[openssl-commits] [openssl] master update
The branch master has been updated via 708a6a17592865590344eca541cbfccd472d7b45 (commit) from 63a65d16acca53622a08861cdde8fe0e79beb522 (commit) - Log - commit 708a6a17592865590344eca541cbfccd472d7b45 Author: Richard LevitteDate: Wed Apr 11 09:54:59 2018 +0200 OpenSSL::Test: add data_dir() For test recipes that want to use the directory of the data directory or a subdirectory thereof, rather than just individual files. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/5928) --- Summary of changes: util/perl/OpenSSL/Test.pm | 23 +++ 1 file changed, 23 insertions(+) diff --git a/util/perl/OpenSSL/Test.pm b/util/perl/OpenSSL/Test.pm index f4b1b50..19141e9 100644 --- a/util/perl/OpenSSL/Test.pm +++ b/util/perl/OpenSSL/Test.pm @@ -607,6 +607,23 @@ sub srctop_file { =over 4 +=item B + +LIST is a list of directories that make up a path from the data directory +associated with the test (see L above). +C returns the resulting directory as a string, adapted to the local +operating system. + +=back + +=cut + +sub data_dir { +return __data_dir(@_); +} + +=over 4 + =item B LIST is a list of directories that make up a path from the data directory @@ -967,6 +984,12 @@ sub __data_file { return catfile($directories{SRCDATA},@_,$f); } +sub __data_dir { +BAIL_OUT("Must run setup() first") if (! $test_name); + +return catdir($directories{SRCDATA},@_); +} + sub __results_file { BAIL_OUT("Must run setup() first") if (! $test_name); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via a8b2b52fe57249f5093e190eb40def9fed9c9627 (commit) from f7bef277eac05853224d33e67465147833c49108 (commit) - Log - commit a8b2b52fe57249f5093e190eb40def9fed9c9627 Author: Daniel BeveniusDate: Wed Apr 11 12:57:31 2018 -0400 Fix minor typos in Configurations/README Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5774) --- Summary of changes: Configurations/README | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Configurations/README b/Configurations/README index d553cab..4457b94 100644 --- a/Configurations/README +++ b/Configurations/README @@ -165,7 +165,7 @@ In each table entry, the following keys are significant: that use dlopen() et al but do not have fcntl.h), "DL" (shl_load() et al), "WIN32" and "VMS". -perlasm_scheme => The perlasm method used to created the +perlasm_scheme => The perlasm method used to create the assembler files used when compiling with assembler implementations. shared_target => The shared library building method used. @@ -429,7 +429,7 @@ It's also possible to depend on static libraries explicitly: This should be rarely used, and care should be taken to make sure it's only used when supported. For example, native Windows build doesn't -support build static libraries and DLLs at the same time, so using +support building static libraries and DLLs at the same time, so using static libraries on Windows can only be done when configured 'no-shared'. @@ -445,7 +445,7 @@ library: RENAME[libfoo]=libbar -That lines has "libfoo" get renamed to "libbar". While it makes no +That line has "libfoo" renamed to "libbar". While it makes no sense at all to just have a rename like that (why not just use "libbar" everywhere?), it does make sense when it can be used conditionally. See a little further below for an example. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via f7bef277eac05853224d33e67465147833c49108 (commit) from 708a6a17592865590344eca541cbfccd472d7b45 (commit) - Log - commit f7bef277eac05853224d33e67465147833c49108 Author: Dr. Matthias St. PierreDate: Fri Mar 30 01:07:00 2018 +0200 Minor corrections for the RAND_DRBG API documentation - added some explaining text to a sentence that lost its context. - removed mention of per-ssl drbg - fix whitespace errors Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5804) --- Summary of changes: doc/man3/RAND_DRBG_set_callbacks.pod | 2 +- doc/man7/RAND.pod| 4 ++-- doc/man7/RAND_DRBG.pod | 17 + 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/doc/man3/RAND_DRBG_set_callbacks.pod b/doc/man3/RAND_DRBG_set_callbacks.pod index 3e9a985..a927d6a 100644 --- a/doc/man3/RAND_DRBG_set_callbacks.pod +++ b/doc/man3/RAND_DRBG_set_callbacks.pod @@ -79,7 +79,7 @@ See NOTES section for more details. The B() callback is called from the B to to clear and free the buffer allocated previously by get_entropy(). -The values B and B are the random buffer's address and length, +The values B and B are the random buffer's address and length, as returned by the get_entropy() callback. The B() and B() callbacks are used to obtain a nonce diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index 6ec7548..578018f 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -32,8 +32,8 @@ return value of L and don't take randomness for granted. For long-term secrets, you can use L instead. This method does not provide 'better' randomness, it uses the same type of CSPRNG. The intention behind using a dedicated CSPRNG exclusively for long-term secrets is -that none of its output should be visible to an attacker (e.g used as salt value), -in order to reveal as little information as possible about its internal state. +that none of its output should be visible to an attacker (e.g used as salt value), +in order to reveal as little information as possible about its internal state. In the rare case where the default implementation does not satisfy your special requirements, there are two options: diff --git a/doc/man7/RAND_DRBG.pod b/doc/man7/RAND_DRBG.pod index a4c58c1..9f7f124 100644 --- a/doc/man7/RAND_DRBG.pod +++ b/doc/man7/RAND_DRBG.pod @@ -37,8 +37,7 @@ Typical examples for such special use cases are the following: =item * -You want to use your own private DRBG instances, similar to how it -is currently done in the ssl library. +You want to use your own private DRBG instances. Multiple DRBG instances which are accessed only by a single thread provide additional security (because their internal states are independent) and better scalability in multithreaded applications (because they don't need @@ -80,8 +79,8 @@ the thread-local and DRBG instance, respectively. =head2 The DRBG instance The DRBG is not used directly by the application, only for reseeding -the two other two DRBG instances. It reseeds itself by obtaining randomness -either from os entropy sources or by consuming randomness which was added +the two other two DRBG instances. It reseeds itself by obtaining randomness +either from os entropy sources or by consuming randomness which was added previously by L . =head2 The DRBG instance @@ -144,10 +143,12 @@ together and are being used. +--+ ++ - -The method L is a convenience method wrapping the -L function, which serves the actual request for -random data. +The usual way to obtain random bytes is to call RAND_bytes(...) or +RAND_priv_bytes(...). These calls are roughly equivalent to calling +RAND_DRBG_bytes(, ...) and RAND_DRBG_bytes(, ...), +respectively. The method L is a convenience method +wrapping the L function, which serves the actual +request for random data. =head1 RESEEDING _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via c12a2d2728fd9eb555ab347049ebdddef9d81d7f (commit) from a8b2b52fe57249f5093e190eb40def9fed9c9627 (commit) - Log - commit c12a2d2728fd9eb555ab347049ebdddef9d81d7f Author: Theo BuehlerDate: Wed Apr 11 12:59:25 2018 -0400 EVP_MD_CTX_cleanup replaced with EVP_MD_CTX_reset The EVP_MD_CTX_cleanup() function was merged into EVP_MD_CTX_reset() which is called by EVP_MD_CTX_free(). Adjust the documentation to say that the latter should be used to avoid leaking memory. CLA: trivial Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5921) --- Summary of changes: doc/man3/EVP_DigestSignInit.pod | 2 +- doc/man3/EVP_DigestVerifyInit.pod | 2 +- doc/man3/EVP_SignInit.pod | 2 +- doc/man3/EVP_VerifyInit.pod | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index c3513f5..176872d 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -77,7 +77,7 @@ context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data. Since only a copy of the digest context is ever finalized the context must -be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak +be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur. The use of EVP_PKEY_size() with these functions is discouraged because some diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index 2191b9e..603e2cd 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -76,7 +76,7 @@ context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data. Since only a copy of the digest context is ever finalized the context must -be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak +be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur. =head1 SEE ALSO diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index d3fe79c..12e67f8 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -75,7 +75,7 @@ This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data. Since only a copy of the digest context is ever finalized the context must -be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak +be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur. =head1 BUGS diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index faabc71..f868258 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -57,7 +57,7 @@ This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data. Since only a copy of the digest context is ever finalized the context must -be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak +be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur. =head1 BUGS _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via ad5c205c011d1e2ec538d1f4d75477133e0dcab3 (commit) via 6197bc7c5490d215f6abc20afa27308d5e301df2 (commit) via 8258975c94398930e7b5406b8a3af53a662d1354 (commit) from c12a2d2728fd9eb555ab347049ebdddef9d81d7f (commit) - Log - commit ad5c205c011d1e2ec538d1f4d75477133e0dcab3 Author: Andy PolyakovDate: Wed Apr 11 16:07:38 2018 +0200 appveyor.yml: exercise build_all_generated. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5930) commit 6197bc7c5490d215f6abc20afa27308d5e301df2 Author: Richard Levitte Date: Wed Apr 11 15:49:19 2018 +0200 .travis.yml: exercise build_all_generated Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/5930) commit 8258975c94398930e7b5406b8a3af53a662d1354 Author: Richard Levitte Date: Wed Apr 11 13:13:22 2018 +0200 Configuration: Simplify generating list of generated files in build file templates Computing the value of the GENERATED variable in the build file templates is somewhat overcomplicated, and because of possible duplication errors, changes are potentially error prone. Looking more closely at how this list is determined, it can be observed that the exact list of files to check is consistently available in all the values found in the %unified_info tables 'depends', 'sources' and 'shared_sources', and all that's needed is to filter those values so only those present as keys in the 'generate' table are left. This computation is also common for all build files, so due to its apparent complexity, we move it to common0.tmpl, with the result left in a global variable (@generated), to be consumed by all build file templates. common0.tmpl is included among the files to process when creating build files, but unlike common.tmpl, it comes first of all. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/5930) --- Summary of changes: .travis.yml | 32 ++-- Configurations/common0.tmpl | 31 +++ Configurations/descrip.mms.tmpl | 9 +++-- Configurations/unix-Makefile.tmpl| 9 +++-- Configurations/windows-makefile.tmpl | 9 +++-- Configure| 4 +++- appveyor.yml | 3 ++- 7 files changed, 67 insertions(+), 30 deletions(-) create mode 100644 Configurations/common0.tmpl diff --git a/.travis.yml b/.travis.yml index 3096ae8..bd9d8f8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,7 +31,7 @@ compiler: env: - CONFIG_OPTS="" DESTDIR="_install" - CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2" -- CONFIG_OPTS="no-asm --strict-warnings" BUILDONLY="yes" CHECKDOCS="yes" +- CONFIG_OPTS="no-asm no-makedepend --strict-warnings" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" matrix: include: @@ -161,6 +161,11 @@ script: else make="make"; fi +- if [ -n "$GENERATE" ]; then + make2="$make PERL=no-perl"; + else + make2="$make"; + fi - top=${PWD} - if [ -n "$DESTDIR" ]; then cd _build; @@ -178,10 +183,17 @@ script: echo -e '+\057\057 MAKE DOC-NITS FAILED'; false; fi; fi -- if $make; then - echo -e '+\057\057\057 MAKE OK'; +- if [ -n "$GENERATE" ]; then + if $make build_all_generated; then + echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED OK'; + else + echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED FAILED'; false; + fi; + fi +- if $make2; then + echo -e '+\057\057\057\057 MAKE OK'; else - echo -e '+\057\057\057 MAKE FAILED'; false; + echo -e '+\057\057\057\057 MAKE FAILED'; false; fi; - if [ -z "$BUILDONLY" ]; then if [ -n "$CROSS_COMPILE" ]; then @@ -194,15 +206,15 @@ script: sudo apt-get -yq install bison dejagnu gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python-cjson python-paste python-pyrad slapd tcl-dev tcsh; fi; if HARNESS_VERBOSE=yes BORING_RUNNER_DIR=$top/boringssl/ssl/test/runner make test; then - echo -e '+\057\057\057\057 MAKE TEST OK'; + echo -e '+\057\057\057\057\057 MAKE TEST OK'; else - echo -e '+\057\057\057\057 MAKE TEST FAILED'; false; + echo -e '+\057\057\057\057\057 MAKE TEST FAILED'; false; fi; else if
[openssl-commits] Build failed: openssl master.17188
Build openssl master.17188 failed Commit 337429bcbe by Andy Polyakov on 4/11/2018 9:49 PM: TLSProxy/Proxy.pm: decorate ::1 [to be squashed]. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.17187
Build openssl master.17187 failed Commit 3c5560ac2d by Andy Polyakov on 4/11/2018 9:16 PM: TLSProxy/Proxy.pm: bind s_server to loopback interface. Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits