Platform and configuration command: $ uname -a Linux run 5.4.0-65-generic #73-Ubuntu SMP Mon Jan 18 17:25:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3
Commit log since last time: a2c911c2d0 Restore GOST macros compatibility with 1.1.1 9293046fb4 apps/x509.c: Rename -signkey to -key for consistency with the req app 2de5d3b87a HTTP: Fix BIO_mem_d2i() on NULL mem input 676d879cb2 http_local.h: Remove unused declaration of HTTP_sendreq_bio() 73e6e3e03e Simplify OCSP_sendreq_bio() 0dca5ede0d Make more use of X509_add_certs(); minor related code & comments cleanup 9b9d24f033 OCSP_resp_find_status.pod: Complete the RETURN VALUES section f477cdfadd crypto/ocsp/ocsp_cl.c: coding style improvements 29ce1066bc Update the demos/README file because it is really old. New demos should provide best practice for API use. Add demonstration for computing a SHA3-512 digest - digest/EVP_MD_demo a7a041c230 CI external tests: separate each external test into its own phase 1ddea35bd4 CI external test: for now run only the krb5 and gost_engine tests ec69d5c9a8 gost_engine test: further cleanups and fixes b414c8118d gost_engine test: Run also perl and tcl tests 996d2693e2 CI: add job with external tests c3a85d3d17 DOCS: Document OSSL_STORE_INFO_PUBKEY in doc/man3/OSSL_STORE_INFO.pod c2ec2bb7c1 Make provider provider_init thread safe, and flag checking/setting too d60a8e0a23 Make ossl_provider_disable_fallback_loading() thread safe 2f17e978a0 test/threadstest.c: Add a test to load providers concurrently 8c631cfaa1 ecx_set_priv_key: Try to obtain libctx from the pkey's keymgmt 2ad5bbe320 bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module 20cca4db9c ecx_set_priv_key: Remove TODO 3.0 related to setting libctx 22cd04143b do_sigver_init: Remove fallback for missing provider implementations. 0be6cf0c7e Remove some of the TODO 3.0 in crypto/evp related to legacy support. bffe3ae7b8 crypto/param_build_set.c: Remove irrelevant TODO 3.0 f40fa7b9ad crypto/ppccap.c: Remove useless TODO 3.0 946bdd12a0 include/crypto: Remove TODOs that are irrelevant for 3.0 9522f0a6a9 include/internal: Remove TODOs that are irrelevant for 3.0 2c8a740a9f test/x509: Test for issuer being overwritten when printing. 39a61e69b8 OSSL_STORE: restore diagnostics on decrypt error; provide password hints e3a2ba7547 crypto: rename error flags in internal structures 33ac7b324b Add a new test recipe to verify the generated test fipsmodule.cnf c9b0214ede Fix the perl code to get FIPSMODULENAME e25b4db754 TEST: Remove the build of fipsmodule.cnf from test recipes e9d74dbd36 APPS: Modify 'fipsinstall' to output all notifications on stderr 05869bba7f Make 'tests' depend on a generated 'providers/fipsmodule.cnf' 79f47ef507 build.info: Make it possible to use compiled programs as generators 3f399e3787 build.info: Add the possibility to add dependencies on raw targets 8593ff00cc DOCS: Fix provider-mac.pod and the docs of our implementations cb54d1b9d7 doc: add a note to the RAND_get0_ calls indicating how to set the DRBG type. f21afe6360 ossl_rsa_sp800_56b_check_public: Be more lenient with small keys 87994aa847 rand: remove FIPS mode conditional code. fb67126ea8 EVP_PKEY_CTX_get/settable_params: pass provider operation context 4e4ae84056 Fix NULL access in ssl_build_cert_chain() when ctx is NULL. 81f9af3460 Remove todos in decode_der2key.c and decode_ms2key.c 77b03f0e8f Improve error reporting in key exchange provider implementations f5c629a00a Remove unused MAX_TLS_MAC_SIZE define fffb67343e Remove todos in providers/implementations/include/prov 8d05a65256 Resolve TODOs in signature implementations. f378755d62 statem_lib.c: Remove TODOs that are unnecessary 5e2f580d4a test_ssl_new: X448, X25519, and EdDSA are supported with fips 21b7dfa8ad evp_extra_test2: Remove TODO 3.0 b3c155b83c evp_extra_test: Remove TODO comment as setting the curve is mandatory d36a5dd05e Fix a copy&paste error in evp_extra_test d7d8e2c894 Fix compiling error on arm 025c0f5289 openssl-cmp.pod.in: replace the term 'verify' by the more correct 'validate' dd5fa5f5af CMP: On NULL-DN subject or issuer input omit field in cert template e1f946630f test: use the new set public and private together call 740582cfaf test: add utility function to set the fake random callback on both the public and private instances fccdb61aee test: update ECDSA and SM2 internal tests in line with the fake_random change 5a11de50a4 test: update test_random to create real contexts instead of sharing one 0647162f6a make update bed963d58d Fix build of /dev/crypto engine with no-dynamic-engine option b0aae91324 Remove RSA SSLv23 padding mode d546e8e267 Generalize schmeme parsing of OSSL_HTTP_parse_url() to OSSL_parse_url() 7932982b88 OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components Build log ended with (last 100 lines): # ------------------------------------------------------------------------------ # ERROR: (int) 'result->client_protocol == test_ctx->expected_protocol' failed @ ../openssl/test/ssl_test.c:114 # [771] compared to [772] # INFO: @ ../openssl/test/ssl_test.c:117 # Protocol mismatch: expected TLSv1.3, got TLSv1.2. # # OPENSSL_TEST_RAND_ORDER=1615349959 not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->client_protocol == test_ctx->expected_protocol' failed @ ../openssl/test/ssl_test.c:114 # [771] compared to [772] # INFO: @ ../openssl/test/ssl_test.c:117 # Protocol mismatch: expected TLSv1.3, got TLSv1.2. # # OPENSSL_TEST_RAND_ORDER=1615349959 not ok 4 - iteration 4 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->client_protocol == test_ctx->expected_protocol' failed @ ../openssl/test/ssl_test.c:114 # [771] compared to [772] # INFO: @ ../openssl/test/ssl_test.c:117 # Protocol mismatch: expected TLSv1.3, got TLSv1.2. # # OPENSSL_TEST_RAND_ORDER=1615349959 not ok 5 - iteration 5 # ------------------------------------------------------------------------------ # OPENSSL_TEST_RAND_ORDER=1615349959 not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 14-curves.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 14-curves.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 14-curves.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 166. # Looks like you failed 3 tests of 9. not ok 14 - Test configuration 14-curves.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 30.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/30 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_fipsload.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 91-test_pkey_check.t ............... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz_asn1.t ................ ok 99-test_fuzz_asn1parse.t ........... ok 99-test_fuzz_bignum.t .............. ok 99-test_fuzz_bndiv.t ............... ok 99-test_fuzz_client.t .............. ok 99-test_fuzz_cmp.t ................. ok 99-test_fuzz_cms.t ................. ok 99-test_fuzz_conf.t ................ ok 99-test_fuzz_crl.t ................. ok 99-test_fuzz_ct.t .................. ok 99-test_fuzz_server.t .............. ok 99-test_fuzz_x509.t ................ ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 30 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=233, Tests=3204, 853 wallclock secs (12.30 usr 1.36 sys + 773.13 cusr 75.10 csys = 861.89 CPU) Result: FAIL make[1]: *** [Makefile:3277: _tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' make: *** [Makefile:3274: tests] Error 2