Build completed: openssl OpenSSL_1_1_1-stable.42199
Build openssl OpenSSL_1_1_1-stable.42199 completed Commit 3ee328ab9e by Tomas Mraz on 5/29/2021 3:05 PM: Put init_ec_point_formats() inside #ifndef OPENSSL_NO_EC Configure your notification preferences
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 3ee328ab9eff0bf0c86d07b24555a81f403d2ecb (commit)
from 9008dc9e38bc35541957eacebafac35912d20821 (commit)
- Log -
commit 3ee328ab9eff0bf0c86d07b24555a81f403d2ecb
Author: Tomas Mraz
Date: Fri May 28 14:12:12 2021 +0200
Put init_ec_point_formats() inside #ifndef OPENSSL_NO_EC
Reviewed-by: Matt Caswell
Reviewed-by: Dmitry Belyavskiy
(Merged from https://github.com/openssl/openssl/pull/15518)
---
Summary of changes:
ssl/statem/extensions.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 19e91b6f4e..0f39275baa 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -18,6 +18,7 @@ static int final_renegotiate(SSL *s, unsigned int context,
int sent);
static int init_server_name(SSL *s, unsigned int context);
static int final_server_name(SSL *s, unsigned int context, int sent);
#ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context);
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
#endif
static int init_session_ticket(SSL *s, unsigned int context);
@@ -42,7 +43,6 @@ static int tls_parse_certificate_authorities(SSL *s, PACKET
*pkt,
#ifndef OPENSSL_NO_SRP
static int init_srp(SSL *s, unsigned int context);
#endif
-static int init_ec_point_formats(SSL *s, unsigned int context);
static int init_etm(SSL *s, unsigned int context);
static int init_ems(SSL *s, unsigned int context);
static int final_ems(SSL *s, unsigned int context, int sent);
@@ -1028,6 +1028,15 @@ static int final_server_name(SSL *s, unsigned int
context, int sent)
}
#ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+OPENSSL_free(s->ext.peer_ecpointformats);
+s->ext.peer_ecpointformats = NULL;
+s->ext.peer_ecpointformats_len = 0;
+
+return 1;
+}
+
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
{
unsigned long alg_k, alg_a;
@@ -1166,15 +1175,6 @@ static int init_srp(SSL *s, unsigned int context)
}
#endif
-static int init_ec_point_formats(SSL *s, unsigned int context)
-{
-OPENSSL_free(s->ext.peer_ecpointformats);
-s->ext.peer_ecpointformats = NULL;
-s->ext.peer_ecpointformats_len = 0;
-
-return 1;
-}
-
static int init_etm(SSL *s, unsigned int context)
{
s->ext.use_etm = 0;
Build failed: openssl master.42198
Build openssl master.42198 failed Commit 43dbe3b72d by Pauli on 5/29/2021 10:46 AM: fips: set the library context and handle later Configure your notification preferences
Build failed: openssl master.42197
Build openssl master.42197 failed Commit f839361e3e by Richard Levitte on 5/29/2021 9:06 AM: make update-fips-checksums Configure your notification preferences
Build failed: openssl master.42196
Build openssl master.42196 failed Commit 5cbd2ea3f9 by Pauli on 5/29/2021 7:17 AM: add zero strenght arguments to BN and RAND RNG calls Configure your notification preferences
[openssl] master update
The branch master has been updated via 43dbe3b72de0ba4ebd20e9e6a2c526ef747326ab (commit) from f839361e3e45b5becce7c3267fa8e2f72654e75f (commit) - Log - commit 43dbe3b72de0ba4ebd20e9e6a2c526ef747326ab Author: Pauli Date: Fri May 28 10:25:55 2021 +1000 fips: set the library context and handle later They need to be set once the provider will definitely be loading. If they are set earlier, a double free results on a failure. Fixes #15452 Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15492) --- Summary of changes: providers/fips/fipsprov.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 580eea574f..4155b64197 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -663,8 +663,6 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle, OSSL_LIB_CTX_free(libctx); goto err; } -ossl_prov_ctx_set0_libctx(*provctx, libctx); -ossl_prov_ctx_set0_handle(*provctx, handle); if ((fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX, _prov_ossl_ctx_method)) == NULL) @@ -707,6 +705,9 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle, goto err; } +ossl_prov_ctx_set0_libctx(*provctx, libctx); +ossl_prov_ctx_set0_handle(*provctx, handle); + *out = fips_dispatch_table; return 1; err:
Build failed: openssl master.42195
Build openssl master.42195 failed Commit 83058e810b by Rich Salz on 5/29/2021 6:09 AM: Make undef'd counts zero by default. Configure your notification preferences
[openssl] master update
The branch master has been updated
via f839361e3e45b5becce7c3267fa8e2f72654e75f (commit)
via 57bd5fc728a9015ea1ed46487c19495042df2e48 (commit)
via 32eebfa27f12581d0b03fe18e9222eba1447a896 (commit)
via e653b04bd29f35ee9703be8ee6691b4a640ee2b4 (commit)
from 5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c (commit)
- Log -
commit f839361e3e45b5becce7c3267fa8e2f72654e75f
Author: Richard Levitte
Date: Sat May 29 11:06:44 2021 +0200
make update-fips-checksums
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15514)
commit 57bd5fc728a9015ea1ed46487c19495042df2e48
Author: Richard Levitte
Date: Fri May 28 07:54:04 2021 +0200
Rearrange the check of providers/fips.so dependencies
The mechanism had special cases to guess when something was generated
from a .in file. It's better, though, to use the knowledge in
configdata.pm, especially when the generated file is in a different
location than its source.
Cleanups are added, and we change the use of sed to a use of perl
when cleaning up paths with 'something/../' in them, since perl has
more powerful tools for this sort of thing.
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15514)
commit 32eebfa27f12581d0b03fe18e9222eba1447a896
Author: Richard Levitte
Date: Fri May 28 07:52:37 2021 +0200
Make providers/fips.module.sources.new depend on configdata.pm
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15514)
commit e653b04bd29f35ee9703be8ee6691b4a640ee2b4
Author: Richard Levitte
Date: Fri May 28 07:51:05 2021 +0200
configdata.pm: Allow extra arguments when --query is given.
That allows operations like this:
./configdata.pm --query 'get_sources(@ARGV)' file1 file2 file3
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15514)
---
Summary of changes:
Configurations/unix-Makefile.tmpl | 44 +++
configdata.pm.in | 5 +-
providers/fips-sources.checksums | 267 ++
providers/fips.checksum | 2 +-
providers/fips.module.sources | 216 +-
5 files changed, 483 insertions(+), 51 deletions(-)
diff --git a/Configurations/unix-Makefile.tmpl
b/Configurations/unix-Makefile.tmpl
index 7855018e3d..80f38dd1a2 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -1188,13 +1188,7 @@ generate_doc_buildinfo:
fi )
generate_fips_sources: providers/fips.module.sources.new
-providers/fips.module.sources.new: \
-$(SRCDIR)/Configure \
-{- join(" \\\n" . ' ' x 16,
-fill_lines(" ", $COLUMNS - 16,
- @{$config{build_file_templates}},
- @{$config{build_infos}},
- @{$config{conf_files}})) -}
+providers/fips.module.sources.new: configdata.pm
rm -rf sources-tmp
mkdir sources-tmp
( \
@@ -1203,38 +1197,44 @@ providers/fips.module.sources.new: \
&& $$srcdir/Configure --banner=Configured enable-fips -O0 \
&& ./configdata.pm --query 'get_sources("providers/fips")' > sources1
\
&& $(MAKE) -sj 4 \
- && find .. -name '*.d' | xargs cat > dep1 \
+ && find . -name '*.d' | xargs cat > dep1 \
&& $(MAKE) distclean \
&& $$srcdir/Configure --banner=Configured enable-fips no-asm -O0 \
&& ./configdata.pm --query 'get_sources("providers/fips")' > sources2
\
&& $(MAKE) -sj 4 \
- && find .. -name '*.d' | xargs cat > dep2 \
+ && find . -name '*.d' | xargs cat > dep2 \
&& cat sources1 sources2 \
| grep -v ' : \\$$' | grep -v util/providers.num \
-| sed -E -e 's:^ *([.][.]/)*$(SRCDIR)::' -e 's: \\::' \
+| sed -e 's/^ *//' -e 's/ *\\$$//' \
| sort | uniq > sources \
- && cat dep1 dep2 | grep -v providers/common/include/prov/der_ >deps \
+ && cat dep1 dep2 \
+| $(PERL) -p -e 's/\\\n//' \
+| sed -e 's/^.*: *//' -e 's/ */ /g' \
+| fgrep -f sources \
+| tr ' ' '\n' \
+| sort | uniq > deps.raw \
+ && cat deps.raw \
+| xargs ./configdata.pm --query 'get_sources(@ARGV)' \
+| $(PERL) -p -e 's/\\\n//' \
+| sed -e 's/\./\\\./g' -e 's/ : */:/' -e 's/^/s:/' -e 's/$$/:/' \
+> deps.sed \
+ && cat deps.raw | sed -f deps.sed > deps \
)
( \
- perl -p -e 's/\\\n//' sources-tmp/deps \
-| sed -e 's/^.*: *//' -e 's/ */ /g' \
-| fgrep -f
Build failed: openssl master.42194
Build openssl master.42194 failed Commit 30691da1ba by Amitay Isaacs on 5/29/2021 6:07 AM: ec: Add PPC64 vector assembly version of p521 field operations Configure your notification preferences
[openssl] master update
The branch master has been updated via 5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c (commit) via 965fa9c0804dadb6f99dedbff9255a2ce6ddb640 (commit) via 0f8815aace625f869a42cfc5c254c08d5a668077 (commit) via 23e97567be012ff1b5082bf149810c72816c29bd (commit) via 508258caa0299481d07d2118da5fe1524de0b6fd (commit) via e587bccdf9152716e8ff74d8208a064cabf9f3e8 (commit) from 83058e810b3abf6b04c20857323b9e487cbd0367 (commit) - Log - commit 5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c Author: Pauli Date: Fri May 28 14:46:40 2021 +1000 add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) commit 965fa9c0804dadb6f99dedbff9255a2ce6ddb640 Author: Pauli Date: Fri May 28 14:46:17 2021 +1000 prov: add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) commit 0f8815aace625f869a42cfc5c254c08d5a668077 Author: Pauli Date: Fri May 28 14:45:57 2021 +1000 ssl: add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) commit 23e97567be012ff1b5082bf149810c72816c29bd Author: Pauli Date: Fri May 28 14:45:43 2021 +1000 test: add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) commit 508258caa0299481d07d2118da5fe1524de0b6fd Author: Pauli Date: Fri May 28 14:45:06 2021 +1000 rand: add a strength argument to the BN and RAND RNG calls Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) commit e587bccdf9152716e8ff74d8208a064cabf9f3e8 Author: Pauli Date: Fri May 28 14:44:38 2021 +1000 doc: document the strength arugments to the RNG functions Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15513) --- Summary of changes: crypto/asn1/asn_mime.c | 2 +- crypto/asn1/p5_pbe.c | 2 +- crypto/asn1/p5_pbev2.c | 5 ++- crypto/bn/bn_blind.c | 2 +- crypto/bn/bn_gf2m.c| 4 +- crypto/bn/bn_prime.c | 7 ++-- crypto/bn/bn_rand.c| 47 -- crypto/bn/bn_rsa_fips186_4.c | 6 +-- crypto/bn/bn_sqrt.c| 2 +- crypto/bn/bn_x931p.c | 9 +++-- crypto/cmp/cmp_hdr.c | 2 +- crypto/cms/cms_enc.c | 2 +- crypto/cms/cms_ess.c | 3 +- crypto/cms/cms_pwri.c | 4 +- crypto/crmf/crmf_pbm.c | 2 +- crypto/dh/dh_key.c | 2 +- crypto/dsa/dsa_ossl.c | 4 +- crypto/ec/ec2_smpl.c | 4 +- crypto/ec/ec_key.c | 2 +- crypto/ec/ecdsa_ossl.c | 2 +- crypto/ec/ecp_s390x_nistp.c| 2 +- crypto/ec/ecp_smpl.c | 8 ++-- crypto/ec/ecx_backend.c| 2 +- crypto/ec/ecx_meth.c | 8 ++-- crypto/evp/evp_enc.c | 2 +- crypto/evp/p_seal.c| 2 +- crypto/ffc/ffc_key_generate.c | 2 +- crypto/ffc/ffc_params_generate.c | 4 +- crypto/pkcs12/p12_mutl.c | 2 +- crypto/pkcs7/pk7_doit.c| 2 +- crypto/rand/rand_lib.c | 14 --- crypto/rsa/rsa_oaep.c | 2 +- crypto/rsa/rsa_pk1.c | 6 +-- crypto/rsa/rsa_pss.c | 2 +- crypto/sm2/sm2_crypt.c | 2 +- crypto/sm2/sm2_sign.c | 2 +- crypto/srp/srp_vfy.c | 4 +- doc/man3/BN_rand.pod | 36 ++--- doc/man3/RAND_bytes.pod| 10 +++-- include/openssl/bn.h | 12 -- include/openssl/rand.h | 17 ++-- .../ciphers/cipher_aes_cbc_hmac_sha1_hw.c | 2 +- .../ciphers/cipher_aes_cbc_hmac_sha256_hw.c| 2 +- providers/implementations/ciphers/cipher_des.c | 2 +- .../implementations/ciphers/cipher_tdes_common.c | 2 +-
Build failed: openssl master.42193
Build openssl master.42193 failed Commit 24c07e5055 by Dr. David von Oheimb on 5/29/2021 5:47 AM: BIO acpt_state(): Allow retrying addresses (e.g., using IPv6 vs. IPv4) on creating accept socket Configure your notification preferences
[openssl] master update
The branch master has been updated
via 83058e810b3abf6b04c20857323b9e487cbd0367 (commit)
from 30691da1ba465f3cff5d865187fbf5c528eb (commit)
- Log -
commit 83058e810b3abf6b04c20857323b9e487cbd0367
Author: Rich Salz
Date: Tue May 25 13:42:45 2021 -0400
Make undef'd counts zero by default.
Fixes #15409
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/15467)
---
Summary of changes:
util/mknum.pl | 1 +
1 file changed, 1 insertion(+)
diff --git a/util/mknum.pl b/util/mknum.pl
index f661a9122d..92435a8712 100644
--- a/util/mknum.pl
+++ b/util/mknum.pl
@@ -139,6 +139,7 @@ if ($checkexist) {
if ($dropped) {
print STDERR "${ordinals_file}: Dropped $dropped new symbols\n";
}
+$stats{unassigned} = 0 unless defined $stats{unassigned};
$unassigned = $stats{unassigned} - $dropped;
if ($unassigned) {
my $symbol = $unassigned == 1 ? "symbol" : "symbols";
[openssl] master update
The branch master has been updated via 30691da1ba465f3cff5d865187fbf5c528eb (commit) via 1036749883ccf38ed11afe424d69708cfdca99f3 (commit) via 3363a2c3d60a157817dce1d6d5af20de0e415875 (commit) via 77112270593c4c51631e9138174f6657096399e9 (commit) from 24c07e50551f73f565295db22478464ca9adc32e (commit) - Log - commit 30691da1ba465f3cff5d865187fbf5c528eb Author: Amitay Isaacs Date: Tue Oct 13 05:11:40 2020 -0400 ec: Add PPC64 vector assembly version of p521 field operations Only field multiplication and squaring (but not reduction) show a significant improvement. This is enabled on Power ISA >= 3.0. On a Power 9 CPU an average 10% performance improvement is seen (ECHDE: 14%, ECDSA sign: 6%, ECDSA verify 10%), compared to existing code. On an upcoming Power 10 CPU we see an average performance improvement of 26% (ECHDE: 38%, ECDSA sign: 16%, ECDSA verify 25%), compared to existing code. Signed-off-by: Amitay Isaacs Signed-off-by: Martin Schwenke Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15401) commit 1036749883ccf38ed11afe424d69708cfdca99f3 Author: Martin Schwenke Date: Wed May 12 14:21:58 2021 +1000 ec: Add run time code selection for p521 field operations This is only used if ECP_NISTP521_ASM is defined and this currently only occurs on PPC64. This simply chooses the C reference implementation, which will be the default when custom code is available for certain CPUs. Only the multiplication and squaring operations are handled, since the upcoming assembly code only contains those. This scheme can be easily extended to handle reduction too. Signed-off-by: Martin Schwenke Signed-off-by: Amitay Isaacs Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15401) commit 3363a2c3d60a157817dce1d6d5af20de0e415875 Author: Martin Schwenke Date: Wed May 12 11:47:55 2021 +1000 ec: Rename reference p521 field operations and use them via macros This will allow clean addition of assembly versions of these operations. Signed-off-by: Martin Schwenke Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15401) commit 77112270593c4c51631e9138174f6657096399e9 Author: Martin Schwenke Date: Wed Dec 2 19:05:44 2020 +1100 perlasm/ppc-xlate.pl: Handle rewriting of vector registers Power has 2 numbering systems for vector registers: * VR: Vector Registers are numbered from 0 to 31 * VSR: Vector-Scalar registers are numbers from 32 to 63 These refer to the same registers. Some instructions use VR numbering for their operands, while others use VSR numbering. When using Perl to provide a meaningful name for a register it makes sense to use the same variable for both VR and VSR instructions. This makes the code more readable. However, providing a VSR number (i.e. >=32) to an instruction that expects a VR number will cause an assembler error. So, for instructions that require VR numbering, map VSR numbers (i.e. >=32) to VR numbers. This also allows existing code that uses VR numbering to remain unchanged. Signed-off-by: Martin Schwenke Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15401) --- Summary of changes: crypto/ec/asm/ecp_nistp521-ppc64.pl | 436 crypto/ec/build.info| 7 +- crypto/ec/ecp_nistp521.c| 55 - crypto/perlasm/ppc-xlate.pl | 82 ++- providers/fips-sources.checksums| 306 - providers/fips.checksum | 2 +- providers/fips.module.sources | 219 +- 7 files changed, 618 insertions(+), 489 deletions(-) create mode 100755 crypto/ec/asm/ecp_nistp521-ppc64.pl diff --git a/crypto/ec/asm/ecp_nistp521-ppc64.pl b/crypto/ec/asm/ecp_nistp521-ppc64.pl new file mode 100755 index 00..7e71e924ba --- /dev/null +++ b/crypto/ec/asm/ecp_nistp521-ppc64.pl @@ -0,0 +1,436 @@ +#! /usr/bin/env perl +# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html +# +# +# Written by Amitay Isaacs and Martin Schwenke +# for the OpenSSL project. +#
