[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm -ansi

2017-02-13 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux test 4.4.0-53-generic #74-Ubuntu SMP Fri Dec 2 15:59:10 UTC 2016 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-asm -ansi

Commit log since last time:

b84460a aes/asm/*-x86_64.pl: add CFI annotations.
1cb35b4 perlasm/x86_64-xlate.pl: recognize even offset(%reg) in cfa_expression.
86e1127 ec/asm/ecp_nistz256-x86_64.pl: add CFI directives.
79ca382 ec/asm/ecp_nistz256-x86_64.pl: fix typo-bug in Win64 SE handler.
219aa86 Further improvements to ASYNC_WAIT_CTX_clear_fd
f89dd67 Remove fd from the list when the engine clears the wait context before 
pause
f44e636 Add test to show wrong behavior of ASYNC_WAIT_CTX
2dfb52d {md5,rc4}/asm/*-x86_64.pl: add CFI annotations.
5c72e5e modes/asm/*-x86_64.pl: add CFI annotations.
4fd7b54 DES keys are not 7 days long.
4bbd8a5 test_rehash does nothing, have it do something

Build log ended with (last 100 lines):

make[1]: Entering directory '/home/openssl/run-checker/no-asm_-ansi'
clang  -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include 
-I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 
-DL_ENDIAN -Wextra -Qunused-arguments  -DDEBUG_UNUSED -Wswitch -DPEDANTIC 
-pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow 
-Wformat -Wtype-limits -Wno-parentheses-equality -Werror -Qunused-arguments 
-Wextra -Wswitch-default -Wno-unused-parameter -Wno-missing-field-initializers 
-Wno-language-extension-token -Wno-extended-offsetof 
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers 
-Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF 
crypto/aes/aes_cbc.d.tmp -MT crypto/aes/aes_cbc.o -c -o crypto/aes/aes_cbc.o 
../openssl/crypto/aes/aes_cbc.c
clang  -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include 
-I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 
-DL_ENDIAN -Wextra -Qunused-arguments  -DDEBUG_UNUSED -Wswitch -DPEDANTIC 
-pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow 
-Wformat -Wtype-limits -Wno-parentheses-equality -Werror -Qunused-arguments 
-Wextra -Wswitch-default -Wno-unused-parameter -Wno-missing-field-initializers 
-Wno-language-extension-token -Wno-extended-offsetof 
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers 
-Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF 
crypto/aes/aes_cfb.d.tmp -MT crypto/aes/aes_cfb.o -c -o crypto/aes/aes_cfb.o 
../openssl/crypto/aes/aes_cfb.c
clang  -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include 
-I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 
-DL_ENDIAN -Wextra -Qunused-arguments  -DDEBUG_UNUSED -Wswitch -DPEDANTIC 
-pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow 
-Wformat -Wtype-limits -Wno-parentheses-equality -Werror -Qunused-arguments 
-Wextra -Wswitch-default -Wno-unused-parameter -Wno-missing-field-initializers 
-Wno-language-extension-token -Wno-extended-offsetof 
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers 
-Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF 
crypto/aes/aes_core.d.tmp -MT crypto/aes/aes_core.o -c -o crypto/aes/aes_core.o 
../openssl/crypto/aes/aes_core.c
clang  -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include 
-I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 
-DL_ENDIAN -Wextra -Qunused-arguments  -DDEBUG_UNUSED -Wswitch -DPEDANTIC 
-pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow 
-Wformat -Wtype-limits -Wno-parentheses-equality -Werror -Qunused-arguments 
-Wextra -Wswitch-default -Wno-unused-parameter -Wno-missing-field-initializers 
-Wno-language-extension-token -Wno-extended-offsetof 
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers 
-Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF 
crypto/aes/aes_ecb.d.tmp -MT crypto/aes/aes_ecb.o -c -o crypto/aes/aes_ecb.o 
../openssl/crypto/aes/aes_ecb.c
clang  -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include 
-I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS 
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall

[openssl-commits] [openssl] master update

2017-02-13 Thread Andy Polyakov 
The branch master has been updated
   via  b84460ad3a3e4fcb22efaa0a8365b826f4264ecf (commit)
   via  1cb35b47db8462f5653803501ed68d33b10c249f (commit)
  from  86e112788e2ab9740c0cabf3ae4b1eb67b386bab (commit)


- Log -
commit b84460ad3a3e4fcb22efaa0a8365b826f4264ecf
Author: Andy Polyakov 
Date:   Fri Feb 10 11:02:09 2017 +0100

aes/asm/*-x86_64.pl: add CFI annotations.

Reviewed-by: Rich Salz 

commit 1cb35b47db8462f5653803501ed68d33b10c249f
Author: Andy Polyakov 
Date:   Fri Feb 10 10:59:45 2017 +0100

perlasm/x86_64-xlate.pl: recognize even offset(%reg) in cfa_expression.

This is handy when "offset(%reg)" is a perl variable.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/aes/asm/aes-x86_64.pl  |  84 ++
 crypto/aes/asm/aesni-mb-x86_64.pl |  72 +++
 crypto/aes/asm/aesni-sha1-x86_64.pl   |  68 +
 crypto/aes/asm/aesni-sha256-x86_64.pl |  56 +-
 crypto/aes/asm/aesni-x86_64.pl|  60 +++
 crypto/aes/asm/bsaes-x86_64.pl| 107 ++
 crypto/perlasm/x86_64-xlate.pl|   2 +
 7 files changed, 448 insertions(+), 1 deletion(-)

diff --git a/crypto/aes/asm/aes-x86_64.pl b/crypto/aes/asm/aes-x86_64.pl
index 5eecfdf..e6be1fd 100755
--- a/crypto/aes/asm/aes-x86_64.pl
+++ b/crypto/aes/asm/aes-x86_64.pl
@@ -599,13 +599,21 @@ $code.=<<___;
 .hiddenasm_AES_encrypt
 asm_AES_encrypt:
 AES_encrypt:
+.cfi_startproc
mov %rsp,%rax
+.cfi_def_cfa_register  %rax
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
 
# allocate frame "above" key schedule
lea -63(%rdx),%rcx  # %rdx is key argument
@@ -618,6 +626,7 @@ AES_encrypt:
 
mov %rsi,16(%rsp)   # save out
mov %rax,24(%rsp)   # save original stack pointer
+.cfi_cfa_expression%rsp+24,deref,+8
 .Lenc_prologue:
 
mov %rdx,$key
@@ -644,20 +653,29 @@ AES_encrypt:
 
mov 16(%rsp),$out   # restore out
mov 24(%rsp),%rsi   # restore saved stack pointer
+.cfi_def_cfa   %rsi,8
mov $s0,0($out) # write output vector
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
 
mov -48(%rsi),%r15
+.cfi_restore   %r15
mov -40(%rsi),%r14
+.cfi_restore   %r14
mov -32(%rsi),%r13
+.cfi_restore   %r13
mov -24(%rsi),%r12
+.cfi_restore   %r12
mov -16(%rsi),%rbp
+.cfi_restore   %rbp
mov -8(%rsi),%rbx
+.cfi_restore   %rbx
lea (%rsi),%rsp
+.cfi_def_cfa_register  %rsp
 .Lenc_epilogue:
ret
+.cfi_endproc
 .size  AES_encrypt,.-AES_encrypt
 ___
 
@@ -1197,13 +1215,21 @@ $code.=<<___;
 .hiddenasm_AES_decrypt
 asm_AES_decrypt:
 AES_decrypt:
+.cfi_startproc
mov %rsp,%rax
+.cfi_def_cfa_register  %rax
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
 
# allocate frame "above" key schedule
lea -63(%rdx),%rcx  # %rdx is key argument
@@ -1216,6 +1242,7 @@ AES_decrypt:
 
mov %rsi,16(%rsp)   # save out
mov %rax,24(%rsp)   # save original stack pointer
+.cfi_cfa_expression%rsp+24,deref,+8
 .Ldec_prologue:
 
mov %rdx,$key
@@ -1244,20 +1271,29 @@ AES_decrypt:
 
mov 16(%rsp),$out   # restore out
mov 24(%rsp),%rsi   # restore saved stack pointer
+.cfi_def_cfa   %rsi,8
mov $s0,0($out) # write output vector
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
 
mov -48(%rsi),%r15
+.cfi_restore   %r15
mov -40(%rsi),%r14
+.cfi_restore   %r14
mov -32(%rsi),%r13
+.cfi_restore   %r13
mov -24(%rsi),%r12
+.cfi_restore   %r12
mov -16(%rsi),%rbp
+.cfi_restore   %rbp
mov -8(%rsi),%rbx
+.cfi_restore   %rbx
lea (%rsi),%rsp
+.cfi_def_cfa_register  %rsp
 .Ldec_epilogue:
ret
+.cfi_endproc
 .size  AES_decrypt,.-AES_decrypt
 ___
 #--#
@@ -1296,22 +1332,34 @@ $code.=<<___;
 .type  AES_set_encrypt_key,\@function,3
 .align 16
 AES_set_encrypt_key:
+.cfi_startproc
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12# redundant, but

[openssl-commits] [openssl] master update

2017-02-13 Thread Andy Polyakov 
The branch master has been updated
   via  86e112788e2ab9740c0cabf3ae4b1eb67b386bab (commit)
   via  79ca382d4762c58c4b92fceb4e202e90c71292ae (commit)
  from  219aa86cb04e1bfc9c156fab18da2f767502afb2 (commit)


- Log -
commit 86e112788e2ab9740c0cabf3ae4b1eb67b386bab
Author: Andy Polyakov 
Date:   Fri Feb 10 12:20:18 2017 +0100

ec/asm/ecp_nistz256-x86_64.pl: add CFI directives.

Reviewed-by: Rich Salz 

commit 79ca382d4762c58c4b92fceb4e202e90c71292ae
Author: Andy Polyakov 
Date:   Fri Feb 10 11:43:42 2017 +0100

ec/asm/ecp_nistz256-x86_64.pl: fix typo-bug in Win64 SE handler.

Thanks to Jun Sun for spotting this.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/ec/asm/ecp_nistz256-x86_64.pl | 137 ++-
 1 file changed, 135 insertions(+), 2 deletions(-)

diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl 
b/crypto/ec/asm/ecp_nistz256-x86_64.pl
index 1028c09..99bbb0b 100755
--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -131,8 +131,11 @@ $code.=<<___;
 .type  ecp_nistz256_mul_by_2,\@function,2
 .align 64
 ecp_nistz256_mul_by_2:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Lmul_by_2_body:
 
mov 8*0($a_ptr), $a0
@@ -167,10 +170,14 @@ ecp_nistz256_mul_by_2:
mov $a3, 8*3($r_ptr)
 
mov 0(%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
lea 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
 .Lmul_by_2_epilogue:
ret
+.cfi_endproc
 .size  ecp_nistz256_mul_by_2,.-ecp_nistz256_mul_by_2
 
 

@@ -179,8 +186,11 @@ ecp_nistz256_mul_by_2:
 .type  ecp_nistz256_div_by_2,\@function,2
 .align 32
 ecp_nistz256_div_by_2:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Ldiv_by_2_body:
 
mov 8*0($a_ptr), $a0
@@ -230,10 +240,14 @@ ecp_nistz256_div_by_2:
mov $a3, 8*3($r_ptr)
 
mov 0(%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
lea 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
 .Ldiv_by_2_epilogue:
ret
+.cfi_endproc
 .size  ecp_nistz256_div_by_2,.-ecp_nistz256_div_by_2
 
