[openssl-commits] Build failed: openssl 1.0.1

2016-06-23 Thread AppVeyor 



Build openssl 1.0.1 failed


Commit cd1109e19f by Peter Mosmans on 6/17/2016 5:03 AM:

Merge remote-tracking branch 'upstream/OpenSSL_1_0_2-stable' into 1.0.2-chacha


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl 170

2016-06-23 Thread AppVeyor 



Build openssl 170 failed


Commit 689ee3d3a4 by Alessandro Ghedini on 6/23/2016 10:20 PM:

clean


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build completed: openssl OpenSSL_1_0_2-stable.4001

2016-06-23 Thread AppVeyor 


Build openssl OpenSSL_1_0_2-stable.4001 completed



Commit bd598cc405 by Matt Caswell on 6/23/2016 7:51 PM:

Fix ASN1_STRING_to_UTF8 could not convert NumericString


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl 169

2016-06-23 Thread AppVeyor 



Build openssl 169 failed


Commit 5714518068 by Alessandro Ghedini on 6/23/2016 8:55 PM:

lol?


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still Failing: openssl/openssl#4682 (OpenSSL_1_0_2-stable - bd598cc)

2016-06-23 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #4682
Status: Still Failing

Duration: 7 minutes and 31 seconds
Commit: bd598cc (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Fix ASN1_STRING_to_UTF8 could not convert NumericString

tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte

Reviewed-by: Stephen Henson 
(cherry picked from commit d6079a87db58ad17550b5d00a74512464e6a029e)

View the changeset: 
https://github.com/openssl/openssl/compare/ecb044db58b8...bd598cc405e9

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/139862145

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.4000

2016-06-23 Thread AppVeyor 



Build openssl master.4000 failed


Commit d6079a87db by Matt Caswell on 6/23/2016 7:49 PM:

Fix ASN1_STRING_to_UTF8 could not convert NumericString


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Passed: openssl/openssl#4681 (master - d6079a8)

2016-06-23 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #4681
Status: Passed

Duration: 26 minutes and 16 seconds
Commit: d6079a8 (master)
Author: Matt Caswell
Message: Fix ASN1_STRING_to_UTF8 could not convert NumericString

tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte

Reviewed-by: Stephen Henson 

View the changeset: 
https://github.com/openssl/openssl/compare/51a3b763c31a...d6079a87db58

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/139862079

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2016-06-23 Thread Matt Caswell 
The branch OpenSSL_1_0_2-stable has been updated
   via  bd598cc405e981de259a07558e600b5a9ef64bd6 (commit)
  from  ecb044db58b85c2329cfc1c1e196cc1b8302ca53 (commit)


- Log -
commit bd598cc405e981de259a07558e600b5a9ef64bd6
Author: Matt Caswell 
Date:   Thu Jun 23 19:54:06 2016 +0100

Fix ASN1_STRING_to_UTF8 could not convert NumericString

tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte

Reviewed-by: Stephen Henson 
(cherry picked from commit d6079a87db58ad17550b5d00a74512464e6a029e)

---

Summary of changes:
 crypto/asn1/a_strex.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 35fd44c..2d562f9 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -337,7 +337,7 @@ static const signed char tag2nbyte[] = {
 -1, -1, -1, -1, -1, /* 5-9 */
 -1, -1, 0, -1,  /* 10-13 */
 -1, -1, -1, -1, /* 15-17 */
--1, 1, 1,   /* 18-20 */
+1, 1, 1,/* 18-20 */
 -1, 1, 1, 1,/* 21-24 */
 -1, 1, -1,  /* 25-27 */
 4, -1, 2/* 28-30 */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Matt Caswell 
The branch master has been updated
   via  d6079a87db58ad17550b5d00a74512464e6a029e (commit)
  from  51a3b763c31afcf294af73d32f7451c9dee7cd76 (commit)


- Log -
commit d6079a87db58ad17550b5d00a74512464e6a029e
Author: Matt Caswell 
Date:   Thu Jun 23 19:54:06 2016 +0100

Fix ASN1_STRING_to_UTF8 could not convert NumericString

tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte

Reviewed-by: Stephen Henson 

---

Summary of changes:
 crypto/asn1/a_strex.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 59d5121..d419e9d 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -282,7 +282,7 @@ static const signed char tag2nbyte[] = {
 -1, -1, -1, -1, -1, /* 5-9 */
 -1, -1, 0, -1,  /* 10-13 */
 -1, -1, -1, -1, /* 15-17 */
--1, 1, 1,   /* 18-20 */
+1, 1, 1,/* 18-20 */
 -1, 1, 1, 1,/* 21-24 */
 -1, 1, -1,  /* 25-27 */
 4, -1, 2/* 28-30 */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3999

2016-06-23 Thread AppVeyor 



Build openssl master.3999 failed


Commit 51a3b763c3 by huangqinjin on 6/23/2016 4:13 PM:

Make x25519_compute_key() return a boolean


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3997

2016-06-23 Thread AppVeyor 



Build openssl master.3997 failed


Commit 70a56b9147 by Sebastian Andrzej Siewior on 6/23/2016 3:10 PM:

utils/mkdir-p: check if dir exists also after mkdir failed


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3996

2016-06-23 Thread AppVeyor 



Build openssl master.3996 failed


Commit fe2d149119 by Rich Salz on 6/23/2016 2:03 PM:

RT2867: des_ede3_cfb1 ignored "size in bits" flag


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3995

2016-06-23 Thread AppVeyor 



Build openssl master.3995 failed


Commit 615dd78b72 by Viktor Dukhovni on 6/23/2016 1:40 PM:

Drop extraneous printf argument in mkcert.sh


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Matt Caswell 
The branch master has been updated
   via  51a3b763c31afcf294af73d32f7451c9dee7cd76 (commit)
   via  65ea288d47bd3ec8c787108d7e56d8f5ff43281f (commit)
  from  70a56b914772e6b21cda2a5742817ae4bb7290f1 (commit)


- Log -
commit 51a3b763c31afcf294af73d32f7451c9dee7cd76
Author: huangqinjin 
Date:   Thu Jun 23 23:51:08 2016 +0800

Make x25519_compute_key() return a boolean

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

commit 65ea288d47bd3ec8c787108d7e56d8f5ff43281f
Author: huangqinjin 
Date:   Fri Jun 17 20:55:15 2016 +0800

Make ossl_ecdh_compute_key() return a boolean

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/ec/ec_25519.c  | 4 ++--
 crypto/ec/ecdh_ossl.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/ec/ec_25519.c b/crypto/ec/ec_25519.c
index 4a9e3c9..035a415 100644
--- a/crypto/ec/ec_25519.c
+++ b/crypto/ec/ec_25519.c
@@ -253,9 +253,9 @@ static int x25519_compute_key(unsigned char **psec, size_t 
*pseclen,
   const EC_POINT *pub_key, const EC_KEY *ecdh)
 {
 unsigned char *key;
-int ret = -1;
+int ret = 0;
 if (ecdh->custom_data == NULL)
-return -1;
+return 0;
 key = OPENSSL_malloc(EC_X25519_KEYLEN);
 if (key == NULL)
 return 0;
diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c
index 715465c..caf65de 100644
--- a/crypto/ec/ecdh_ossl.c
+++ b/crypto/ec/ecdh_ossl.c
@@ -38,7 +38,7 @@ int ossl_ecdh_compute_key(unsigned char **psec, size_t 
*pseclen,
 {
 if (ecdh->group->meth->ecdh_compute_key == NULL) {
 ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH);
-return -1;
+return 0;
 }
 
 return ecdh->group->meth->ecdh_compute_key(psec, pseclen, pub_key, ecdh);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3994

2016-06-23 Thread AppVeyor 



Build openssl master.3994 failed


Commit d0ba3119de by Kurt Roeckx on 6/23/2016 1:13 PM:

Update fuzz corpora


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Rich Salz 
The branch master has been updated
   via  70a56b914772e6b21cda2a5742817ae4bb7290f1 (commit)
  from  fe2d149119063ec3c89fd6db9af8a6970e3e6032 (commit)


- Log -
commit 70a56b914772e6b21cda2a5742817ae4bb7290f1
Author: Sebastian Andrzej Siewior 
Date:   Fri Jun 10 20:04:51 2016 +0200

utils/mkdir-p: check if dir exists also after mkdir failed

with "make install -j8" it happens very often that two or more make
instances are creating the same directory in parallel. As a result one
instace creates the directory and second mkdir fails because the
directory exists already (but it did not while testing for it earlier).

