SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dh
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Errored: openssl/openssl#38687 (master - 15f5494)
Build Update for openssl/openssl - Build: #38687 Status: Errored Duration: 1 hr, 44 mins, and 22 secs Commit: 15f5494 (master) Author: Pauli Message: test RNG: set state to uninitialised as part of uninstantiate call. Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) View the changeset: https://github.com/openssl/openssl/compare/c34063d7a1e8...15f54941bd4c View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202911063?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build failed: openssl master.38165
Build openssl master.38165 failed Commit f2a7151849 by Shane Lontis on 11/20/2020 1:59 AM: Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA. Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-deprecated
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-deprecated Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ct
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ct Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-crypto-mdebug-backtrace
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-crypto-mdebug-backtrace Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-crypto-mdebug
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-crypto-mdebug Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-comp
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-comp Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cmac
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-chacha
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-chacha Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cast
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cast Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-capieng
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-capieng Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-camellia
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-camellia Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-blake2
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-blake2 Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Errored: openssl/openssl#38681 (master - c34063d)
Build Update for openssl/openssl - Build: #38681 Status: Errored Duration: 1 hr, 50 mins, and 25 secs Commit: c34063d (master) Author: Matt Caswell Message: Add a test for setting, popping and clearing error marks Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13335) View the changeset: https://github.com/openssl/openssl/compare/5b1d94c11c68...c34063d7a1e8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202788300?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-bf
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-bf Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
[openssl] master update
The branch master has been updated via f2a7151849a566892912737f7b633c04f64a2b9e (commit) from ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60 (commit) - Log - commit f2a7151849a566892912737f7b633c04f64a2b9e Author: Shane Lontis Date: Wed Nov 18 11:32:33 2020 +1000 Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA. By the time the keygen is called the references to strings inside the gen ctx are floating pointers. A strdup solves this problem. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13432) --- Summary of changes: providers/implementations/keymgmt/dh_kmgmt.c | 16 providers/implementations/keymgmt/dsa_kmgmt.c | 16 test/recipes/15-test_gendh.t | 10 +- test/recipes/15-test_gendsa.t | 10 +- 4 files changed, 42 insertions(+), 10 deletions(-) diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 927246167e..dc0f3b2acd 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -69,8 +69,8 @@ struct dh_gen_ctx { int hindex; int priv_len; -const char *mdname; -const char *mdprops; +char *mdname; +char *mdprops; OSSL_CALLBACK *cb; void *cbarg; int dh_type; @@ -549,13 +549,19 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; -gctx->mdname = p->data; +OPENSSL_free(gctx->mdname); +gctx->mdname = OPENSSL_strdup(p->data); +if (gctx->mdname == NULL) +return 0; } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST_PROPS); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; -gctx->mdprops = p->data; +OPENSSL_free(gctx->mdprops); +gctx->mdprops = OPENSSL_strdup(p->data); +if (gctx->mdprops == NULL) +return 0; } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN); if (p != NULL && !OSSL_PARAM_get_int(p, >priv_len)) @@ -694,6 +700,8 @@ static void dh_gen_cleanup(void *genctx) if (gctx == NULL) return; +OPENSSL_free(gctx->mdname); +OPENSSL_free(gctx->mdprops); OPENSSL_clear_free(gctx->seed, gctx->seedlen); OPENSSL_free(gctx); } diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 6dbd450386..bc4591b1d6 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -63,8 +63,8 @@ struct dsa_gen_ctx { int gen_type; /* DSA_PARAMGEN_TYPE_FIPS_186_2 or DSA_PARAMGEN_TYPE_FIPS_186_4 */ int pcounter; int hindex; -const char *mdname; -const char *mdprops; +char *mdname; +char *mdprops; OSSL_CALLBACK *cb; void *cbarg; }; @@ -459,13 +459,19 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; -gctx->mdname = p->data; +OPENSSL_free(gctx->mdname); +gctx->mdname = OPENSSL_strdup(p->data); +if (gctx->mdname == NULL) +return 0; } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST_PROPS); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; -gctx->mdprops = p->data; +OPENSSL_free(gctx->mdprops); +gctx->mdprops = OPENSSL_strdup(p->data); +if (gctx->mdprops == NULL) +return 0; } return 1; } @@ -572,6 +578,8 @@ static void dsa_gen_cleanup(void *genctx) if (gctx == NULL) return; +OPENSSL_free(gctx->mdname); +OPENSSL_free(gctx->mdprops); OPENSSL_clear_free(gctx->seed, gctx->seedlen); OPENSSL_free(gctx); } diff --git a/test/recipes/15-test_gendh.t b/test/recipes/15-test_gendh.t index c87ae0d89c..87dd73f438 100644 --- a/test/recipes/15-test_gendh.t +++ b/test/recipes/15-test_gendh.t @@ -18,7 +18,7 @@ setup("test_gendh"); plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh"); -plan tests => 12; +plan tests => 13; ok(run(app([ 'openssl', 'genpkey', '-genparam', '-algorithm', 'DH', @@ -33,6 +33,14 @@ ok(run(app([ 'openssl', 'genpkey', '-genparam', '-text'])), "genpkey DH params fips186_4 with unverifiable g"); +ok(run(app([ 'openssl', 'genpkey', '-genparam', + '-algorithm', 'DH', + '-pkeyopt', 'pbits:2048', + '-pkeyopt', 'qbits:224', + '-pkeyopt',
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-autoalginit
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoalginit Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-async
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-async Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075
[openssl] master update
The branch master has been updated via ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60 (commit) from 15f54941bd4c0324f1c8d7773db56004183a9cb7 (commit) - Log - commit ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60 Author: David Carlier Date: Wed Nov 18 10:21:45 2020 + Haiku system build fix. overriding ar and flags from BASE_common mainly. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13438) --- Summary of changes: Configurations/50-haiku.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Configurations/50-haiku.conf b/Configurations/50-haiku.conf index d37ab83ada..4580e71a3e 100644 --- a/Configurations/50-haiku.conf +++ b/Configurations/50-haiku.conf @@ -7,6 +7,9 @@ my %targets = ( release => "-O2")), cflags => add_before("-DL_ENDIAN -include \$(SRCDIR)/os-dep/haiku.h", threads("-D_REENTRANT")), +AR => "ar", +ARFLAGS => "qc", +HASHBANGPERL=> "/bin/env perl", sys_id => "HAIKU", ex_libs => "-lnetwork", perlasm_scheme => "elf",
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-afalgeng
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-afalgeng Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix. b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix 5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl. 1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix. 893d3df972 rename mac_key_* to ossl_mac_key_* 572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order 627b73cc72 Rename md5_sha1_* ossl_md5_sha1_* 3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs 3105d84693 Extend the auto DH testing to check DH sizes b6ae56fd27 Add some additional test certificates/keys 1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros 33c39a0659 Add a test for the various ways of setting temporary DH params 0437309fdf Document some SSL DH related functions/macros 1072041b17 Return sensible values for some SSL ctrls 13c453728c Only disabled what we need to in a no-dh build 163f6dc1f7 Implement a replacement for SSL_set_tmp_dh() 9912be1b33 Remove deprecated functionality from s_server 8b7df247b7 Disable the DHParameters config option in a no-deprecated build 936d565768 Remove DH usage from tls_process_cke_dhe 184280971c Remove DH usage in tls_construct_server_key_exchange() cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe() 1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls 1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY 091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY 2b93900e28 DOC: Rewrite the section on reporting errors in doc/man3/ERR_put_error.pod e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise() 01fe51578e Simplify util/err-to-raise b06e70b868 Really deprecate the old NAMEerr() macros bf57cab74b util/find-doc-nits: check podchecker() return value c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four numbers ef2a44eb31 NetBSD build fix. ccbf3f90c4 DOC: Fixup the description of the -x509_strict option 4605c5ab47 Fix dsa securitycheck for fips. e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY 317b7c57e4 Fixup EVP-MAC-KMAC documentation fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings 3084b9d316 Document the provider KDF API. e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison efb4667f72 Fix SUPPORT.md for better readability 322d56cd64 Fix a few github file references a18cf8fc63 Remove -C option from x509 command 1696b8909b Remove -C from dhparam,dsaparam,ecparam 256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror() 105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data() 9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call 31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys 0bb450fe2f DragonFlyBSD build fix and update. a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl(). a7da4d488d [test/recipes] Split test_fuzz into separate recipes 9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64 c87a7f31a3 apps/passwd: remove the -crypt option. 93c87f745d rsa_test: add return value check d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths 368d9e030f Add ossl_is_absolute_path function to detect absolute paths 69d16b70cf Avoid duplicate ends_with_dirsep functions 122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder
[openssl] master update
The branch master has been updated via 15f54941bd4c0324f1c8d7773db56004183a9cb7 (commit) via 1f50630af8fd7a260a88f0473c9de1b2f01d4945 (commit) via 08edd447c97854d6548c15149de90d6bd3ddd47b (commit) via 0d4460d27ea2fef46f02fa94a60717e9d168ed96 (commit) via 03bede0cc8418e056d4ac551fbdc2283e0e9491f (commit) via 71febb399225ec5b0f85292fe9487d507fbafb7e (commit) from c34063d7a1e8e3e0f760fd998366165862730bae (commit) - Log - commit 15f54941bd4c0324f1c8d7773db56004183a9cb7 Author: Pauli Date: Wed Nov 4 13:05:46 2020 +1000 test RNG: set state to uninitialised as part of uninstantiate call. Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 1f50630af8fd7a260a88f0473c9de1b2f01d4945 Author: Pauli Date: Mon Nov 2 12:03:31 2020 +1000 disassociate test RNG from the DRBGs Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 08edd447c97854d6548c15149de90d6bd3ddd47b Author: Pauli Date: Fri Oct 30 15:54:03 2020 +1000 prov: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 0d4460d27ea2fef46f02fa94a60717e9d168ed96 Author: Pauli Date: Fri Oct 30 15:53:47 2020 +1000 test: changes resulting from moving the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 03bede0cc8418e056d4ac551fbdc2283e0e9491f Author: Pauli Date: Fri Oct 30 15:53:22 2020 +1000 rand: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 71febb399225ec5b0f85292fe9487d507fbafb7e Author: Pauli Date: Fri Oct 30 15:39:10 2020 +1000 doc: Documentation changes for moving the entropy source out of the fips provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) --- Summary of changes: crypto/err/openssl.txt | 6 +- crypto/evp/evp_rand.c | 2 +- crypto/provider_core.c | 8 +- crypto/rand/build.info | 2 +- crypto/rand/prov_seed.c| 76 ++ crypto/rand/rand_err.c | 2 - crypto/rand/rand_lib.c | 2 +- .../rands => crypto/rand}/rand_pool.c | 2 +- doc/internal/man3/ossl_rand_get_entropy.pod| 66 + doc/man7/EVP_RAND-CTR-DRBG.pod | 4 +- doc/man7/EVP_RAND-HASH-DRBG.pod| 4 +- doc/man7/EVP_RAND-HMAC-DRBG.pod| 4 +- doc/man7/provider-base.pod | 36 +++ include/crypto/rand.h | 21 ++ .../include/prov => include/crypto}/rand_pool.h| 0 include/openssl/core_dispatch.h| 17 ++ include/openssl/core_names.h | 2 +- include/openssl/randerr.h | 1 - providers/common/build.info| 2 +- providers/common/include/prov/providercommonerr.h | 3 +- providers/common/provider_err.c| 6 +- providers/common/provider_seeding.c| 73 ++ providers/defltprov.c | 4 +- providers/fips/fipsprov.c | 6 +- providers/implementations/include/prov/seeding.h | 20 +- providers/implementations/rands/build.info | 2 +- providers/implementations/rands/crngt.c| 120 + providers/implementations/rands/drbg.c | 235 +++-- providers/implementations/rands/drbg_local.h | 24 +- providers/implementations/rands/seeding/build.info | 1 - .../implementations/rands/seeding/rand_cpu_x86.c | 2 +- providers/implementations/rands/seeding/rand_tsc.c | 2 +- .../implementations/rands/seeding/rand_unix.c | 2 +- providers/implementations/rands/seeding/rand_vms.c | 2 +- .../implementations/rands/seeding/rand_vxworks.c | 2 +- providers/implementations/rands/seeding/rand_win.c | 2 +- providers/implementations/rands/test_rng.c | 284 + test/build.info| 2 +- test/evp_extra_test.c | 2 +- 39 files changed, 633 insertions(+), 418 deletions(-) create mode 100644
Errored: openssl/openssl#38672 (master - 5b1d94c)
Build Update for openssl/openssl - Build: #38672 Status: Errored Duration: 1 hr, 49 mins, and 13 secs Commit: 5b1d94c (master) Author: Pauli Message: Fix some warnings from clang 10 in params.c clang 10 was emitting warnings similar to the following from params.c: crypto/params.c:411:40: error: implicit conversion from 'long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion] if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) { Also fixed some other conversion problems when sizeof(double) == 4. Alternative to #13366 Fixes #13365 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13377) View the changeset: https://github.com/openssl/openssl/compare/908c9fc7ed86...5b1d94c11c68 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202705311?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Errored: openssl/openssl#38671 (master - 908c9fc)
Build Update for openssl/openssl - Build: #38671 Status: Errored Duration: 2 hrs, 30 mins, and 34 secs Commit: 908c9fc (master) Author: Dr. David von Oheimb Message: apps/pkcs12: Clean up the order in which many options are presented Also do a minor extension on the documentation of the -passcerts option Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) View the changeset: https://github.com/openssl/openssl/compare/d7e498ac55f1...908c9fc7ed86 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202685391?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Build failed: openssl master.38150
Build openssl master.38150 failed Commit 81134f495d by Nicola Tuveri on 11/10/2020 4:36 PM: fixup! Add SM2 private key range validation Configure your notification preferences
[openssl] master update
The branch master has been updated via c34063d7a1e8e3e0f760fd998366165862730bae (commit) via 4e08ea6f111d7bdcef0659baca700a78aa867913 (commit) from 5b1d94c11c680c2b9527c3da55593468bcf65efd (commit) - Log - commit c34063d7a1e8e3e0f760fd998366165862730bae Author: Matt Caswell Date: Fri Nov 6 12:53:01 2020 + Add a test for setting, popping and clearing error marks Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13335) commit 4e08ea6f111d7bdcef0659baca700a78aa867913 Author: Matt Caswell Date: Fri Nov 6 11:43:44 2020 + Allow multiple nested marks Previously we only ever allowed one mark to be set against an error in the statck. If we attempted to nest them, then we would end up clearing all the errors in the stack when we popped to the mark. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13335) --- Summary of changes: crypto/err/err.c | 10 ++-- crypto/err/err_local.h | 1 + include/openssl/err.h.in | 1 + test/errtest.c | 119 +++ 4 files changed, 126 insertions(+), 5 deletions(-) diff --git a/crypto/err/err.c b/crypto/err/err.c index 2c8240f0ba..a66ea63adf 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -838,7 +838,7 @@ int ERR_set_mark(void) if (es->bottom == es->top) return 0; -es->err_flags[es->top] |= ERR_FLAG_MARK; +es->err_marks[es->top]++; return 1; } @@ -851,14 +851,14 @@ int ERR_pop_to_mark(void) return 0; while (es->bottom != es->top - && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) { + && es->err_marks[es->top] == 0) { err_clear(es, es->top, 0); es->top = es->top > 0 ? es->top - 1 : ERR_NUM_ERRORS - 1; } if (es->bottom == es->top) return 0; -es->err_flags[es->top] &= ~ERR_FLAG_MARK; +es->err_marks[es->top]--; return 1; } @@ -873,13 +873,13 @@ int ERR_clear_last_mark(void) top = es->top; while (es->bottom != top - && (es->err_flags[top] & ERR_FLAG_MARK) == 0) { + && es->err_marks[top] == 0) { top = top > 0 ? top - 1 : ERR_NUM_ERRORS - 1; } if (es->bottom == top) return 0; -es->err_flags[top] &= ~ERR_FLAG_MARK; +es->err_marks[top]--; return 1; } diff --git a/crypto/err/err_local.h b/crypto/err/err_local.h index 2f9caf2e0e..cad67cc476 100644 --- a/crypto/err/err_local.h +++ b/crypto/err/err_local.h @@ -64,6 +64,7 @@ static ossl_inline void err_set_data(ERR_STATE *es, size_t i, static ossl_inline void err_clear(ERR_STATE *es, size_t i, int deall) { err_clear_data(es, i, (deall)); +es->err_marks[i] = 0; es->err_flags[i] = 0; es->err_buffer[i] = 0; es->err_file[i] = NULL; diff --git a/include/openssl/err.h.in b/include/openssl/err.h.in index 35db02fad6..1f2fde8317 100644 --- a/include/openssl/err.h.in +++ b/include/openssl/err.h.in @@ -56,6 +56,7 @@ extern "C" { # define ERR_NUM_ERRORS 16 struct err_state_st { int err_flags[ERR_NUM_ERRORS]; +int err_marks[ERR_NUM_ERRORS]; unsigned long err_buffer[ERR_NUM_ERRORS]; char *err_data[ERR_NUM_ERRORS]; size_t err_data_size[ERR_NUM_ERRORS]; diff --git a/test/errtest.c b/test/errtest.c index 443bd0a57d..247bc546a0 100644 --- a/test/errtest.c +++ b/test/errtest.c @@ -148,6 +148,124 @@ static int raised_error(void) return 1; } +static int test_marks(void) +{ +unsigned long mallocfail, shouldnot; + +/* Set an initial error */ +ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); +mallocfail = ERR_peek_last_error(); +if (!TEST_ulong_gt(mallocfail, 0)) +return 0; + +/* Setting and clearing a mark should not affect the error */ +if (!TEST_true(ERR_set_mark()) +|| !TEST_true(ERR_pop_to_mark()) +|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error()) +|| !TEST_true(ERR_set_mark()) +|| !TEST_true(ERR_clear_last_mark()) +|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error())) +return 0; + +/* Test popping errors */ +if (!TEST_true(ERR_set_mark())) +return 0; +ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); +if (!TEST_ulong_ne(mallocfail, ERR_peek_last_error()) +|| !TEST_true(ERR_pop_to_mark()) +|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error())) +return 0; + +/* Nested marks should also work */ +if (!TEST_true(ERR_set_mark()) +|| !TEST_true(ERR_set_mark())) +return 0; +ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); +if (!TEST_ulong_ne(mallocfail, ERR_peek_last_error()) +|| !TEST_true(ERR_pop_to_mark()) +|| !TEST_true(ERR_pop_to_mark()) +
[openssl] master update
The branch master has been updated via 5b1d94c11c680c2b9527c3da55593468bcf65efd (commit) from 908c9fc7ed86d8fab4edc1431433509bc18ac935 (commit) - Log - commit 5b1d94c11c680c2b9527c3da55593468bcf65efd Author: Pauli Date: Wed Nov 11 21:52:32 2020 +1000 Fix some warnings from clang 10 in params.c clang 10 was emitting warnings similar to the following from params.c: crypto/params.c:411:40: error: implicit conversion from 'long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion] if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) { Also fixed some other conversion problems when sizeof(double) == 4. Alternative to #13366 Fixes #13365 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13377) --- Summary of changes: crypto/params.c | 52 1 file changed, 44 insertions(+), 8 deletions(-) diff --git a/crypto/params.c b/crypto/params.c index 4f7e25e0ca..bd31981b09 100644 --- a/crypto/params.c +++ b/crypto/params.c @@ -13,6 +13,16 @@ #include "internal/thread_once.h" #include "internal/numbers.h" +/* + * Return the number of bits in the mantissa of a double. This is used to + * shift a larger integral value to determine if it will exactly fit into a + * double. + */ +static unsigned int real_shift(void) +{ +return sizeof(double) == 4 ? 24 : 53; +} + OSSL_PARAM *OSSL_PARAM_locate(OSSL_PARAM *p, const char *key) { if (p != NULL && key != NULL) @@ -408,7 +418,14 @@ int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val) switch (p->data_size) { case sizeof(double): d = *(const double *)p->data; -if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) { +if (d >= INT64_MIN +/* + * By subtracting 65535 (2^16-1) we cancel the low order + * 15 bits of INT64_MAX to avoid using imprecise floating + * point values. + */ +&& d < (double)(INT64_MAX - 65535) + 65536.0 +&& d == (int64_t)d) { *val = (int64_t)d; return 1; } @@ -464,7 +481,7 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val) switch (p->data_size) { case sizeof(double): u64 = val < 0 ? -val : val; -if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */ +if ((u64 >> real_shift()) == 0) { *(double *)p->data = (double)val; return 1; } @@ -518,7 +535,14 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val) switch (p->data_size) { case sizeof(double): d = *(const double *)p->data; -if (d >= 0 && d <= INT64_MAX && d == (uint64_t)d) { +if (d >= 0 +/* + * By subtracting 65535 (2^16-1) we cancel the low order + * 15 bits of UINT64_MAX to avoid using imprecise floating + * point values. + */ +&& d < (double)(UINT64_MAX - 65535) + 65536.0 +&& d == (uint64_t)d) { *val = (uint64_t)d; return 1; } @@ -573,7 +597,7 @@ int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val) p->return_size = sizeof(double); switch (p->data_size) { case sizeof(double): -if ((val >> 53) == 0) { /* 53 significant bits in the mantissa */ +if ((val >> real_shift()) == 0) { *(double *)p->data = (double)val; return 1; } @@ -714,7 +738,7 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val) return 1; case sizeof(uint64_t): u64 = *(const uint64_t *)p->data; -if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */ +if ((u64 >> real_shift()) == 0) { *val = (double)u64; return 1; } @@ -728,7 +752,7 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val) case sizeof(int64_t): i64 = *(const int64_t *)p->data; u64 = i64 < 0 ? -i64 : i64; -if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */ +if ((u64 >> real_shift()) == 0) { *val = 0.0 + i64; return 1; } @@ -767,7 +791,13 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val) } break; case sizeof(uint64_t): -if (val >= 0 && val <= UINT64_MAX) { +if (val >= 0 +
[openssl] master update
The branch master has been updated via 908c9fc7ed86d8fab4edc1431433509bc18ac935 (commit) via 09afbec94bacac7be9fbeab8fa0a9dfd5cb19b1d (commit) via 61dd4168f5d98cd914a65b7357e4df06a65693ab (commit) via 3a6df6bd5cf64005682da6ec18ef58b929baa452 (commit) via 0c2c560cb96346737bace83eb01f8e8aa5970f81 (commit) via 852feb3bd8a42ab441bd726ffc96c5757b7a936c (commit) via b84965aff0451dd914d54d3fbb6b9d347e1cd947 (commit) via bb57c90e6cdc8400219673ff32dad95361f3c291 (commit) via 279b61d0cade44964956c5c39da462fe43414cc1 (commit) via 9c73e48a081278f18f3203efca980ddfa873e71f (commit) via c1097eecdfe438bcb18b3f556ca4e5dec0748cfc (commit) from d7e498ac55f12bc2f4e7f948cbb8de2e3eeafc74 (commit) - Log - commit 908c9fc7ed86d8fab4edc1431433509bc18ac935 Author: Dr. David von Oheimb Date: Mon Aug 10 14:23:46 2020 +0200 apps/pkcs12: Clean up the order in which many options are presented Also do a minor extension on the documentation of the -passcerts option Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 09afbec94bacac7be9fbeab8fa0a9dfd5cb19b1d Author: Dr. David von Oheimb Date: Sat Jun 6 13:59:25 2020 +0200 e_loader_attic.c: Improve result handling of file_load_try_decode() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 61dd4168f5d98cd914a65b7357e4df06a65693ab Author: Dr. David von Oheimb Date: Mon May 11 15:51:34 2020 +0200 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 3a6df6bd5cf64005682da6ec18ef58b929baa452 Author: Dr. David von Oheimb Date: Sat Jun 6 14:00:21 2020 +0200 e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 0c2c560cb96346737bace83eb01f8e8aa5970f81 Author: Dr. David von Oheimb Date: Mon May 11 15:50:36 2020 +0200 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 852feb3bd8a42ab441bd726ffc96c5757b7a936c Author: Dr. David von Oheimb Date: Mon May 11 15:49:34 2020 +0200 apps/pkcs12: Really do not perform MAC in case -nomac Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit b84965aff0451dd914d54d3fbb6b9d347e1cd947 Author: Dr. David von Oheimb Date: Mon May 11 15:48:52 2020 +0200 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit bb57c90e6cdc8400219673ff32dad95361f3c291 Author: Dr. David von Oheimb Date: Mon Sep 14 19:17:28 2020 +0200 Minor improvements of doc for ca and x509 app Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 279b61d0cade44964956c5c39da462fe43414cc1 Author: David von Oheimb Date: Thu Dec 14 14:02:27 2017 +0100 apps/pkcs12: Retain test output files Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 9c73e48a081278f18f3203efca980ddfa873e71f Author: David von Oheimb Date: Thu Dec 14 11:10:33 2017 +0100 Minor cleanup of error output for various apps Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit c1097eecdfe438bcb18b3f556ca4e5dec0748cfc Author: David von Oheimb Date: Thu Dec 14 08:04:00 2017 +0100 apps/ca: Minor code and doc cleanup Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) --- Summary of changes: apps/ca.c | 47 +- apps/pkcs12.c | 57 +++--- apps/s_server.c| 3 ++- apps/storeutl.c| 8 +++--- crypto/pkcs12/p12_kiss.c | 3 ++- doc/man1/openssl-ca.pod.in | 12 - doc/man1/openssl-pkcs12.pod.in | 5 ++-- engines/e_loader_attic.c | 10 +--- test/recipes/80-test_pkcs12.t | 18 ++--- 9 files changed, 82 insertions(+), 81 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index b2866f63d6..0f21b4fa1c 100755 --- a/apps/ca.c +++ b/apps/ca.c @@ -100,7 +100,7 @@ static int certify(X509 **xret, const char *infile, int informat, long days, int batch, const char *ext_sect, CONF *conf, int verbose, unsigned long certopt, unsigned long nameopt, int