[openssl] master update

[beldmit]

The branch master has been updated
   via  a5f4099d275520caf90a28a88e889cb36683b412 (commit)
  from  dbd0244a16ebf577401e92cce374467dbc3226df (commit)


- Log -
commit a5f4099d275520caf90a28a88e889cb36683b412
Author: Dmitry Belyavskiy 
Date:   Tue Aug 10 15:04:37 2021 +0200

Disclaimer about the default provider activation added to config

Fixes #16249

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16280)

---

Summary of changes:
 apps/openssl-vms.cnf | 8 
 apps/openssl.cnf | 8 
 doc/man5/config.pod  | 9 +
 3 files changed, 25 insertions(+)

diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 4d96a1f32d..59c6776a1e 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -60,6 +60,14 @@ default = default_sect
 # included fipsmodule.cnf.
 # fips = fips_sect
 
+# If no providers are activated explicitly, the default one is activated 
implicitly.
+# See man 7 OSSL_PROVIDER-default for more details.
+#
+# If you add a section explicitly activating any other provider(s), you most
+# probably need to explicitly activate the default provider, otherwise it
+# becomes unavailable in openssl.  As a consequence applications depending on
+# OpenSSL may not work correctly which could lead to significant system
+# problems including inability to remotely access the system.
 [default_sect]
 # activate = 1
 
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index ffb424a871..03330e0120 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -60,6 +60,14 @@ default = default_sect
 # included fipsmodule.cnf.
 # fips = fips_sect
 
+# If no providers are activated explicitly, the default one is activated 
implicitly.
+# See man 7 OSSL_PROVIDER-default for more details.
+#
+# If you add a section explicitly activating any other provider(s), you most
+# probably need to explicitly activate the default provider, otherwise it
+# becomes unavailable in openssl.  As a consequence applications depending on
+# OpenSSL may not work correctly which could lead to significant system
+# problems including inability to remotely access the system.
 [default_sect]
 # activate = 1
 
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
index 7bd603a2cc..77a8055e81 100644
--- a/doc/man5/config.pod
+++ b/doc/man5/config.pod
@@ -273,6 +273,15 @@ significant.
 All parameters in the section as well as sub-sections are made
 available to the provider.
 
+=head3 Default provider and its activation
+
+If no providers are activated explicitly, the default one is activated 
implicitly.
+See L for more details.
+
+If you add a section explicitly activating any other provider(s),
+you most probably need to explicitly activate the default provider,
+otherwise it becomes unavailable in openssl. It may make the system remotely 
unavailable.
+
 =head2 EVP Configuration
 
 The name B in the initialization section names the section

Coverity Scan: Analysis completed for OpenSSL-1.0.2

[scan-admin]

Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DLQNT_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGepRbIlVv7s3LiXnSfane-2F-2FoqsleOksA17XO9xujnhOwqoA1B5hWPKlera462RPMfR0CNEd-2BAyy7Eysk7PDZDVwbk1PYNa7cJFJWxsXzr-2BDNyYVN5O9NZ4-2FHdxbUa-2FXX1IpTSxCcoNCnUS7dMF4YwElycI4emkgLQM0ok2yOe8tcnkX8u5m5R7w7t3CiStmvI-3D

Build ID: 401980

Analysis Summary:
   New defects found: 0
   Defects eliminated: 0

Coverity Scan: Analysis completed for openssl/openssl

[scan-admin]

Your request for analysis of openssl/openssl has been completed 
successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Dq5pe_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeH1W2LqcNAxRoV-2Fm5VrMRgzL3gocUq2IKJ83dZKo4G7v-2FkFzJqUPGGZr2WtXwetFXS92JdIeY-2Fc0EPtSCccdDPq4AP5LtKn4dbsyflHnW-2BwNefHuMLl5-2BY947-2FT17xTV5piL7-2Bh8zK1jsI1BSHkFbb-2Bt7DqGKRjtuB44fmNfBoneRiFcWkgmS8lMCIhKykMTRs-3D

Build ID: 401979

Analysis Summary:
   New defects found: 0
   Defects eliminated: 0

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  dbd0244a16ebf577401e92cce374467dbc3226df (commit)
  from  3465ec99eab5803507b577d50dd0d598b852d825 (commit)


- Log -
commit dbd0244a16ebf577401e92cce374467dbc3226df
Author: Pauli 
Date:   Fri Aug 6 10:01:15 2021 +1000

genpkey: -quiet doesn't take an argument

Fixes #16238

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/16240)

---

Summary of changes:
 apps/genpkey.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/genpkey.c b/apps/genpkey.c
index d327bcab07..d00754eeac 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -37,7 +37,7 @@ const OPTIONS genpkey_options[] = {
 #endif
 {"paramfile", OPT_PARAMFILE, '<', "Parameters file"},
 {"algorithm", OPT_ALGORITHM, 's', "The public key algorithm"},
-{"quiet", OPT_QUIET, 's', "Do not output status while generating keys"},
+{"quiet", OPT_QUIET, '-', "Do not output status while generating keys"},
 {"pkeyopt", OPT_PKEYOPT, 's',
  "Set the public key algorithm option as opt:value"},
  OPT_CONFIG_OPTION,