[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 72ea4b8de29bd29dcc44b3d3a73660fe4d1bba40 (commit) from 9fa506681c842bf9b27ddf4ea8579c4695be3bfa (commit) - Log - commit 72ea4b8de29bd29dcc44b3d3a73660fe4d1bba40 Author: Viktor DukhovniDate: Fri Nov 25 00:38:04 2016 -0500 Restore last-resort expired untrusted intermediate issuers Reviewed-by: Matt Caswell --- Summary of changes: crypto/x509/x509_vfy.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 9fbef11..ebc4424 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -308,16 +308,17 @@ int X509_verify_cert(X509_STORE_CTX *ctx) static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) { int i; +X509 *issuer, *rv = NULL; for (i = 0; i < sk_X509_num(sk); i++) { -X509 *issuer = sk_X509_value(sk, i); - -if (!ctx->check_issued(ctx, x, issuer)) -continue; -if (x509_check_cert_time(ctx, issuer, -1)) -return issuer; +issuer = sk_X509_value(sk, i); +if (ctx->check_issued(ctx, x, issuer)) { +rv = issuer; +if (x509_check_cert_time(ctx, rv, -1)) +break; +} } -return NULL; +return rv; } /* Given a possible certificate and issuer check them */ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.6759
Build openssl master.6759 completed Commit ef2bf0f57c by Kurt Roeckx on 12/2/2016 11:14 PM: Run a some tests with -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via ef2bf0f57c2282d3b4fd47138052d0ab9a8f2b6a (commit) via d69d8f904c9c558c7a9455ee816e494690d80ca8 (commit) via 0282aeb690d63fab73a07191b63300a2fe30d212 (commit) via 1b6a77a1a0e524492bf26495c19b728730e6b585 (commit) via 3a9b9b2deb8e19fa10e7c3c99ad0baa2f90f13fa (commit) via 3a85d05fb3977ddc3b2f97cf4641b73e10bb952b (commit) via 8087bcb323ce097329eb367fcba945dc2a266def (commit) via 7d22cceeccb4d3daf53151d164d6c4bca6d26089 (commit) via da15cb7cd99be8dac3d28f78a0cf97437e9f5fac (commit) via ad4da7fbc0779fb1730c9862221e19583de69f4f (commit) via baae2cbc92accf4fa53a7b8faaf3df1153c943f5 (commit) via f3e911d5ed16db6a129306675e20e51d1ee81e1a (commit) from 82cb311fa0e1096bc6840fd92973d9b418ff5dde (commit) - Log - commit ef2bf0f57c2282d3b4fd47138052d0ab9a8f2b6a Author: Kurt RoeckxDate: Fri Dec 2 19:49:34 2016 +0100 Run a some tests with -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION The fuzzers use -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION, and actually get different results based on that. We should have at least some targets that actually fully use the fuzz corpora. Reviewed-by: Rich Salz GH: #2023 commit d69d8f904c9c558c7a9455ee816e494690d80ca8 Author: Kurt Roeckx Date: Fri Dec 2 19:34:54 2016 +0100 Make the fuzzers more reproducible We want to be in the same global state each time we come in FuzzerTestOneInput(). There are various reasons why we might not be that include: - Initialization that happens on first use. This is mostly the RUN_ONCE() things, or loading of error strings. - Results that get cached. For instance a stack that is sorted, RSA blinding that has been set up, ... So I try to trigger as much as possible in FuzzerInitialize(), and for things I didn't find out how to trigger this it needs to happen in FuzzerTestOneInput(). Reviewed-by: Rich Salz GH: #2023 commit 0282aeb690d63fab73a07191b63300a2fe30d212 Author: Kurt Roeckx Date: Fri Dec 2 19:26:31 2016 +0100 Move libfuzzer sanitizer options to README This is something you might want to change depending on the version to use, there is no point in us fixing this to something. Reviewed-by: Rich Salz GH: #2023 commit 1b6a77a1a0e524492bf26495c19b728730e6b585 Author: Kurt Roeckx Date: Sat Nov 19 17:50:33 2016 +0100 CMS fuzzer: also use id2 Reviewed-by: Rich Salz GH: #2023 commit 3a9b9b2deb8e19fa10e7c3c99ad0baa2f90f13fa Author: Kurt Roeckx Date: Sat Nov 19 17:20:34 2016 +0100 Make the random number generator predictable when fuzzing. Reviewed-by: Rich Salz GH: #2023 commit 3a85d05fb3977ddc3b2f97cf4641b73e10bb952b Author: Kurt Roeckx Date: Sat Nov 19 17:15:43 2016 +0100 Use 8bit-counters when using libfuzzer Reviewed-by: Rich Salz GH: #2023 commit 8087bcb323ce097329eb367fcba945dc2a266def Author: Kurt Roeckx Date: Sat Nov 19 21:00:21 2016 +0100 bndiv fuzzer: move new and free calls to the init and cleanup function. Reviewed-by: Rich Salz GH: #2023 commit 7d22cceeccb4d3daf53151d164d6c4bca6d26089 Author: Kurt Roeckx Date: Sat Nov 19 19:26:19 2016 +0100 bignum fuzzer: move new and free calls to the init and cleanup function. Reviewed-by: Rich Salz GH: #2023 commit da15cb7cd99be8dac3d28f78a0cf97437e9f5fac Author: Kurt Roeckx Date: Sat Nov 19 17:24:39 2016 +0100 asn1parse: create the out bio during init, free it during cleanup Reviewed-by: Rich Salz GH: #2023 commit ad4da7fbc0779fb1730c9862221e19583de69f4f Author: Kurt Roeckx Date: Sat Nov 19 17:13:10 2016 +0100 Add a FuzzerClean() function This allows to free everything we allocated, so we can detect memory leaks. Reviewed-by: Rich Salz GH: #2023 commit baae2cbc92accf4fa53a7b8faaf3df1153c943f5 Author: Kurt Roeckx Date: Sat Nov 19 17:12:11 2016 +0100 FuzzerInitialize always exists There was a time it could be NULL, but that was changed to always have it. Reviewed-by: Rich Salz GH: #2023 commit f3e911d5ed16db6a129306675e20e51d1ee81e1a Author: Kurt Roeckx Date: Sat Nov 19 17:10:35 2016 +0100 Fix formatting of fuzzers Reviewed-by: Rich Salz GH: #2023 --- Summary of
[openssl-commits] Build failed: openssl master.6758
Build openssl master.6758 failed Commit 8eebb3f1d2 by Kurt Roeckx on 12/2/2016 7:06 PM: Update server fuzz corpus Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6757
Build openssl master.6757 failed Commit a90932826b by Kurt Roeckx on 12/2/2016 7:06 PM: Update server fuzz corpus Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.6754
Build openssl master.6754 completed Commit e0b2821192 by Robbie Harwood on 12/1/2016 7:35 PM: Update external test README for running krb5 Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6753
Build openssl master.6753 failed Commit fb53355ac7 by Matt Caswell on 12/2/2016 5:14 PM: Update SSL_trace to understand TLSv1.3 Certificates Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.6752
Build openssl master.6752 completed Commit 75f4cfb0a9 by Davide Galassi on 12/2/2016 4:10 PM: Avoid the call to OPENSSL_malloc with a negative value (then casted to unsigned) Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6751
Build openssl master.6751 failed Commit 77da143904 by Richard Levitte on 12/2/2016 4:22 PM: [to be squashed] correct initializer in the file loader Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6750
Build openssl master.6750 failed Commit 07a612e373 by Matt Caswell on 12/2/2016 2:46 PM: Implement TLSv1.3 style CertificateStatus Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6749
Build openssl master.6749 failed Commit f459d92452 by Richard Levitte on 12/2/2016 3:21 PM: [to be squashed] add a PUBKEY reader to the file loader Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6748
Build openssl master.6748 failed Commit 2d86c93039 by Richard Levitte on 12/2/2016 2:50 PM: [to be squashed] avoid incompatible typedef Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6747
Build openssl master.6747 failed Commit a55448c597 by Richard Levitte on 12/2/2016 2:42 PM: [to be squashed] Fix memleaks in storeutl Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6746
Build openssl master.6746 failed Commit 9c124d9f31 by Richard Levitte on 12/2/2016 1:51 PM: [to be squashed] make update Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.6745
Build openssl master.6745 failed Commit cf9a9e6bea by Richard Levitte on 12/2/2016 1:32 PM: [to be squashed] add forgotten STORE_FILE_HANDLER library functions Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 82cb311fa0e1096bc6840fd92973d9b418ff5dde (commit) from bcd62c2512dd031cc524d058494aadebaaf1fc4c (commit) - Log - commit 82cb311fa0e1096bc6840fd92973d9b418ff5dde Author: Matt CaswellDate: Thu Dec 1 13:24:09 2016 + Fix a typo in bio_read_intern Reviewed-by: Stephen Henson --- Summary of changes: crypto/bio/bio_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 4c2af7d7..67acac3 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -269,7 +269,7 @@ static int bio_read_intern(BIO *b, void *data, size_t dlen, size_t *readbytes) ret = b->method->bread(b, data, dlen, readbytes); if (ret > 0) -b->num_read += (uint64_t)*read; +b->num_read += (uint64_t)*readbytes; if (b->callback != NULL || b->callback_ex != NULL) ret = (int)bio_call_callback(b, BIO_CB_READ | BIO_CB_RETURN, data, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits