SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dh
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dh
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Errored: openssl/openssl#38687 (master - 15f5494)
Build Update for openssl/openssl - Build: #38687 Status: Errored Duration: 1 hr, 44 mins, and 22 secs Commit: 15f5494 (master) Author: Pauli Message: test RNG: set state to uninitialised as part of uninstantiate call. Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) View the changeset: https://github.com/openssl/openssl/compare/c34063d7a1e8...15f54941bd4c View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202911063?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build failed: openssl master.38165
Build openssl master.38165 failed Commit f2a7151849 by Shane Lontis on 11/20/2020 1:59 AM: Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA. Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-deprecated
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-deprecated
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ct
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ct
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-crypto-mdebug-backtrace
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-crypto-mdebug-backtrace
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-crypto-mdebug
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-crypto-mdebug
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-comp
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-comp
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cmac
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cmac
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-chacha
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-chacha
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cast
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cast
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-capieng
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-capieng
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-camellia
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-camellia
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-blake2
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-blake2
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Errored: openssl/openssl#38681 (master - c34063d)
Build Update for openssl/openssl - Build: #38681 Status: Errored Duration: 1 hr, 50 mins, and 25 secs Commit: c34063d (master) Author: Matt Caswell Message: Add a test for setting, popping and clearing error marks Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13335) View the changeset: https://github.com/openssl/openssl/compare/5b1d94c11c68...c34063d7a1e8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202788300?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-bf
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-bf
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
[openssl] master update
The branch master has been updated
via f2a7151849a566892912737f7b633c04f64a2b9e (commit)
from ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60 (commit)
- Log -
commit f2a7151849a566892912737f7b633c04f64a2b9e
Author: Shane Lontis
Date: Wed Nov 18 11:32:33 2020 +1000
Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA.
By the time the keygen is called the references to strings inside the
gen ctx are floating pointers. A strdup solves this problem.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/13432)
---
Summary of changes:
providers/implementations/keymgmt/dh_kmgmt.c | 16
providers/implementations/keymgmt/dsa_kmgmt.c | 16
test/recipes/15-test_gendh.t | 10 +-
test/recipes/15-test_gendsa.t | 10 +-
4 files changed, 42 insertions(+), 10 deletions(-)
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c
b/providers/implementations/keymgmt/dh_kmgmt.c
index 927246167e..dc0f3b2acd 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -69,8 +69,8 @@ struct dh_gen_ctx {
int hindex;
int priv_len;
-const char *mdname;
-const char *mdprops;
+char *mdname;
+char *mdprops;
OSSL_CALLBACK *cb;
void *cbarg;
int dh_type;
@@ -549,13 +549,19 @@ static int dh_gen_set_params(void *genctx, const
OSSL_PARAM params[])
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
-gctx->mdname = p->data;
+OPENSSL_free(gctx->mdname);
+gctx->mdname = OPENSSL_strdup(p->data);
+if (gctx->mdname == NULL)
+return 0;
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST_PROPS);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
-gctx->mdprops = p->data;
+OPENSSL_free(gctx->mdprops);
+gctx->mdprops = OPENSSL_strdup(p->data);
+if (gctx->mdprops == NULL)
+return 0;
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN);
if (p != NULL && !OSSL_PARAM_get_int(p, >priv_len))
@@ -694,6 +700,8 @@ static void dh_gen_cleanup(void *genctx)
if (gctx == NULL)
return;
+OPENSSL_free(gctx->mdname);
+OPENSSL_free(gctx->mdprops);
OPENSSL_clear_free(gctx->seed, gctx->seedlen);
OPENSSL_free(gctx);
}
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c
b/providers/implementations/keymgmt/dsa_kmgmt.c
index 6dbd450386..bc4591b1d6 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -63,8 +63,8 @@ struct dsa_gen_ctx {
int gen_type; /* DSA_PARAMGEN_TYPE_FIPS_186_2 or
DSA_PARAMGEN_TYPE_FIPS_186_4 */
int pcounter;
int hindex;
-const char *mdname;
-const char *mdprops;
+char *mdname;
+char *mdprops;
OSSL_CALLBACK *cb;
void *cbarg;
};
@@ -459,13 +459,19 @@ static int dsa_gen_set_params(void *genctx, const
OSSL_PARAM params[])
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
-gctx->mdname = p->data;
+OPENSSL_free(gctx->mdname);
+gctx->mdname = OPENSSL_strdup(p->data);
+if (gctx->mdname == NULL)
+return 0;
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST_PROPS);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
-gctx->mdprops = p->data;
+OPENSSL_free(gctx->mdprops);
+gctx->mdprops = OPENSSL_strdup(p->data);
+if (gctx->mdprops == NULL)
+return 0;
}
return 1;
}
@@ -572,6 +578,8 @@ static void dsa_gen_cleanup(void *genctx)
if (gctx == NULL)
return;
+OPENSSL_free(gctx->mdname);
+OPENSSL_free(gctx->mdprops);
OPENSSL_clear_free(gctx->seed, gctx->seedlen);
OPENSSL_free(gctx);
}
diff --git a/test/recipes/15-test_gendh.t b/test/recipes/15-test_gendh.t
index c87ae0d89c..87dd73f438 100644
--- a/test/recipes/15-test_gendh.t
+++ b/test/recipes/15-test_gendh.t
@@ -18,7 +18,7 @@ setup("test_gendh");
plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh");
-plan tests => 12;
+plan tests => 13;
ok(run(app([ 'openssl', 'genpkey', '-genparam',
'-algorithm', 'DH',
@@ -33,6 +33,14 @@ ok(run(app([ 'openssl', 'genpkey', '-genparam',
'-text'])),
"genpkey DH params fips186_4 with unverifiable g");
+ok(run(app([ 'openssl', 'genpkey', '-genparam',
+ '-algorithm', 'DH',
+ '-pkeyopt', 'pbits:2048',
+ '-pkeyopt', 'qbits:224',
+ '-pkeyopt',
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-autoalginit
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoalginit
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-async
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-async
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-asm
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared
-DOPENSSL_SMALL_FOOTPRINT
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075
[openssl] master update
The branch master has been updated
via ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60 (commit)
from 15f54941bd4c0324f1c8d7773db56004183a9cb7 (commit)
- Log -
commit ae2e4d1fd11910245b6f7b4db31cccf1ff4bec60
Author: David Carlier
Date: Wed Nov 18 10:21:45 2020 +
Haiku system build fix.
overriding ar and flags from BASE_common mainly.
Reviewed-by: Richard Levitte
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/13438)
---
Summary of changes:
Configurations/50-haiku.conf | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Configurations/50-haiku.conf b/Configurations/50-haiku.conf
index d37ab83ada..4580e71a3e 100644
--- a/Configurations/50-haiku.conf
+++ b/Configurations/50-haiku.conf
@@ -7,6 +7,9 @@ my %targets = (
release => "-O2")),
cflags => add_before("-DL_ENDIAN -include
\$(SRCDIR)/os-dep/haiku.h",
threads("-D_REENTRANT")),
+AR => "ar",
+ARFLAGS => "qc",
+HASHBANGPERL=> "/bin/env perl",
sys_id => "HAIKU",
ex_libs => "-lnetwork",
perlasm_scheme => "elf",
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-afalgeng
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-afalgeng
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings Commit log since last time: c34063d7a1 Add a test for setting, popping and clearing error marks 4e08ea6f11 Allow multiple nested marks 5b1d94c11c Fix some warnings from clang 10 in params.c 908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented 09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode() 61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c 3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() 0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files 852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes bb57c90e6c Minor improvements of doc for ca and x509 app 279b61d0ca apps/pkcs12: Retain test output files 9c73e48a08 Minor cleanup of error output for various apps c1097eecdf apps/ca: Minor code and doc cleanup d7e498ac55 Deprecate RSA harder
[openssl] master update
The branch master has been updated via 15f54941bd4c0324f1c8d7773db56004183a9cb7 (commit) via 1f50630af8fd7a260a88f0473c9de1b2f01d4945 (commit) via 08edd447c97854d6548c15149de90d6bd3ddd47b (commit) via 0d4460d27ea2fef46f02fa94a60717e9d168ed96 (commit) via 03bede0cc8418e056d4ac551fbdc2283e0e9491f (commit) via 71febb399225ec5b0f85292fe9487d507fbafb7e (commit) from c34063d7a1e8e3e0f760fd998366165862730bae (commit) - Log - commit 15f54941bd4c0324f1c8d7773db56004183a9cb7 Author: Pauli Date: Wed Nov 4 13:05:46 2020 +1000 test RNG: set state to uninitialised as part of uninstantiate call. Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 1f50630af8fd7a260a88f0473c9de1b2f01d4945 Author: Pauli Date: Mon Nov 2 12:03:31 2020 +1000 disassociate test RNG from the DRBGs Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 08edd447c97854d6548c15149de90d6bd3ddd47b Author: Pauli Date: Fri Oct 30 15:54:03 2020 +1000 prov: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 0d4460d27ea2fef46f02fa94a60717e9d168ed96 Author: Pauli Date: Fri Oct 30 15:53:47 2020 +1000 test: changes resulting from moving the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 03bede0cc8418e056d4ac551fbdc2283e0e9491f Author: Pauli Date: Fri Oct 30 15:53:22 2020 +1000 rand: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) commit 71febb399225ec5b0f85292fe9487d507fbafb7e Author: Pauli Date: Fri Oct 30 15:39:10 2020 +1000 doc: Documentation changes for moving the entropy source out of the fips provider Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13226) --- Summary of changes: crypto/err/openssl.txt | 6 +- crypto/evp/evp_rand.c | 2 +- crypto/provider_core.c | 8 +- crypto/rand/build.info | 2 +- crypto/rand/prov_seed.c| 76 ++ crypto/rand/rand_err.c | 2 - crypto/rand/rand_lib.c | 2 +- .../rands => crypto/rand}/rand_pool.c | 2 +- doc/internal/man3/ossl_rand_get_entropy.pod| 66 + doc/man7/EVP_RAND-CTR-DRBG.pod | 4 +- doc/man7/EVP_RAND-HASH-DRBG.pod| 4 +- doc/man7/EVP_RAND-HMAC-DRBG.pod| 4 +- doc/man7/provider-base.pod | 36 +++ include/crypto/rand.h | 21 ++ .../include/prov => include/crypto}/rand_pool.h| 0 include/openssl/core_dispatch.h| 17 ++ include/openssl/core_names.h | 2 +- include/openssl/randerr.h | 1 - providers/common/build.info| 2 +- providers/common/include/prov/providercommonerr.h | 3 +- providers/common/provider_err.c| 6 +- providers/common/provider_seeding.c| 73 ++ providers/defltprov.c | 4 +- providers/fips/fipsprov.c | 6 +- providers/implementations/include/prov/seeding.h | 20 +- providers/implementations/rands/build.info | 2 +- providers/implementations/rands/crngt.c| 120 + providers/implementations/rands/drbg.c | 235 +++-- providers/implementations/rands/drbg_local.h | 24 +- providers/implementations/rands/seeding/build.info | 1 - .../implementations/rands/seeding/rand_cpu_x86.c | 2 +- providers/implementations/rands/seeding/rand_tsc.c | 2 +- .../implementations/rands/seeding/rand_unix.c | 2 +- providers/implementations/rands/seeding/rand_vms.c | 2 +- .../implementations/rands/seeding/rand_vxworks.c | 2 +- providers/implementations/rands/seeding/rand_win.c | 2 +- providers/implementations/rands/test_rng.c | 284 + test/build.info| 2 +- test/evp_extra_test.c | 2 +- 39 files changed, 633 insertions(+), 418 deletions(-) create mode 100644
Errored: openssl/openssl#38672 (master - 5b1d94c)
Build Update for openssl/openssl
-
Build: #38672
Status: Errored
Duration: 1 hr, 49 mins, and 13 secs
Commit: 5b1d94c (master)
Author: Pauli
Message: Fix some warnings from clang 10 in params.c
clang 10 was emitting warnings similar to the following from params.c:
crypto/params.c:411:40: error: implicit conversion from 'long' to 'double'
changes value from 9223372036854775807 to 9223372036854775808
[-Werror,-Wimplicit-int-float-conversion]
if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) {
Also fixed some other conversion problems when sizeof(double) == 4.
Alternative to #13366
Fixes #13365
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/13377)
View the changeset:
https://github.com/openssl/openssl/compare/908c9fc7ed86...5b1d94c11c68
View the full build log and details:
https://travis-ci.com/github/openssl/openssl/builds/202705311?utm_medium=notification_source=email
--
You can unsubscribe from build emails from the openssl/openssl repository going
to
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml
file. See https://docs.travis-ci.com/user/notifications.
Errored: openssl/openssl#38671 (master - 908c9fc)
Build Update for openssl/openssl - Build: #38671 Status: Errored Duration: 2 hrs, 30 mins, and 34 secs Commit: 908c9fc (master) Author: Dr. David von Oheimb Message: apps/pkcs12: Clean up the order in which many options are presented Also do a minor extension on the documentation of the -passcerts option Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) View the changeset: https://github.com/openssl/openssl/compare/d7e498ac55f1...908c9fc7ed86 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/202685391?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Build failed: openssl master.38150
Build openssl master.38150 failed Commit 81134f495d by Nicola Tuveri on 11/10/2020 4:36 PM: fixup! Add SM2 private key range validation Configure your notification preferences
[openssl] master update
The branch master has been updated
via c34063d7a1e8e3e0f760fd998366165862730bae (commit)
via 4e08ea6f111d7bdcef0659baca700a78aa867913 (commit)
from 5b1d94c11c680c2b9527c3da55593468bcf65efd (commit)
- Log -
commit c34063d7a1e8e3e0f760fd998366165862730bae
Author: Matt Caswell
Date: Fri Nov 6 12:53:01 2020 +
Add a test for setting, popping and clearing error marks
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/13335)
commit 4e08ea6f111d7bdcef0659baca700a78aa867913
Author: Matt Caswell
Date: Fri Nov 6 11:43:44 2020 +
Allow multiple nested marks
Previously we only ever allowed one mark to be set against an error in the
statck. If we attempted to nest them, then we would end up clearing all
the errors in the stack when we popped to the mark.
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/13335)
---
Summary of changes:
crypto/err/err.c | 10 ++--
crypto/err/err_local.h | 1 +
include/openssl/err.h.in | 1 +
test/errtest.c | 119 +++
4 files changed, 126 insertions(+), 5 deletions(-)
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 2c8240f0ba..a66ea63adf 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -838,7 +838,7 @@ int ERR_set_mark(void)
if (es->bottom == es->top)
return 0;
-es->err_flags[es->top] |= ERR_FLAG_MARK;
+es->err_marks[es->top]++;
return 1;
}
@@ -851,14 +851,14 @@ int ERR_pop_to_mark(void)
return 0;
while (es->bottom != es->top
- && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {
+ && es->err_marks[es->top] == 0) {
err_clear(es, es->top, 0);
es->top = es->top > 0 ? es->top - 1 : ERR_NUM_ERRORS - 1;
}
if (es->bottom == es->top)
return 0;
-es->err_flags[es->top] &= ~ERR_FLAG_MARK;
+es->err_marks[es->top]--;
return 1;
}
@@ -873,13 +873,13 @@ int ERR_clear_last_mark(void)
top = es->top;
while (es->bottom != top
- && (es->err_flags[top] & ERR_FLAG_MARK) == 0) {
+ && es->err_marks[top] == 0) {
top = top > 0 ? top - 1 : ERR_NUM_ERRORS - 1;
}
if (es->bottom == top)
return 0;
-es->err_flags[top] &= ~ERR_FLAG_MARK;
+es->err_marks[top]--;
return 1;
}
diff --git a/crypto/err/err_local.h b/crypto/err/err_local.h
index 2f9caf2e0e..cad67cc476 100644
--- a/crypto/err/err_local.h
+++ b/crypto/err/err_local.h
@@ -64,6 +64,7 @@ static ossl_inline void err_set_data(ERR_STATE *es, size_t i,
static ossl_inline void err_clear(ERR_STATE *es, size_t i, int deall)
{
err_clear_data(es, i, (deall));
+es->err_marks[i] = 0;
es->err_flags[i] = 0;
es->err_buffer[i] = 0;
es->err_file[i] = NULL;
diff --git a/include/openssl/err.h.in b/include/openssl/err.h.in
index 35db02fad6..1f2fde8317 100644
--- a/include/openssl/err.h.in
+++ b/include/openssl/err.h.in
@@ -56,6 +56,7 @@ extern "C" {
# define ERR_NUM_ERRORS 16
struct err_state_st {
int err_flags[ERR_NUM_ERRORS];
+int err_marks[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
size_t err_data_size[ERR_NUM_ERRORS];
diff --git a/test/errtest.c b/test/errtest.c
index 443bd0a57d..247bc546a0 100644
--- a/test/errtest.c
+++ b/test/errtest.c
@@ -148,6 +148,124 @@ static int raised_error(void)
return 1;
}
+static int test_marks(void)
+{
+unsigned long mallocfail, shouldnot;
+
+/* Set an initial error */
+ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+mallocfail = ERR_peek_last_error();
+if (!TEST_ulong_gt(mallocfail, 0))
+return 0;
+
+/* Setting and clearing a mark should not affect the error */
+if (!TEST_true(ERR_set_mark())
+|| !TEST_true(ERR_pop_to_mark())
+|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error())
+|| !TEST_true(ERR_set_mark())
+|| !TEST_true(ERR_clear_last_mark())
+|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error()))
+return 0;
+
+/* Test popping errors */
+if (!TEST_true(ERR_set_mark()))
+return 0;
+ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
+if (!TEST_ulong_ne(mallocfail, ERR_peek_last_error())
+|| !TEST_true(ERR_pop_to_mark())
+|| !TEST_ulong_eq(mallocfail, ERR_peek_last_error()))
+return 0;
+
+/* Nested marks should also work */
+if (!TEST_true(ERR_set_mark())
+|| !TEST_true(ERR_set_mark()))
+return 0;
+ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
+if (!TEST_ulong_ne(mallocfail, ERR_peek_last_error())
+|| !TEST_true(ERR_pop_to_mark())
+|| !TEST_true(ERR_pop_to_mark())
+
[openssl] master update
The branch master has been updated
via 5b1d94c11c680c2b9527c3da55593468bcf65efd (commit)
from 908c9fc7ed86d8fab4edc1431433509bc18ac935 (commit)
- Log -
commit 5b1d94c11c680c2b9527c3da55593468bcf65efd
Author: Pauli
Date: Wed Nov 11 21:52:32 2020 +1000
Fix some warnings from clang 10 in params.c
clang 10 was emitting warnings similar to the following from params.c:
crypto/params.c:411:40: error: implicit conversion from 'long' to 'double'
changes value from 9223372036854775807 to 9223372036854775808
[-Werror,-Wimplicit-int-float-conversion]
if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) {
Also fixed some other conversion problems when sizeof(double) == 4.
Alternative to #13366
Fixes #13365
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/13377)
---
Summary of changes:
crypto/params.c | 52
1 file changed, 44 insertions(+), 8 deletions(-)
diff --git a/crypto/params.c b/crypto/params.c
index 4f7e25e0ca..bd31981b09 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -13,6 +13,16 @@
#include "internal/thread_once.h"
#include "internal/numbers.h"
+/*
+ * Return the number of bits in the mantissa of a double. This is used to
+ * shift a larger integral value to determine if it will exactly fit into a
+ * double.
+ */
+static unsigned int real_shift(void)
+{
+return sizeof(double) == 4 ? 24 : 53;
+}
+
OSSL_PARAM *OSSL_PARAM_locate(OSSL_PARAM *p, const char *key)
{
if (p != NULL && key != NULL)
@@ -408,7 +418,14 @@ int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val)
switch (p->data_size) {
case sizeof(double):
d = *(const double *)p->data;
-if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) {
+if (d >= INT64_MIN
+/*
+ * By subtracting 65535 (2^16-1) we cancel the low order
+ * 15 bits of INT64_MAX to avoid using imprecise floating
+ * point values.
+ */
+&& d < (double)(INT64_MAX - 65535) + 65536.0
+&& d == (int64_t)d) {
*val = (int64_t)d;
return 1;
}
@@ -464,7 +481,7 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val)
switch (p->data_size) {
case sizeof(double):
u64 = val < 0 ? -val : val;
-if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */
+if ((u64 >> real_shift()) == 0) {
*(double *)p->data = (double)val;
return 1;
}
@@ -518,7 +535,14 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t
*val)
switch (p->data_size) {
case sizeof(double):
d = *(const double *)p->data;
-if (d >= 0 && d <= INT64_MAX && d == (uint64_t)d) {
+if (d >= 0
+/*
+ * By subtracting 65535 (2^16-1) we cancel the low order
+ * 15 bits of UINT64_MAX to avoid using imprecise floating
+ * point values.
+ */
+&& d < (double)(UINT64_MAX - 65535) + 65536.0
+&& d == (uint64_t)d) {
*val = (uint64_t)d;
return 1;
}
@@ -573,7 +597,7 @@ int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val)
p->return_size = sizeof(double);
switch (p->data_size) {
case sizeof(double):
-if ((val >> 53) == 0) { /* 53 significant bits in the mantissa */
+if ((val >> real_shift()) == 0) {
*(double *)p->data = (double)val;
return 1;
}
@@ -714,7 +738,7 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
return 1;
case sizeof(uint64_t):
u64 = *(const uint64_t *)p->data;
-if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */
+if ((u64 >> real_shift()) == 0) {
*val = (double)u64;
return 1;
}
@@ -728,7 +752,7 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
case sizeof(int64_t):
i64 = *(const int64_t *)p->data;
u64 = i64 < 0 ? -i64 : i64;
-if ((u64 >> 53) == 0) { /* 53 significant bits in the mantissa */
+if ((u64 >> real_shift()) == 0) {
*val = 0.0 + i64;
return 1;
}
@@ -767,7 +791,13 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
}
break;
case sizeof(uint64_t):
-if (val >= 0 && val <= UINT64_MAX) {
+if (val >= 0
+
[openssl] master update
The branch master has been updated via 908c9fc7ed86d8fab4edc1431433509bc18ac935 (commit) via 09afbec94bacac7be9fbeab8fa0a9dfd5cb19b1d (commit) via 61dd4168f5d98cd914a65b7357e4df06a65693ab (commit) via 3a6df6bd5cf64005682da6ec18ef58b929baa452 (commit) via 0c2c560cb96346737bace83eb01f8e8aa5970f81 (commit) via 852feb3bd8a42ab441bd726ffc96c5757b7a936c (commit) via b84965aff0451dd914d54d3fbb6b9d347e1cd947 (commit) via bb57c90e6cdc8400219673ff32dad95361f3c291 (commit) via 279b61d0cade44964956c5c39da462fe43414cc1 (commit) via 9c73e48a081278f18f3203efca980ddfa873e71f (commit) via c1097eecdfe438bcb18b3f556ca4e5dec0748cfc (commit) from d7e498ac55f12bc2f4e7f948cbb8de2e3eeafc74 (commit) - Log - commit 908c9fc7ed86d8fab4edc1431433509bc18ac935 Author: Dr. David von Oheimb Date: Mon Aug 10 14:23:46 2020 +0200 apps/pkcs12: Clean up the order in which many options are presented Also do a minor extension on the documentation of the -passcerts option Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 09afbec94bacac7be9fbeab8fa0a9dfd5cb19b1d Author: Dr. David von Oheimb Date: Sat Jun 6 13:59:25 2020 +0200 e_loader_attic.c: Improve result handling of file_load_try_decode() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 61dd4168f5d98cd914a65b7357e4df06a65693ab Author: Dr. David von Oheimb Date: Mon May 11 15:51:34 2020 +0200 Allow for PKCS#12 input without MAC in p12_kiss.c and e_loader_attic.c Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 3a6df6bd5cf64005682da6ec18ef58b929baa452 Author: Dr. David von Oheimb Date: Sat Jun 6 14:00:21 2020 +0200 e_loader_attic.c: Remove redundant 'pass phrase' sub-string from try_decode_PKCS12() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 0c2c560cb96346737bace83eb01f8e8aa5970f81 Author: Dr. David von Oheimb Date: Mon May 11 15:50:36 2020 +0200 apps/storeutl: Add error output in case of parse/decryption/mac errors in input files Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 852feb3bd8a42ab441bd726ffc96c5757b7a936c Author: Dr. David von Oheimb Date: Mon May 11 15:49:34 2020 +0200 apps/pkcs12: Really do not perform MAC in case -nomac Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit b84965aff0451dd914d54d3fbb6b9d347e1cd947 Author: Dr. David von Oheimb Date: Mon May 11 15:48:52 2020 +0200 apps/pkcs12: Do not prompt for password in case -nomac and -noenc/-nodes Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit bb57c90e6cdc8400219673ff32dad95361f3c291 Author: Dr. David von Oheimb Date: Mon Sep 14 19:17:28 2020 +0200 Minor improvements of doc for ca and x509 app Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 279b61d0cade44964956c5c39da462fe43414cc1 Author: David von Oheimb Date: Thu Dec 14 14:02:27 2017 +0100 apps/pkcs12: Retain test output files Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit 9c73e48a081278f18f3203efca980ddfa873e71f Author: David von Oheimb Date: Thu Dec 14 11:10:33 2017 +0100 Minor cleanup of error output for various apps Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) commit c1097eecdfe438bcb18b3f556ca4e5dec0748cfc Author: David von Oheimb Date: Thu Dec 14 08:04:00 2017 +0100 apps/ca: Minor code and doc cleanup Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/4930) --- Summary of changes: apps/ca.c | 47 +- apps/pkcs12.c | 57 +++--- apps/s_server.c| 3 ++- apps/storeutl.c| 8 +++--- crypto/pkcs12/p12_kiss.c | 3 ++- doc/man1/openssl-ca.pod.in | 12 - doc/man1/openssl-pkcs12.pod.in | 5 ++-- engines/e_loader_attic.c | 10 +--- test/recipes/80-test_pkcs12.t | 18 ++--- 9 files changed, 82 insertions(+), 81 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index b2866f63d6..0f21b4fa1c 100755 --- a/apps/ca.c +++ b/apps/ca.c @@ -100,7 +100,7 @@ static int certify(X509 **xret, const char *infile, int informat, long days, int batch, const char *ext_sect, CONF *conf, int verbose, unsigned long certopt, unsigned long nameopt, int
