[openssl] master update
The branch master has been updated via a5f4099d275520caf90a28a88e889cb36683b412 (commit) from dbd0244a16ebf577401e92cce374467dbc3226df (commit) - Log - commit a5f4099d275520caf90a28a88e889cb36683b412 Author: Dmitry Belyavskiy Date: Tue Aug 10 15:04:37 2021 +0200 Disclaimer about the default provider activation added to config Fixes #16249 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16280) --- Summary of changes: apps/openssl-vms.cnf | 8 apps/openssl.cnf | 8 doc/man5/config.pod | 9 + 3 files changed, 25 insertions(+) diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index 4d96a1f32d..59c6776a1e 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -60,6 +60,14 @@ default = default_sect # included fipsmodule.cnf. # fips = fips_sect +# If no providers are activated explicitly, the default one is activated implicitly. +# See man 7 OSSL_PROVIDER-default for more details. +# +# If you add a section explicitly activating any other provider(s), you most +# probably need to explicitly activate the default provider, otherwise it +# becomes unavailable in openssl. As a consequence applications depending on +# OpenSSL may not work correctly which could lead to significant system +# problems including inability to remotely access the system. [default_sect] # activate = 1 diff --git a/apps/openssl.cnf b/apps/openssl.cnf index ffb424a871..03330e0120 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -60,6 +60,14 @@ default = default_sect # included fipsmodule.cnf. # fips = fips_sect +# If no providers are activated explicitly, the default one is activated implicitly. +# See man 7 OSSL_PROVIDER-default for more details. +# +# If you add a section explicitly activating any other provider(s), you most +# probably need to explicitly activate the default provider, otherwise it +# becomes unavailable in openssl. As a consequence applications depending on +# OpenSSL may not work correctly which could lead to significant system +# problems including inability to remotely access the system. [default_sect] # activate = 1 diff --git a/doc/man5/config.pod b/doc/man5/config.pod index 7bd603a2cc..77a8055e81 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod @@ -273,6 +273,15 @@ significant. All parameters in the section as well as sub-sections are made available to the provider. +=head3 Default provider and its activation + +If no providers are activated explicitly, the default one is activated implicitly. +See L for more details. + +If you add a section explicitly activating any other provider(s), +you most probably need to explicitly activate the default provider, +otherwise it becomes unavailable in openssl. It may make the system remotely unavailable. + =head2 EVP Configuration The name B in the initialization section names the section
Coverity Scan: Analysis completed for OpenSSL-1.0.2
Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DLQNT_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGepRbIlVv7s3LiXnSfane-2F-2FoqsleOksA17XO9xujnhOwqoA1B5hWPKlera462RPMfR0CNEd-2BAyy7Eysk7PDZDVwbk1PYNa7cJFJWxsXzr-2BDNyYVN5O9NZ4-2FHdxbUa-2FXX1IpTSxCcoNCnUS7dMF4YwElycI4emkgLQM0ok2yOe8tcnkX8u5m5R7w7t3CiStmvI-3D Build ID: 401980 Analysis Summary: New defects found: 0 Defects eliminated: 0
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Dq5pe_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeH1W2LqcNAxRoV-2Fm5VrMRgzL3gocUq2IKJ83dZKo4G7v-2FkFzJqUPGGZr2WtXwetFXS92JdIeY-2Fc0EPtSCccdDPq4AP5LtKn4dbsyflHnW-2BwNefHuMLl5-2BY947-2FT17xTV5piL7-2Bh8zK1jsI1BSHkFbb-2Bt7DqGKRjtuB44fmNfBoneRiFcWkgmS8lMCIhKykMTRs-3D Build ID: 401979 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl] master update
The branch master has been updated via dbd0244a16ebf577401e92cce374467dbc3226df (commit) from 3465ec99eab5803507b577d50dd0d598b852d825 (commit) - Log - commit dbd0244a16ebf577401e92cce374467dbc3226df Author: Pauli Date: Fri Aug 6 10:01:15 2021 +1000 genpkey: -quiet doesn't take an argument Fixes #16238 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/16240) --- Summary of changes: apps/genpkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/genpkey.c b/apps/genpkey.c index d327bcab07..d00754eeac 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -37,7 +37,7 @@ const OPTIONS genpkey_options[] = { #endif {"paramfile", OPT_PARAMFILE, '<', "Parameters file"}, {"algorithm", OPT_ALGORITHM, 's', "The public key algorithm"}, -{"quiet", OPT_QUIET, 's', "Do not output status while generating keys"}, +{"quiet", OPT_QUIET, '-', "Do not output status while generating keys"}, {"pkeyopt", OPT_PKEYOPT, 's', "Set the public key algorithm option as opt:value"}, OPT_CONFIG_OPTION,