[openssl-commits] Build completed: openssl revert-7299-getenv-102.20059
Build openssl revert-7299-getenv-102.20059 completed Commit c3de544c0f by Pauli on 9/24/2018 3:26 AM: Revert "Merge 1.0.2 setuid calls to getenv(3) safety. (#7299)" Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl OpenSSL_1_0_2-stable.20058
Build openssl OpenSSL_1_0_2-stable.20058 failed Commit 1e95aa26c4 by Pauli on 9/24/2018 3:26 AM: Merge 1.0.2 setuid calls to getenv(3) safety. (#7299) Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Broken: openssl/openssl#20795 (OpenSSL_1_0_2-stable - 1e95aa2)
Build Update for openssl/openssl - Build: #20795 Status: Broken Duration: 8 mins and 2 secs Commit: 1e95aa2 (OpenSSL_1_0_2-stable) Author: Pauli Message: Merge 1.0.2 setuid calls to getenv(3) safety. (#7299) Manual merge of #7047 to 1.0.2-stable. View the changeset: https://github.com/openssl/openssl/compare/459b128a2d03...1e95aa26c4cc View the full build log and details: https://travis-ci.org/openssl/openssl/builds/432309197?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#20791 (master - 5c39a55)
Build Update for openssl/openssl - Build: #20791 Status: Errored Duration: 17 mins and 47 secs Commit: 5c39a55 (master) Author: Pauli Message: Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) View the changeset: https://github.com/openssl/openssl/compare/0f58220973a0...5c39a55d04ea View the full build log and details: https://travis-ci.org/openssl/openssl/builds/432289920?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 1abdf08284af055f68c5ece4c7c0efa8f2bf323a (commit) from 4aa1739c111e1390909533e7b2f485bc655c2489 (commit) - Log - commit 1abdf08284af055f68c5ece4c7c0efa8f2bf323a Author: Pauli Date: Mon Sep 24 11:21:18 2018 +1000 Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) (cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d) --- Summary of changes: crypto/build.info | 2 +- crypto/conf/conf_api.c | 7 --- crypto/conf/conf_mod.c | 3 +-- crypto/ct/ct_log.c | 2 +- crypto/engine/eng_list.c | 2 +- crypto/getenv.c| 31 +++ crypto/include/internal/cryptlib.h | 2 ++ crypto/pkcs12/p12_mutl.c | 18 +- crypto/rand/randfile.c | 9 ++--- crypto/x509/by_dir.c | 3 ++- crypto/x509/by_file.c | 2 +- 11 files changed, 55 insertions(+), 26 deletions(-) create mode 100644 crypto/getenv.c diff --git a/crypto/build.info b/crypto/build.info index e693eba..8e15379 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -2,7 +2,7 @@ LIBS=../libcrypto SOURCE[../libcrypto]=\ cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c \ -threads_pthread.c threads_win.c threads_none.c \ +threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \ {- $target{uplink_aux_src} -} EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 79e682a..36c91b1 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -9,11 +9,12 @@ /* Part of the code in here was originally in conf.c, which is now removed */ +#include "e_os.h" +#include "internal/cryptlib.h" #include #include #include #include -#include "e_os.h" static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf); static void value_free_stack_doall(CONF_VALUE *a); @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, if (v != NULL) return (v->value); if (strcmp(section, "ENV") == 0) { -p = getenv(name); +p = ossl_safe_getenv(name); if (p != NULL) return (p); } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, else return (NULL); } else -return (getenv(name)); +return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 543a8ea..7314435 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -478,8 +478,7 @@ char *CONF_get1_default_config_file(void) char *file; int len; -file = getenv("OPENSSL_CONF"); -if (file) +if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL) return OPENSSL_strdup(file); len = strlen(X509_get_default_cert_area()); diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index d442322..881dc98 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *sec int CTLOG_STORE_load_default_file(CTLOG_STORE *store) { -const char *fpath = getenv(CTLOG_FILE_EVP); +const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP); if (fpath == NULL) fpath = CTLOG_FILE; diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 934389f..fcab415 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -322,7 +322,7 @@ ENGINE *ENGINE_by_id(const char *id) * Prevent infinite recursion if we're looking for the dynamic engine. */ if (strcmp(id, "dynamic")) { -if ((load_dir = getenv("OPENSSL_ENGINES")) == 0) +if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL) load_dir = ENGINESDIR; iterator = ENGINE_by_id("dynamic"); if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || diff --git a/crypto/getenv.c b/crypto/getenv.c new file mode 100644 index 000..7e98b64 --- /dev/null +++ b/crypto/getenv.c @@
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 79c2c741303ed188214b9299a51c837635f7e9a8 (commit) from 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (commit) - Log - commit 79c2c741303ed188214b9299a51c837635f7e9a8 Author: Pauli Date: Mon Sep 24 11:21:18 2018 +1000 Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) (cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d) --- Summary of changes: crypto/build.info | 2 +- crypto/conf/conf_api.c | 5 +++-- crypto/conf/conf_mod.c | 7 ++- crypto/ct/ct_log.c | 2 +- crypto/engine/eng_list.c| 3 +-- crypto/getenv.c | 31 +++ crypto/pkcs12/p12_mutl.c| 18 +- crypto/rand/randfile.c | 6 ++ crypto/x509/by_dir.c| 2 +- crypto/x509/by_file.c | 2 +- include/internal/cryptlib.h | 2 ++ 11 files changed, 54 insertions(+), 26 deletions(-) create mode 100644 crypto/getenv.c diff --git a/crypto/build.info b/crypto/build.info index b515b73..2c619c6 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -2,7 +2,7 @@ LIBS=../libcrypto SOURCE[../libcrypto]=\ cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ -threads_pthread.c threads_win.c threads_none.c \ +threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \ {- $target{uplink_aux_src} -} EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 72fe2da..5e57d74 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -10,6 +10,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include "e_os.h" +#include "internal/cryptlib.h" #include #include #include @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, if (v != NULL) return v->value; if (strcmp(section, "ENV") == 0) { -p = getenv(name); +p = ossl_safe_getenv(name); if (p != NULL) return p; } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, else return NULL; } else -return getenv(name); +return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index df53609..51f262e 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void) char *file, *sep = ""; int len; -if (!OPENSSL_issetugid()) { -file = getenv("OPENSSL_CONF"); -if (file) -return OPENSSL_strdup(file); -} +if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL) +return OPENSSL_strdup(file); len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index be6681d..c1bca3e 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *sec int CTLOG_STORE_load_default_file(CTLOG_STORE *store) { -const char *fpath = getenv(CTLOG_FILE_EVP); +const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP); if (fpath == NULL) fpath = CTLOG_FILE; diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 4bc7ea1..45c339c 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id) * Prevent infinite recursion if we're looking for the dynamic engine. */ if (strcmp(id, "dynamic")) { -if (OPENSSL_issetugid() -|| (load_dir = getenv("OPENSSL_ENGINES")) == NULL) +if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL) load_dir = ENGINESDIR; iterator = ENGINE_by_id("dynamic"); if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || diff --git a/crypto/getenv.c b/crypto/getenv.c new file mode 100644 index 000..7e98b64 --- /dev/null +++ b/crypto/getenv.c @@ -0,0 +1,31 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All
[openssl-commits] [openssl] master update
The branch master has been updated via 5c39a55d04ea6e6f734b627a050b9e702788d50d (commit) from 0f58220973a02248ca5c69db59e615378467b9c8 (commit) - Log - commit 5c39a55d04ea6e6f734b627a050b9e702788d50d Author: Pauli Date: Mon Sep 24 11:21:18 2018 +1000 Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) --- Summary of changes: crypto/build.info | 2 +- crypto/conf/conf_api.c | 5 +++-- crypto/conf/conf_mod.c | 7 ++- crypto/ct/ct_log.c | 2 +- crypto/engine/eng_list.c| 3 +-- crypto/getenv.c | 31 +++ crypto/pkcs12/p12_mutl.c| 18 +- crypto/rand/randfile.c | 6 ++ crypto/x509/by_dir.c| 2 +- crypto/x509/by_file.c | 2 +- include/internal/cryptlib.h | 2 ++ 11 files changed, 54 insertions(+), 26 deletions(-) create mode 100644 crypto/getenv.c diff --git a/crypto/build.info b/crypto/build.info index b515b73..2c619c6 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -2,7 +2,7 @@ LIBS=../libcrypto SOURCE[../libcrypto]=\ cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ -threads_pthread.c threads_win.c threads_none.c \ +threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \ {- $target{uplink_aux_src} -} EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 72fe2da..5e57d74 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -10,6 +10,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include "e_os.h" +#include "internal/cryptlib.h" #include #include #include @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, if (v != NULL) return v->value; if (strcmp(section, "ENV") == 0) { -p = getenv(name); +p = ossl_safe_getenv(name); if (p != NULL) return p; } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, else return NULL; } else -return getenv(name); +return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index df53609..51f262e 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void) char *file, *sep = ""; int len; -if (!OPENSSL_issetugid()) { -file = getenv("OPENSSL_CONF"); -if (file) -return OPENSSL_strdup(file); -} +if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL) +return OPENSSL_strdup(file); len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index be6681d..c1bca3e 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *sec int CTLOG_STORE_load_default_file(CTLOG_STORE *store) { -const char *fpath = getenv(CTLOG_FILE_EVP); +const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP); if (fpath == NULL) fpath = CTLOG_FILE; diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 4bc7ea1..45c339c 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id) * Prevent infinite recursion if we're looking for the dynamic engine. */ if (strcmp(id, "dynamic")) { -if (OPENSSL_issetugid() -|| (load_dir = getenv("OPENSSL_ENGINES")) == NULL) +if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL) load_dir = ENGINESDIR; iterator = ENGINE_by_id("dynamic"); if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || diff --git a/crypto/getenv.c b/crypto/getenv.c new file mode 100644 index 000..7e98b64 --- /dev/null +++ b/crypto/getenv.c @@ -0,0 +1,31 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use +
[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 0f58220973 Create the .rnd file it it does not exist 46d085096c typo-fixes: miscellaneous typo fixes f39a02c68a Fix the max psk len for TLSv1.3 cd6fe29f5b Add a test for the certificate callback 524006dd1b Delay setting the sig algs until after the cert_cb has been called dda5396aae crypto/bn/asm/x86_64-gcc.c: remove unnecessary redefinition of BN_ULONG Build log ended with (last 100 lines): ../../openssl/test/recipes/80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_dtlsv1listen.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_ocsp.t (Wstat: 768 Tests: 11 Failed: 3) Failed tests: 1, 10-11 Non-zero exit status: 3 ../../openssl/test/recipes/80-test_pkcs12.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_ssl_new.t(Wstat: 6656 Tests: 27 Failed: 26) Failed tests: 1-21, 23-27 Non-zero exit status: 26 ../../openssl/test/recipes/80-test_ssl_old.t(Wstat: 1280 Tests: 6 Failed: 5) Failed tests: 1-2, 4-6 Non-zero exit status: 5 ../../openssl/test/recipes/80-test_ssl_test_ctx.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_tsa.t(Wstat: 256 Tests: 20 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_x509aux.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_asn1_time.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_async.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_bio_enc.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_constant_time.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_fatalerr.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_gmdiff.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_ige.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_includes.t (Wstat: 768 Tests: 3 Failed: 3) Failed tests: 1-3 Non-zero exit status: 3 ../../openssl/test/recipes/90-test_memleak.t(Wstat: 512 Tests: 2 Failed: 2) Failed tests: 1-2 Non-zero exit status: 2 ../../openssl/test/recipes/90-test_overhead.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_secmem.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_srp.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sslapi.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sslbuffers.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sysdefault.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_threads.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_time_offset.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_tls13ccs.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_tls13encryption.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_v3name.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/99-test_fuzz.t (Wstat: 2816 Tests: 11 Failed: 11) Failed tests: 1-11 Non-zero exit status: 11 Files=152, Tests=860,
[openssl-commits] Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEcf-2B75FkFkxwwFKGZV8c1xA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2WgZC0KnceY7kNrcdLm-2F97e5cPnmuhym0ysZdXni2UNXGpHWbpUCpg3m6W7xHXDdo6nWfTGNlxxtw16i-2B6oPDzHTaLqd1vd0PzxrCUuWxRKK-2F9-2Fh8xDnkuV0ZhrKYTenpjiDHjFgpUCfSMfBnjALLgN-2FM0EkbHp47zU-2BH489wY6iCRcp9rFA26ZwJ6OwjsE9s-3D Build ID: 229075 Analysis Summary: New defects found: 0 Defects eliminated: 0 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Coverity Scan: Analysis completed for OpenSSL-1.0.2
Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEeuRTZVWU4ku8PUBnVPw8PQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3d7kZVt0KAkcA63FxufpMwGY8Ohvu9q06TYbV23W-2BFWbRb5nvvAEK1XnB0XbEU-2FPF-2BsreL2eih-2B1BhXyKtiINulByOrG0AOLp6Yq9CzCzVrQwI8H9GdMA6a0wf3WSiSDCOqSQhLNLiXGKoNod5gDOopoOt3zNdLn-2BnVcJBevd3eCigtZq4LD6WHgfsPyOPY94-3D Build ID: 229076 Analysis Summary: New defects found: 0 Defects eliminated: 0 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (commit) from c257f61f1082d19c7b6f81454fcb543b950d60eb (commit) - Log - commit 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e Author: Bernd Edlinger Date: Thu Sep 13 18:25:37 2018 +0200 Create the .rnd file it it does not exist It's a bit annoying, since some commands try to read a .rnd file, and print an error message if the file does not exist. But previously a .rnd file was created on exit, and that does no longer happen. Fixed by continuing in app_RAND_load_conf regardless of the error in RAND_load_file. If the random number generator is still not initalized on exit, the function RAND_write_file will fail and no .rnd file would be created. Remove RANDFILE from openssl.cnf Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/7217) (cherry picked from commit 0f58220973a02248ca5c69db59e615378467b9c8) --- Summary of changes: apps/app_rand.c | 1 - apps/openssl-vms.cnf | 2 -- apps/openssl.cnf | 2 -- 3 files changed, 5 deletions(-) diff --git a/apps/app_rand.c b/apps/app_rand.c index 28caad4..d0b2e83 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -26,7 +26,6 @@ void app_RAND_load_conf(CONF *c, const char *section) if (RAND_load_file(randfile, -1) < 0) { BIO_printf(bio_err, "Can't load %s into RNG\n", randfile); ERR_print_errors(bio_err); -return; } if (save_rand_file == NULL) save_rand_file = OPENSSL_strdup(randfile); diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index f4a2511..178a0b0 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -10,7 +10,6 @@ # This definition stops the following lines choking if HOME isn't # defined. HOME = . -RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid @@ -57,7 +56,6 @@ crlnumber = $dir]crlnumber. # the current crl number # must be commented out to leave a V1 CRL crl= $dir]crl.pem # The current CRL private_key= $dir.private]cakey.pem# The private key -RANDFILE = $dir.private].rand# private random number file x509_extensions= usr_cert # The extensions to add to the cert diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 7d1a8bb..6df2878 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -10,7 +10,6 @@ # This definition stops the following lines choking if HOME isn't # defined. HOME = . -RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid @@ -57,7 +56,6 @@ crlnumber = $dir/crlnumber# the current crl number # must be commented out to leave a V1 CRL crl= $dir/crl.pem # The current CRL private_key= $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand# private random number file x509_extensions= usr_cert # The extensions to add to the cert _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 0f58220973a02248ca5c69db59e615378467b9c8 (commit) from 46d085096c6ead624c61e4b8b301421301511e64 (commit) - Log - commit 0f58220973a02248ca5c69db59e615378467b9c8 Author: Bernd Edlinger Date: Thu Sep 13 18:25:37 2018 +0200 Create the .rnd file it it does not exist It's a bit annoying, since some commands try to read a .rnd file, and print an error message if the file does not exist. But previously a .rnd file was created on exit, and that does no longer happen. Fixed by continuing in app_RAND_load_conf regardless of the error in RAND_load_file. If the random number generator is still not initalized on exit, the function RAND_write_file will fail and no .rnd file would be created. Remove RANDFILE from openssl.cnf Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/7217) --- Summary of changes: apps/app_rand.c | 1 - apps/openssl-vms.cnf | 2 -- apps/openssl.cnf | 2 -- 3 files changed, 5 deletions(-) diff --git a/apps/app_rand.c b/apps/app_rand.c index 28caad4..d0b2e83 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -26,7 +26,6 @@ void app_RAND_load_conf(CONF *c, const char *section) if (RAND_load_file(randfile, -1) < 0) { BIO_printf(bio_err, "Can't load %s into RNG\n", randfile); ERR_print_errors(bio_err); -return; } if (save_rand_file == NULL) save_rand_file = OPENSSL_strdup(randfile); diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index f4a2511..178a0b0 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -10,7 +10,6 @@ # This definition stops the following lines choking if HOME isn't # defined. HOME = . -RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid @@ -57,7 +56,6 @@ crlnumber = $dir]crlnumber. # the current crl number # must be commented out to leave a V1 CRL crl= $dir]crl.pem # The current CRL private_key= $dir.private]cakey.pem# The private key -RANDFILE = $dir.private].rand# private random number file x509_extensions= usr_cert # The extensions to add to the cert diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 7d1a8bb..6df2878 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -10,7 +10,6 @@ # This definition stops the following lines choking if HOME isn't # defined. HOME = . -RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid @@ -57,7 +56,6 @@ crlnumber = $dir/crlnumber# the current crl number # must be commented out to leave a V1 CRL crl= $dir/crl.pem # The current CRL private_key= $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand# private random number file x509_extensions= usr_cert # The extensions to add to the cert _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits