date:20170803

[openssl-commits] [openssl] master update

2017-08-03 Thread Matt Caswell

The branch master has been updated
   via  67dc995eaf538ea309c6292a1a5073465201f55b (commit)
  from  5bd05e579994c756cd994b5e0ff5f395aae6bfff (commit)


- Log -
commit 67dc995eaf538ea309c6292a1a5073465201f55b
Author: Matt Caswell 
Date:   Wed Aug 2 14:46:31 2017 +0100

Move ossl_assert

Move the definition of ossl_assert() out of e_os.h which is intended for OS
specific things. Instead it is moved into internal/cryptlib.h.

This also changes the definition to remove the (int) cast.

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4073)

---

Summary of changes:
 e_os.h  | 17 -
 {crypto/include => include}/internal/cryptlib.h | 17 +
 ssl/packet.c|  2 +-
 ssl/record/rec_layer_d1.c   |  1 +
 ssl/record/ssl3_record.c|  1 +
 ssl/record/ssl3_record_tls13.c  |  1 +
 ssl/s3_cbc.c|  1 +
 ssl/s3_enc.c|  1 +
 ssl/ssl_ciph.c  |  1 +
 ssl/ssl_lib.c   |  1 +
 ssl/statem/extensions_clnt.c|  1 +
 ssl/statem/extensions_cust.c|  1 +
 ssl/statem/statem_dtls.c|  1 +
 ssl/statem/statem_lib.c |  1 +
 14 files changed, 29 insertions(+), 18 deletions(-)
 rename {crypto/include => include}/internal/cryptlib.h (84%)

diff --git a/e_os.h b/e_os.h
index 7138c7a..d4cef60 100644
--- a/e_os.h
+++ b/e_os.h
@@ -545,23 +545,6 @@ struct servent *getservbyname(const char *name, const char 
*proto);
 # define CRYPTO_memcmp memcmp
 #endif
 
-#ifdef NDEBUG
-# define ossl_assert(x) (int)(x)
-#else
-__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
-  const char *file, int line)
-{
-if (!expr)
-OPENSSL_die(exprstr, file, line);
-
-return expr;
-}
-
-# define ossl_assert(x) ossl_assert_int((int)(x), "Assertion failed: "#x, \
- __FILE__, __LINE__)
-
-#endif
-
 #ifdef  __cplusplus
 }
 #endif
diff --git a/crypto/include/internal/cryptlib.h b/include/internal/cryptlib.h
similarity index 84%
rename from crypto/include/internal/cryptlib.h
rename to include/internal/cryptlib.h
index d2ab720..c73c754 100644
--- a/crypto/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -30,6 +30,23 @@
 extern "C" {
 #endif
 
+#ifdef NDEBUG
+# define ossl_assert(x) ((x) != 0)
+#else
+__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
+  const char *file, int line)
+{
+if (!expr)
+OPENSSL_die(exprstr, file, line);
+
+return expr;
+}
+
+# define ossl_assert(x) ossl_assert_int((x) != 0, "Assertion failed: "#x, \
+ __FILE__, __LINE__)
+
+#endif
+
 typedef struct ex_callback_st EX_CALLBACK;
 
 DEFINE_STACK_OF(EX_CALLBACK)
diff --git a/ssl/packet.c b/ssl/packet.c
index 7c4be4f..7a4414a 100644
--- a/ssl/packet.c
+++ b/ssl/packet.c
@@ -7,7 +7,7 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include "e_os.h"
+#include "internal/cryptlib.h"
 #include "packet_locl.h"
 
 #define DEFAULT_BUF_SIZE256
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index 83f4094..75e3aeb 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -15,6 +15,7 @@
 #include 
 #include "record_locl.h"
 #include "../packet_locl.h"
+#include "internal/cryptlib.h"
 
 int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
 {
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index bd27290..afb03fd 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -11,6 +11,7 @@
 #include "internal/constant_time_locl.h"
 #include 
 #include "record_locl.h"
+#include "internal/cryptlib.h"
 
 static const unsigned char ssl3_pad_1[48] = {
 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
index 61e2092..ec8f9f9 100644
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -9,6 +9,7 @@
 
 #include "../ssl_locl.h"
 #include "record_locl.h"
+#include "internal/cryptlib.h"
 
 /*-
  * tls13_enc encrypts/decrypts |n_recs| in |recs|.
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index bab9b26..7d9c377 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -9,6 +9,7 @@
 
 #include "internal/constant_time_locl.h"
 #include "ssl_locl.h"
+#include "internal/cryptlib.h"
 
 #include 
 #include 
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index e33c07f..bef9f99 100644
--- a/ssl/s3_enc.c
+++

[openssl-commits] Build failed: openssl master.12232

2017-08-03 Thread AppVeyor




Build openssl master.12232 failed


Commit 67dc995eaf by Matt Caswell on 8/3/2017 9:48 AM:

Move ossl_assert


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread Matt Caswell

The branch master has been updated
   via  5bd05e579994c756cd994b5e0ff5f395aae6bfff (commit)
   via  e29bb83479cc567b4bb414dc55148ec06a30a115 (commit)
  from  b15d5ab617e3caed0489588a33eb804824b2f7d6 (commit)


- Log -
commit 5bd05e579994c756cd994b5e0ff5f395aae6bfff
Author: Lingmo Zhu 
Date:   Wed Aug 2 20:55:40 2017 +0800

remove horrible pragma macro and remove __owur from SSL_CTX_add_session() 
declaration

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/4014)

commit e29bb83479cc567b4bb414dc55148ec06a30a115
Author: Lingmo Zhu 
Date:   Tue Jul 25 18:00:44 2017 +0800

Remove the obsolete misleading comment and code related to it.

The comment "The following should not return 1, otherwise, things
are very strange" is from the very first commit of OpenSSL. The
really meaning of the comment is if the identical session can be
found from internal cache after calling get_session_cb but not
found before calling get_session_cb, it is just strange.

The value 1 was originated from the old doc of SSLeay, reversed
from the actual return value of SSL_CTX_add_session().

Anyway either return value of SSL_CTX_add_session() should not
interrupt the session resumption process. So the checking of
return value of SSL_CTX_add_session() is not necessary.

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/4014)

---

Summary of changes:
 include/openssl/ssl.h | 2 +-
 ssl/ssl_sess.c| 8 
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index c634937..245f5eb 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1559,7 +1559,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses);
 void SSL_SESSION_free(SSL_SESSION *ses);
 __owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
 __owur int SSL_set_session(SSL *to, SSL_SESSION *session);
-__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
 int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
 __owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
 __owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index a1d2013..805a3d7 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -545,11 +545,11 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello, 
int *al)
 (s->session_ctx->session_cache_mode &
  SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
 /*
- * The following should not return 1, otherwise, things are
- * very strange
+ * Either return value of SSL_CTX_add_session should not
+ * interrupt the session resumption process. The return
+ * value is intentionally ignored.
  */
-if (SSL_CTX_add_session(s->session_ctx, ret))
-goto err;
+SSL_CTX_add_session(s->session_ctx, ret);
 }
 }
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2017-08-03 Thread Matt Caswell

The branch OpenSSL_1_1_0-stable has been updated
   via  89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34 (commit)
   via  15b3fd6f647f340d83cfffbd9a34097883ec9271 (commit)
  from  85d9b9f7169644ee74c294c3adf8b60a90e103e4 (commit)


- Log -
commit 89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34
Author: Lingmo Zhu 
Date:   Wed Aug 2 20:55:40 2017 +0800

remove horrible pragma macro and remove __owur from SSL_CTX_add_session() 
declaration

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/4014)

(cherry picked from commit 5bd05e579994c756cd994b5e0ff5f395aae6bfff)

commit 15b3fd6f647f340d83cfffbd9a34097883ec9271
Author: Lingmo Zhu 
Date:   Tue Jul 25 18:00:44 2017 +0800

Remove the obsolete misleading comment and code related to it.

The comment "The following should not return 1, otherwise, things
are very strange" is from the very first commit of OpenSSL. The
really meaning of the comment is if the identical session can be
found from internal cache after calling get_session_cb but not
found before calling get_session_cb, it is just strange.

The value 1 was originated from the old doc of SSLeay, reversed
from the actual return value of SSL_CTX_add_session().

Anyway either return value of SSL_CTX_add_session() should not
interrupt the session resumption process. So the checking of
return value of SSL_CTX_add_session() is not necessary.

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/4014)

(cherry picked from commit e29bb83479cc567b4bb414dc55148ec06a30a115)

---

Summary of changes:
 include/openssl/ssl.h | 2 +-
 ssl/ssl_sess.c| 8 
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 6f0f361..2c694b4 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1444,7 +1444,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses);
 void SSL_SESSION_free(SSL_SESSION *ses);
 __owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
 __owur int SSL_set_session(SSL *to, SSL_SESSION *session);
-__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
 int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
 __owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
 __owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 92ba599..f0274cf 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -531,11 +531,11 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const 
PACKET *session_id)
 (s->session_ctx->session_cache_mode &
  SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
 /*
- * The following should not return 1, otherwise, things are
- * very strange
+ * Either return value of SSL_CTX_add_session should not
+ * interrupt the session resumption process. The return
+ * value is intentionally ignored.
  */
-if (SSL_CTX_add_session(s->session_ctx, ret))
-goto err;
+SSL_CTX_add_session(s->session_ctx, ret);
 }
 }
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12938 (master - 67dc995)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12938
Status: Still Failing

Duration: 27 minutes and 42 seconds
Commit: 67dc995 (master)
Author: Matt Caswell
Message: Move ossl_assert

Move the definition of ossl_assert() out of e_os.h which is intended for OS
specific things. Instead it is moved into internal/cryptlib.h.

This also changes the definition to remove the (int) cast.

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4073)

View the changeset: 
https://github.com/openssl/openssl/compare/5bd05e579994...67dc995eaf53

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260538722?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread Rich Salz

The branch master has been updated
   via  ae3947de09522206d61c0206a733517b10a910f8 (commit)
  from  75e2c877650444fb829547bdb58d46eb1297bc1a (commit)


- Log -
commit ae3947de09522206d61c0206a733517b10a910f8
Author: Rich Salz 
Date:   Thu Aug 3 10:24:03 2017 -0400

Add a DRBG to each SSL object

Give each SSL object it's own DRBG, chained to the parent global
DRBG which is used only as a source of randomness into the per-SSL
DRBG.  This is used for all session, ticket, and pre-master secret keys.
It is NOT used for ECDH key generation which use only the global
DRBG. (Doing that without changing the API is tricky, if not impossible.)

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/4050)

---

Summary of changes:
 apps/s_server.c  |  4 ++--
 crypto/rand/drbg_lib.c   |  8 
 include/internal/rand.h  |  1 +
 include/openssl/ssl.h|  2 +-
 ssl/record/ssl3_record.c |  2 +-
 ssl/s3_lib.c |  6 +++---
 ssl/ssl_lib.c| 27 +++
 ssl/ssl_locl.h   |  2 ++
 ssl/ssl_sess.c   |  4 ++--
 ssl/statem/statem_clnt.c |  4 ++--
 ssl/statem/statem_srvr.c |  6 +++---
 ssl/tls_srp.c|  4 ++--
 util/libcrypto.num   |  1 +
 13 files changed, 51 insertions(+), 20 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index 961c738..2ff58b6 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -67,7 +67,7 @@ static int rev_body(int s, int stype, int prot, unsigned char 
*context);
 static void close_accept_socket(void);
 static int init_ssl_connection(SSL *s);
 static void print_stats(BIO *bp, SSL_CTX *ctx);
-static int generate_session_id(const SSL *ssl, unsigned char *id,
+static int generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len);
 static void init_session_cache_ctx(SSL_CTX *sctx);
 static void free_sessions(void);
@@ -3412,7 +3412,7 @@ static int rev_body(int s, int stype, int prot, unsigned 
char *context)
 }
 
 #define MAX_SESSION_ID_ATTEMPTS 10
-static int generate_session_id(const SSL *ssl, unsigned char *id,
+static int generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len)
 {
 unsigned int count = 0;
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index e3d97d3..a24ec8e 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -78,6 +78,9 @@ RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, 
RAND_DRBG *parent)
 goto err;
 
 if (parent != NULL) {
+if (parent->state == DRBG_UNINITIALISED
+&& RAND_DRBG_instantiate(parent, NULL, 0) == 0)
+goto err;
 if (!RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_parent,
  drbg_release_entropy,
  NULL, NULL)
@@ -98,6 +101,11 @@ err:
 return NULL;
 }
 
+RAND_DRBG *RAND_DRBG_get0_global(void)
+{
+return _drbg;
+}
+
 /*
  * Uninstantiate |drbg| and free all memory.
  */
diff --git a/include/internal/rand.h b/include/internal/rand.h
index 2f38095..4e30e38 100644
--- a/include/internal/rand.h
+++ b/include/internal/rand.h
@@ -32,6 +32,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, 
size_t outlen,
int prediction_resistance,
const unsigned char *adin, size_t adinlen);
 int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, int interval);
+RAND_DRBG *RAND_DRBG_get0_global(void);
 
 /*
  * EXDATA
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 245f5eb..a2d13bf 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -622,7 +622,7 @@ __owur int SRP_Calc_A_param(SSL *s);
  * bytes. The callback can alter this length to be less if desired. It is
  * also an error for the callback to set the size to zero.
  */
-typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
+typedef int (*GEN_SESSION_CB) (SSL *ssl, unsigned char *id,
unsigned int *id_len);
 
 # define SSL_SESS_CACHE_OFF  0x
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index afb03fd..ae48504 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -892,7 +892,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int 
sending)
  */
 SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR);
 return -1;
-} else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) {
+} else if (ssl_randbytes(s, recs[ctr].input, ivlen) <= 0) {
 SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR);
 return -1;
 }

[openssl-commits] Build failed: openssl master.12238

2017-08-03 Thread AppVeyor




Build openssl master.12238 failed


Commit 5d9eaefcb6 by EasySec on 1/12/2017 10:17 PM:

avoiding confusing options '-iter 1 -pbkdf2' at the same time


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2017-08-03 Thread Richard Levitte

The branch OpenSSL_1_1_0-stable has been updated
   via  ef6d11f76fba7c9d4da821947f67acc5d603b99d (commit)
  from  89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34 (commit)


- Log -
commit ef6d11f76fba7c9d4da821947f67acc5d603b99d
Author: Richard Levitte 
Date:   Thu Aug 3 17:19:13 2017 +0200

Revert "Perl: Use File::Glob::bsd_glob rather than File::Glob::glob"

This needs more change that what is appropriate for the 1.1.0 branch.

This reverts commit 0401110073cd392602855f9b72af2ebec7909625.

Reviewed-by: Andy Polyakov 

---

Summary of changes:
 Configure  | 2 +-
 test/build.info| 2 +-
 test/recipes/40-test_rehash.t  | 2 +-
 test/recipes/80-test_ssl_new.t | 2 +-
 test/run_tests.pl  | 2 +-
 util/process_docs.pl   | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Configure b/Configure
index 8e1b25f..33d2392 100755
--- a/Configure
+++ b/Configure
@@ -14,7 +14,7 @@ use strict;
 use File::Basename;
 use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs/;
 use File::Path qw/mkpath/;
-use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 
 # see INSTALL for instructions.
 
diff --git a/test/build.info b/test/build.info
index 8303947..ef968e6 100644
--- a/test/build.info
+++ b/test/build.info
@@ -293,7 +293,7 @@ ENDIF
 {-
use File::Spec::Functions;
use File::Basename;
-   use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+   use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 
my @nogo_headers = ( "asn1_mac.h",
 "__decc_include_prologue.h",
diff --git a/test/recipes/40-test_rehash.t b/test/recipes/40-test_rehash.t
index b374e59..f902c23 100644
--- a/test/recipes/40-test_rehash.t
+++ b/test/recipes/40-test_rehash.t
@@ -13,7 +13,7 @@ use warnings;
 use File::Spec::Functions;
 use File::Copy;
 use File::Basename;
-use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 use OpenSSL::Test qw/:DEFAULT srctop_file/;
 
 setup("test_rehash");
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index 2009ecf..2f6a69a 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -12,7 +12,7 @@ use warnings;
 
 use File::Basename;
 use File::Compare qw/compare_text/;
-use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 
 use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
 use OpenSSL::Test::Utils qw/disabled alldisabled available_protocols/;
diff --git a/test/run_tests.pl b/test/run_tests.pl
index 51d9900..e5bc927 100644
--- a/test/run_tests.pl
+++ b/test/run_tests.pl
@@ -16,7 +16,7 @@ BEGIN {
 
 use File::Spec::Functions qw/catdir catfile curdir abs2rel rel2abs/;
 use File::Basename;
-use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 use Module::Load::Conditional qw(can_load);
 
 my $TAP_Harness = can_load(modules => { 'TAP::Harness' => undef }) 
diff --git a/util/process_docs.pl b/util/process_docs.pl
index 191ec9e..073a3b7 100644
--- a/util/process_docs.pl
+++ b/util/process_docs.pl
@@ -13,7 +13,7 @@ use File::Spec::Functions;
 use File::Basename;
 use File::Copy;
 use File::Path;
-use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 use Getopt::Long;
 use Pod::Usage;
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12945 (master - ddc6a5c)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12945
Status: Still Failing

Duration: 26 minutes and 42 seconds
Commit: ddc6a5c (master)
Author: Rich Salz
Message: Add RAND_priv_bytes() for private keys

Add a new global DRBG for private keys used by RAND_priv_bytes.

Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes().
Change callers to use the appropriate BN_priv... function.

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/4076)

View the changeset: 
https://github.com/openssl/openssl/compare/ae3947de0952...ddc6a5c8f590

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260654935?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12940 (master - 75e2c87)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12940
Status: Still Failing

Duration: 28 minutes and 32 seconds
Commit: 75e2c87 (master)
Author: Rich Salz
Message: Switch from ossl_rand to DRBG rand

If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.

Re-order seeding and stop after first success.

Add RAND_poll_ex()

Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.

Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.

Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength

Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/4019)

View the changeset:
https://github.com/openssl/openssl/compare/67dc995eaf53...75e2c8776504

View the full build log and details:
https://travis-ci.org/openssl/openssl/builds/260613574?utm_source=email_medium=notification

You can configure recipients for build notifications in your .travis.yml file.
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12942 (master - ae3947d)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12942
Status: Still Failing

Duration: 25 minutes and 52 seconds
Commit: ae3947d (master)
Author: Rich Salz
Message: Add a DRBG to each SSL object

Give each SSL object it's own DRBG, chained to the parent global
DRBG which is used only as a source of randomness into the per-SSL
DRBG.  This is used for all session, ticket, and pre-master secret keys.
It is NOT used for ECDH key generation which use only the global
DRBG. (Doing that without changing the API is tricky, if not impossible.)

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/4050)

View the changeset: 
https://github.com/openssl/openssl/compare/75e2c8776504...ae3947de0952

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260632063?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12237

2017-08-03 Thread AppVeyor




Build openssl master.12237 failed


Commit 2c1681b384 by Matt Caswell on 8/3/2017 2:06 PM:

Add PSK early_data tests


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread Rich Salz

The branch master has been updated
   via  ddc6a5c8f5900959bdbdfee79e1625a3f7808acd (commit)
  from  ae3947de09522206d61c0206a733517b10a910f8 (commit)


- Log -
commit ddc6a5c8f5900959bdbdfee79e1625a3f7808acd
Author: Rich Salz 
Date:   Wed Aug 2 14:00:52 2017 -0400

Add RAND_priv_bytes() for private keys

Add a new global DRBG for private keys used by RAND_priv_bytes.

Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes().
Change callers to use the appropriate BN_priv... function.

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/4076)

---

Summary of changes:
 crypto/bn/bn_err.c  |  1 +
 crypto/bn/bn_gf2m.c |  2 +-
 crypto/bn/bn_prime.c|  8 +++---
 crypto/bn/bn_rand.c | 47 +++-
 crypto/bn/bn_x931p.c|  8 +++---
 crypto/dh/dh_key.c  |  4 +--
 crypto/dsa/dsa_key.c|  2 +-
 crypto/dsa/dsa_ossl.c   |  2 +-
 crypto/ec/ec_key.c  |  2 +-
 crypto/ec/ecdsa_ossl.c  |  2 +-
 crypto/err/openssl.txt  |  1 +
 crypto/rand/drbg_lib.c  | 10 ++-
 crypto/rand/rand_lcl.h  |  1 +
 crypto/rand/rand_lib.c  | 71 ++---
 doc/man3/RAND_bytes.pod | 11 ++--
 include/openssl/bn.h|  2 ++
 include/openssl/bnerr.h |  1 +
 include/openssl/rand.h  |  1 +
 util/libcrypto.num  |  3 +++
 19 files changed, 126 insertions(+), 53 deletions(-)

diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index a086c49..e281747 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -15,6 +15,7 @@
 
 static const ERR_STRING_DATA BN_str_functs[] = {
 {ERR_PACK(ERR_LIB_BN, BN_F_BNRAND, 0), "bnrand"},
+{ERR_PACK(ERR_LIB_BN, BN_F_BNRAND_RANGE, 0), "bnrand_range"},
 {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CONVERT_EX, 0),
  "BN_BLINDING_convert_ex"},
 {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CREATE_PARAM, 0),
diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index 39b0e38..f164f46 100644
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -1077,7 +1077,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM 
*a_, const int p[],
 if (tmp == NULL)
 goto err;
 do {
-if (!BN_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
+if (!BN_priv_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
 goto err;
 if (!BN_GF2m_mod_arr(rho, rho, p))
 goto err;
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 4581a66..026c119 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -216,7 +216,7 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, 
BN_CTX *ctx_passed,
 goto err;
 
 for (i = 0; i < checks; i++) {
-if (!BN_rand_range(check, A1))
+if (!BN_priv_rand_range(check, A1))
 goto err;
 if (!BN_add_word(check, 1))
 goto err;
@@ -279,7 +279,7 @@ static int probable_prime(BIGNUM *rnd, int bits, prime_t 
*mods)
 char is_single_word = bits <= BN_BITS2;
 
  again:
-if (!BN_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
+if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
 return (0);
 /* we now have a random number 'rnd' to test. */
 for (i = 1; i < NUMPRIMES; i++) {
@@ -363,7 +363,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
 if ((t1 = BN_CTX_get(ctx)) == NULL)
 goto err;
 
-if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
 goto err;
 
 /* we need ((rnd-rem) % add) == 0 */
@@ -419,7 +419,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, 
const BIGNUM *padd,
 if (!BN_rshift1(qadd, padd))
 goto err;
 
-if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+if (!BN_priv_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
 goto err;
 
 /* we need ((rnd-rem) % add) == 0 */
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 0b9e43d..d7b17d5 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -14,10 +14,14 @@
 #include 
 #include 
 
-static int bnrand(int testing, BIGNUM *rnd, int bits, int top, int bottom)
+typedef enum bnrand_flag_e {
+NORMAL, TESTING, PRIVATE
+} BNRAND_FLAG;
+
+static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom)
 {
 unsigned char *buf = NULL;
-int ret = 0, bit, bytes, mask;
+int b, ret = 0, bit, bytes, mask;
 
 if (bits == 0) {
 if (top != BN_RAND_TOP_ANY || bottom != BN_RAND_BOTTOM_ANY)
@@ -39,10 +43,11 @@ static int bnrand(int testing, BIGNUM *rnd, int bits, int 
top, int bottom)
 }
 
 /* make a random number and set the top and bottom bits */
-if (RAND_bytes(buf,

[openssl-commits] Build failed: openssl master.12239

2017-08-03 Thread AppVeyor




Build openssl master.12239 failed


Commit ddc6a5c8f5 by Rich Salz on 8/3/2017 2:45 PM:

Add RAND_priv_bytes() for private keys


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build completed: openssl OpenSSL_1_1_0-stable.12240

2017-08-03 Thread AppVeyor



Build openssl OpenSSL_1_1_0-stable.12240 completed



Commit ef6d11f76f by Richard Levitte on 8/3/2017 3:21 PM:

Revert "Perl: Use File::Glob::bsd_glob rather than File::Glob::glob"


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12247

2017-08-03 Thread AppVeyor




Build openssl master.12247 failed


Commit d05ad9088a by Matthias Ballreich on 8/3/2017 6:23 PM:

Update libcrypto.num


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12242

2017-08-03 Thread AppVeyor




Build openssl master.12242 failed


Commit 7ec3408653 by Matt Caswell on 8/3/2017 3:30 PM:

Add some fixes for Travis failures


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12245

2017-08-03 Thread AppVeyor




Build openssl master.12245 failed


Commit 6d6bef1143 by Johannes Bauer on 8/3/2017 5:04 PM:

Use long name for scrypt tests, update return code on unknown parameter


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12241

2017-08-03 Thread AppVeyor




Build openssl master.12241 failed


Commit 4b80a69237 by Richard Levitte on 8/2/2017 4:34 PM:

[to be squashed] more corrections


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12244

2017-08-03 Thread AppVeyor




Build openssl master.12244 failed


Commit 1a84d465e1 by Matthias Ballreich on 8/3/2017 4:57 PM:

Merge branch 'master' into master


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12249

2017-08-03 Thread AppVeyor




Build openssl master.12249 failed


Commit 6d03cd4358 by Matthias Ballreich on 7/31/2017 7:06 AM:

Update libcrypto.num


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12251

2017-08-03 Thread AppVeyor




Build openssl master.12251 failed


Commit 61aba80949 by Johannes Bauer on 8/3/2017 7:07 PM:

Fix typo in HKDF example documentation


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12958 (master - fbf9d10)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12958
Status: Still Failing

Duration: 28 minutes and 35 seconds
Commit: fbf9d10 (master)
Author: Andy Polyakov
Message: recipes/80-test_ca.t: make it work with spaces in pathnames.

Reviewed-by: Richard Levitte 

View the changeset: 
https://github.com/openssl/openssl/compare/ddc6a5c8f590...fbf9d108dfca

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260749285?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12248

2017-08-03 Thread AppVeyor




Build openssl master.12248 failed


Commit 090f36c4b6 by Johannes Bauer on 8/3/2017 6:26 PM:

Make scrypt also support zero-length password/salt and add error codes


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12258

2017-08-03 Thread AppVeyor




Build openssl master.12258 failed


Commit bf557dca98 by Johannes Bauer on 8/3/2017 8:29 PM:

Add manpage for scrypt


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12256

2017-08-03 Thread AppVeyor




Build openssl master.12256 failed


Commit 616ba7f8af by Matthias Ballreich on 8/3/2017 8:18 PM:

fixed admission extension libcrypto.num


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12257

2017-08-03 Thread AppVeyor




Build openssl master.12257 failed


Commit a5ac5525cd by Rich Salz on 8/3/2017 8:21 PM:

Add missing include


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12250

2017-08-03 Thread AppVeyor




Build openssl master.12250 failed


Commit a6809b8780 by Johannes Bauer on 8/3/2017 7:05 PM:

Fix setter functions for scrypt


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread Andy Polyakov

The branch master has been updated
   via  fbf9d108dfca2f578594c1f00bd9dbd2adca7505 (commit)
  from  ddc6a5c8f5900959bdbdfee79e1625a3f7808acd (commit)


- Log -
commit fbf9d108dfca2f578594c1f00bd9dbd2adca7505
Author: Andy Polyakov 
Date:   Wed Aug 2 23:28:34 2017 +0200

recipes/80-test_ca.t: make it work with spaces in pathnames.

Reviewed-by: Richard Levitte 

---

Summary of changes:
 test/recipes/80-test_ca.t | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/recipes/80-test_ca.t b/test/recipes/80-test_ca.t
index f62d9d5..4c470fb 100644
--- a/test/recipes/80-test_ca.t
+++ b/test/recipes/80-test_ca.t
@@ -46,7 +46,7 @@ plan tests => 5;
  skip "CT not configured, can't use -precert", 1
  if disabled("ct");
 
- $ENV{OPENSSL_CONFIG} = "-config ".srctop_file("test", "Uss.cnf");
+ $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"';
  ok(run(perlapp(["CA.pl", "-precert"], stderr => undef)),
 'creating new pre-certificate');
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12252

2017-08-03 Thread AppVeyor




Build openssl master.12252 failed


Commit fbf9d108df by Andy Polyakov on 8/3/2017 7:28 PM:

recipes/80-test_ca.t: make it work with spaces in pathnames.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12260

2017-08-03 Thread AppVeyor




Build openssl master.12260 failed


Commit df43ed707e by Todd Short on 8/3/2017 2:02 PM:

Consolidate to a single asn1_time_from_tm() function


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#12967 (master - cf37aaa)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12967
Status: Still Failing

Duration: 29 minutes and 50 seconds
Commit: cf37aaa (master)
Author: Todd Short
Message: Consolidate to a single asn1_time_from_tm() function

Add missing ASN1_TIME functions

Do some cleanup of the ASN1_TIME code.
Add ASN1_TIME_normalize() to normalize ASN1_TIME structures.
Add ASN1_TIME_compare() to compare two ASN1_TIME structures.
Add ASN1_TIME_cmp_time_t() to compare an ASN1_TIME to time_t
(generic version of ASN1_UTCTIME_cmp_time_t()).

Replace '0' .. '9' compares with isdigit()

Reviewed-by: Paul Dale 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/2753)

View the changeset: 
https://github.com/openssl/openssl/compare/2326bba0e5cb...cf37aaa33596

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260847244?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12263

2017-08-03 Thread AppVeyor




Build openssl master.12263 failed


Commit 2cce989112 by Pauli on 8/4/2017 12:49 AM:

Change SETUP_TEST_FIXTURE so that the fixture structure is passed by


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12261

2017-08-03 Thread AppVeyor




Build openssl master.12261 failed


Commit cf37aaa335 by Todd Short on 8/4/2017 1:24 AM:

Consolidate to a single asn1_time_from_tm() function


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12259

2017-08-03 Thread AppVeyor




Build openssl master.12259 failed


Commit 2326bba0e5 by Pauli on 8/3/2017 9:37 PM:

Test fixtures changed to pointers.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread paul . dale

The branch master has been updated
   via  2326bba0e5cbe98f4d00855a6909b1f14b6f5427 (commit)
  from  fbf9d108dfca2f578594c1f00bd9dbd2adca7505 (commit)


- Log -
commit 2326bba0e5cbe98f4d00855a6909b1f14b6f5427
Author: Pauli 
Date:   Wed Aug 2 13:48:29 2017 +1000

Test fixtures changed to pointers.

Change the fixture types to pointers to structures that are heap allocated 
in the tests that use SETUP_TEST_FIXTURE.  This will permit error returns from 
the setup function and allow for future running tests in parallel.

Also removed a call of `exit(2)` which allows the remaining tests to run if 
one fails to initialise.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4071)

---

Summary of changes:
 test/cipherlist_test.c   |  16 +++--
 test/ct_test.c   | 167 ---
 test/ssl_test_ctx_test.c |  83 ---
 3 files changed, 139 insertions(+), 127 deletions(-)

diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
index c193976..2cfddb0 100644
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -34,21 +34,23 @@ static void tear_down(CIPHERLIST_TEST_FIXTURE *fixture)
 SSL_CTX_free(fixture->server);
 SSL_CTX_free(fixture->client);
 fixture->server = fixture->client = NULL;
+OPENSSL_free(fixture);
 }
 }
 
 static CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name)
 {
-static CIPHERLIST_TEST_FIXTURE fixture;
+CIPHERLIST_TEST_FIXTURE *fixture;
 
-memset(, 0, sizeof(fixture));
-fixture.test_case_name = test_case_name;
-if (!TEST_ptr(fixture.server = SSL_CTX_new(TLS_server_method()))
-|| !TEST_ptr(fixture.client = SSL_CTX_new(TLS_client_method( {
-tear_down();
+if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture
+return NULL;
+fixture->test_case_name = test_case_name;
+if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method()))
+|| !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method( {
+tear_down(fixture);
 return NULL;
 }
-return 
+return fixture;
 }
 
 /*
diff --git a/test/ct_test.c b/test/ct_test.c
index 9c46bb4..5123e50 100644
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -19,6 +19,7 @@
 #include 
 #include 
 #include "testutil.h"
+#include "openssl/crypto.h"
 
 #ifndef OPENSSL_NO_CT
 /* Used when declaring buffers to read text files into */
@@ -56,33 +57,35 @@ typedef struct ct_test_fixture {
 int test_validity;
 } CT_TEST_FIXTURE;
 
-static CT_TEST_FIXTURE set_up(const char *const test_case_name)
+static CT_TEST_FIXTURE *set_up(const char *const test_case_name)
 {
-CT_TEST_FIXTURE fixture;
-int ok = 0;
+CT_TEST_FIXTURE *fixture = NULL;
 
-memset(, 0, sizeof(fixture));
-fixture.test_case_name = test_case_name;
-fixture.epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */
-if (!TEST_ptr(fixture.ctlog_store = CTLOG_STORE_new())
+if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture
+goto end;
+fixture->test_case_name = test_case_name;
+fixture->epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */
+if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new())
 || !TEST_int_eq(
-CTLOG_STORE_load_default_file(fixture.ctlog_store), 1))
+CTLOG_STORE_load_default_file(fixture->ctlog_store), 1))
 goto end;
-ok = 1;
+return fixture;
 
 end:
-if (!ok) {
-CTLOG_STORE_free(fixture.ctlog_store);
-TEST_error("Failed to setup");
-exit(EXIT_FAILURE);
-}
-return fixture;
+if (fixture != NULL)
+CTLOG_STORE_free(fixture->ctlog_store);
+OPENSSL_free(fixture);
+TEST_error("Failed to setup");
+return NULL;
 }
 
-static void tear_down(CT_TEST_FIXTURE fixture)
+static void tear_down(CT_TEST_FIXTURE *fixture)
 {
-CTLOG_STORE_free(fixture.ctlog_store);
-SCT_LIST_free(fixture.sct_list);
+if (fixture != NULL) {
+CTLOG_STORE_free(fixture->ctlog_store);
+SCT_LIST_free(fixture->sct_list);
+}
+OPENSSL_free(fixture);
 }
 
 static char *mk_file_path(const char *dir, const char *file)
@@ -192,7 +195,7 @@ end:
 return result;
 }
 
-static int assert_validity(CT_TEST_FIXTURE fixture, STACK_OF(SCT) *scts,
+static int assert_validity(CT_TEST_FIXTURE *fixture, STACK_OF(SCT) *scts,
CT_POLICY_EVAL_CTX *policy_ctx)
 {
 int invalid_sct_count = 0;
@@ -221,7 +224,7 @@ static int assert_validity(CT_TEST_FIXTURE fixture, 
STACK_OF(SCT) *scts,
 }
 }
 
-if (!TEST_int_eq(valid_sct_count, fixture.expected_valid_sct_count)) {
+if (!TEST_int_eq(valid_sct_count,

[openssl-commits] Still Failing: openssl/openssl#12965 (master - 2326bba)

2017-08-03 Thread Travis CI

Build Update for openssl/openssl
-

Build: #12965
Status: Still Failing

Duration: 25 minutes and 34 seconds
Commit: 2326bba (master)
Author: Pauli
Message: Test fixtures changed to pointers.

Change the fixture types to pointers to structures that are heap allocated in 
the tests that use SETUP_TEST_FIXTURE.  This will permit error returns from the 
setup function and allow for future running tests in parallel.

Also removed a call of `exit(2)` which allows the remaining tests to run if one 
fails to initialise.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4071)

View the changeset: 
https://github.com/openssl/openssl/compare/fbf9d108dfca...2326bba0e5cb

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/260792495?utm_source=email_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-03 Thread paul . dale

The branch master has been updated
   via  cf37aaa335965902c6a022bc3c3e0162f59c0f3a (commit)
  from  2326bba0e5cbe98f4d00855a6909b1f14b6f5427 (commit)


- Log -
commit cf37aaa335965902c6a022bc3c3e0162f59c0f3a
Author: Todd Short 
Date:   Fri Aug 4 11:24:03 2017 +1000

Consolidate to a single asn1_time_from_tm() function

Add missing ASN1_TIME functions

Do some cleanup of the ASN1_TIME code.
Add ASN1_TIME_normalize() to normalize ASN1_TIME structures.
Add ASN1_TIME_compare() to compare two ASN1_TIME structures.
Add ASN1_TIME_cmp_time_t() to compare an ASN1_TIME to time_t
(generic version of ASN1_UTCTIME_cmp_time_t()).

Replace '0' .. '9' compares with isdigit()

Reviewed-by: Paul Dale 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/2753)

---

Summary of changes:
 crypto/asn1/a_gentm.c  |  57 +---
 crypto/asn1/a_object.c |   3 +-
 crypto/asn1/a_time.c   | 187 -
 crypto/asn1/a_utctm.c  |  68 ++---
 crypto/asn1/asn1_locl.h|   2 +
 doc/man3/ASN1_TIME_set.pod | 154 ---
 include/openssl/asn1.h |   4 +
 test/asn1_time_test.c  | 296 +
 test/build.info|   5 +
 test/recipes/{05-test_bf.t => 90-test_asn1_time.t} |   4 +-
 test/time_offset_test.c|   5 +-
 util/libcrypto.num |   3 +
 12 files changed, 587 insertions(+), 201 deletions(-)
 create mode 100644 test/asn1_time_test.c
 copy test/recipes/{05-test_bf.t => 90-test_asn1_time.t} (73%)

diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index 8547e22..4e2e815 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -13,10 +13,12 @@
 
 #include 
 #include 
+#include 
 #include "internal/cryptlib.h"
 #include 
 #include "asn1_locl.h"
 
+/* This is the primary function used to parse ASN1_GENERALIZEDTIME */
 int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
 {
 /* wrapper around asn1_time_to_tm */
@@ -39,15 +41,13 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME 
*s, const char *str)
 t.data = (unsigned char *)str;
 t.flags = 0;
 
-if (ASN1_GENERALIZEDTIME_check()) {
-if (s != NULL) {
-if (!ASN1_STRING_set((ASN1_STRING *)s, str, t.length))
-return 0;
-s->type = V_ASN1_GENERALIZEDTIME;
-}
-return 1;
-}
-return 0;
+if (!ASN1_GENERALIZEDTIME_check())
+return 0;
+
+if (s != NULL && !ASN1_STRING_copy(s, ))
+return 0;
+
+return 1;
 }
 
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
@@ -60,52 +60,19 @@ ASN1_GENERALIZEDTIME 
*ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
time_t t, int offset_day,
long offset_sec)
 {
-char *p;
 struct tm *ts;
 struct tm data;
-const size_t len = 20;
-ASN1_GENERALIZEDTIME *tmps = NULL;
-
-if (s == NULL)
-tmps = ASN1_GENERALIZEDTIME_new();
-else
-tmps = s;
-if (tmps == NULL)
-return NULL;
 
 ts = OPENSSL_gmtime(, );
 if (ts == NULL)
-goto err;
+return NULL;
 
 if (offset_day || offset_sec) {
 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
-goto err;
-}
-
-p = (char *)tmps->data;
-if ((p == NULL) || ((size_t)tmps->length < len)) {
-p = OPENSSL_malloc(len);
-if (p == NULL) {
-ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
-goto err;
-}
-OPENSSL_free(tmps->data);
-tmps->data = (unsigned char *)p;
+return NULL;
 }
 
-tmps->length = BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ",
-ts->tm_year + 1900, ts->tm_mon + 1,
-ts->tm_mday, ts->tm_hour, ts->tm_min,
-ts->tm_sec);
-tmps->type = V_ASN1_GENERALIZEDTIME;
-#ifdef CHARSET_EBCDIC_not
-ebcdic2ascii(tmps->data, tmps->data, tmps->length);
-#endif
-return tmps;
- err:
-if (s == NULL)
-ASN1_GENERALIZEDTIME_free(tmps);
-return NULL;
+return asn1_time_from_tm(s, ts, V_ASN1_GENERALIZEDTIME);
 }
 
 int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 79f0ecd..5ae56a2 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -9,6 +9,7 @@

[openssl-commits] Build completed: openssl master.12233

2017-08-03 Thread AppVeyor



Build openssl master.12233 completed



Commit d8bc8a7704 by Matt Caswell on 8/2/2017 2:29 PM:

More updates following review feedback


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

39 matches

Mail list logo