XOPEN_SOURCE","_XOPEN_SOURCE_EXTENDED=1","B_ENDIAN", "OPENSSL_SYSNAME_TANDEM", "OPENSSL_TANDEM_FLOSS"], -disable => ["threads"], -bn_ops => "THIRTY_TWO_BIT", -}, -"nonstop-nsx_put" => { -inherit_from => [ "nonstop-common" ], -cflags => sub { join(" ",@_,"-Wverbose") }, -shared_cflag => sub { join(" ",@_,"-Wverbose") }, -lflags => sub { join(" ",@_,"-lput") }, -shared_ldflag=> sub { join(" ",@_,"-Wxld='-export_all -set floattype neutral_float -set systype oss' -lput
[openssl] master update
The branch master has been updated via 3eb99601b148e0019905b660d344508cccfc6943 (commit) from b0614f0ae3c33182ad184dc82056b22aebf42956 (commit) - Log - commit 3eb99601b148e0019905b660d344508cccfc6943 Author: Hu Keping Date: Wed Sep 9 16:01:17 2020 + Simplify the tarball generating scripts As per discussed in issue #12364 [1], since the format of git archive is inferred from the output file, it's safe to remove the pipe for gzip. [1] https://github.com/openssl/openssl/issues/12364 Fixes #12364 Signed-off-by: Hu Keping Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12841) --- Summary of changes: util/mktar.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/util/mktar.sh b/util/mktar.sh index ec47578f34..06a1f92150 100755 --- a/util/mktar.sh +++ b/util/mktar.sh @@ -31,8 +31,7 @@ done if [ -z "$TARFILE" ]; then TARFILE="$NAME.tar"; fi # This counts on .gitattributes to specify what files should be ignored -git archive --worktree-attributes --format=tar --prefix="$NAME/" -v HEAD \ -| gzip -9 > "$TARFILE.gz" +git archive --worktree-attributes -9 --prefix="$NAME/" -o $TARFILE.gz -v HEAD # Good old way to ensure we display an absolute path td=`dirname $TARFILE`