[openssl-commits] [openssl] master update
The branch master has been updated via 67dc995eaf538ea309c6292a1a5073465201f55b (commit) from 5bd05e579994c756cd994b5e0ff5f395aae6bfff (commit) - Log - commit 67dc995eaf538ea309c6292a1a5073465201f55b Author: Matt CaswellDate: Wed Aug 2 14:46:31 2017 +0100 Move ossl_assert Move the definition of ossl_assert() out of e_os.h which is intended for OS specific things. Instead it is moved into internal/cryptlib.h. This also changes the definition to remove the (int) cast. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/4073) --- Summary of changes: e_os.h | 17 - {crypto/include => include}/internal/cryptlib.h | 17 + ssl/packet.c| 2 +- ssl/record/rec_layer_d1.c | 1 + ssl/record/ssl3_record.c| 1 + ssl/record/ssl3_record_tls13.c | 1 + ssl/s3_cbc.c| 1 + ssl/s3_enc.c| 1 + ssl/ssl_ciph.c | 1 + ssl/ssl_lib.c | 1 + ssl/statem/extensions_clnt.c| 1 + ssl/statem/extensions_cust.c| 1 + ssl/statem/statem_dtls.c| 1 + ssl/statem/statem_lib.c | 1 + 14 files changed, 29 insertions(+), 18 deletions(-) rename {crypto/include => include}/internal/cryptlib.h (84%) diff --git a/e_os.h b/e_os.h index 7138c7a..d4cef60 100644 --- a/e_os.h +++ b/e_os.h @@ -545,23 +545,6 @@ struct servent *getservbyname(const char *name, const char *proto); # define CRYPTO_memcmp memcmp #endif -#ifdef NDEBUG -# define ossl_assert(x) (int)(x) -#else -__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr, - const char *file, int line) -{ -if (!expr) -OPENSSL_die(exprstr, file, line); - -return expr; -} - -# define ossl_assert(x) ossl_assert_int((int)(x), "Assertion failed: "#x, \ - __FILE__, __LINE__) - -#endif - #ifdef __cplusplus } #endif diff --git a/crypto/include/internal/cryptlib.h b/include/internal/cryptlib.h similarity index 84% rename from crypto/include/internal/cryptlib.h rename to include/internal/cryptlib.h index d2ab720..c73c754 100644 --- a/crypto/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h @@ -30,6 +30,23 @@ extern "C" { #endif +#ifdef NDEBUG +# define ossl_assert(x) ((x) != 0) +#else +__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr, + const char *file, int line) +{ +if (!expr) +OPENSSL_die(exprstr, file, line); + +return expr; +} + +# define ossl_assert(x) ossl_assert_int((x) != 0, "Assertion failed: "#x, \ + __FILE__, __LINE__) + +#endif + typedef struct ex_callback_st EX_CALLBACK; DEFINE_STACK_OF(EX_CALLBACK) diff --git a/ssl/packet.c b/ssl/packet.c index 7c4be4f..7a4414a 100644 --- a/ssl/packet.c +++ b/ssl/packet.c @@ -7,7 +7,7 @@ * https://www.openssl.org/source/license.html */ -#include "e_os.h" +#include "internal/cryptlib.h" #include "packet_locl.h" #define DEFAULT_BUF_SIZE256 diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 83f4094..75e3aeb 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -15,6 +15,7 @@ #include #include "record_locl.h" #include "../packet_locl.h" +#include "internal/cryptlib.h" int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) { diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index bd27290..afb03fd 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -11,6 +11,7 @@ #include "internal/constant_time_locl.h" #include #include "record_locl.h" +#include "internal/cryptlib.h" static const unsigned char ssl3_pad_1[48] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c index 61e2092..ec8f9f9 100644 --- a/ssl/record/ssl3_record_tls13.c +++ b/ssl/record/ssl3_record_tls13.c @@ -9,6 +9,7 @@ #include "../ssl_locl.h" #include "record_locl.h" +#include "internal/cryptlib.h" /*- * tls13_enc encrypts/decrypts |n_recs| in |recs|. diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index bab9b26..7d9c377 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -9,6 +9,7 @@ #include "internal/constant_time_locl.h" #include "ssl_locl.h" +#include "internal/cryptlib.h" #include #include diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index e33c07f..bef9f99 100644 --- a/ssl/s3_enc.c +++
[openssl-commits] Build failed: openssl master.12232
Build openssl master.12232 failed Commit 67dc995eaf by Matt Caswell on 8/3/2017 9:48 AM: Move ossl_assert Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 5bd05e579994c756cd994b5e0ff5f395aae6bfff (commit) via e29bb83479cc567b4bb414dc55148ec06a30a115 (commit) from b15d5ab617e3caed0489588a33eb804824b2f7d6 (commit) - Log - commit 5bd05e579994c756cd994b5e0ff5f395aae6bfff Author: Lingmo ZhuDate: Wed Aug 2 20:55:40 2017 +0800 remove horrible pragma macro and remove __owur from SSL_CTX_add_session() declaration Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4014) commit e29bb83479cc567b4bb414dc55148ec06a30a115 Author: Lingmo Zhu Date: Tue Jul 25 18:00:44 2017 +0800 Remove the obsolete misleading comment and code related to it. The comment "The following should not return 1, otherwise, things are very strange" is from the very first commit of OpenSSL. The really meaning of the comment is if the identical session can be found from internal cache after calling get_session_cb but not found before calling get_session_cb, it is just strange. The value 1 was originated from the old doc of SSLeay, reversed from the actual return value of SSL_CTX_add_session(). Anyway either return value of SSL_CTX_add_session() should not interrupt the session resumption process. So the checking of return value of SSL_CTX_add_session() is not necessary. Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4014) --- Summary of changes: include/openssl/ssl.h | 2 +- ssl/ssl_sess.c| 8 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index c634937..245f5eb 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1559,7 +1559,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses); void SSL_SESSION_free(SSL_SESSION *ses); __owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); __owur int SSL_set_session(SSL *to, SSL_SESSION *session); -__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); +int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); __owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); __owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index a1d2013..805a3d7 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -545,11 +545,11 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello, int *al) (s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE)) { /* - * The following should not return 1, otherwise, things are - * very strange + * Either return value of SSL_CTX_add_session should not + * interrupt the session resumption process. The return + * value is intentionally ignored. */ -if (SSL_CTX_add_session(s->session_ctx, ret)) -goto err; +SSL_CTX_add_session(s->session_ctx, ret); } } } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34 (commit) via 15b3fd6f647f340d83cfffbd9a34097883ec9271 (commit) from 85d9b9f7169644ee74c294c3adf8b60a90e103e4 (commit) - Log - commit 89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34 Author: Lingmo ZhuDate: Wed Aug 2 20:55:40 2017 +0800 remove horrible pragma macro and remove __owur from SSL_CTX_add_session() declaration Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4014) (cherry picked from commit 5bd05e579994c756cd994b5e0ff5f395aae6bfff) commit 15b3fd6f647f340d83cfffbd9a34097883ec9271 Author: Lingmo Zhu Date: Tue Jul 25 18:00:44 2017 +0800 Remove the obsolete misleading comment and code related to it. The comment "The following should not return 1, otherwise, things are very strange" is from the very first commit of OpenSSL. The really meaning of the comment is if the identical session can be found from internal cache after calling get_session_cb but not found before calling get_session_cb, it is just strange. The value 1 was originated from the old doc of SSLeay, reversed from the actual return value of SSL_CTX_add_session(). Anyway either return value of SSL_CTX_add_session() should not interrupt the session resumption process. So the checking of return value of SSL_CTX_add_session() is not necessary. Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4014) (cherry picked from commit e29bb83479cc567b4bb414dc55148ec06a30a115) --- Summary of changes: include/openssl/ssl.h | 2 +- ssl/ssl_sess.c| 8 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 6f0f361..2c694b4 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1444,7 +1444,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses); void SSL_SESSION_free(SSL_SESSION *ses); __owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); __owur int SSL_set_session(SSL *to, SSL_SESSION *session); -__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); +int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); __owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); __owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 92ba599..f0274cf 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -531,11 +531,11 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) (s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE)) { /* - * The following should not return 1, otherwise, things are - * very strange + * Either return value of SSL_CTX_add_session should not + * interrupt the session resumption process. The return + * value is intentionally ignored. */ -if (SSL_CTX_add_session(s->session_ctx, ret)) -goto err; +SSL_CTX_add_session(s->session_ctx, ret); } } } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12938 (master - 67dc995)
Build Update for openssl/openssl - Build: #12938 Status: Still Failing Duration: 27 minutes and 42 seconds Commit: 67dc995 (master) Author: Matt Caswell Message: Move ossl_assert Move the definition of ossl_assert() out of e_os.h which is intended for OS specific things. Instead it is moved into internal/cryptlib.h. This also changes the definition to remove the (int) cast. Reviewed-by: Rich Salz(Merged from https://github.com/openssl/openssl/pull/4073) View the changeset: https://github.com/openssl/openssl/compare/5bd05e579994...67dc995eaf53 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260538722?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via ae3947de09522206d61c0206a733517b10a910f8 (commit) from 75e2c877650444fb829547bdb58d46eb1297bc1a (commit) - Log - commit ae3947de09522206d61c0206a733517b10a910f8 Author: Rich SalzDate: Thu Aug 3 10:24:03 2017 -0400 Add a DRBG to each SSL object Give each SSL object it's own DRBG, chained to the parent global DRBG which is used only as a source of randomness into the per-SSL DRBG. This is used for all session, ticket, and pre-master secret keys. It is NOT used for ECDH key generation which use only the global DRBG. (Doing that without changing the API is tricky, if not impossible.) Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/4050) --- Summary of changes: apps/s_server.c | 4 ++-- crypto/rand/drbg_lib.c | 8 include/internal/rand.h | 1 + include/openssl/ssl.h| 2 +- ssl/record/ssl3_record.c | 2 +- ssl/s3_lib.c | 6 +++--- ssl/ssl_lib.c| 27 +++ ssl/ssl_locl.h | 2 ++ ssl/ssl_sess.c | 4 ++-- ssl/statem/statem_clnt.c | 4 ++-- ssl/statem/statem_srvr.c | 6 +++--- ssl/tls_srp.c| 4 ++-- util/libcrypto.num | 1 + 13 files changed, 51 insertions(+), 20 deletions(-) diff --git a/apps/s_server.c b/apps/s_server.c index 961c738..2ff58b6 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -67,7 +67,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context); static void close_accept_socket(void); static int init_ssl_connection(SSL *s); static void print_stats(BIO *bp, SSL_CTX *ctx); -static int generate_session_id(const SSL *ssl, unsigned char *id, +static int generate_session_id(SSL *ssl, unsigned char *id, unsigned int *id_len); static void init_session_cache_ctx(SSL_CTX *sctx); static void free_sessions(void); @@ -3412,7 +3412,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context) } #define MAX_SESSION_ID_ATTEMPTS 10 -static int generate_session_id(const SSL *ssl, unsigned char *id, +static int generate_session_id(SSL *ssl, unsigned char *id, unsigned int *id_len) { unsigned int count = 0; diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index e3d97d3..a24ec8e 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -78,6 +78,9 @@ RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent) goto err; if (parent != NULL) { +if (parent->state == DRBG_UNINITIALISED +&& RAND_DRBG_instantiate(parent, NULL, 0) == 0) +goto err; if (!RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_parent, drbg_release_entropy, NULL, NULL) @@ -98,6 +101,11 @@ err: return NULL; } +RAND_DRBG *RAND_DRBG_get0_global(void) +{ +return _drbg; +} + /* * Uninstantiate |drbg| and free all memory. */ diff --git a/include/internal/rand.h b/include/internal/rand.h index 2f38095..4e30e38 100644 --- a/include/internal/rand.h +++ b/include/internal/rand.h @@ -32,6 +32,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen, int prediction_resistance, const unsigned char *adin, size_t adinlen); int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, int interval); +RAND_DRBG *RAND_DRBG_get0_global(void); /* * EXDATA diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 245f5eb..a2d13bf 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -622,7 +622,7 @@ __owur int SRP_Calc_A_param(SSL *s); * bytes. The callback can alter this length to be less if desired. It is * also an error for the callback to set the size to zero. */ -typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id, +typedef int (*GEN_SESSION_CB) (SSL *ssl, unsigned char *id, unsigned int *id_len); # define SSL_SESS_CACHE_OFF 0x diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index afb03fd..ae48504 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -892,7 +892,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending) */ SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR); return -1; -} else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) { +} else if (ssl_randbytes(s, recs[ctr].input, ivlen) <= 0) { SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR); return -1; }
[openssl-commits] Build failed: openssl master.12238
