Platform and configuration command: $ uname -a Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method
Commit log since last time: 6be27456e1 Fix string termination and length setting in OSSL_PARAM_BLD_push_utf8_string() af8bd1d835 Fix OSSL_PARAM_allocate_from_text() for OSSL_PARAM_UTF8_STRING a8eb71ad57 Allow the sshkdf type to be passed as a single character da9988e0f5 Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs b300f1cb3d Fix missing EOL at the end of the rsa/build.info 53cefef62b Remove inclusion of unnecessary header files 7415ffe368 Use strcasecmp when comparing kdf_type 861f265a40 speed: Drop deprecated <ALG>_options() calls f3ccfc76fe speed: Use EVP for ciphers, cmac, ghash, rsa, dsa, and ecdsa a89cd8d87c speed: Adapt digests and hmac to always use non-deprecated APIs ee1d7f1d25 speed: Drop code to handle platforms without SIGALRM af9f2ee339 Fix typo in comment in DH_set0_pqg function 81c15ed00b Test errors from a provider can still be accessed after unload de4a88a979 Duplicate the file and func error strings b0001d0cf2 provider: add an unquery function to allow providers to clean up. 8b3facd732 rand: note that locking needs to be explicitly enabled. 76e48c9d66 Deprecated EVP_PKEY_CTX_get0_dh_kdf_ukm() and EVP_PKEY_CTX_get0_ecdh_kdf_ukm() 10315851d0 X509: Refactor X509_PUBKEY processing to include provider side keys ce0b307ea0 Remove disabled TLS 1.3 ciphers from the SSL(_CTX) 6eb7c748d1 make update 51d058cd94 appveyor.yml: clarify conditions for building the plain configuration 4f6aeabd65 make update 7b9f8995f4 Generate doc/build.info with 'make update' rather than on the fly 1263154064 changes: note the deprecation of RAND_METHOD APIs 299f5ff3b5 provider: add option to load a provider without disabling the fallbacks. 332a245c04 test: update tests to use the fake random number generator d994ce1205 test: make the DRBG test work without RAND_METHOD support. b3ab537b3a test: add framework for generic fake random number generator 9c6ee56318 rand: add DRBG/seed setting functions f626c3ffae rand: allow lock/unlock functions to be absent 786b13fa77 RAND_METHOD deprecation: code changes de2ea978b5 RAND_METHOD deprecation: fuzzer 0a89ae97d9 RAND_METHOD deprecation: tests ac60c84fc4 RAND_METHOD deprecation: documentation f5b00834dd EVP: Adapt the EC_KEY specific EVP_PKEY_CTX setter / getter functions bbf4dc96fc EVP: Make checks in evp_pkey_ctx_store_cached_data() more restricted 13f91a7245 EVP: Adapt the RSA specific EVP_PKEY_CTX setter / getter functions df4592cbec EVP: Adapt the DH specific EVP_PKEY_CTX setter / getter functions 5524580b5c EVP: Adapt the EVP_PKEY_CTX ctrl functions 6fcd92d3d7 EVP: Adapt diverse OSSL_PARAM setters and getters 5137312993 EVP: Make evp_pkey_ctx_{set,get}_params_strict() legacy aware 9a1c4e41e8 EVP: Implement data-driven translation between known ctrl and OSSL_PARAMs 4d4928edd0 EVP: make evp_pkey_is_assigned() usable in the FIPS module e19246dc72 EVP: Make evp_pkey_ctx_state() available to all of EVP 6179dfc7c4 EVP: Implement EVP_PKEY_CTX_is_a() f627561cf5 util/perl/OpenSSL/config.pm: Add VMS specific C compiler settings 9e1094ad3d util/perl/OpenSSL/config.pm: Fix determine_compiler_settings() 444b25b1e9 Add back in legacy paths for d2i_PrivateKey/d2i_AutoPrivateKey. f16f363a85 Fix no-tests on mingw 636a93454d Note that the OSSL_CORE_MAKE_FUNC macro is reserved 510d019141 Document the OSSL_PARAM_DEFN macro 18b207c798 Add documentation for the macro OPENSSL_VERSION_PREREQ 7e1d7fea39 Document OPENSSL_LH_flush() bc4d84abce Suppress errors about undocumented asn1_d2i_read_bio 6ceaf67257 Fix -pkeyopt handling in apps/pkeyutl -rawin 7f90026b3f Handle NULL result of ERR_reason_error_string() in some apps 4718326a46 Add EVP_PKEY_public_check_quick. 681618cfc1 Fix external symbols for pkcs7. 53155f1c81 Fix external symbols for cms. Build log ended with (last 100 lines): # false # OPENSSL_TEST_RAND_ORDER=1614398512 not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # OPENSSL_TEST_RAND_ORDER=1614398512 not ok 54 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bYCpUo4VCt default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/helpers/ssltestlib.c:957 # SSL_connect() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/helpers/ssltestlib.c:975 # SSL_accept() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:944 # false # OPENSSL_TEST_RAND_ORDER=1614398526 not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/helpers/ssltestlib.c:957 # SSL_connect() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/helpers/ssltestlib.c:975 # SSL_accept() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1425 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1503 # false # OPENSSL_TEST_RAND_ORDER=1614398526 not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/helpers/ssltestlib.c:957 # SSL_connect() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/helpers/ssltestlib.c:975 # SSL_accept() failed -1, 1 # 80A1BB6CCE7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6574 # false # OPENSSL_TEST_RAND_ORDER=1614398526 not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # OPENSSL_TEST_RAND_ORDER=1614398526 not ok 54 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bYCpUo4VCt fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 91-test_pkey_check.t ............... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz_asn1.t ................ ok 99-test_fuzz_asn1parse.t ........... ok 99-test_fuzz_bignum.t .............. ok 99-test_fuzz_bndiv.t ............... ok 99-test_fuzz_client.t .............. ok 99-test_fuzz_cmp.t ................. ok 99-test_fuzz_cms.t ................. ok 99-test_fuzz_conf.t ................ ok 99-test_fuzz_crl.t ................. ok 99-test_fuzz_ct.t .................. ok 99-test_fuzz_server.t .............. ok 99-test_fuzz_x509.t ................ ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 768 Tests: 31 Failed: 3) Failed tests: 8, 17, 19 Non-zero exit status: 3 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=232, Tests=3301, 977 wallclock secs (14.61 usr 1.37 sys + 882.59 cusr 92.84 csys = 991.41 CPU) Result: FAIL make[1]: *** [Makefile:3283: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' make: *** [Makefile:3280: tests] Error 2