Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Commit log since last time: eae4a00834 Fix CID 1454808: Error handling issues NEGATIVE_RETURNS (PKCS7_dataDecode()) c8ea9bc670 Fix CID 1454806: NEGATIVE_RETURNS (cms_enc.c) e2cc68c8fd Fix CID 1465213: Integer handling issues (evp_extra_test.c) 5999d20ea8 Fix CID 1463883 Dereference after null check (in ess_find_cert_v2()) 821278a885 Fix CID 1465214 Resource leak (in file_load.c) fd7d574dd9 Fix CID 1465215 : Explicit null dereferenced (in test) 84ba665d72 Fix CID #1465216 Resource leak in property_fetch 2f1d0b35c1 Ensure we excluse ec2m curves if ec2m is disabled 146aebc6a0 Add a test to check having a provider loaded without a groups still works 90a74d8c43 Fix an incorrect error flow in add_provider_groups 08a1c9f2e6 Fix OSSL_PROVIDER_get_capabilities() 163b801616 Add support to zeroize plaintext in S3 record layer 1c9761d0b5 [test][15-test_genec] Improve EC tests with genpkey 466d30c0d7 [apps/genpkey] exit status should not be 0 on output errors e0137ca92b [EC][ASN1] Detect missing OID when serializing EC parameters and keys 8c330e1939 improve SSL_CTX_set_tlsext_ticket_key_cb ref impl 2d9f56e999 Ensure TLS padding is added during encryption on the provider side b558817823 Convert SSLv3 handling to use provider side CBC/MAC removal 63ee6ec177 Ensure any allocated MAC is freed in the provider code f29dbb0866 Decreate the length after decryption for the stitched ciphers 09ce6e0854 Ensure the sslcorrupttest checks all errors on the queue ee0c849e5a Ensure GCM "update" failures return 0 on error 978cc3648d Ensure cipher_generic_initkey gets passed the actual provider ctx 1ae7354c04 Make the NULL cipher TLS aware 27d4c840fc Change ChaCha20-Poly1305 to be consistent with out ciphers 524cb684ac Make libssl start using the TLS provider CBC support e71fd827bc Add provider support for TLS CBC padding and MAC removal f0237a6c62 Remove SSL dependencies from tls_pad.c ebacd57bee Split the padding/mac removal functions out into a separate file ec27e619e8 Move MAC removal responsibility to the various protocol "enc" functions Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80174F3DAA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:199 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229 # false # 8067017BBA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:400: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:199 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229 # false # 8067017BBA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:400: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=204, Tests=3015, 1684 wallclock secs (11.29 usr 1.54 sys + 1516.20 cusr 150.74 csys = 1679.77 CPU) Result: FAIL Makefile:2490: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2488: recipe for target 'tests' failed make: *** [tests] Error 2