Build openssl master.12238 failed Commit 5d9eaefcb6 by EasySec on 1/12/2017 10:17 PM: avoiding confusing options '-iter 1 -pbkdf2' at the same time Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via ef6d11f76fba7c9d4da821947f67acc5d603b99d (commit) from 89fb0fb2a5391bd6cfd78bd201616ee68b5f5d34 (commit) - Log - commit ef6d11f76fba7c9d4da821947f67acc5d603b99d Author: Richard LevitteDate: Thu Aug 3 17:19:13 2017 +0200 Revert "Perl: Use File::Glob::bsd_glob rather than File::Glob::glob" This needs more change that what is appropriate for the 1.1.0 branch. This reverts commit 0401110073cd392602855f9b72af2ebec7909625. Reviewed-by: Andy Polyakov --- Summary of changes: Configure | 2 +- test/build.info| 2 +- test/recipes/40-test_rehash.t | 2 +- test/recipes/80-test_ssl_new.t | 2 +- test/run_tests.pl | 2 +- util/process_docs.pl | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Configure b/Configure index 8e1b25f..33d2392 100755 --- a/Configure +++ b/Configure @@ -14,7 +14,7 @@ use strict; use File::Basename; use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs/; use File::Path qw/mkpath/; -use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; # see INSTALL for instructions. diff --git a/test/build.info b/test/build.info index 8303947..ef968e6 100644 --- a/test/build.info +++ b/test/build.info @@ -293,7 +293,7 @@ ENDIF {- use File::Spec::Functions; use File::Basename; - use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; + use if $^O ne "VMS", 'File::Glob' => qw/glob/; my @nogo_headers = ( "asn1_mac.h", "__decc_include_prologue.h", diff --git a/test/recipes/40-test_rehash.t b/test/recipes/40-test_rehash.t index b374e59..f902c23 100644 --- a/test/recipes/40-test_rehash.t +++ b/test/recipes/40-test_rehash.t @@ -13,7 +13,7 @@ use warnings; use File::Spec::Functions; use File::Copy; use File::Basename; -use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_rehash"); diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index 2009ecf..2f6a69a 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -12,7 +12,7 @@ use warnings; use File::Basename; use File::Compare qw/compare_text/; -use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/; use OpenSSL::Test::Utils qw/disabled alldisabled available_protocols/; diff --git a/test/run_tests.pl b/test/run_tests.pl index 51d9900..e5bc927 100644 --- a/test/run_tests.pl +++ b/test/run_tests.pl @@ -16,7 +16,7 @@ BEGIN { use File::Spec::Functions qw/catdir catfile curdir abs2rel rel2abs/; use File::Basename; -use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; use Module::Load::Conditional qw(can_load); my $TAP_Harness = can_load(modules => { 'TAP::Harness' => undef }) diff --git a/util/process_docs.pl b/util/process_docs.pl index 191ec9e..073a3b7 100644 --- a/util/process_docs.pl +++ b/util/process_docs.pl @@ -13,7 +13,7 @@ use File::Spec::Functions; use File::Basename; use File::Copy; use File::Path; -use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; use Getopt::Long; use Pod::Usage; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12945 (master - ddc6a5c)
Build Update for openssl/openssl - Build: #12945 Status: Still Failing Duration: 26 minutes and 42 seconds Commit: ddc6a5c (master) Author: Rich Salz Message: Add RAND_priv_bytes() for private keys Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: Paul Dale(Merged from https://github.com/openssl/openssl/pull/4076) View the changeset: https://github.com/openssl/openssl/compare/ae3947de0952...ddc6a5c8f590 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260654935?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12940 (master - 75e2c87)
Build Update for openssl/openssl - Build: #12940 Status: Still Failing Duration: 28 minutes and 32 seconds Commit: 75e2c87 (master) Author: Rich Salz Message: Switch from ossl_rand to DRBG rand If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success. Add RAND_poll_ex() Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's, mix in the address as the personalization bits. Centralize the entropy callbacks, from drbg_lib to rand_lib. (Conceptually, entropy is part of the enclosing application.) Thanks to Dr. Matthias St Pierre for the suggestion. Various code cleanups: -Make state an enum; inline RANDerr calls. -Add RAND_POLL_RETRIES (thanks Pauli for the idea) -Remove most RAND_seed calls from rest of library -Rename DRBG_CTX to RAND_DRBG, etc. -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the implementation of NIST DRBG. -Remove blocklength Reviewed-by: Paul Dale(Merged from https://github.com/openssl/openssl/pull/4019) View the changeset: https://github.com/openssl/openssl/compare/67dc995eaf53...75e2c8776504 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260613574?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12942 (master - ae3947d)