 

@@ -242,8 +256,11 @@ ecp_nistz256_div_by_2:
 .type  ecp_nistz256_mul_by_3,\@function,2
 .align 32
 ecp_nistz256_mul_by_3:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Lmul_by_3_body:
 
mov 8*0($a_ptr), $a0
@@ -299,10 +316,14 @@ ecp_nistz256_mul_by_3:
mov $a3, 8*3($r_ptr)
 
mov 0(%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
lea 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
 .Lmul_by_3_epilogue:
ret
+.cfi_endproc
 .size  ecp_nistz256_mul_by_3,.-ecp_nistz256_mul_by_3
 
 

@@ -311,8 +332,11 @@ ecp_nistz256_mul_by_3:
 .type  ecp_nistz256_add,\@function,3
 .align 32
 ecp_nistz256_add:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Ladd_body:
 
mov 8*0($a_ptr), $a0
@@ -348,10 +372,14 @@ ecp_nistz256_add:
mov $a3, 8*3($r_ptr)
 
mov 0(%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
lea 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
 .Ladd_epilogue:
ret
+.cfi_endproc
 .size  ecp_nistz256_add,.-ecp_nistz256_add
 
 

@@ -360,8 +388,11 @@ ecp_nistz256_add:
 .type  ecp_nistz256_sub,\@function,3
 .align 32
 ecp_nistz256_sub:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Lsub_body:
 
mov 8*0($a_ptr), $a0
@@ -397,10 +428,14 @@ ecp_nistz256_sub:
mov $a3, 8*3($r_ptr)
 
mov 0(%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
lea 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
 .Lsub_epilogue:
ret
+.cfi_endproc
 .size  ecp_nistz256_sub,.-ecp_nistz256_sub
 
 

@@ -409,8 +444,11 @@ ecp_nistz256_sub:
 .type  ecp_nistz256_neg,\@function,2
 .align 32
 ecp_nistz256_neg:
+.cfi_startproc
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Lneg_body:
 
xor $a0, $a0
@@ -446,10 +484,14 @@ ecp_nistz256_neg:
mov $a3, 8*3($r_ptr)

[openssl-commits] [web] master update

2017-02-13 Thread Matt Caswell 
The branch master has been updated
   via  001a0f55253e2dc9dd7360b6e5d20a158c319bcc (commit)
  from  bd52d4392ffaaf5d36a6df2880dc0cd35c02d2dd (commit)


- Log -
commit 001a0f55253e2dc9dd7360b6e5d20a158c319bcc
Author: Matt Caswell 
Date:   Mon Feb 13 18:28:52 2017 +

Add Bylaws to the website

---

Summary of changes:
 policies/bylaws.html   | 214 +
 policies/index.html|  11 ++-
 policies/sidebar.shtml |   3 +
 3 files changed, 224 insertions(+), 4 deletions(-)
 create mode 100644 policies/bylaws.html

diff --git a/policies/bylaws.html b/policies/bylaws.html
new file mode 100644
index 000..bda93de
--- /dev/null
+++ b/policies/bylaws.html
@@ -0,0 +1,214 @@
+
+
+
+
+
+
+
+
+  
+
+  
+
+  OpenSSL Bylaws
+  
+First issued 13th February 2017
+  
+
+
+
+
+  This document defines the bylaws under which the OpenSSL Project
+  operates. It defines the different project roles, how they contribute
+  to the project, and how project decisions are made.
+
+  Roles and Responsibilities
+
+  Users
+
+  Users include any individual or organisation that downloads,
+  installs, compiles, or uses the OpenSSL command line applications or
+  the OpenSSL libraries or the OpenSSL documentation. This includes
+  OpenSSL-based derivatives such as patched versions of OpenSSL 
provided
+  through OS distributions, often known as "downstream" versions.
+
+  Users may request help and assistance from the project through any
+  appropriate forum as designated by the OpenSSL Management Committee
+  (OMC). Users may also report bugs, issues, or feature requests; or
+  make pull requests through any OMC designated channel.
+
+  Committers
+
+  Committers have the ability to make new commits to the main 
OpenSSL
+  Project repository. Collectively, they have the responsibility for
+  maintaining the contents of that repository. They must ensure that 
any
+  committed contributions are consistent with all appropriate OpenSSL
+  policies and procedures as defined by the OMC.
+
+  Committers also have a responsibility to review code submissions 
in
+  accordance with OpenSSL project policies and procedures.
+
+  Commit access is granted as a result of a vote by the OMC. It may
+  be withdrawn at any time by a vote of the OMC.
+
+  A condition of commit access is that the committer has signed an
+  Individual Contributor Licence Agreement (ICLA). If contributions may
+  also be from the employer of an individual with commit access then a
+  Corporate Contributor Licence Agreement (CCLA) must also be signed 
and
+  include the name of the committer.
+
+  In order to retain commit access a committer must have authored or
+  reviewed at least one commit within the previous two calendar
+  quarters. This will be checked at the beginning of each calendar
+  quarter. This rule does not apply if the committer first received
+  their commit access during the previous calendar quarter.
+
+  OpenSSL Management Committee (OMC)
+
+  The OMC represents the official voice of the project. All official
+  OMC decisions are taken on the basis of a vote.
+
+  The OMC:
+  
+makes all decisions regarding management and strategic 
direction
+of the project;
+sets and maintains all policies and procedures;
+nominates, elects and removes committers and OMC members as
+required;
+ensures security issues are dealt with in an appropriate
+manner;
+schedules releases and determines future release plans and the
+development roadmap and priorities;
+maintains all other repositories according to the policies and
+procedures they define.
+  
+
+  Membership of the OMC is by invitation only from the existing OMC
+  following a passing vote. OMC members may or may not be committers as
+  well. If an OMC member is also a committer then all rules that apply
+  to committers still apply.
+
+  The OMC makes decisions on behalf of the project. In order to have
+  a valid voice on the OMC, members must be actively contributing to 
the
+  project. Note that there are many ways to contribute to the project
+  but the ones that count in order to participate in the OMC
+  decision-making process are the ones listed below.
+
+  OMC members may become inactive. In order to remain

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2017-02-13 Thread Matt Caswell 
The branch OpenSSL_1_1_0-stable has been updated
   via  955286c9f38c11b8be719d632fa9267eb13467f8 (commit)
   via  bb5b56af4c3b9e43a698f01b70732c62d3642583 (commit)
   via  5a0d86c0e33eb7893517bc11c6bde188e81d5290 (commit)
  from  ca423a693a619b38fb96d94b0385f8ce91a8e759 (commit)


- Log -
commit 955286c9f38c11b8be719d632fa9267eb13467f8
Author: Andrea Grandi 
Date:   Fri Feb 10 10:23:21 2017 +

Further improvements to ASYNC_WAIT_CTX_clear_fd

Remove call to cleanup function
Use only one loop to find previous element

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)
(cherry picked from commit 219aa86cb04e1bfc9c156fab18da2f767502afb2)

commit bb5b56af4c3b9e43a698f01b70732c62d3642583
Author: Andrea Grandi 
Date:   Fri Feb 3 05:46:17 2017 +

Remove fd from the list when the engine clears the wait context before pause

This fixes the num of fds added/removed returned by 
ASYNC_WAIT_CTX_get_changed_fds

Previously, the numbers were not consistent with the fds actually written in
the buffers since the fds that have been both added and removed are 
explicitly
ignored in the loop.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)
(cherry picked from commit f89dd6738a0ec2b6cfb05a3cc5fa38843dc27d2f)

commit 5a0d86c0e33eb7893517bc11c6bde188e81d5290
Author: Andrea Grandi 
Date:   Thu Jan 26 03:17:54 2017 +

Add test to show wrong behavior of ASYNC_WAIT_CTX

This happens when a fd is added and then immediately removed from the
ASYNC_WAIT_CTX before pausing the job.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)
(cherry picked from commit f44e63644d29e5908be52b7896d5031a5cf460eb)

---

Summary of changes:
 crypto/async/async_wait.c | 22 --
 test/asynctest.c  | 29 +
 2 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/crypto/async/async_wait.c b/crypto/async/async_wait.c
index e5ecaeb..e115985 100644
--- a/crypto/async/async_wait.c
+++ b/crypto/async/async_wait.c
@@ -138,16 +138,33 @@ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, 
OSSL_ASYNC_FD *addfd,
 
 int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key)
 {
-struct fd_lookup_st *curr;
+struct fd_lookup_st *curr, *prev;
 
 curr = ctx->fds;
+prev = NULL;
 while (curr != NULL) {
-if (curr->del) {
+if (curr->del == 1) {
 /* This one has been marked deleted already so do nothing */
 curr = curr->next;
 continue;
 }
 if (curr->key == key) {
+/* If fd has just been added, remove it from the list */
+if (curr->add == 1) {
+if (ctx->fds == curr) {
+ctx->fds = curr->next;
+} else {
+prev->next = curr->next;
+}
+
+/* It is responsibility of the caller to cleanup before calling
+ * ASYNC_WAIT_CTX_clear_fd
+ */
+OPENSSL_free(curr);
+ctx->numadd--;
+return 1;
+}
+
 /*
  * Mark it as deleted. We don't call cleanup if explicitly asked
  * to clear an fd. We assume the caller is going to do that (if
@@ -157,6 +174,7 @@ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void 
*key)
 ctx->numdel++;
 return 1;
 }
+prev = curr;
 curr = curr->next;
 }
 return 0;
diff --git a/test/asynctest.c b/test/asynctest.c
index 5057ce1..7be2e5f 100644
--- a/test/asynctest.c
+++ b/test/asynctest.c
@@ -49,17 +49,29 @@ static int waitfd(void *args)
 {
 ASYNC_JOB *job;
 ASYNC_WAIT_CTX *waitctx;
-ASYNC_pause_job();
 job = ASYNC_get_current_job();
 if (job == NULL)
 return 0;
 waitctx = ASYNC_get_wait_ctx(job);
 if (waitctx == NULL)
 return 0;
+
+/* First case: no fd added or removed */
+ASYNC_pause_job();
+
+/* Second case: one fd added */
 if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, 
NULL))
 return 0;
 ASYNC_pause_job();
 
+/* Third case: all fd removed */
+if (!ASYNC_WAIT_CTX_clear_fd(waitctx, waitctx))
+return 0;
+ASYNC_pause_job();
+
+/* Last case: fd added and immediately removed */
+if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD,

[openssl-commits] [openssl] master update

2017-02-13 Thread Matt Caswell 
The branch master has been updated
   via  219aa86cb04e1bfc9c156fab18da2f767502afb2 (commit)
   via  f89dd6738a0ec2b6cfb05a3cc5fa38843dc27d2f (commit)
   via  f44e63644d29e5908be52b7896d5031a5cf460eb (commit)
  from  2dfb52d3968e838876406d47861488324d5990b4 (commit)


- Log -
commit 219aa86cb04e1bfc9c156fab18da2f767502afb2
Author: Andrea Grandi 
Date:   Fri Feb 10 10:23:21 2017 +

Further improvements to ASYNC_WAIT_CTX_clear_fd

Remove call to cleanup function
Use only one loop to find previous element

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)

commit f89dd6738a0ec2b6cfb05a3cc5fa38843dc27d2f
Author: Andrea Grandi 
Date:   Fri Feb 3 05:46:17 2017 +

Remove fd from the list when the engine clears the wait context before pause

This fixes the num of fds added/removed returned by 
ASYNC_WAIT_CTX_get_changed_fds

Previously, the numbers were not consistent with the fds actually written in
the buffers since the fds that have been both added and removed are 
explicitly
ignored in the loop.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)

commit f44e63644d29e5908be52b7896d5031a5cf460eb
Author: Andrea Grandi 
Date:   Thu Jan 26 03:17:54 2017 +

Add test to show wrong behavior of ASYNC_WAIT_CTX

This happens when a fd is added and then immediately removed from the
ASYNC_WAIT_CTX before pausing the job.

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/2581)

---

Summary of changes:
 crypto/async/async_wait.c | 22 --
 test/asynctest.c  | 29 +
 2 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/crypto/async/async_wait.c b/crypto/async/async_wait.c
index e5ecaeb..e115985 100644
--- a/crypto/async/async_wait.c
+++ b/crypto/async/async_wait.c
@@ -138,16 +138,33 @@ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, 
OSSL_ASYNC_FD *addfd,
 
 int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key)
 {
-struct fd_lookup_st *curr;
+struct fd_lookup_st *curr, *prev;
 
 curr = ctx->fds;
+prev = NULL;
 while (curr != NULL) {
-if (curr->del) {
+if (curr->del == 1) {
 /* This one has been marked deleted already so do nothing */
 curr = curr->next;
 continue;
 }
 if (curr->key == key) {
+/* If fd has just been added, remove it from the list */
+if (curr->add == 1) {
+if (ctx->fds == curr) {
+ctx->fds = curr->next;
+} else {
+prev->next = curr->next;
+}
+
+/* It is responsibility of the caller to cleanup before calling
+ * ASYNC_WAIT_CTX_clear_fd
+ */
+OPENSSL_free(curr);
+ctx->numadd--;
+return 1;
+}
+
 /*
  * Mark it as deleted. We don't call cleanup if explicitly asked
  * to clear an fd. We assume the caller is going to do that (if
@@ -157,6 +174,7 @@ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void 
*key)
 ctx->numdel++;
 return 1;
 }
+prev = curr;
 curr = curr->next;
 }
 return 0;
diff --git a/test/asynctest.c b/test/asynctest.c
index 5057ce1..7be2e5f 100644
--- a/test/asynctest.c
+++ b/test/asynctest.c
@@ -49,17 +49,29 @@ static int waitfd(void *args)
 {
 ASYNC_JOB *job;
 ASYNC_WAIT_CTX *waitctx;
-ASYNC_pause_job();
 job = ASYNC_get_current_job();
 if (job == NULL)
 return 0;
 waitctx = ASYNC_get_wait_ctx(job);
 if (waitctx == NULL)
 return 0;
+
+/* First case: no fd added or removed */
+ASYNC_pause_job();
+
+/* Second case: one fd added */
 if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, 
NULL))
 return 0;
 ASYNC_pause_job();
 
+/* Third case: all fd removed */
+if (!ASYNC_WAIT_CTX_clear_fd(waitctx, waitctx))
+return 0;
+ASYNC_pause_job();
+
+/* Last case: fd added and immediately removed */
+if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, 
NULL))
+return 0;
 if (!ASYNC_WAIT_CTX_clear_fd(waitctx, waitctx))
 return 0;
 
@@ -195,15 +207,15 @@ static int test_ASYNC_WAIT_CTX_get_all_fds()
 || fd != MAGIC_WAIT_FD
 || (fd =

[openssl-commits] [openssl] master update

2017-02-13 Thread Andy Polyakov 
The branch master has been updated
   via  2dfb52d3968e838876406d47861488324d5990b4 (commit)
  from  5c72e5ea7a9ce343e4cd595c3fc82956843185c8 (commit)


- Log -
commit 2dfb52d3968e838876406d47861488324d5990b4
Author: Andy Polyakov 
Date:   Sat Feb 11 22:31:47 2017 +0100

{md5,rc4}/asm/*-x86_64.pl: add CFI annotations.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/md5/asm/md5-x86_64.pl | 13 +
 crypto/rc4/asm/rc4-md5-x86_64.pl | 16 
 crypto/rc4/asm/rc4-x86_64.pl |  9 +
 3 files changed, 38 insertions(+)

diff --git a/crypto/md5/asm/md5-x86_64.pl b/crypto/md5/asm/md5-x86_64.pl
index 3f656dc..386d804 100755
--- a/crypto/md5/asm/md5-x86_64.pl
+++ b/crypto/md5/asm/md5-x86_64.pl
@@ -140,11 +140,17 @@ $code .= <D = D
 
mov (%rsp),%r15
+.cfi_restore   %r15
mov 8(%rsp),%r14
+.cfi_restore   %r14
mov 16(%rsp),%r12
+.cfi_restore   %r12
mov 24(%rsp),%rbx
+.cfi_restore   %rbx
mov 32(%rsp),%rbp
+.cfi_restore   %rbp
add \$40,%rsp
+.cfi_adjust_cfa_offset -40
 .Lepilogue:
ret
+.cfi_endproc
 .size md5_block_asm_data_order,.-md5_block_asm_data_order
 EOF
 
diff --git a/crypto/rc4/asm/rc4-md5-x86_64.pl b/crypto/rc4/asm/rc4-md5-x86_64.pl
index 433ed85..74e5191 100644
--- a/crypto/rc4/asm/rc4-md5-x86_64.pl
+++ b/crypto/rc4/asm/rc4-md5-x86_64.pl
@@ -124,15 +124,23 @@ $code.=<<___;
 .globl $func
 .type  $func,\@function,$nargs
 $func:
+.cfi_startproc
cmp \$0,$len
je  .Labort
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
sub \$40,%rsp
+.cfi_adjust_cfa_offset 40
 .Lbody:
 ___
 if ($rc4) {
@@ -444,15 +452,23 @@ $code.=<<___;
 #rc4#  movl$YY#d,-4($dat)
 
mov 40(%rsp),%r15
+.cfi_restore   %r15
mov 48(%rsp),%r14
+.cfi_restore   %r14
mov 56(%rsp),%r13
+.cfi_restore   %r13
mov 64(%rsp),%r12
+.cfi_restore   %r12
mov 72(%rsp),%rbp
+.cfi_restore   %rbp
mov 80(%rsp),%rbx
+.cfi_restore   %rbx
lea 88(%rsp),%rsp
+.cfi_adjust_cfa_offset -88
 .Lepilogue:
 .Labort:
ret
+.cfi_endproc
 .size $func,.-$func
 ___
 
diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl
index 6e07c7c..9ccb70e 100755
--- a/crypto/rc4/asm/rc4-x86_64.pl
+++ b/crypto/rc4/asm/rc4-x86_64.pl
@@ -142,9 +142,13 @@ RC4:   or  $len,$len
jne .Lentry
ret
 .Lentry:
+.cfi_startproc
push%rbx
+.cfi_push  %rbx
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
 .Lprologue:
mov $len,%r11
mov $inp,%r12
@@ -427,11 +431,16 @@ $code.=<<___;
movl$YY#d,-4($dat)
 
mov (%rsp),%r13
+.cfi_restore   %r13
mov 8(%rsp),%r12
+.cfi_restore   %r12
mov 16(%rsp),%rbx
+.cfi_restore   %rbx
add \$24,%rsp
+.cfi_adjust_cfa_offset -24
 .Lepilogue:
ret
+.cfi_endproc
 .size  RC4,.-RC4
 ___
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-02-13 Thread Andy Polyakov 
The branch master has been updated
   via  5c72e5ea7a9ce343e4cd595c3fc82956843185c8 (commit)
  from  4fd7b54dc224930a0ce6dd67b35c598c5072857c (commit)


- Log -
commit 5c72e5ea7a9ce343e4cd595c3fc82956843185c8
Author: Andy Polyakov 
Date:   Sat Feb 11 22:08:12 2017 +0100

modes/asm/*-x86_64.pl: add CFI annotations.

Reviewed-by: Rich Salz 

---

Summary of changes:
 crypto/modes/asm/aesni-gcm-x86_64.pl | 32 
 crypto/modes/asm/ghash-x86_64.pl | 29 +
 2 files changed, 61 insertions(+)

diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl 
b/crypto/modes/asm/aesni-gcm-x86_64.pl
index 5ad62b3..5e69cb8 100644
--- a/crypto/modes/asm/aesni-gcm-x86_64.pl
+++ b/crypto/modes/asm/aesni-gcm-x86_64.pl
@@ -424,6 +424,7 @@ $code.=<<___;
 .type  aesni_gcm_decrypt,\@function,6
 .align 32
 aesni_gcm_decrypt:
+.cfi_startproc
xor $ret,$ret
 
# We call |_aesni_ctr32_ghash_6x|, which requires at least 96 (0x60)
@@ -432,12 +433,19 @@ aesni_gcm_decrypt:
jb  .Lgcm_dec_abort
 
lea (%rsp),%rax # save stack pointer
+.cfi_def_cfa_register  %rax
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
 ___
 $code.=<<___ if ($win64);
lea -0xa8(%rsp),%rsp
@@ -537,15 +545,23 @@ $code.=<<___ if ($win64);
 ___
 $code.=<<___;
mov -48(%rax),%r15
+.cfi_restore   %r15
mov -40(%rax),%r14
+.cfi_restore   %r14
mov -32(%rax),%r13
+.cfi_restore   %r13
mov -24(%rax),%r12
+.cfi_restore   %r12
mov -16(%rax),%rbp
+.cfi_restore   %rbp
mov -8(%rax),%rbx
+.cfi_restore   %rbx
lea (%rax),%rsp # restore %rsp
+.cfi_def_cfa_register  %rsp
 .Lgcm_dec_abort:
mov $ret,%rax   # return value
ret
+.cfi_endproc
 .size  aesni_gcm_decrypt,.-aesni_gcm_decrypt
 ___
 
@@ -645,6 +661,7 @@ _aesni_ctr32_6x:
 .type  aesni_gcm_encrypt,\@function,6
 .align 32
 aesni_gcm_encrypt:
+.cfi_startproc
xor $ret,$ret
 
# We call |_aesni_ctr32_6x| twice, each call consuming 96 bytes of
@@ -654,12 +671,19 @@ aesni_gcm_encrypt:
jb  .Lgcm_enc_abort
 
lea (%rsp),%rax # save stack pointer
+.cfi_def_cfa_register  %rax
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
 ___
 $code.=<<___ if ($win64);
lea -0xa8(%rsp),%rsp
@@ -931,15 +955,23 @@ $code.=<<___ if ($win64);
 ___
 $code.=<<___;
mov -48(%rax),%r15
+.cfi_restore   %r15
mov -40(%rax),%r14
+.cfi_restore   %r14
mov -32(%rax),%r13
+.cfi_restore   %r13
mov -24(%rax),%r12
+.cfi_restore   %r12
mov -16(%rax),%rbp
+.cfi_restore   %rbp
mov -8(%rax),%rbx
+.cfi_restore   %rbx
lea (%rax),%rsp # restore %rsp
+.cfi_def_cfa_register  %rsp
 .Lgcm_enc_abort:
mov $ret,%rax   # return value
ret
+.cfi_endproc
 .size  aesni_gcm_encrypt,.-aesni_gcm_encrypt
 ___
 
diff --git a/crypto/modes/asm/ghash-x86_64.pl b/crypto/modes/asm/ghash-x86_64.pl
index caa9ced..817f6e5 100644
--- a/crypto/modes/asm/ghash-x86_64.pl
+++ b/crypto/modes/asm/ghash-x86_64.pl
@@ -236,13 +236,21 @@ $code=<<___;
 .type  gcm_gmult_4bit,\@function,2
 .align 16
 gcm_gmult_4bit:
+.cfi_startproc
push%rbx
+.cfi_push  %rbx
push%rbp# %rbp and others are pushed exclusively in
+.cfi_push  %rbp
push%r12# order to reuse Win64 exception handler...
+.cfi_push  %r12
push%r13
+.cfi_push  %r13
push%r14
+.cfi_push  %r14
push%r15
+.cfi_push  %r15
sub \$280,%rsp
+.cfi_adjust_cfa_offset 280
 .Lgmult_prologue:
 
movzb   15($Xi),$Zlo
@@ -254,10 +262,14 @@ $code.=<<___;
mov $Zhi,($Xi)
 
lea 280+48(%rsp),%rsi
+.cfi_def_cfa   %rsi,8
mov -8(%rsi),%rbx
+.cfi_restore   %rbx
lea (%rsi),%rsp
+.cfi_def_cfa_register  %rsp
 .Lgmult_epilogue:
ret
+.cfi_endproc
 .size  gcm_gmult_4bit,.-gcm_gmult_4bit
 ___
 
@@ -271,13 +283,21 @@ $code.=<<___;
 .type  gcm_ghash_4bit,\@function,4
 .align 16
 gcm_ghash_4bit:
+.cfi_startproc
push%rbx
+.cfi_push  %rbx
push%rbp
+.cfi_push  %rbp
push%r12
+.cfi_push  %r12
push%r13
+.cfi_push  %r13

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2017-02-13 Thread Richard Levitte 
The branch OpenSSL_1_0_2-stable has been updated
   via  07109409daa674e4e766523a1dc51edb06299e03 (commit)
  from  f26015db3337470cc8396b9283194df96aff7d1b (commit)


- Log -
commit 07109409daa674e4e766523a1dc51edb06299e03
Author: Darren Tucker 
Date:   Mon Feb 13 10:36:29 2017 +1100

DES keys are not 7 days long.

CLA: trivial
Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/2604)

(cherry picked from commit ca423a693a619b38fb96d94b0385f8ce91a8e759)

---

Summary of changes:
 crypto/des/set_key.c | 2 +-
 doc/crypto/des.pod   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 8fd8fe1..d9c5e7f 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -120,7 +120,7 @@ int DES_check_key_parity(const_DES_cblock *key)
 }
 
 /*-
- * Weak and semi week keys as take from
+ * Weak and semi weak keys as taken from
  * %A D.W. Davies
  * %A W.L. Price
  * %T Security for Computer Networks
diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod
index e1add56..339617a 100644
--- a/doc/crypto/des.pod
+++ b/doc/crypto/des.pod
@@ -123,7 +123,7 @@ architecture dependent I via the
 DES_set_key_checked() or DES_set_key_unchecked() function.
 
 DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
+and is not a weak or semi-weak key.  If the parity is wrong, then -1
 is returned.  If the key is a weak key, then -2 is returned.  If an
 error is returned, the key schedule is not generated.
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2017-02-13 Thread Richard Levitte 
The branch OpenSSL_1_1_0-stable has been updated
   via  ca423a693a619b38fb96d94b0385f8ce91a8e759 (commit)
  from  b67a37b84674881226bb96709239a7e5945bc480 (commit)


- Log -
commit ca423a693a619b38fb96d94b0385f8ce91a8e759
Author: Darren Tucker 
Date:   Mon Feb 13 10:36:29 2017 +1100

DES keys are not 7 days long.

CLA: trivial
Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/2604)

(cherry picked from commit 4fd7b54dc224930a0ce6dd67b35c598c5072857c)

---

Summary of changes:
 crypto/des/set_key.c  | 2 +-
 doc/crypto/DES_random_key.pod | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 93adff3..795d954 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -71,7 +71,7 @@ int DES_check_key_parity(const_DES_cblock *key)
 }
 
 /*-
- * Weak and semi week keys as take from
+ * Weak and semi weak keys as taken from
  * %A D.W. Davies
  * %A W.L. Price
  * %T Security for Computer Networks
diff --git a/doc/crypto/DES_random_key.pod b/doc/crypto/DES_random_key.pod
index 0131093..77cfdda 100644
--- a/doc/crypto/DES_random_key.pod
+++ b/doc/crypto/DES_random_key.pod
@@ -114,7 +114,7 @@ architecture dependent I via the
 DES_set_key_checked() or DES_set_key_unchecked() function.
 
 DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
+and is not a weak or semi-weak key.  If the parity is wrong, then -1
 is returned.  If the key is a weak key, then -2 is returned.  If an
 error is returned, the key schedule is not generated.
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-02-13 Thread Richard Levitte 
The branch master has been updated
   via  4fd7b54dc224930a0ce6dd67b35c598c5072857c (commit)
  from  4bbd8a5daaa810c487f684971c0339a1d7c15da9 (commit)


- Log -
commit 4fd7b54dc224930a0ce6dd67b35c598c5072857c
Author: Darren Tucker 
Date:   Mon Feb 13 10:36:29 2017 +1100

DES keys are not 7 days long.

