Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... skipped: The PKCS12 command line utility is not supported by this OpenSSL build 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 30-test_evp.t(Wstat: 512 Tests: 90 Failed: 2) Failed tests: 14, 40 Non-zero exit status: 2 30-test_evp_kdf.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3425, 821 wallclock secs (13.95 usr 1.32 sys + 732.28 cusr 83.33 csys = 830.88 CPU) Result: FAIL make[1]: *** [Makefile:3207: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' make: *** [Makefile:3204: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 04-test_err.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3423, 724 wallclock secs (12.65 usr 1.14 sys + 652.00 cusr 69.89 csys = 735.68 CPU) Result: FAIL make[1]: *** [Makefile:3255: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' make: *** [Makefile:3252: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 20-test_enc.t .. ok 20-test_enc_more.t . ok 20-test_kdf.t .. ok 20-test_mac.t .. ok 20-test_passwd.t ... ok 20-test_pkeyutl.t .. ok 20-test_rand_config.t .. ok 25-test_crl.t .. ok 25-test_d2i.t .. ok 25-test_eai_data.t . ok 25-test_pkcs7.t ok 25-test_req.t .. ok 25-test_rusext.t ... ok 25-test_sid.t .. ok 25-test_verify.t ... ok 25-test_verify_store.t . ok 25-test_x509.t . ok 30-test_acvp.t . ok 30-test_aesgcm.t ... ok 30-test_afalg.t ok 30-test_defltfips.t ok 30-test_engine.t ... ok 30-test_evp.t .. ok 30-test_evp_extra.t ok 30-test_evp_fetch_prov.t ... ok 30-test_evp_kdf.t .. ok 30-test_evp_libctx.t ... ok 30-test_evp_pkey_dparam.t .. ok 30-test_evp_pkey_provided.t ok 30-test_pbelu.t ok 30-test_pkey_meth.t ok 30-test_pkey_meth_kdf.t ok 30-test_provider_status.t .. ok 40-test_rehash.t ... ok 60-test_x509_check_cert_pkey.t . ok 60-test_x509_dup_cert.t ok 60-test_x509_store.t ... ok 60-test_x509_time.t ok 61-test_bio_prefix.t ... ok 65-test_cmp_asn.t .. ok 65-test_cmp_client.t ... ok 65-test_cmp_ctx.t .. ok 65-test_cmp_hdr.t .. ok 65-test_cmp_msg.t .. ok 65-test_cmp_protect.t .. ok 65-test_cmp_server.t ... ok 65-test_cmp_status.t ... ok 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok Terminated make[1]: *** [Makefile:3242: _tests] Error 143 make[1]: Leaving directory '/home/openssl/run-checker/no-asm' make: *** [Makefile:3239: tests] Terminated
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 9be10637502bf32189055dff8d3442e140e845c5 (commit) from 64a1b940d2b640e5edf0feae90e81bbb6b4941e7 (commit) - Log - commit 9be10637502bf32189055dff8d3442e140e845c5 Author: David Carlier Date: Tue Dec 8 17:43:10 2020 + CRYPTO_secure_malloc_init: BSD support improvements. Backport of #13394 Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13637) --- Summary of changes: crypto/mem_sec.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index b5f959ba15..222c786cba 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -34,6 +34,12 @@ # include # endif # endif +# if defined(__FreeBSD__) +# define MADV_DONTDUMP MADV_NOCORE +# endif +# if !defined(MAP_CONCEAL) +# define MAP_CONCEAL 0 +# endif # include # include # include @@ -442,7 +448,7 @@ static int sh_init(size_t size, int minsize) if (1) { #ifdef MAP_ANON sh.map_result = mmap(NULL, sh.map_size, - PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0); + PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0); } else { #endif int fd;
[openssl] master update
The branch master has been updated via 30af356df487b2dad571be15574b454daf70743c (commit) from ae031148fde2b55238d56dcbe4ac05625382d970 (commit) - Log - commit 30af356df487b2dad571be15574b454daf70743c Author: Matt Caswell Date: Wed Dec 23 16:30:36 2020 + Don't call EVP_CIPHER_CTX_block_size() to find the block size The EVP lib was calling EVP_CIPHER_CTX_block_size(), which in turn calls EVP_CIPHER_block_size() in order to find the block_size in every EVP_EncryptUpdate() call. This adds a surprising amount of overhead when using speed to test aes-128-cbc. Since we're in the EVP lib itself, we can just directly access this value. To test performance I ran the command: openssl speed -evp aes-128-cbc -bytes 16 -seconds 30 For the before and after, I ran this twice and discarded the first result to "warm up" my machine. Before: aes-128-cbc 716949.71k After: aes-128-cbc 742807.11k This represents a performance improvement of about 4% Partially fixes #13407 Reviewed-by: Kurt Roeckx Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13734) --- Summary of changes: crypto/evp/evp_enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index c1c8f1cf28..eb8c0faf14 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -556,7 +556,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, if (ctx->cipher->prov == NULL) goto legacy; -blocksize = EVP_CIPHER_CTX_block_size(ctx); +blocksize = ctx->cipher->block_size; if (ctx->cipher->cupdate == NULL || blocksize < 1) { ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);