Build Update for openssl/openssl - Build: #12942 Status: Still Failing Duration: 25 minutes and 52 seconds Commit: ae3947d (master) Author: Rich Salz Message: Add a DRBG to each SSL object Give each SSL object it's own DRBG, chained to the parent global DRBG which is used only as a source of randomness into the per-SSL DRBG. This is used for all session, ticket, and pre-master secret keys. It is NOT used for ECDH key generation which use only the global DRBG. (Doing that without changing the API is tricky, if not impossible.) Reviewed-by: Paul Dale(Merged from https://github.com/openssl/openssl/pull/4050) View the changeset: https://github.com/openssl/openssl/compare/75e2c8776504...ae3947de0952 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260632063?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12237
Build openssl master.12237 failed Commit 2c1681b384 by Matt Caswell on 8/3/2017 2:06 PM: Add PSK early_data tests Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via ddc6a5c8f5900959bdbdfee79e1625a3f7808acd (commit) from ae3947de09522206d61c0206a733517b10a910f8 (commit) - Log - commit ddc6a5c8f5900959bdbdfee79e1625a3f7808acd Author: Rich SalzDate: Wed Aug 2 14:00:52 2017 -0400 Add RAND_priv_bytes() for private keys Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/4076) --- Summary of changes: crypto/bn/bn_err.c | 1 + crypto/bn/bn_gf2m.c | 2 +- crypto/bn/bn_prime.c| 8 +++--- crypto/bn/bn_rand.c | 47 +++- crypto/bn/bn_x931p.c| 8 +++--- crypto/dh/dh_key.c | 4 +-- crypto/dsa/dsa_key.c| 2 +- crypto/dsa/dsa_ossl.c | 2 +- crypto/ec/ec_key.c | 2 +- crypto/ec/ecdsa_ossl.c | 2 +- crypto/err/openssl.txt | 1 + crypto/rand/drbg_lib.c | 10 ++- crypto/rand/rand_lcl.h | 1 + crypto/rand/rand_lib.c | 71 ++--- doc/man3/RAND_bytes.pod | 11 ++-- include/openssl/bn.h| 2 ++ include/openssl/bnerr.h | 1 + include/openssl/rand.h | 1 + util/libcrypto.num | 3 +++ 19 files changed, 126 insertions(+), 53 deletions(-) diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index a086c49..e281747 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -15,6 +15,7 @@ static const ERR_STRING_DATA BN_str_functs[] = { {ERR_PACK(ERR_LIB_BN, BN_F_BNRAND, 0), "bnrand"}, +{ERR_PACK(ERR_LIB_BN, BN_F_BNRAND_RANGE, 0), "bnrand_range"}, {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CONVERT_EX, 0), "BN_BLINDING_convert_ex"}, {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CREATE_PARAM, 0), diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c index 39b0e38..f164f46 100644 --- a/crypto/bn/bn_gf2m.c +++ b/crypto/bn/bn_gf2m.c @@ -1077,7 +1077,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], if (tmp == NULL) goto err; do { -if (!BN_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) +if (!BN_priv_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) goto err; if (!BN_GF2m_mod_arr(rho, rho, p)) goto err; diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 4581a66..026c119 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -216,7 +216,7 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, goto err; for (i = 0; i < checks; i++) { -if (!BN_rand_range(check, A1)) +if (!BN_priv_rand_range(check, A1)) goto err; if (!BN_add_word(check, 1)) goto err; @@ -279,7 +279,7 @@ static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods) char is_single_word = bits <= BN_BITS2; again: -if (!BN_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD)) +if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD)) return (0); /* we now have a random number 'rnd' to test. */ for (i = 1; i < NUMPRIMES; i++) { @@ -363,7 +363,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits, if ((t1 = BN_CTX_get(ctx)) == NULL) goto err; -if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) +if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) goto err; /* we need ((rnd-rem) % add) == 0 */ @@ -419,7 +419,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, if (!BN_rshift1(qadd, padd)) goto err; -if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) +if (!BN_priv_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) goto err; /* we need ((rnd-rem) % add) == 0 */ diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 0b9e43d..d7b17d5 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -14,10 +14,14 @@ #include #include -static int bnrand(int testing, BIGNUM *rnd, int bits, int top, int bottom) +typedef enum bnrand_flag_e { +NORMAL, TESTING, PRIVATE +} BNRAND_FLAG; + +static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom) { unsigned char *buf = NULL; -int ret = 0, bit, bytes, mask; +int b, ret = 0, bit, bytes, mask; if (bits == 0) { if (top != BN_RAND_TOP_ANY || bottom != BN_RAND_BOTTOM_ANY) @@ -39,10 +43,11 @@ static int bnrand(int testing, BIGNUM *rnd, int bits, int top, int bottom) } /* make a random number and set the top and bottom bits */ -if (RAND_bytes(buf,
[openssl-commits] Build failed: openssl master.12239
Build openssl master.12239 failed Commit ddc6a5c8f5 by Rich Salz on 8/3/2017 2:45 PM: Add RAND_priv_bytes() for private keys Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl OpenSSL_1_1_0-stable.12240
