Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: cfae32c69a [test][ectest] Minor touches to custom_generator_test f5384f064e [test] Vertically test explicit EC params API patterns 79410c5f8b namemap: fix threading issue 5cd9962272 Fix a test_verify failure ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app 846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c a4e559 PROV: Add a DER to RSA-PSS deserializer implementation 456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS 51d9ac870a Fix no-ec2m Build log ended with (last 100 lines): 65-test_cmp_status.t ... ok 65-test_cmp_vfy.t .. ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz.t . ok Test Summary Report --- 04-test_err.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=207, Tests=3113, 796 wallclock secs (11.35 usr 1.14 sys + 737.51 cusr 57.48 csys = 807.48 CPU) Result: FAIL Makefile:3151: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3149: recipe for target 'tests' failed make: *** [tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: cfae32c69a [test][ectest] Minor touches to custom_generator_test f5384f064e [test] Vertically test explicit EC params API patterns 79410c5f8b namemap: fix threading issue 5cd9962272 Fix a test_verify failure ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app 846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c a4e559 PROV: Add a DER to RSA-PSS deserializer implementation 456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS 51d9ac870a Fix no-ec2m Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80179486A47F:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318: not ok 9 - iteration 9 # -- not ok 1 - test_handshake # -- ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # -- # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # -- # Looks like you failed 1 test of 31.80-test_ssl_new.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok # INFO: @ ../openssl/test/sslcorrupttest.c:199 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229 # false # 80D7580FD27F:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403: not ok 3 - iteration 3 # -- # INFO: @ ../openssl/test/sslcorrupttest.c:199 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229 # false # 80D7580FD27F:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403: not ok 4 - iteration 4 # -- not ok 1 - test_ssl_corrupt # -- ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # -- # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t skipped: Test only supported in a shared build 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . skipped: tls13secrets is not supported in this build 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests
Still Failing: openssl/openssl#36411 (master - cfae32c)
Build Update for openssl/openssl - Build: #36411 Status: Still Failing Duration: 1 hr, 21 mins, and 4 secs Commit: cfae32c (master) Author: Nicola Tuveri Message: [test][ectest] Minor touches to custom_generator_test Minor changes to `custom_generator_test`: - this is to align to the 1.1.1 version of the test (simplify the code as there is no need to use `EC_GROUP_get_field_type()`) - add comment to explain how the buffer size is computed Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12507) View the changeset: https://github.com/openssl/openssl/compare/79410c5f8b13...cfae32c69a0d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/177713346?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated
via cfae32c69a0dde5a47fbd5aed4103fb01fc59acf (commit)
via f5384f064ec2ef9f1975877da46e6f64c776427c (commit)
from 79410c5f8b139c423be436810b4fe4de4637fc24 (commit)
- Log -
commit cfae32c69a0dde5a47fbd5aed4103fb01fc59acf
Author: Nicola Tuveri
Date: Tue Jul 21 23:12:59 2020 +0300
[test][ectest] Minor touches to custom_generator_test
Minor changes to `custom_generator_test`:
- this is to align to the 1.1.1 version of the test (simplify the code
as there is no need to use `EC_GROUP_get_field_type()`)
- add comment to explain how the buffer size is computed
Reviewed-by: Matt Caswell
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/12507)
commit f5384f064ec2ef9f1975877da46e6f64c776427c
Author: Nicola Tuveri
Date: Tue Jul 21 18:04:38 2020 +0300
[test] Vertically test explicit EC params API patterns
This commit adds a new test (run on all the built-in curves) to create
`EC_GROUP` with **unknown** *explicit parameters*: from a built-in group
we create an alternative group from scratch that differs in the
generator used.
At the `EC_GROUP` layer we perform a basic math check to ensure that the
math on the alternative group still makes sense, using comparable
results from the origin group.
We then create two `EC_KEY` objects on top of this alternative group and
run key generation from the `EC_KEY` layer.
Then we promote these two `EC_KEY`s to `EVP_PKEY` objects and try to
run the derive operation at the highest abstraction layer, comparing
results in both directions.
Finally, we create provider-native keys using `EVP_PKEY_fromdata` and
data derived from the previous objects, we compute an equivalent shared
secret from these provider keys, and compare it to the result obtained
from the previous steps.
Reviewed-by: Matt Caswell
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/12507)
---
Summary of changes:
test/ectest.c | 287 +-
1 file changed, 282 insertions(+), 5 deletions(-)
diff --git a/test/ectest.c b/test/ectest.c
index 8cceaa67e7..3678c42f71 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -32,6 +32,9 @@
# include
# include
# include
+# include "openssl/core_names.h"
+# include "openssl/param_build.h"
+# include "openssl/evp.h"
static size_t crv_len = 0;
static EC_builtin_curve *curves = NULL;
@@ -2361,10 +2364,8 @@ static int custom_generator_test(int id)
goto err;
/* expected byte length of encoded points */
-bsize = (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) ?
- BN_num_bytes(EC_GROUP_get0_field(group)) :
- (EC_GROUP_get_degree(group) + 7) / 8;
-bsize = 2 * bsize + 1;
+bsize = (EC_GROUP_get_degree(group) + 7) / 8;
+bsize = 1 + 2 * bsize; /* UNCOMPRESSED_POINT format */
if (!TEST_ptr(k = BN_CTX_get(ctx))
/* fetch a testing scalar k != 0,1 */
@@ -2402,7 +2403,7 @@ static int custom_generator_test(int id)
POINT_CONVERSION_UNCOMPRESSED, b2,
bsize, ctx), bsize)
/* Q1 = kG = k/2 G2 = Q2 should hold */
-|| !TEST_int_eq(CRYPTO_memcmp(b1, b2, bsize), 0))
+|| !TEST_mem_eq(b1, bsize, b2, bsize))
goto err;
ret = 1;
@@ -2420,6 +2421,281 @@ static int custom_generator_test(int id)
return ret;
}
+/*
+ * check creation of curves from explicit params through the public API
+ */
+static int custom_params_test(int id)
+{
+int ret = 0, nid, bsize;
+const char *curve_name = NULL;
+EC_GROUP *group = NULL, *altgroup = NULL;
+EC_POINT *G2 = NULL, *Q1 = NULL, *Q2 = NULL;
+const EC_POINT *Q = NULL;
+BN_CTX *ctx = NULL;
+BIGNUM *k = NULL;
+unsigned char *buf1 = NULL, *buf2 = NULL;
+const BIGNUM *z = NULL, *cof = NULL, *priv1 = NULL;
+BIGNUM *p = NULL, *a = NULL, *b = NULL;
+int is_prime = 0;
+EC_KEY *eckey1 = NULL, *eckey2 = NULL;
+EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
+EVP_PKEY_CTX *pctx1 = NULL, *pctx2 = NULL;
+size_t sslen, t;
+unsigned char *pub1 = NULL , *pub2 = NULL;
+OSSL_PARAM_BLD *param_bld = NULL;
+OSSL_PARAM *params1 = NULL, *params2 = NULL;
+
+/* Do some setup */
+nid = curves[id].nid;
+curve_name = OBJ_nid2sn(nid);
+TEST_note("Curve %s", curve_name);
+
+if (nid == NID_sm2)
+return TEST_skip("custom params not supported with SM2");
+
+if (!TEST_ptr(ctx = BN_CTX_new()))
+return 0;
+
+if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)))
+goto err;
+
+is_prime = EC_GROUP_get_field_type(group) ==
Still Failing: openssl/openssl#36401 (master - 79410c5)
Build Update for openssl/openssl - Build: #36401 Status: Still Failing Duration: 1 hr, 1 min, and 10 secs Commit: 79410c5 (master) Author: Pauli Message: namemap: fix threading issue The locking was too fine grained when adding entries to a namemap. Refactored the working code into unlocked functions and call these with appropriate locking. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12545) View the changeset: https://github.com/openssl/openssl/compare/5cd996227238...79410c5f8b13 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/177565839?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated
via 79410c5f8b139c423be436810b4fe4de4637fc24 (commit)
from 5cd9962272388fc9a51711495a8c6a3f230ab5ce (commit)
- Log -
commit 79410c5f8b139c423be436810b4fe4de4637fc24
Author: Pauli
Date: Tue Jul 28 11:14:14 2020 +1000
namemap: fix threading issue
The locking was too fine grained when adding entries to a namemap.
Refactored the working code into unlocked functions and call these with
appropriate locking.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/12545)
---
Summary of changes:
crypto/core_namemap.c | 87 ++-
1 file changed, 52 insertions(+), 35 deletions(-)
diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c
index e17b3ac0e2..b08fb84556 100644
--- a/crypto/core_namemap.c
+++ b/crypto/core_namemap.c
@@ -143,11 +143,24 @@ void ossl_namemap_doall_names(const OSSL_NAMEMAP
*namemap, int number,
CRYPTO_THREAD_unlock(namemap->lock);
}
+static int namemap_name2num_n(const OSSL_NAMEMAP *namemap,
+ const char *name, size_t name_len)
+{
+NAMENUM_ENTRY *namenum_entry, namenum_tmpl;
+
+if ((namenum_tmpl.name = OPENSSL_strndup(name, name_len)) == NULL)
+return 0;
+namenum_tmpl.number = 0;
+namenum_entry =
+lh_NAMENUM_ENTRY_retrieve(namemap->namenum, _tmpl);
+OPENSSL_free(namenum_tmpl.name);
+return namenum_entry != NULL ? namenum_entry->number : 0;
+}
+
int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
const char *name, size_t name_len)
{
-NAMENUM_ENTRY *namenum_entry, namenum_tmpl;
-int number = 0;
+int number;
#ifndef FIPS_MODULE
if (namemap == NULL)
@@ -157,16 +170,9 @@ int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
if (namemap == NULL)
return 0;
-if ((namenum_tmpl.name = OPENSSL_strndup(name, name_len)) == NULL)
-return 0;
-namenum_tmpl.number = 0;
CRYPTO_THREAD_read_lock(namemap->lock);
-namenum_entry =
-lh_NAMENUM_ENTRY_retrieve(namemap->namenum, _tmpl);
-if (namenum_entry != NULL)
-number = namenum_entry->number;
+number = namemap_name2num_n(namemap, name, name_len);
CRYPTO_THREAD_unlock(namemap->lock);
-OPENSSL_free(namenum_tmpl.name);
return number;
}
@@ -205,45 +211,50 @@ const char *ossl_namemap_num2name(const OSSL_NAMEMAP
*namemap, int number,
return data.name;
}
-int ossl_namemap_add_name_n(OSSL_NAMEMAP *namemap, int number,
-const char *name, size_t name_len)
+static int namemap_add_name_n(OSSL_NAMEMAP *namemap, int number,
+ const char *name, size_t name_len)
{
NAMENUM_ENTRY *namenum = NULL;
int tmp_number;
-#ifndef FIPS_MODULE
-if (namemap == NULL)
-namemap = ossl_namemap_stored(NULL);
-#endif
-
-if (name == NULL || name_len == 0 || namemap == NULL)
-return 0;
-
-if ((tmp_number = ossl_namemap_name2num_n(namemap, name, name_len)) != 0)
-return tmp_number; /* Pretend success */
-
-CRYPTO_THREAD_write_lock(namemap->lock);
+/* If it already exists, we don't add it */
+if ((tmp_number = namemap_name2num_n(namemap, name, name_len)) != 0)
+return tmp_number;
if ((namenum = OPENSSL_zalloc(sizeof(*namenum))) == NULL
|| (namenum->name = OPENSSL_strndup(name, name_len)) == NULL)
goto err;
-namenum->number = tmp_number =
+namenum->number =
number != 0 ? number : 1 + tsan_counter(>max_number);
(void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);
if (lh_NAMENUM_ENTRY_error(namemap->namenum))
goto err;
-
-CRYPTO_THREAD_unlock(namemap->lock);
-
-return tmp_number;
+return namenum->number;
err:
namenum_free(namenum);
+return 0;
+}
+int ossl_namemap_add_name_n(OSSL_NAMEMAP *namemap, int number,
+const char *name, size_t name_len)
+{
+int tmp_number;
+
+#ifndef FIPS_MODULE
+if (namemap == NULL)
+namemap = ossl_namemap_stored(NULL);
+#endif
+
+if (name == NULL || name_len == 0 || namemap == NULL)
+return 0;
+
+CRYPTO_THREAD_write_lock(namemap->lock);
+tmp_number = namemap_add_name_n(namemap, number, name, name_len);
CRYPTO_THREAD_unlock(namemap->lock);
-return 0;
+return tmp_number;
}
int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number, const char *name)
@@ -266,6 +277,7 @@ int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int
number,
return 0;
}
+CRYPTO_THREAD_write_lock(namemap->lock);
/*
* Check that no name is an empty string, and that all names have at
* most one numeric identity together.
@@ -278,11 +290,11 @@ int
