[openssl-commits] Build completed: openssl revert-7299-getenv-102.20059
Build openssl revert-7299-getenv-102.20059 completed Commit c3de544c0f by Pauli on 9/24/2018 3:26 AM: Revert "Merge 1.0.2 setuid calls to getenv(3) safety. (#7299)" Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl OpenSSL_1_0_2-stable.20058
Build openssl OpenSSL_1_0_2-stable.20058 failed Commit 1e95aa26c4 by Pauli on 9/24/2018 3:26 AM: Merge 1.0.2 setuid calls to getenv(3) safety. (#7299) Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Broken: openssl/openssl#20795 (OpenSSL_1_0_2-stable - 1e95aa2)
Build Update for openssl/openssl - Build: #20795 Status: Broken Duration: 8 mins and 2 secs Commit: 1e95aa2 (OpenSSL_1_0_2-stable) Author: Pauli Message: Merge 1.0.2 setuid calls to getenv(3) safety. (#7299) Manual merge of #7047 to 1.0.2-stable. View the changeset: https://github.com/openssl/openssl/compare/459b128a2d03...1e95aa26c4cc View the full build log and details: https://travis-ci.org/openssl/openssl/builds/432309197?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#20791 (master - 5c39a55)
Build Update for openssl/openssl - Build: #20791 Status: Errored Duration: 17 mins and 47 secs Commit: 5c39a55 (master) Author: Pauli Message: Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/7047) View the changeset: https://github.com/openssl/openssl/compare/0f58220973a0...5c39a55d04ea View the full build log and details: https://travis-ci.org/openssl/openssl/builds/432289920?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 1abdf08284af055f68c5ece4c7c0efa8f2bf323a (commit)
from 4aa1739c111e1390909533e7b2f485bc655c2489 (commit)
- Log -
commit 1abdf08284af055f68c5ece4c7c0efa8f2bf323a
Author: Pauli
Date: Mon Sep 24 11:21:18 2018 +1000
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger
(Merged from https://github.com/openssl/openssl/pull/7047)
(cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d)
---
Summary of changes:
crypto/build.info | 2 +-
crypto/conf/conf_api.c | 7 ---
crypto/conf/conf_mod.c | 3 +--
crypto/ct/ct_log.c | 2 +-
crypto/engine/eng_list.c | 2 +-
crypto/getenv.c| 31 +++
crypto/include/internal/cryptlib.h | 2 ++
crypto/pkcs12/p12_mutl.c | 18 +-
crypto/rand/randfile.c | 9 ++---
crypto/x509/by_dir.c | 3 ++-
crypto/x509/by_file.c | 2 +-
11 files changed, 55 insertions(+), 26 deletions(-)
create mode 100644 crypto/getenv.c
diff --git a/crypto/build.info b/crypto/build.info
index e693eba..8e15379 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -2,7 +2,7 @@ LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c \
-threads_pthread.c threads_win.c threads_none.c \
+threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
{- $target{uplink_aux_src} -}
EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index 79e682a..36c91b1 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -9,11 +9,12 @@
/* Part of the code in here was originally in conf.c, which is now removed */
+#include "e_os.h"
+#include "internal/cryptlib.h"
#include
#include
#include
#include
-#include "e_os.h"
static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf);
static void value_free_stack_doall(CONF_VALUE *a);
@@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
if (v != NULL)
return (v->value);
if (strcmp(section, "ENV") == 0) {
-p = getenv(name);
+p = ossl_safe_getenv(name);
if (p != NULL)
return (p);
}
@@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
else
return (NULL);
} else
-return (getenv(name));
+return ossl_safe_getenv(name);
}
static unsigned long conf_value_hash(const CONF_VALUE *v)
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 543a8ea..7314435 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -478,8 +478,7 @@ char *CONF_get1_default_config_file(void)
char *file;
int len;
-file = getenv("OPENSSL_CONF");
-if (file)
+if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL)
return OPENSSL_strdup(file);
len = strlen(X509_get_default_cert_area());
diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c
index d442322..881dc98 100644
--- a/crypto/ct/ct_log.c
+++ b/crypto/ct/ct_log.c
@@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF
*conf, const char *sec
int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
{
-const char *fpath = getenv(CTLOG_FILE_EVP);
+const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
if (fpath == NULL)
fpath = CTLOG_FILE;
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index 934389f..fcab415 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -322,7 +322,7 @@ ENGINE *ENGINE_by_id(const char *id)
* Prevent infinite recursion if we're looking for the dynamic engine.
*/
if (strcmp(id, "dynamic")) {
-if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
+if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL)
load_dir = ENGINESDIR;
iterator = ENGINE_by_id("dynamic");
if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
diff --git a/crypto/getenv.c b/crypto/getenv.c
new file mode 100644
index 000..7e98b64
--- /dev/null
+++ b/crypto/getenv.c
@@
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 79c2c741303ed188214b9299a51c837635f7e9a8 (commit)
from 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (commit)
- Log -
commit 79c2c741303ed188214b9299a51c837635f7e9a8
Author: Pauli
Date: Mon Sep 24 11:21:18 2018 +1000
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger
(Merged from https://github.com/openssl/openssl/pull/7047)
(cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d)
---
Summary of changes:
crypto/build.info | 2 +-
crypto/conf/conf_api.c | 5 +++--
crypto/conf/conf_mod.c | 7 ++-
crypto/ct/ct_log.c | 2 +-
crypto/engine/eng_list.c| 3 +--
crypto/getenv.c | 31 +++
crypto/pkcs12/p12_mutl.c| 18 +-
crypto/rand/randfile.c | 6 ++
crypto/x509/by_dir.c| 2 +-
crypto/x509/by_file.c | 2 +-
include/internal/cryptlib.h | 2 ++
11 files changed, 54 insertions(+), 26 deletions(-)
create mode 100644 crypto/getenv.c
diff --git a/crypto/build.info b/crypto/build.info
index b515b73..2c619c6 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -2,7 +2,7 @@ LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
-threads_pthread.c threads_win.c threads_none.c \
+threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
{- $target{uplink_aux_src} -}
EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index 72fe2da..5e57d74 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -10,6 +10,7 @@
/* Part of the code in here was originally in conf.c, which is now removed */
#include "e_os.h"
+#include "internal/cryptlib.h"
#include
#include
#include
@@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
if (v != NULL)
return v->value;
if (strcmp(section, "ENV") == 0) {
-p = getenv(name);
+p = ossl_safe_getenv(name);
if (p != NULL)
return p;
}
@@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
else
return NULL;
} else
-return getenv(name);
+return ossl_safe_getenv(name);
}
static unsigned long conf_value_hash(const CONF_VALUE *v)
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index df53609..51f262e 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void)
char *file, *sep = "";
int len;
-if (!OPENSSL_issetugid()) {
-file = getenv("OPENSSL_CONF");
-if (file)
-return OPENSSL_strdup(file);
-}
+if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL)
+return OPENSSL_strdup(file);
len = strlen(X509_get_default_cert_area());
#ifndef OPENSSL_SYS_VMS
diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c
index be6681d..c1bca3e 100644
--- a/crypto/ct/ct_log.c
+++ b/crypto/ct/ct_log.c
@@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF
*conf, const char *sec
int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
{
-const char *fpath = getenv(CTLOG_FILE_EVP);
+const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
if (fpath == NULL)
fpath = CTLOG_FILE;
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index 4bc7ea1..45c339c 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id)
* Prevent infinite recursion if we're looking for the dynamic engine.
*/
if (strcmp(id, "dynamic")) {
-if (OPENSSL_issetugid()
-|| (load_dir = getenv("OPENSSL_ENGINES")) == NULL)
+if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL)
load_dir = ENGINESDIR;
iterator = ENGINE_by_id("dynamic");
if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
diff --git a/crypto/getenv.c b/crypto/getenv.c
new file mode 100644
index 000..7e98b64
--- /dev/null
+++ b/crypto/getenv.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2018 The OpenSSL Project Authors. All
[openssl-commits] [openssl] master update
The branch master has been updated
via 5c39a55d04ea6e6f734b627a050b9e702788d50d (commit)
from 0f58220973a02248ca5c69db59e615378467b9c8 (commit)
- Log -
commit 5c39a55d04ea6e6f734b627a050b9e702788d50d
Author: Pauli
Date: Mon Sep 24 11:21:18 2018 +1000
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger
(Merged from https://github.com/openssl/openssl/pull/7047)
---
Summary of changes:
crypto/build.info | 2 +-
crypto/conf/conf_api.c | 5 +++--
crypto/conf/conf_mod.c | 7 ++-
crypto/ct/ct_log.c | 2 +-
crypto/engine/eng_list.c| 3 +--
crypto/getenv.c | 31 +++
crypto/pkcs12/p12_mutl.c| 18 +-
crypto/rand/randfile.c | 6 ++
crypto/x509/by_dir.c| 2 +-
crypto/x509/by_file.c | 2 +-
include/internal/cryptlib.h | 2 ++
11 files changed, 54 insertions(+), 26 deletions(-)
create mode 100644 crypto/getenv.c
diff --git a/crypto/build.info b/crypto/build.info
index b515b73..2c619c6 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -2,7 +2,7 @@ LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
-threads_pthread.c threads_win.c threads_none.c \
+threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
{- $target{uplink_aux_src} -}
EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index 72fe2da..5e57d74 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -10,6 +10,7 @@
/* Part of the code in here was originally in conf.c, which is now removed */
#include "e_os.h"
+#include "internal/cryptlib.h"
#include
#include
#include
@@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
if (v != NULL)
return v->value;
if (strcmp(section, "ENV") == 0) {
-p = getenv(name);
+p = ossl_safe_getenv(name);
if (p != NULL)
return p;
}
@@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
else
return NULL;
} else
-return getenv(name);
+return ossl_safe_getenv(name);
}
static unsigned long conf_value_hash(const CONF_VALUE *v)
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index df53609..51f262e 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void)
char *file, *sep = "";
int len;
-if (!OPENSSL_issetugid()) {
-file = getenv("OPENSSL_CONF");
-if (file)
-return OPENSSL_strdup(file);
-}
+if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL)
+return OPENSSL_strdup(file);
len = strlen(X509_get_default_cert_area());
#ifndef OPENSSL_SYS_VMS
diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c
index be6681d..c1bca3e 100644
--- a/crypto/ct/ct_log.c
+++ b/crypto/ct/ct_log.c
@@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF
*conf, const char *sec
int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
{
-const char *fpath = getenv(CTLOG_FILE_EVP);
+const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
if (fpath == NULL)
fpath = CTLOG_FILE;
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index 4bc7ea1..45c339c 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id)
* Prevent infinite recursion if we're looking for the dynamic engine.
*/
if (strcmp(id, "dynamic")) {
-if (OPENSSL_issetugid()
-|| (load_dir = getenv("OPENSSL_ENGINES")) == NULL)
+if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL)
load_dir = ENGINESDIR;
iterator = ENGINE_by_id("dynamic");
if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
diff --git a/crypto/getenv.c b/crypto/getenv.c
new file mode 100644
index 000..7e98b64
--- /dev/null
+++ b/crypto/getenv.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+
[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 0f58220973 Create the .rnd file it it does not exist 46d085096c typo-fixes: miscellaneous typo fixes f39a02c68a Fix the max psk len for TLSv1.3 cd6fe29f5b Add a test for the certificate callback 524006dd1b Delay setting the sig algs until after the cert_cb has been called dda5396aae crypto/bn/asm/x86_64-gcc.c: remove unnecessary redefinition of BN_ULONG Build log ended with (last 100 lines): ../../openssl/test/recipes/80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_dtlsv1listen.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_ocsp.t (Wstat: 768 Tests: 11 Failed: 3) Failed tests: 1, 10-11 Non-zero exit status: 3 ../../openssl/test/recipes/80-test_pkcs12.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_ssl_new.t(Wstat: 6656 Tests: 27 Failed: 26) Failed tests: 1-21, 23-27 Non-zero exit status: 26 ../../openssl/test/recipes/80-test_ssl_old.t(Wstat: 1280 Tests: 6 Failed: 5) Failed tests: 1-2, 4-6 Non-zero exit status: 5 ../../openssl/test/recipes/80-test_ssl_test_ctx.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_tsa.t(Wstat: 256 Tests: 20 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/80-test_x509aux.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_asn1_time.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_async.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_bio_enc.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_constant_time.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_fatalerr.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_gmdiff.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_ige.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_includes.t (Wstat: 768 Tests: 3 Failed: 3) Failed tests: 1-3 Non-zero exit status: 3 ../../openssl/test/recipes/90-test_memleak.t(Wstat: 512 Tests: 2 Failed: 2) Failed tests: 1-2 Non-zero exit status: 2 ../../openssl/test/recipes/90-test_overhead.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_secmem.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_srp.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sslapi.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sslbuffers.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_sysdefault.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_threads.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_time_offset.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_tls13ccs.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_tls13encryption.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/90-test_v3name.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/99-test_fuzz.t (Wstat: 2816 Tests: 11 Failed: 11) Failed tests: 1-11 Non-zero exit status: 11 Files=152, Tests=860,
[openssl-commits] Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEcf-2B75FkFkxwwFKGZV8c1xA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2WgZC0KnceY7kNrcdLm-2F97e5cPnmuhym0ysZdXni2UNXGpHWbpUCpg3m6W7xHXDdo6nWfTGNlxxtw16i-2B6oPDzHTaLqd1vd0PzxrCUuWxRKK-2F9-2Fh8xDnkuV0ZhrKYTenpjiDHjFgpUCfSMfBnjALLgN-2FM0EkbHp47zU-2BH489wY6iCRcp9rFA26ZwJ6OwjsE9s-3D Build ID: 229075 Analysis Summary: New defects found: 0 Defects eliminated: 0 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Coverity Scan: Analysis completed for OpenSSL-1.0.2
Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEeuRTZVWU4ku8PUBnVPw8PQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3d7kZVt0KAkcA63FxufpMwGY8Ohvu9q06TYbV23W-2BFWbRb5nvvAEK1XnB0XbEU-2FPF-2BsreL2eih-2B1BhXyKtiINulByOrG0AOLp6Yq9CzCzVrQwI8H9GdMA6a0wf3WSiSDCOqSQhLNLiXGKoNod5gDOopoOt3zNdLn-2BnVcJBevd3eCigtZq4LD6WHgfsPyOPY94-3D Build ID: 229076 Analysis Summary: New defects found: 0 Defects eliminated: 0 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (commit)
from c257f61f1082d19c7b6f81454fcb543b950d60eb (commit)
- Log -
commit 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e
Author: Bernd Edlinger
Date: Thu Sep 13 18:25:37 2018 +0200
Create the .rnd file it it does not exist
It's a bit annoying, since some commands try to read a .rnd file,
and print an error message if the file does not exist.
But previously a .rnd file was created on exit, and that does no longer
happen.
Fixed by continuing in app_RAND_load_conf regardless of the error in
RAND_load_file.
If the random number generator is still not initalized on exit, the
function RAND_write_file will fail and no .rnd file would be created.
Remove RANDFILE from openssl.cnf
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/7217)
(cherry picked from commit 0f58220973a02248ca5c69db59e615378467b9c8)
---
Summary of changes:
apps/app_rand.c | 1 -
apps/openssl-vms.cnf | 2 --
apps/openssl.cnf | 2 --
3 files changed, 5 deletions(-)
diff --git a/apps/app_rand.c b/apps/app_rand.c
index 28caad4..d0b2e83 100644
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -26,7 +26,6 @@ void app_RAND_load_conf(CONF *c, const char *section)
if (RAND_load_file(randfile, -1) < 0) {
BIO_printf(bio_err, "Can't load %s into RNG\n", randfile);
ERR_print_errors(bio_err);
-return;
}
if (save_rand_file == NULL)
save_rand_file = OPENSSL_strdup(randfile);
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index f4a2511..178a0b0 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -10,7 +10,6 @@
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
-RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
@@ -57,7 +56,6 @@ crlnumber = $dir]crlnumber. # the current crl number
# must be commented out to leave a V1
CRL
crl= $dir]crl.pem # The current CRL
private_key= $dir.private]cakey.pem# The private key
-RANDFILE = $dir.private].rand# private random number file
x509_extensions= usr_cert # The extensions to add to the
cert
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index 7d1a8bb..6df2878 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -10,7 +10,6 @@
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
-RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
@@ -57,7 +56,6 @@ crlnumber = $dir/crlnumber# the current crl number
# must be commented out to leave a V1
CRL
crl= $dir/crl.pem # The current CRL
private_key= $dir/private/cakey.pem# The private key
-RANDFILE = $dir/private/.rand# private random number file
x509_extensions= usr_cert # The extensions to add to the
cert
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 0f58220973a02248ca5c69db59e615378467b9c8 (commit)
from 46d085096c6ead624c61e4b8b301421301511e64 (commit)
- Log -
commit 0f58220973a02248ca5c69db59e615378467b9c8
Author: Bernd Edlinger
Date: Thu Sep 13 18:25:37 2018 +0200
Create the .rnd file it it does not exist
It's a bit annoying, since some commands try to read a .rnd file,
and print an error message if the file does not exist.
But previously a .rnd file was created on exit, and that does no longer
happen.
Fixed by continuing in app_RAND_load_conf regardless of the error in
RAND_load_file.
If the random number generator is still not initalized on exit, the
function RAND_write_file will fail and no .rnd file would be created.
Remove RANDFILE from openssl.cnf
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/7217)
---
Summary of changes:
apps/app_rand.c | 1 -
apps/openssl-vms.cnf | 2 --
apps/openssl.cnf | 2 --
3 files changed, 5 deletions(-)
diff --git a/apps/app_rand.c b/apps/app_rand.c
index 28caad4..d0b2e83 100644
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -26,7 +26,6 @@ void app_RAND_load_conf(CONF *c, const char *section)
if (RAND_load_file(randfile, -1) < 0) {
BIO_printf(bio_err, "Can't load %s into RNG\n", randfile);
ERR_print_errors(bio_err);
-return;
}
if (save_rand_file == NULL)
save_rand_file = OPENSSL_strdup(randfile);
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index f4a2511..178a0b0 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -10,7 +10,6 @@
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
-RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
@@ -57,7 +56,6 @@ crlnumber = $dir]crlnumber. # the current crl number
# must be commented out to leave a V1
CRL
crl= $dir]crl.pem # The current CRL
private_key= $dir.private]cakey.pem# The private key
-RANDFILE = $dir.private].rand# private random number file
x509_extensions= usr_cert # The extensions to add to the
cert
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index 7d1a8bb..6df2878 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -10,7 +10,6 @@
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
-RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
@@ -57,7 +56,6 @@ crlnumber = $dir/crlnumber# the current crl number
# must be commented out to leave a V1
CRL
crl= $dir/crl.pem # The current CRL
private_key= $dir/private/cakey.pem# The private key
-RANDFILE = $dir/private/.rand# private random number file
x509_extensions= usr_cert # The extensions to add to the
cert
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
