Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method
Commit log since last time: d3dbc9b500 apps_ui.c: Correct password prompt for ui_method 591ceeddb3 apps_ui.c: Correct handling of empty password from -passin f84de16f39 apps_ui.c: Improve error handling and return value of setup_ui_method() 9a62ccbe8a Fix fipsinstall module path 9f604ca13d STORE: Fix OSSL_STORE_attach() to check |ui_method| before use 5a0991d0d9 Add/harmonize multi-valued RDN support and doc of ca, cmp, req, storeutl, and x509 apps 5fdcde816f X509_NAME_cmp(): Clearly document its semantics, referencing relevant RFCs a8e2a9f569 X509_NAME_add_entry_by_txt.pod: Improve documentation w.r.t. multi-valued RDNs (containing sets of AVAs) bc64c5a69b X509_NAME_cmp: restrict normal return values to {-1,0,1} to avoid confusion with -2 for error 2aa91df406 X509_NAME_oneline(): Fix output of multi-valued RDNs, escaping '/' and '+' in values 115786793c X509_NAME_print_ex.pod: re-format lines to fit within 80 chars limit 388f2d9f6c app_load_config_bio(): fix crash on error 3101ab603c Fix an EVP_MD_CTX leak b830e00429 Diverse build.info: Adjust paths bb30bce22b bugfix in apps/cmp.c and cmp_client.c: inconsistencies on retrieving extraCerts in code and doc 543a802fab bugfix in ossl_cmp_msg_protect(): set senderKID and extend extraCerts also for unprotected CMP requests 6199478101 bugfix in ossl_cmp_msg_add_extraCerts(): should include cert chain when using PBM 7eb48cfc66 test/cmp_{client,msg}_test.c: minor code cleanup eb5087fc7c test/recipes/81-test_cmp_cli_data/Mock/server.cnf: minor cleanup 4245fd64c8 81-test_cmp_cli: Make test output files all different according to #11080 57371e1674 81-test_cmp_cli.t: Stop unlinking test output files according to #11080 c4adc5ba5b apps.c: Fix mem leaks on error in load_certs() and load_crls() a877d2629b apps/cmp.c: clear leftover errors on loading libengines.so etc. 87495d56a9 apps.c: Fix diagnostics and return value of load_key_certs_crls() on error aad086e2ae Replace all wrong usages of 'B<...>' (typically by 'I<...>') in OSSL_CMP_CTX_new.pod a0745e2be6 Clean up CMP chain building for CMP signer, TLS client, and newly enrolled certs 474853c39a Fix markdown nits in NOTES-Windows.txt 10203a3472 Support writing RSA keys using the traditional format again 8ae40cf57d ENCODER: Refactor provider implementations, and some cleanup ce43db7a3f Fix up issue on AIX caused by broken compiler handling of macro expansion b7a8fb52a9 s_time: check return values better e942111267 In a non-shared build, don't include the md5 object files in legacy provider 5c97eeb726 TLS fixes for CBC mode and no-deprecated b924d1b6e1 TLS: remove legacy code path supporting special CBC mode 81661a14bc legacy: include MD5 code in legacy provider b250fc7be7 Deprecate SHA and MD5 again. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E0DFD69F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1327 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1405 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E0DFD69F7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E0DFD69F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6456 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bWp7cMusno default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1327 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1405 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C02078CB007F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:127:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6456 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bWp7cMusno fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=211, Tests=3559, 716 wallclock secs (13.64 usr 1.18 sys + 649.44 cusr 66.59 csys = 730.85 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2