Signed-off-by: Sebastian Andrzej Siewior 

Reviewed-by: Matt Caswell 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/1204)

---

Summary of changes:
 util/mkdir-p.pl | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/util/mkdir-p.pl b/util/mkdir-p.pl
index 4f44266..3280602 100755
--- a/util/mkdir-p.pl
+++ b/util/mkdir-p.pl
@@ -33,6 +33,12 @@ sub do_mkdir_p {
 do_mkdir_p($parent);
   }
 
-  mkdir($dir, 0777) || die "Cannot create directory $dir: $!\n";
+  unless (mkdir($dir, 0777)) {
+if (-d $dir) {
+  # We raced against another instance doing the same thing.
+  return;
+}
+die "Cannot create directory $dir: $!\n";
+  }
   print "created directory `$dir'\n";
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3993

2016-06-23 Thread AppVeyor 



Build openssl master.3993 failed


Commit 3c82e437bb by FdaSilvaYY on 6/23/2016 1:03 PM:

Add checks on sk_TYPE_push() returned result


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Rich Salz 
The branch master has been updated
   via  fe2d149119063ec3c89fd6db9af8a6970e3e6032 (commit)
  from  615dd78b72a822b31ad17623afcf1293bfee3570 (commit)


- Log -
commit fe2d149119063ec3c89fd6db9af8a6970e3e6032
Author: Rich Salz 
Date:   Thu Jun 23 10:03:50 2016 -0400

RT2867: des_ede3_cfb1 ignored "size in bits" flag

Code and tests by Steve.

Reviewed-by: Dr. Stephen Henson 
Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/evp/e_des3.c |  2 ++
 test/evptests.txt   | 19 +++
 2 files changed, 21 insertions(+)

diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index e21c045..a842913 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -164,6 +164,8 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, 
unsigned char *out,
 size_t n;
 unsigned char c[1], d[1];
 
+if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
+inl *= 8;
 for (n = 0; n < inl; ++n) {
 c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
 DES_ede3_cfb_encrypt(c, d, 1, 1,
diff --git a/test/evptests.txt b/test/evptests.txt
index c0e906d..a66a152 100644
--- a/test/evptests.txt
+++ b/test/evptests.txt
@@ -201,6 +201,25 @@ Input = "aa"
 Count = 10
 Output = 
0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01
 
+# DES EDE3 CFB1
+# echo -n "Hello World" |
+#  apps/openssl enc -des-ede3-cfb1 \
+#   -K 000102030405060708090A0B0C0D0E0F1011121314151617 -iv 0001020304050607 |
+#  xxd -ps -u
+
+Cipher = DES-EDE3-CFB1
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+IV = 0001020304050607
+Plaintext = "Hello World"
+Ciphertext = 3CF55D656E9C0664513358
+
+Cipher = DES-EDE3-CFB1
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+IV = 0001020304050607
+Operation = DECRYPT
+Plaintext = "Hello World"
+Ciphertext = 3CF55D656E9C0664513358
+
 # AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
 
 Cipher = AES-128-ECB
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.3992

2016-06-23 Thread AppVeyor 



Build openssl master.3992 failed


Commit 687b486859 by FdaSilvaYY on 6/23/2016 1:00 PM:

Rework error handling from asn1_do_lock method.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Viktor Dukhovni 
The branch master has been updated
   via  615dd78b72a822b31ad17623afcf1293bfee3570 (commit)
  from  d0ba3119def9e2683bc517c8189c33d76373e6c1 (commit)


- Log -
commit 615dd78b72a822b31ad17623afcf1293bfee3570
Author: Viktor Dukhovni 
Date:   Thu Jun 23 23:28:34 2016 +1000

Drop extraneous printf argument in mkcert.sh

Reviewed-by: Rich Salz 

---

Summary of changes:
 test/certs/mkcert.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/certs/mkcert.sh b/test/certs/mkcert.sh
index ced08ea..8863254 100755
--- a/test/certs/mkcert.sh
+++ b/test/certs/mkcert.sh
@@ -61,7 +61,7 @@ req() {
 stderr_onerror \
 openssl req -new -"${OPENSSL_SIGALG}" -key "${key}.pem" \
 -config <(printf "[req]\n%s\n%s\n[dn]\n" \
- "prompt = no" "distinguished_name = dn" "${dn}"
+ "prompt = no" "distinguished_name = dn"
   for dn in "$@"; do echo "$dn"; done)
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2016-06-23 Thread Matt Caswell 
The branch master has been updated
   via  3c82e437bb3af822ea13cd5a24bab0745c556246 (commit)
  from  687b48685931638ca5fca2a7d5e13516ad40ea4b (commit)


- Log -
commit 3c82e437bb3af822ea13cd5a24bab0745c556246
Author: FdaSilvaYY 
Date:   Sat Jun 4 00:15:19 2016 +0200

Add checks on sk_TYPE_push() returned result

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/engine/eng_dyn.c |  8 ++--
 include/openssl/ssl.h   |  1 +
 ssl/d1_srtp.c   | 15 ++-
 ssl/s3_lib.c| 11 ---
 ssl/ssl_cert.c  | 28 
 ssl/ssl_ciph.c  |  4 ++--
 6 files changed, 47 insertions(+), 20 deletions(-)

diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 718599f..843226c 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -349,11 +349,15 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void 
*p, void (*f) (void))
 }
 {
 char *tmp_str = OPENSSL_strdup(p);
-if (!tmp_str) {
+if (tmp_str == NULL) {
+ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
+return 0;
+}
+if (!sk_OPENSSL_STRING_push(ctx->dirs, tmp_str)) {
+OPENSSL_free(tmp_str);
 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
 return 0;
 }
-sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1);
 }
 return 1;
 default:
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index f02e416..abfbed4 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2113,6 +2113,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_DANE_ENABLE395
 # define SSL_F_SSL_DO_CONFIG  391
 # define SSL_F_SSL_DO_HANDSHAKE   180
+# define SSL_F_SSL_DUP_CA_LIST408
 # define SSL_F_SSL_ENABLE_CT  402
 # define SSL_F_SSL_GET_NEW_SESSION181
 # define SSL_F_SSL_GET_PREV_SESSION   217
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c
index 91d373f..94c0127 100644
--- a/ssl/d1_srtp.c
+++ b/ssl/d1_srtp.c
@@ -81,16 +81,18 @@ static int ssl_ctx_make_profiles(const char 
*profiles_string,
 if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) {
 SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-sk_SRTP_PROTECTION_PROFILE_free(profiles);
-return 1;
+goto err;
 }
 
-sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
+if (!sk_SRTP_PROTECTION_PROFILE_push(profiles, p)) {
+SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+   SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
+goto err;
+}
 } else {
 SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
-sk_SRTP_PROTECTION_PROFILE_free(profiles);
-return 1;
+goto err;
 }
 
 if (col)
@@ -102,6 +104,9 @@ static int ssl_ctx_make_profiles(const char 
*profiles_string,
 *out = profiles;
 
 return 0;
+err:
+sk_SRTP_PROTECTION_PROFILE_free(profiles);
+return 1;
 }
 
 int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 44dac24..bd831bc 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3410,10 +3410,15 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, 
void *parg)
 /* A Thawte special :-) */
 case SSL_CTRL_EXTRA_CHAIN_CERT:
 if (ctx->extra_certs == NULL) {
-if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
-return (0);
+if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
+SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
+return 0;
+}
+}
+if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
+SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
+return 0;
 }
-sk_X509_push(ctx->extra_certs, (X509 *)parg);
 break;
 
 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d668afa..c6e2d09 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -470,11 +470,16 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) 
*sk)
 X509_NAME *name;
 
 ret = sk_X509_NAME_new_null();
+if (ret == NULL) {
+SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE);
+return NULL;
+}
 for (i = 0; i <

[openssl-commits] [openssl] master update

2016-06-23 Thread Matt Caswell 
The branch master has been updated
   via  687b48685931638ca5fca2a7d5e13516ad40ea4b (commit)
  from  b58614d7f5f98571b2c0bb2fb3df48f4b48a7e92 (commit)


- Log -
commit 687b48685931638ca5fca2a7d5e13516ad40ea4b
Author: FdaSilvaYY 
Date:   Sun May 29 14:32:23 2016 +0200

Rework error handling from asn1_do_lock method.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 crypto/asn1/tasn_fre.c |  2 +-
 crypto/asn1/tasn_new.c |  4 +++-
 crypto/asn1/tasn_utl.c | 24 ++--
 crypto/include/internal/x509_int.h |  6 +++---
 include/openssl/asn1.h |  1 +
 5 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index 9b623d9..d467b89 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -89,7 +89,7 @@ static void asn1_item_embed_free(ASN1_VALUE **pval, const 
ASN1_ITEM *it,
 
 case ASN1_ITYPE_NDEF_SEQUENCE:
 case ASN1_ITYPE_SEQUENCE:
-if (asn1_do_lock(pval, -1, it) > 0)
+if (asn1_do_lock(pval, -1, it) != 0) /* if error or ref-counter > 0 */
 return;
 if (asn1_cb) {
 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 455a88a..897120d 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -123,7 +123,9 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM 
*it, int embed)
 if (*pval == NULL)
 goto memerr;
 }
-asn1_do_lock(pval, 0, it);
+/* 0 : init. lock */
+if (asn1_do_lock(pval, 0, it) < 0)
+goto memerr;
 asn1_enc_init(pval, it);
 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
 pseqval = asn1_get_field_ptr(pval, tt);
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
index c215891..f79d7d6 100644
--- a/crypto/asn1/tasn_utl.c
+++ b/crypto/asn1/tasn_utl.c
@@ -46,13 +46,14 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
 }
 
 /*
- * Do reference counting. The value 'op' decides what to do. if it is +1
- * then the count is incremented. If op is 0 count is set to 1. If op is -1
- * count is decremented and the return value is the current reference count
- * or 0 if no reference count exists.
- * FIXME: return and manage any error from inside this method
+ * Do atomic reference counting. The value 'op' decides what to do.
+ * If it is +1 then the count is incremented.
+ * If |op| is 0, lock is initialised and count is set to 1.
+ * If |op| is -1, count is decremented and the return value is the current
+ * reference count or 0 if no reference count is active.
+ * It returns -1 on initialisation error.
+ * Used by ASN1_SEQUENCE construct of X509, X509_REQ, X509_CRL objects
  */
-
 int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
 {
 const ASN1_AUX *aux;
@@ -70,18 +71,21 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM 
*it)
 *lck = 1;
 *lock = CRYPTO_THREAD_lock_new();
 if (*lock == NULL) {
-/* FIXME: should report an error (-1) at this point */
-return 0;
+ASN1err(ASN1_F_ASN1_DO_LOCK, ERR_R_MALLOC_FAILURE);
+return -1;
 }
 return 1;
 }
-CRYPTO_atomic_add(lck, op, , *lock);
+if (CRYPTO_atomic_add(lck, op, , *lock) < 0)
+return -1;  /* failed */
 #ifdef REF_PRINT
 fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
 #endif
 REF_ASSERT_ISNT(ret < 0);
-if (ret == 0)
+if (ret == 0) {
 CRYPTO_THREAD_lock_free(*lock);
+*lock = NULL;
+}
 return ret;
 }
 
diff --git a/crypto/include/internal/x509_int.h 
b/crypto/include/internal/x509_int.h
index 6df2919..c5472e1 100644
--- a/crypto/include/internal/x509_int.h
+++ b/crypto/include/internal/x509_int.h
@@ -64,15 +64,15 @@ struct X509_crl_info_st {
 X509_NAME *issuer;  /* CRL issuer name */
 ASN1_TIME *lastUpdate;  /* lastUpdate field */
 ASN1_TIME *nextUpdate;  /* nextUpdate field: optional */
-STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */
+STACK_OF(X509_REVOKED) *revoked;/* revoked entries: optional */
 STACK_OF(X509_EXTENSION) *extensions;   /* extensions: optional */
-ASN1_ENCODING enc;  /* encoding of signed portion of CRL */
+ASN1_ENCODING enc;  /* encoding of signed portion of 
CRL */
 };
 
 struct X509_crl_st {
 X509_CRL_INFO crl;  /* signed CRL data */
 X509_ALGOR sig_alg; /* CRL signature algorithm */
-ASN1_BIT_STRING signature; /* CRL signature */
+ASN1_BIT_STRING signature;  /* CRL signature */
 int references;

[openssl-commits] Build completed: openssl master.3991

2016-06-23 Thread AppVeyor 


Build openssl master.3991 completed



Commit fda827bd92 by Matt Caswell on 6/22/2016 10:22 PM:

Fix client auth test_ssl_new failures when enabling/disabling protocols


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits