Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 38f7931429 Cache Digest constants ae69da05a7 Move the caching of cipher constants into evp_cipher_from_dispatch fdf05eb761 Fix doc-nits for list command 128d25ba6a Fetch provided algorithm once per benchmark c4b2c53fad Fix NULL pointer access caused by X509_ATTRIBUTE_create() 7a7ed5fc79 Restore v2i_AUTHORITY_INFO_ACCESS() behavior Build log ended with (last 100 lines): 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... skipped: The PKCS12 command line utility is not supported by this OpenSSL build 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 30-test_evp.t(Wstat: 512 Tests: 90 Failed: 2) Failed tests: 14, 40 Non-zero exit status: 2 30-test_evp_kdf.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3425, 816 wallclock secs (14.04 usr 1.45 sys + 726.70 cusr 85.27 csys = 827.46 CPU) Result: FAIL make[1]: *** [Makefile:3193: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' make: *** [Makefile:3190: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 38f7931429 Cache Digest constants ae69da05a7 Move the caching of cipher constants into evp_cipher_from_dispatch fdf05eb761 Fix doc-nits for list command 128d25ba6a Fetch provided algorithm once per benchmark c4b2c53fad Fix NULL pointer access caused by X509_ATTRIBUTE_create() 7a7ed5fc79 Restore v2i_AUTHORITY_INFO_ACCESS() behavior Build log ended with (last 100 lines): 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 04-test_err.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3423, 852 wallclock secs (14.05 usr 1.47 sys + 762.55 cusr 84.51 csys = 862.58 CPU) Result: FAIL make[1]: *** [Makefile:3250: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' make: *** [Makefile:3247: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 38f7931429 Cache Digest constants ae69da05a7 Move the caching of cipher constants into evp_cipher_from_dispatch fdf05eb761 Fix doc-nits for list command 128d25ba6a Fetch provided algorithm once per benchmark c4b2c53fad Fix NULL pointer access caused by X509_ATTRIBUTE_create() 7a7ed5fc79 Restore v2i_AUTHORITY_INFO_ACCESS() behavior Build log ended with (last 100 lines): 30-test_evp_extra.t ok 30-test_evp_fetch_prov.t ... ok 30-test_evp_kdf.t .. ok 30-test_evp_libctx.t ... ok 30-test_evp_pkey_dparam.t .. ok 30-test_evp_pkey_provided.t ok 30-test_pbelu.t ok 30-test_pkey_meth.t ok 30-test_pkey_meth_kdf.t ok 30-test_provider_status.t .. ok 40-test_rehash.t ... ok 60-test_x509_check_cert_pkey.t . ok 60-test_x509_dup_cert.t ok 60-test_x509_store.t ... ok 60-test_x509_time.t ok 61-test_bio_prefix.t ... ok 65-test_cmp_asn.t .. ok 65-test_cmp_client.t ... ok 65-test_cmp_ctx.t .. ok 65-test_cmp_hdr.t .. ok 65-test_cmp_msg.t .. ok 65-test_cmp_protect.t .. ok 65-test_cmp_server.t ... ok 65-test_cmp_status.t ... ok 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok make[1]: *** wait: No child processes. Stop. make[1]: *** Waiting for unfinished jobs make[1]: *** wait: No child processes. Stop. make: *** [Makefile:3249: tests] Terminated
[openssl] master update
The branch master has been updated via 38f7931429859a3bd07725dbc451c0b4cac26a10 (commit) via ae69da05a7749e21c7526831173405e3570917b2 (commit) from fdf05eb7611a1fdb283162228985286a09d07940 (commit) - Log - commit 38f7931429859a3bd07725dbc451c0b4cac26a10 Author: Matt Caswell Date: Tue Dec 22 11:36:30 2020 + Cache Digest constants EVP_CIPHER already caches certain constants so that we don't have to query the provider every time. We do the same thing with EVP_MD constants. Without this we can get performance issues, e.g. running "speed" with small blocks of data to digest can spend a long time in EVP_MD_size(), which should be quick. Partialy fixes #13578 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13730) commit ae69da05a7749e21c7526831173405e3570917b2 Author: Matt Caswell Date: Tue Dec 22 11:54:16 2020 + Move the caching of cipher constants into evp_cipher_from_dispatch Previously we cached the cipher constants in EVP_CIPHER_fetch(). However, this means we do the caching every time we call that function, even if the core has previusly fetched the cipher and cached it already. This means we can end up re-caching the constants even though they are already present. This also means we could be updating these constants from multiple threads at the same time. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13730) --- Summary of changes: crypto/err/openssl.txt | 1 + crypto/evp/digest.c | 29 + crypto/evp/evp_enc.c | 10 ++ crypto/evp/evp_err.c | 2 ++ crypto/evp/evp_lib.c | 33 +++-- include/crypto/evperr.h | 2 +- include/openssl/evperr.h | 1 + 7 files changed, 43 insertions(+), 35 deletions(-) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 60f343eb7d..5440e47093 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2528,6 +2528,7 @@ EVP_R_BAD_ALGORITHM_NAME:200:bad algorithm name EVP_R_BAD_DECRYPT:100:bad decrypt EVP_R_BAD_KEY_LENGTH:195:bad key length EVP_R_BUFFER_TOO_SMALL:155:buffer too small +EVP_R_CACHE_CONSTANTS_FAILED:225:cache constants failed EVP_R_CAMELLIA_KEY_SETUP_FAILED:157:camellia key setup failed EVP_R_CANNOT_GET_PARAMETERS:197:cannot get parameters EVP_R_CANNOT_SET_PARAMETERS:198:cannot set parameters diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 1d16c52060..46f4d201d9 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -827,6 +827,29 @@ static void set_legacy_nid(const char *name, void *vlegacy_nid) } #endif +static int evp_md_cache_constants(EVP_MD *md) +{ +int ok; +size_t blksz = 0; +size_t mdsize = 0; +unsigned long flags = 0; +OSSL_PARAM params[4]; + +params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, ); +params[1] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, ); +params[2] = OSSL_PARAM_construct_ulong(OSSL_DIGEST_PARAM_FLAGS, ); +params[3] = OSSL_PARAM_construct_end(); +ok = evp_do_md_getparams(md, params); +if (mdsize > INT_MAX || blksz > INT_MAX) +ok = 0; +if (ok) { +md->block_size = (int)blksz; +md->md_size = (int)mdsize; +md->flags = flags; +} +return ok; +} + static void *evp_md_from_dispatch(int name_id, const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov) @@ -938,6 +961,12 @@ static void *evp_md_from_dispatch(int name_id, if (prov != NULL) ossl_provider_up_ref(prov); +if (!evp_md_cache_constants(md)) { +EVP_MD_free(md); +ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED); +md = NULL; +} + return md; } diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 7818ab25ea..c1c8f1cf28 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -1470,6 +1470,12 @@ static void *evp_cipher_from_dispatch(const int name_id, if (prov != NULL) ossl_provider_up_ref(prov); +if (!evp_cipher_cache_constants(cipher)) { +EVP_CIPHER_free(cipher); +ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED); +cipher = NULL; +} + return cipher; } @@ -1491,10 +1497,6 @@ EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, evp_cipher_from_dispatch, evp_cipher_up_ref, evp_cipher_free); -if (cipher != NULL && !evp_cipher_cache_constants(cipher)) { -EVP_CIPHER_free(cipher); -cipher = NULL; -} return cipher; } diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index c2259f0beb..894f0cebcb 100644 ---
[openssl] master update
The branch master has been updated via 128d25ba6a9e02481381d47e3a5aa915700b9a1e (commit) from c4b2c53fadb158bee34aef90d5a7d500aead1f70 (commit) - Log - commit 128d25ba6a9e02481381d47e3a5aa915700b9a1e Author: Dmitry Belyavskiy Date: Mon Dec 21 14:23:17 2020 +0100 Fetch provided algorithm once per benchmark Partially fixes #13578 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13721) --- Summary of changes: apps/speed.c | 50 ++ 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/apps/speed.c b/apps/speed.c index 5b944290fc..c8c4f65b47 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1003,7 +1003,9 @@ static int EVP_Update_loop_aead(void *args) return count; } -static const EVP_MD *evp_md = NULL; +static EVP_MD *evp_md = NULL; +static int fetched_alg = 0; + static int EVP_Digest_loop(void *args) { loopargs_t *tempargs = *(loopargs_t **) args; @@ -1491,6 +1493,38 @@ static int run_benchmark(int async_jobs, return error ? -1 : total_op_count; } +static EVP_MD *obtain_md(const char *name) +{ +EVP_MD *md = NULL; + +/* Look through providers' digests */ +ERR_set_mark(); +md = EVP_MD_fetch(NULL, name, NULL); +ERR_pop_to_mark(); +if (md != NULL) { +fetched_alg = 1; +return md; +} + +return (EVP_MD *)EVP_get_digestbyname(name); +} + +static EVP_CIPHER *obtain_cipher(const char *name) +{ +EVP_CIPHER *cipher = NULL; + +/* Look through providers' ciphers */ +ERR_set_mark(); +cipher = EVP_CIPHER_fetch(NULL, name, NULL); +ERR_pop_to_mark(); +if (cipher != NULL) { +fetched_alg = 1; +return cipher; +} + +return (EVP_CIPHER *)EVP_get_cipherbyname(name); +} + #define stop_it(do_it, test_num)\ memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num); @@ -1500,7 +1534,7 @@ int speed_main(int argc, char **argv) loopargs_t *loopargs = NULL; const char *prog; const char *engine_id = NULL; -const EVP_CIPHER *evp_cipher = NULL; +EVP_CIPHER *evp_cipher = NULL; double d = 0.0; OPTION_CHOICE o; int async_init = 0, multiblock = 0, pr_header = 0; @@ -1694,10 +1728,14 @@ int speed_main(int argc, char **argv) usertime = 0; break; case OPT_EVP: +if (doit[D_EVP]) { +BIO_printf(bio_err, "%s: -evp option cannot be used more than once\n", prog); +goto opterr; +} evp_md = NULL; -evp_cipher = EVP_get_cipherbyname(opt_arg()); +evp_cipher = obtain_cipher(opt_arg()); if (evp_cipher == NULL) -evp_md = EVP_get_digestbyname(opt_arg()); +evp_md = obtain_md(opt_arg()); if (evp_cipher == NULL && evp_md == NULL) { BIO_printf(bio_err, "%s: %s is an unknown cipher or digest\n", @@ -4091,6 +4129,10 @@ int speed_main(int argc, char **argv) } OPENSSL_free(loopargs); release_engine(e); +if (fetched_alg) { +EVP_MD_free(evp_md); +EVP_CIPHER_free(evp_cipher); +} return ret; }
[openssl] master update
The branch master has been updated via fdf05eb7611a1fdb283162228985286a09d07940 (commit) from 128d25ba6a9e02481381d47e3a5aa915700b9a1e (commit) - Log - commit fdf05eb7611a1fdb283162228985286a09d07940 Author: Dmitry Belyavskiy Date: Tue Dec 22 09:40:46 2020 +0100 Fix doc-nits for list command Bug was introduced in #13669 Reviewed-by: Matt Caswell Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13728) --- Summary of changes: doc/man1/openssl-list.pod.in | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/man1/openssl-list.pod.in b/doc/man1/openssl-list.pod.in index b06478e711..74389dca23 100644 --- a/doc/man1/openssl-list.pod.in +++ b/doc/man1/openssl-list.pod.in @@ -13,16 +13,16 @@ B [B<-select> I] [B<-1>] [B<-commands>] -[B<-digest-commands>] +[B<-digest-algorithms>] {- output_off() if $disabled{"deprecated-3.0"}; "" --}[B<-digest-algorithms>] +-}[B<-digest-commands>] {- output_on() if $disabled{"deprecated-3.0"}; "" -}[B<-kdf-algorithms>] [B<-mac-algorithms>] [B<-random-generators>] -[B<-cipher-commands>] +[B<-cipher-algorithms>] {- output_off() if $disabled{"deprecated-3.0"}; "" --}[B<-cipher-algorithms>] +-}[B<-cipher-commands>] {- output_on() if $disabled{"deprecated-3.0"}; "" -}[B<-encoders>] [B<-decoders>]