CLA: trivial
Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/2604)

---

Summary of changes:
 crypto/des/set_key.c| 2 +-
 doc/man3/DES_random_key.pod | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 93adff3..795d954 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -71,7 +71,7 @@ int DES_check_key_parity(const_DES_cblock *key)
 }
 
 /*-
- * Weak and semi week keys as take from
+ * Weak and semi weak keys as taken from
  * %A D.W. Davies
  * %A W.L. Price
  * %T Security for Computer Networks
diff --git a/doc/man3/DES_random_key.pod b/doc/man3/DES_random_key.pod
index 052b96d..bcf9761 100644
--- a/doc/man3/DES_random_key.pod
+++ b/doc/man3/DES_random_key.pod
@@ -114,7 +114,7 @@ architecture dependent I via the
 DES_set_key_checked() or DES_set_key_unchecked() function.
 
 DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
+and is not a weak or semi-weak key.  If the parity is wrong, then -1
 is returned.  If the key is a weak key, then -2 is returned.  If an
 error is returned, the key schedule is not generated.
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2017-02-13 Thread Richard Levitte 
The branch OpenSSL_1_0_2-stable has been updated
   via  f26015db3337470cc8396b9283194df96aff7d1b (commit)
  from  28903862fb0d6351dd88522950375ed44c10d1ba (commit)


- Log -
commit f26015db3337470cc8396b9283194df96aff7d1b
Author: David Benjamin 
Date:   Thu Feb 9 15:13:13 2017 -0500

Don't read uninitialised data for short session IDs.

While it's always safe to read |SSL_MAX_SSL_SESSION_ID_LENGTH| bytes
from an |SSL_SESSION|'s |session_id| array, the hash function would do
so with without considering if all those bytes had been written to.

This change checks |session_id_length| before possibly reading
uninitialised memory. Since the result of the hash function was already
attacker controlled, and since a lookup of a short session ID will
always fail, it doesn't appear that this is anything more than a clean
up.

In particular, |ssl_get_prev_session| uses a stack-allocated placeholder
|SSL_SESSION| as a lookup key, so the |session_id| array may be
uninitialised.

This was originally found with libFuzzer and MSan in

https://boringssl.googlesource.com/boringssl/+/e976e4349d693b4bbb97e1694f45be5a1b22c8c7,
then by Robert Swiecki with honggfuzz and MSan here. Thanks to both.

(cherry picked from commit bd5d27c1c6d3f83464ddf5124f18a2cac2cbb37f)
Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/2583)

---

Summary of changes:
 ssl/ssl_lib.c | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f8054da..4deae85 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1838,13 +1838,21 @@ int SSL_export_keying_material(SSL *s, unsigned char 
*out, size_t olen,
 
 static unsigned long ssl_session_hash(const SSL_SESSION *a)
 {
+const unsigned char *session_id = a->session_id;
 unsigned long l;
+unsigned char tmp_storage[4];
+
+if (a->session_id_length < sizeof(tmp_storage)) {
+memset(tmp_storage, 0, sizeof(tmp_storage));
+memcpy(tmp_storage, a->session_id, a->session_id_length);
+session_id = tmp_storage;
+}
 
 l = (unsigned long)
-((unsigned int)a->session_id[0]) |
-((unsigned int)a->session_id[1] << 8L) |
-((unsigned long)a->session_id[2] << 16L) |
-((unsigned long)a->session_id[3] << 24L);
+((unsigned long)session_id[0]) |
+((unsigned long)session_id[1] << 8L) |
+((unsigned long)session_id[2] << 16L) |
+((unsigned long)session_id[3] << 24L);
 return (l);
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2017-02-13 Thread Mark J . Cox 
The branch master has been updated
   via  bd52d4392ffaaf5d36a6df2880dc0cd35c02d2dd (commit)
  from  5462c2b6332641c05197264f8f6f62b7070d0330 (commit)


- Log -
commit bd52d4392ffaaf5d36a6df2880dc0cd35c02d2dd
Author: Mark J. Cox 
Date:   Mon Feb 13 09:02:14 2017 +

useright date

---

Summary of changes:
 news/newsflash.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/news/newsflash.txt b/news/newsflash.txt
index 63d3f57..8d8e4b7 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,7 +4,7 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
-13-Feb-2017: OpenSSL 1.1.0e https://mta.openssl.org/pipermail/openssl-announce/2017-February/95.html;>security
 release due on 17th February 2017
+13-Feb-2017: OpenSSL 1.1.0e https://mta.openssl.org/pipermail/openssl-announce/2017-February/95.html;>security
 release due on 16th February 2017
 26-Jan-2017: Security Advisory: 
several security fixes
 26-Jan-2017: OpenSSL 1.1.0d is now available, including bug and security fixes
 26-Jan-2017: OpenSSL 1.0.2k is now available, including bug and security fixes
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2017-02-13 Thread Mark J . Cox 
The branch master has been updated
   via  5462c2b6332641c05197264f8f6f62b7070d0330 (commit)
  from  e73ecc3a9de63cbe57d503e8fed1a9884a074000 (commit)


- Log -
commit 5462c2b6332641c05197264f8f6f62b7070d0330
Author: Mark J. Cox 
Date:   Mon Feb 13 08:55:03 2017 +

Add ref to preannounce

---

Summary of changes:
 news/newsflash.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/news/newsflash.txt b/news/newsflash.txt
index c5a88e3..63d3f57 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,6 +4,7 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
+13-Feb-2017: OpenSSL 1.1.0e https://mta.openssl.org/pipermail/openssl-announce/2017-February/95.html;>security
 release due on 17th February 2017
 26-Jan-2017: Security Advisory: 
several security fixes
 26-Jan-2017: OpenSSL 1.1.0d is now available, including bug and security fixes
 26-Jan-2017: OpenSSL 1.0.2k is now available, including bug and security fixes
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits