Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... skipped: The PKCS12 command line utility is not supported by this OpenSSL build 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 30-test_evp.t(Wstat: 512 Tests: 90 Failed: 2) Failed tests: 14, 40 Non-zero exit status: 2 30-test_evp_kdf.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3425, 821 wallclock secs (13.95 usr 1.32 sys + 732.28 cusr 83.33 csys = 830.88 CPU) Result: FAIL make[1]: *** [Makefile:3207: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' make: *** [Makefile:3204: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok # 81-test_cmp_cli.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_fipsload.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_gost_engine.t . skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz_asn1.t ok 99-test_fuzz_asn1parse.t ... ok 99-test_fuzz_bignum.t .. ok 99-test_fuzz_bndiv.t ... ok 99-test_fuzz_client.t .. ok 99-test_fuzz_cmp.t . ok 99-test_fuzz_cms.t . ok 99-test_fuzz_conf.t ok 99-test_fuzz_crl.t . ok 99-test_fuzz_ct.t .. ok 99-test_fuzz_server.t .. ok 99-test_fuzz_x509.t ok Test Summary Report --- 04-test_err.t(Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=227, Tests=3423, 724 wallclock secs (12.65 usr 1.14 sys + 652.00 cusr 69.89 csys = 735.68 CPU) Result: FAIL make[1]: *** [Makefile:3255: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' make: *** [Makefile:3252: tests] Error 2
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm
Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 30af356df4 Don't call EVP_CIPHER_CTX_block_size() to find the block size Build log ended with (last 100 lines): 20-test_enc.t .. ok 20-test_enc_more.t . ok 20-test_kdf.t .. ok 20-test_mac.t .. ok 20-test_passwd.t ... ok 20-test_pkeyutl.t .. ok 20-test_rand_config.t .. ok 25-test_crl.t .. ok 25-test_d2i.t .. ok 25-test_eai_data.t . ok 25-test_pkcs7.t ok 25-test_req.t .. ok 25-test_rusext.t ... ok 25-test_sid.t .. ok 25-test_verify.t ... ok 25-test_verify_store.t . ok 25-test_x509.t . ok 30-test_acvp.t . ok 30-test_aesgcm.t ... ok 30-test_afalg.t ok 30-test_defltfips.t ok 30-test_engine.t ... ok 30-test_evp.t .. ok 30-test_evp_extra.t ok 30-test_evp_fetch_prov.t ... ok 30-test_evp_kdf.t .. ok 30-test_evp_libctx.t ... ok 30-test_evp_pkey_dparam.t .. ok 30-test_evp_pkey_provided.t ok 30-test_pbelu.t ok 30-test_pkey_meth.t ok 30-test_pkey_meth_kdf.t ok 30-test_provider_status.t .. ok 40-test_rehash.t ... ok 60-test_x509_check_cert_pkey.t . ok 60-test_x509_dup_cert.t ok 60-test_x509_store.t ... ok 60-test_x509_time.t ok 61-test_bio_prefix.t ... ok 65-test_cmp_asn.t .. ok 65-test_cmp_client.t ... ok 65-test_cmp_ctx.t .. ok 65-test_cmp_hdr.t .. ok 65-test_cmp_msg.t .. ok 65-test_cmp_protect.t .. ok 65-test_cmp_server.t ... ok 65-test_cmp_status.t ... ok 65-test_cmp_vfy.t .. ok 66-test_ossl_store.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok # 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_http.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok Terminated make[1]: *** [Makefile:3242: _tests] Error 143 make[1]: Leaving directory '/home/openssl/run-checker/no-asm' make: *** [Makefile:3239: tests] Terminated
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 9be10637502bf32189055dff8d3442e140e845c5 (commit)
from 64a1b940d2b640e5edf0feae90e81bbb6b4941e7 (commit)
- Log -
commit 9be10637502bf32189055dff8d3442e140e845c5
Author: David Carlier
Date: Tue Dec 8 17:43:10 2020 +
CRYPTO_secure_malloc_init: BSD support improvements.
Backport of #13394
Reviewed-by: Tomas Mraz
Reviewed-by: Ben Kaduk
(Merged from https://github.com/openssl/openssl/pull/13637)
---
Summary of changes:
crypto/mem_sec.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index b5f959ba15..222c786cba 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -34,6 +34,12 @@
# include
# endif
# endif
+# if defined(__FreeBSD__)
+# define MADV_DONTDUMP MADV_NOCORE
+# endif
+# if !defined(MAP_CONCEAL)
+# define MAP_CONCEAL 0
+# endif
# include
# include
# include
@@ -442,7 +448,7 @@ static int sh_init(size_t size, int minsize)
if (1) {
#ifdef MAP_ANON
sh.map_result = mmap(NULL, sh.map_size,
- PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1,
0);
+ PROT_READ|PROT_WRITE,
MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0);
} else {
#endif
int fd;
[openssl] master update
The branch master has been updated
via 30af356df487b2dad571be15574b454daf70743c (commit)
from ae031148fde2b55238d56dcbe4ac05625382d970 (commit)
- Log -
commit 30af356df487b2dad571be15574b454daf70743c
Author: Matt Caswell
Date: Wed Dec 23 16:30:36 2020 +
Don't call EVP_CIPHER_CTX_block_size() to find the block size
The EVP lib was calling EVP_CIPHER_CTX_block_size(), which in turn calls
EVP_CIPHER_block_size() in order to find the block_size in every
EVP_EncryptUpdate() call. This adds a surprising amount of overhead when
using speed to test aes-128-cbc. Since we're in the EVP lib itself, we can
just directly access this value.
To test performance I ran the command:
openssl speed -evp aes-128-cbc -bytes 16 -seconds 30
For the before and after, I ran this twice and discarded the first result
to "warm up" my machine.
Before:
aes-128-cbc 716949.71k
After:
aes-128-cbc 742807.11k
This represents a performance improvement of about 4%
Partially fixes #13407
Reviewed-by: Kurt Roeckx
Reviewed-by: Dmitry Belyavskiy
(Merged from https://github.com/openssl/openssl/pull/13734)
---
Summary of changes:
crypto/evp/evp_enc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index c1c8f1cf28..eb8c0faf14 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -556,7 +556,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char
*out, int *outl,
if (ctx->cipher->prov == NULL)
goto legacy;
-blocksize = EVP_CIPHER_CTX_block_size(ctx);
+blocksize = ctx->cipher->block_size;
if (ctx->cipher->cupdate == NULL || blocksize < 1) {
ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