Build openssl OpenSSL_1_1_0-stable.12240 completed Commit ef6d11f76f by Richard Levitte on 8/3/2017 3:21 PM: Revert "Perl: Use File::Glob::bsd_glob rather than File::Glob::glob" Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12247
Build openssl master.12247 failed Commit d05ad9088a by Matthias Ballreich on 8/3/2017 6:23 PM: Update libcrypto.num Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12242
Build openssl master.12242 failed Commit 7ec3408653 by Matt Caswell on 8/3/2017 3:30 PM: Add some fixes for Travis failures Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12245
Build openssl master.12245 failed Commit 6d6bef1143 by Johannes Bauer on 8/3/2017 5:04 PM: Use long name for scrypt tests, update return code on unknown parameter Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12241
Build openssl master.12241 failed Commit 4b80a69237 by Richard Levitte on 8/2/2017 4:34 PM: [to be squashed] more corrections Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12244
Build openssl master.12244 failed Commit 1a84d465e1 by Matthias Ballreich on 8/3/2017 4:57 PM: Merge branch 'master' into master Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12249
Build openssl master.12249 failed Commit 6d03cd4358 by Matthias Ballreich on 7/31/2017 7:06 AM: Update libcrypto.num Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12251
Build openssl master.12251 failed Commit 61aba80949 by Johannes Bauer on 8/3/2017 7:07 PM: Fix typo in HKDF example documentation Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12958 (master - fbf9d10)
Build Update for openssl/openssl - Build: #12958 Status: Still Failing Duration: 28 minutes and 35 seconds Commit: fbf9d10 (master) Author: Andy Polyakov Message: recipes/80-test_ca.t: make it work with spaces in pathnames. Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/ddc6a5c8f590...fbf9d108dfca View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260749285?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12248
Build openssl master.12248 failed Commit 090f36c4b6 by Johannes Bauer on 8/3/2017 6:26 PM: Make scrypt also support zero-length password/salt and add error codes Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12258
Build openssl master.12258 failed Commit bf557dca98 by Johannes Bauer on 8/3/2017 8:29 PM: Add manpage for scrypt Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12256
Build openssl master.12256 failed Commit 616ba7f8af by Matthias Ballreich on 8/3/2017 8:18 PM: fixed admission extension libcrypto.num Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12257
Build openssl master.12257 failed Commit a5ac5525cd by Rich Salz on 8/3/2017 8:21 PM: Add missing include Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12250
Build openssl master.12250 failed Commit a6809b8780 by Johannes Bauer on 8/3/2017 7:05 PM: Fix setter functions for scrypt Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via fbf9d108dfca2f578594c1f00bd9dbd2adca7505 (commit) from ddc6a5c8f5900959bdbdfee79e1625a3f7808acd (commit) - Log - commit fbf9d108dfca2f578594c1f00bd9dbd2adca7505 Author: Andy PolyakovDate: Wed Aug 2 23:28:34 2017 +0200 recipes/80-test_ca.t: make it work with spaces in pathnames. Reviewed-by: Richard Levitte --- Summary of changes: test/recipes/80-test_ca.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/recipes/80-test_ca.t b/test/recipes/80-test_ca.t index f62d9d5..4c470fb 100644 --- a/test/recipes/80-test_ca.t +++ b/test/recipes/80-test_ca.t @@ -46,7 +46,7 @@ plan tests => 5; skip "CT not configured, can't use -precert", 1 if disabled("ct"); - $ENV{OPENSSL_CONFIG} = "-config ".srctop_file("test", "Uss.cnf"); + $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"'; ok(run(perlapp(["CA.pl", "-precert"], stderr => undef)), 'creating new pre-certificate'); } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12252
Build openssl master.12252 failed Commit fbf9d108df by Andy Polyakov on 8/3/2017 7:28 PM: recipes/80-test_ca.t: make it work with spaces in pathnames. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12260
Build openssl master.12260 failed Commit df43ed707e by Todd Short on 8/3/2017 2:02 PM: Consolidate to a single asn1_time_from_tm() function Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#12967 (master - cf37aaa)
Build Update for openssl/openssl - Build: #12967 Status: Still Failing Duration: 29 minutes and 50 seconds Commit: cf37aaa (master) Author: Todd Short Message: Consolidate to a single asn1_time_from_tm() function Add missing ASN1_TIME functions Do some cleanup of the ASN1_TIME code. Add ASN1_TIME_normalize() to normalize ASN1_TIME structures. Add ASN1_TIME_compare() to compare two ASN1_TIME structures. Add ASN1_TIME_cmp_time_t() to compare an ASN1_TIME to time_t (generic version of ASN1_UTCTIME_cmp_time_t()). Replace '0' .. '9' compares with isdigit() Reviewed-by: Paul DaleReviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2753) View the changeset: https://github.com/openssl/openssl/compare/2326bba0e5cb...cf37aaa33596 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260847244?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12263
Build openssl master.12263 failed Commit 2cce989112 by Pauli on 8/4/2017 12:49 AM: Change SETUP_TEST_FIXTURE so that the fixture structure is passed by Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12261
Build openssl master.12261 failed Commit cf37aaa335 by Todd Short on 8/4/2017 1:24 AM: Consolidate to a single asn1_time_from_tm() function Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.12259
Build openssl master.12259 failed Commit 2326bba0e5 by Pauli on 8/3/2017 9:37 PM: Test fixtures changed to pointers. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 2326bba0e5cbe98f4d00855a6909b1f14b6f5427 (commit) from fbf9d108dfca2f578594c1f00bd9dbd2adca7505 (commit) - Log - commit 2326bba0e5cbe98f4d00855a6909b1f14b6f5427 Author: PauliDate: Wed Aug 2 13:48:29 2017 +1000 Test fixtures changed to pointers. Change the fixture types to pointers to structures that are heap allocated in the tests that use SETUP_TEST_FIXTURE. This will permit error returns from the setup function and allow for future running tests in parallel. Also removed a call of `exit(2)` which allows the remaining tests to run if one fails to initialise. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/4071) --- Summary of changes: test/cipherlist_test.c | 16 +++-- test/ct_test.c | 167 --- test/ssl_test_ctx_test.c | 83 --- 3 files changed, 139 insertions(+), 127 deletions(-) diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c index c193976..2cfddb0 100644 --- a/test/cipherlist_test.c +++ b/test/cipherlist_test.c @@ -34,21 +34,23 @@ static void tear_down(CIPHERLIST_TEST_FIXTURE *fixture) SSL_CTX_free(fixture->server); SSL_CTX_free(fixture->client); fixture->server = fixture->client = NULL; +OPENSSL_free(fixture); } } static CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name) { -static CIPHERLIST_TEST_FIXTURE fixture; +CIPHERLIST_TEST_FIXTURE *fixture; -memset(, 0, sizeof(fixture)); -fixture.test_case_name = test_case_name; -if (!TEST_ptr(fixture.server = SSL_CTX_new(TLS_server_method())) -|| !TEST_ptr(fixture.client = SSL_CTX_new(TLS_client_method( { -tear_down(); +if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture +return NULL; +fixture->test_case_name = test_case_name; +if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method())) +|| !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method( { +tear_down(fixture); return NULL; } -return +return fixture; } /* diff --git a/test/ct_test.c b/test/ct_test.c index 9c46bb4..5123e50 100644 --- a/test/ct_test.c +++ b/test/ct_test.c @@ -19,6 +19,7 @@ #include #include #include "testutil.h" +#include "openssl/crypto.h" #ifndef OPENSSL_NO_CT /* Used when declaring buffers to read text files into */ @@ -56,33 +57,35 @@ typedef struct ct_test_fixture { int test_validity; } CT_TEST_FIXTURE; -static CT_TEST_FIXTURE set_up(const char *const test_case_name) +static CT_TEST_FIXTURE *set_up(const char *const test_case_name) { -CT_TEST_FIXTURE fixture; -int ok = 0; +CT_TEST_FIXTURE *fixture = NULL; -memset(, 0, sizeof(fixture)); -fixture.test_case_name = test_case_name; -fixture.epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ -if (!TEST_ptr(fixture.ctlog_store = CTLOG_STORE_new()) +if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture +goto end; +fixture->test_case_name = test_case_name; +fixture->epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ +if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( -CTLOG_STORE_load_default_file(fixture.ctlog_store), 1)) +CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) goto end; -ok = 1; +return fixture; end: -if (!ok) { -CTLOG_STORE_free(fixture.ctlog_store); -TEST_error("Failed to setup"); -exit(EXIT_FAILURE); -} -return fixture; +if (fixture != NULL) +CTLOG_STORE_free(fixture->ctlog_store); +OPENSSL_free(fixture); +TEST_error("Failed to setup"); +return NULL; } -static void tear_down(CT_TEST_FIXTURE fixture) +static void tear_down(CT_TEST_FIXTURE *fixture) { -CTLOG_STORE_free(fixture.ctlog_store); -SCT_LIST_free(fixture.sct_list); +if (fixture != NULL) { +CTLOG_STORE_free(fixture->ctlog_store); +SCT_LIST_free(fixture->sct_list); +} +OPENSSL_free(fixture); } static char *mk_file_path(const char *dir, const char *file) @@ -192,7 +195,7 @@ end: return result; } -static int assert_validity(CT_TEST_FIXTURE fixture, STACK_OF(SCT) *scts, +static int assert_validity(CT_TEST_FIXTURE *fixture, STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *policy_ctx) { int invalid_sct_count = 0; @@ -221,7 +224,7 @@ static int assert_validity(CT_TEST_FIXTURE fixture, STACK_OF(SCT) *scts, } } -if (!TEST_int_eq(valid_sct_count, fixture.expected_valid_sct_count)) { +if (!TEST_int_eq(valid_sct_count,
[openssl-commits] Still Failing: openssl/openssl#12965 (master - 2326bba)
Build Update for openssl/openssl - Build: #12965 Status: Still Failing Duration: 25 minutes and 34 seconds Commit: 2326bba (master) Author: Pauli Message: Test fixtures changed to pointers. Change the fixture types to pointers to structures that are heap allocated in the tests that use SETUP_TEST_FIXTURE. This will permit error returns from the setup function and allow for future running tests in parallel. Also removed a call of `exit(2)` which allows the remaining tests to run if one fails to initialise. Reviewed-by: Andy Polyakov(Merged from https://github.com/openssl/openssl/pull/4071) View the changeset: https://github.com/openssl/openssl/compare/fbf9d108dfca...2326bba0e5cb View the full build log and details: https://travis-ci.org/openssl/openssl/builds/260792495?utm_source=email_medium=notification -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via cf37aaa335965902c6a022bc3c3e0162f59c0f3a (commit) from 2326bba0e5cbe98f4d00855a6909b1f14b6f5427 (commit) - Log - commit cf37aaa335965902c6a022bc3c3e0162f59c0f3a Author: Todd ShortDate: Fri Aug 4 11:24:03 2017 +1000 Consolidate to a single asn1_time_from_tm() function Add missing ASN1_TIME functions Do some cleanup of the ASN1_TIME code. Add ASN1_TIME_normalize() to normalize ASN1_TIME structures. Add ASN1_TIME_compare() to compare two ASN1_TIME structures. Add ASN1_TIME_cmp_time_t() to compare an ASN1_TIME to time_t (generic version of ASN1_UTCTIME_cmp_time_t()). Replace '0' .. '9' compares with isdigit() Reviewed-by: Paul Dale Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2753) --- Summary of changes: crypto/asn1/a_gentm.c | 57 +--- crypto/asn1/a_object.c | 3 +- crypto/asn1/a_time.c | 187 - crypto/asn1/a_utctm.c | 68 ++--- crypto/asn1/asn1_locl.h| 2 + doc/man3/ASN1_TIME_set.pod | 154 --- include/openssl/asn1.h | 4 + test/asn1_time_test.c | 296 + test/build.info| 5 + test/recipes/{05-test_bf.t => 90-test_asn1_time.t} | 4 +- test/time_offset_test.c| 5 +- util/libcrypto.num | 3 + 12 files changed, 587 insertions(+), 201 deletions(-) create mode 100644 test/asn1_time_test.c copy test/recipes/{05-test_bf.t => 90-test_asn1_time.t} (73%) diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 8547e22..4e2e815 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -13,10 +13,12 @@ #include #include +#include #include "internal/cryptlib.h" #include #include "asn1_locl.h" +/* This is the primary function used to parse ASN1_GENERALIZEDTIME */ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d) { /* wrapper around asn1_time_to_tm */ @@ -39,15 +41,13 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) t.data = (unsigned char *)str; t.flags = 0; -if (ASN1_GENERALIZEDTIME_check()) { -if (s != NULL) { -if (!ASN1_STRING_set((ASN1_STRING *)s, str, t.length)) -return 0; -s->type = V_ASN1_GENERALIZEDTIME; -} -return 1; -} -return 0; +if (!ASN1_GENERALIZEDTIME_check()) +return 0; + +if (s != NULL && !ASN1_STRING_copy(s, )) +return 0; + +return 1; } ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, @@ -60,52 +60,19 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec) { -char *p; struct tm *ts; struct tm data; -const size_t len = 20; -ASN1_GENERALIZEDTIME *tmps = NULL; - -if (s == NULL) -tmps = ASN1_GENERALIZEDTIME_new(); -else -tmps = s; -if (tmps == NULL) -return NULL; ts = OPENSSL_gmtime(, ); if (ts == NULL) -goto err; +return NULL; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) -goto err; -} - -p = (char *)tmps->data; -if ((p == NULL) || ((size_t)tmps->length < len)) { -p = OPENSSL_malloc(len); -if (p == NULL) { -ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE); -goto err; -} -OPENSSL_free(tmps->data); -tmps->data = (unsigned char *)p; +return NULL; } -tmps->length = BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", -ts->tm_year + 1900, ts->tm_mon + 1, -ts->tm_mday, ts->tm_hour, ts->tm_min, -ts->tm_sec); -tmps->type = V_ASN1_GENERALIZEDTIME; -#ifdef CHARSET_EBCDIC_not -ebcdic2ascii(tmps->data, tmps->data, tmps->length); -#endif -return tmps; - err: -if (s == NULL) -ASN1_GENERALIZEDTIME_free(tmps); -return NULL; +return asn1_time_from_tm(s, ts, V_ASN1_GENERALIZEDTIME); } int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 79f0ecd..5ae56a2 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -9,6 +9,7 @@
[openssl-commits] Build completed: openssl master.12233
Build openssl master.12233 completed Commit d8bc8a7704 by Matt Caswell on 8/2/2017 2:29 PM: More updates following review feedback Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits