[openssl-commits] Fixed: openssl/openssl#21466 (master - e5a8712)
Build Update for openssl/openssl - Build: #21466 Status: Fixed Duration: 17 mins and 59 secs Commit: e5a8712 (master) Author: Paul Yang Message: Fix a doc-nit in EVP_PKEY_CTX_ctrl.pod [skip-ci] Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7546) View the changeset: https://github.com/openssl/openssl/compare/00496b642360...e5a8712d0333 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/449672531?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via e5a8712d03334c4b7cb9f29d6d1daee399c1223e (commit) from 00496b6423605391864fbbd1693f23631a1c5239 (commit) - Log - commit e5a8712d03334c4b7cb9f29d6d1daee399c1223e Author: Paul Yang Date: Thu Nov 1 23:27:31 2018 +0800 Fix a doc-nit in EVP_PKEY_CTX_ctrl.pod [skip-ci] Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/7546) --- Summary of changes: doc/man3/EVP_PKEY_CTX_ctrl.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index 75fba58..4982e92 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -116,7 +116,7 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); #include - + int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc); int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Broken: openssl/openssl#21457 (master - 00496b6)
Build Update for openssl/openssl - Build: #21457 Status: Broken Duration: 21 mins and 25 secs Commit: 00496b6 (master) Author: Pauli Message: Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7549) View the changeset: https://github.com/openssl/openssl/compare/0d1f7ae3c928...00496b642360 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/449580103?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via b78d963402ca83b6ede75f1a5d42d64ca61c2c49 (commit) from ec4583cb047f1dd56918b38f5a36941747d50d28 (commit) - Log - commit b78d963402ca83b6ede75f1a5d42d64ca61c2c49 Author: Pauli Date: Fri Nov 2 08:40:27 2018 +1000 Update advisory for CVE-2018-0734 indicating that it introduced a new issue and that this has been fixed. Git commit versions are included. --- Summary of changes: news/secadv/20181030.txt | 5 + 1 file changed, 5 insertions(+) diff --git a/news/secadv/20181030.txt b/news/secadv/20181030.txt index b33ac41..7569b56 100644 --- a/news/secadv/20181030.txt +++ b/news/secadv/20181030.txt @@ -19,6 +19,11 @@ git repository. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. +As a result of the changes made to mitigate this vulnerability, a new +side channel attack was created. The mitigation for this new vulnerability +can be found in these commits: 6039651c43 (for 1.1.1), 26d7fce13d (for 1.1.0) +and 880d1c76ed (for 1.0.2) + References == _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 880d1c76ed9916cddb97fe05fb4c144f0f6f1012 (commit) from ebf65dbe1a67682d7e1f58db9c53ef737fb37f32 (commit) - Log - commit 880d1c76ed9916cddb97fe05fb4c144f0f6f1012 Author: Pauli Date: Thu Nov 1 08:44:11 2018 +1000 Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7549) (cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239) --- Summary of changes: crypto/dsa/dsa_ossl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 80daf60..c887c3c 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -295,9 +295,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { BN_set_flags(, BN_FLG_CONSTTIME); +BN_set_flags(, BN_FLG_CONSTTIME); } - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (!BN_MONT_CTX_set_locked(>method_mont_p, CRYPTO_LOCK_DSA, dsa->p, ctx)) _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 26d7fce13d469f8d1a1b42131467ed4a65f8137b (commit) from 003f1bfd185267cc67ac9dc521a27d7a2af0d0ee (commit) - Log - commit 26d7fce13d469f8d1a1b42131467ed4a65f8137b Author: Pauli Date: Thu Nov 1 08:44:11 2018 +1000 Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7549) (cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239) --- Summary of changes: crypto/dsa/dsa_ossl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index be58625..868283a 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -225,6 +225,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, } while (BN_is_zero(k)); BN_set_flags(k, BN_FLG_CONSTTIME); +BN_set_flags(l, BN_FLG_CONSTTIME); if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (!BN_MONT_CTX_set_locked(>method_mont_p, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 6039651c43944cf4633483a74c2ef3a6b8c0c6c0 (commit) from 222b0a8e1a43e67c8d65fd325828d8860ed2d348 (commit) - Log - commit 6039651c43944cf4633483a74c2ef3a6b8c0c6c0 Author: Pauli Date: Thu Nov 1 08:44:11 2018 +1000 Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7549) (cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239) --- Summary of changes: crypto/dsa/dsa_ossl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 2dd2d74..7a0b087 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -223,6 +223,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, } while (BN_is_zero(k)); BN_set_flags(k, BN_FLG_CONSTTIME); +BN_set_flags(l, BN_FLG_CONSTTIME); if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (!BN_MONT_CTX_set_locked(>method_mont_p, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 00496b6423605391864fbbd1693f23631a1c5239 (commit) from 0d1f7ae3c928486120b682a6ce6efcaeb36229d6 (commit) - Log - commit 00496b6423605391864fbbd1693f23631a1c5239 Author: Pauli Date: Thu Nov 1 08:44:11 2018 +1000 Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7549) --- Summary of changes: crypto/dsa/dsa_ossl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 2dd2d74..7a0b087 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -223,6 +223,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, } while (BN_is_zero(k)); BN_set_flags(k, BN_FLG_CONSTTIME); +BN_set_flags(l, BN_FLG_CONSTTIME); if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (!BN_MONT_CTX_set_locked(>method_mont_p, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 0d1f7ae3c928486120b682a6ce6efcaeb36229d6 (commit) from 3bed01a09071fb289484dfd265f0a8a991537282 (commit) - Log - commit 0d1f7ae3c928486120b682a6ce6efcaeb36229d6 Author: Pauli Date: Thu Nov 1 14:25:20 2018 +1000 openssl list -mac-algorithms support. Reviewed-by: Richard Levitte Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7541) --- Summary of changes: apps/openssl.c| 21 - doc/man1/list.pod | 8 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/apps/openssl.c b/apps/openssl.c index 3d6b276..67b75e4 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -297,6 +297,20 @@ static void list_md_fn(const EVP_MD *m, } } +static void list_mac_fn(const EVP_MAC *m, +const char *from, const char *to, void *arg) +{ +if (m != NULL) { +BIO_printf(arg, "%s\n", EVP_MAC_name(m)); +} else { +if (from == NULL) +from = ""; +if (to == NULL) +to = ""; +BIO_printf(arg, "%s => %s\n", from, to); +} +} + static void list_missing_help(void) { const FUNCTION *fp; @@ -396,7 +410,7 @@ static void list_options_for_command(const char *command) /* Unified enum for help and list commands. */ typedef enum HELPLIST_CHOICE { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ONE, -OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_OPTIONS, +OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_MAC_ALGORITHMS, OPT_OPTIONS, OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS, OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_MISSING_HELP, OPT_OBJECTS @@ -410,6 +424,8 @@ const OPTIONS list_options[] = { "List of message digest commands"}, {"digest-algorithms", OPT_DIGEST_ALGORITHMS, '-', "List of message digest algorithms"}, +{"mac-algorithms", OPT_MAC_ALGORITHMS, '-', + "List of message authentication code algorithms"}, {"cipher-commands", OPT_CIPHER_COMMANDS, '-', "List of cipher commands"}, {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-', "List of cipher algorithms"}, @@ -457,6 +473,9 @@ opthelp: case OPT_DIGEST_ALGORITHMS: EVP_MD_do_all_sorted(list_md_fn, bio_out); break; +case OPT_MAC_ALGORITHMS: +EVP_MAC_do_all_sorted(list_mac_fn, bio_out); +break; case OPT_CIPHER_COMMANDS: list_type(FT_cipher, one); break; diff --git a/doc/man1/list.pod b/doc/man1/list.pod index f2fd06b..eeb099b 100644 --- a/doc/man1/list.pod +++ b/doc/man1/list.pod @@ -13,6 +13,7 @@ B [B<-commands>] [B<-digest-commands>] [B<-digest-algorithms>] +[B<-mac-algorithms>] [B<-cipher-commands>] [B<-cipher-algorithms>] [B<-public-key-algorithms>] @@ -53,6 +54,13 @@ If a line is of the form foo => bar then B is an alias for the official algorithm name, B. +=item B<-mac-algorithms> + +Display a list of message authentication code algorithms. +If a line is of the form + foo => bar +then B is an alias for the official algorithm name, B. + =item B<-cipher-commands> Display a list of cipher commands, which are typically used as input _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 3bed01a09071fb289484dfd265f0a8a991537282 (commit) from 54f3e855d48d08e9623a7ced715e263352c95274 (commit) - Log - commit 3bed01a09071fb289484dfd265f0a8a991537282 Author: Richard Levitte Date: Thu Nov 1 13:55:32 2018 +0100 Configure: ensure empty arrays aren't created inadvertently Just refering to a hash table element as an array reference will automatically create that element. Avoid that by defaulting to a separate empty array reference. Fixes #7543 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7544) --- Summary of changes: Configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Configure b/Configure index bf0c2d5..f46be6b 100755 --- a/Configure +++ b/Configure @@ -2344,7 +2344,7 @@ EOF my %dirs = (); my $pd = dirname($product); -foreach (@{$unified_info{sources}->{$product}}, +foreach (@{$unified_info{sources}->{$product} // []}, @{$unified_info{shared_sources}->{$product} // []}) { my $d = dirname($_); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build completed: openssl master.20708
Build openssl master.20708 completed Commit a010122a48 by Boris Pismenny on 2/13/2018 6:22 PM: sslapitest: add test ktls Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.20707
Build openssl master.20707 failed Commit d38e6bfb20 by Paul Yang on 10/22/2018 6:54 AM: Add poly1305 MAC support Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits