[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_1-method
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_1-method Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 Build log ended with (last 100 lines): ../../openssl/test/recipes/20-test_passwd.t ... ok ../../openssl/test/recipes/25-test_crl.t .. ok ../../openssl/test/recipes/25-test_d2i.t .. ok ../../openssl/test/recipes/25-test_pkcs7.t ok ../../openssl/test/recipes/25-test_req.t .. ok ../../openssl/test/recipes/25-test_sid.t .. ok ../../openssl/test/recipes/25-test_verify.t ... ok ../../openssl/test/recipes/25-test_x509.t . ok ../../openssl/test/recipes/30-test_afalg.t ok ../../openssl/test/recipes/30-test_engine.t ... ok ../../openssl/test/recipes/30-test_evp.t .. ok ../../openssl/test/recipes/30-test_evp_extra.t ok ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ok ../../openssl/test/recipes/70-test_sslcertstatus.t ok ../../openssl/test/recipes/70-test_sslextension.t . ok ../../openssl/test/recipes/70-test_sslmessages.t .. ok ../../openssl/test/recipes/70-test_sslrecords.t ... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ... ok ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t . ok ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok # Failed test 'Comparing generated sources.' # at ../../openssl/test/recipes/80-test_ssl_new.t line 126. # got: '1' # expected: '0' # Looks like you failed 1 test of 3. # Failed test 'Test configuration 05-sni.conf' # at ../../openssl/test/recipes/80-test_ssl_new.t line 100. # Looks like you failed 1 test of 22. ../../openssl/test/recipes/80-test_ssl_new.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/22 subtests ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t .. ok ../../openssl/test/recipes/90-test_async.t ok ../../openssl/test/recipes/90-test_bio_enc.t .. ok ../../openssl/test/recipes/90-test_bioprint.t . ok ../../openssl/test/recipes/90-test_constant_time.t ok ../../openssl/test/recipes/90-test_external.t . skipped: No external tests in this configuration ../../openssl/test/recipes/90-test_gmdiff.t ... ok ../../openssl/test/recipes/90-test_ige.t
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1-method
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1-method Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_1
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_1 Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 Build log ended with (last 100 lines): ../../openssl/test/recipes/20-test_passwd.t ... ok ../../openssl/test/recipes/25-test_crl.t .. ok ../../openssl/test/recipes/25-test_d2i.t .. ok ../../openssl/test/recipes/25-test_pkcs7.t ok ../../openssl/test/recipes/25-test_req.t .. ok ../../openssl/test/recipes/25-test_sid.t .. ok ../../openssl/test/recipes/25-test_verify.t ... ok ../../openssl/test/recipes/25-test_x509.t . ok ../../openssl/test/recipes/30-test_afalg.t ok ../../openssl/test/recipes/30-test_engine.t ... ok ../../openssl/test/recipes/30-test_evp.t .. ok ../../openssl/test/recipes/30-test_evp_extra.t ok ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ok ../../openssl/test/recipes/70-test_sslcertstatus.t ok ../../openssl/test/recipes/70-test_sslextension.t . ok ../../openssl/test/recipes/70-test_sslmessages.t .. ok ../../openssl/test/recipes/70-test_sslrecords.t ... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ... ok ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t . ok ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok # Failed test 'Comparing generated sources.' # at ../../openssl/test/recipes/80-test_ssl_new.t line 126. # got: '1' # expected: '0' # Looks like you failed 1 test of 3. # Failed test 'Test configuration 05-sni.conf' # at ../../openssl/test/recipes/80-test_ssl_new.t line 100. # Looks like you failed 1 test of 22. ../../openssl/test/recipes/80-test_ssl_new.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/22 subtests ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t .. ok ../../openssl/test/recipes/90-test_async.t ok ../../openssl/test/recipes/90-test_bio_enc.t .. ok ../../openssl/test/recipes/90-test_bioprint.t . ok ../../openssl/test/recipes/90-test_constant_time.t ok ../../openssl/test/recipes/90-test_external.t . skipped: No external tests in this configuration ../../openssl/test/recipes/90-test_gmdiff.t ... ok ../../openssl/test/recipes/90-test_ige.t ..
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 Build log ended with (last 100 lines): ../../openssl/test/recipes/20-test_passwd.t ... ok ../../openssl/test/recipes/25-test_crl.t .. ok ../../openssl/test/recipes/25-test_d2i.t .. ok ../../openssl/test/recipes/25-test_pkcs7.t ok ../../openssl/test/recipes/25-test_req.t .. ok ../../openssl/test/recipes/25-test_sid.t .. ok ../../openssl/test/recipes/25-test_verify.t ... ok ../../openssl/test/recipes/25-test_x509.t . ok ../../openssl/test/recipes/30-test_afalg.t ok ../../openssl/test/recipes/30-test_engine.t ... ok ../../openssl/test/recipes/30-test_evp.t .. ok ../../openssl/test/recipes/30-test_evp_extra.t ok ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. skipped: No TLS/SSL protocols are supported by this OpenSSL build ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. skipped: No TLS/SSL protocols are supported by this OpenSSL build ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs TLS <= 1.2 enabled ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs TLS enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs TLS enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs TLS enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs TLS1.2 or TLS1.3 enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs TLS enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs TLS enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs TLS enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. skipped: No SSL/TLS protocol is supported by this OpenSSL build. ../../openssl/test/recipes/80-test_cipherlist.t ... skipped: No SSL/TLS protocol is supported by this OpenSSL build. ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok # Failed test 'Comparing generated sources.' # at ../../openssl/test/recipes/80-test_ssl_new.t line 126. # got: '1' # expected: '0' # Looks like you failed 1 test of 3. # Failed test 'Test configuration 05-sni.conf' # at ../../openssl/test/recipes/80-test_ssl_new.t line 100. # Looks like you failed 1 test of 22.
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-psk
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-psk Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 Build log ended with (last 100 lines): link_dso.linux-shared make[2]: Entering directory '/home/openssl/run-checker/no-psk' LD_LIBRARY_PATH=.: clang -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -Wl,-znodelete -m64 -shared -Wl,-Bsymbolic -Wl, -soname=capi.so -o engines/capi.so engines/e_capi.o -L. -lcrypto -ldl make[2]: Leaving directory '/home/openssl/run-checker/no-psk' clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -MMD -MF engines/e_dasync .d.tmp -MT engines/e_dasync.o -c -o engines/e_dasync.o ../openssl/engines/e_dasync.c make -f ../openssl/Makefile.shared -e \ PLATFORM=linux-x86_64-clang \ PERL="/usr/bin/perl" SRCDIR='../openssl' DSTDIR="engines" \ LIBDEPS=' '" -L. -lcrypto"' -ldl ' \ LIBNAME=dasync LDFLAGS='' \ CC='clang' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE' \ SHARED_LDFLAGS='-Wl,-znodelete -m64 ' \ SHLIB_EXT=.so \ LIBEXTRAS="engines/e_dasync.o" \ link_dso.linux-shared make[2]: Entering directory '/home/openssl/run-checker/no-psk' LD_LIBRARY_PATH=.: clang -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: 312e938 Fix a memory leak on an error path d080866 Ensure we don't call memcpy with a NULL pointer 8336ca1 Update and add test 5528d68 Set specific error is we have no valid signature algorithms set b0e9ab9 Signature algorithm enhancement. 8f12296 Disallow zero length signature algorithms 224b4e3 Don't allow DSA for TLS 1.3 Build log ended with (last 100 lines): ../../openssl/test/recipes/15-test_dh.t ... ok ../../openssl/test/recipes/15-test_dsa.t .. ok ../../openssl/test/recipes/15-test_ec.t ... ok ../../openssl/test/recipes/15-test_ecdh.t . skipped: ec is not supported by this OpenSSL build ../../openssl/test/recipes/15-test_ecdsa.t skipped: ec is not supported by this OpenSSL build ../../openssl/test/recipes/15-test_rsa.t .. ok ../../openssl/test/recipes/20-test_enc.t .. ok ../../openssl/test/recipes/20-test_enc_more.t . ok ../../openssl/test/recipes/20-test_passwd.t ... ok ../../openssl/test/recipes/25-test_crl.t .. ok ../../openssl/test/recipes/25-test_d2i.t .. ok ../../openssl/test/recipes/25-test_pkcs7.t ok ../../openssl/test/recipes/25-test_req.t .. ok ../../openssl/test/recipes/25-test_sid.t .. skipped: test_sid needs EC to run ../../openssl/test/recipes/25-test_verify.t ... ok ../../openssl/test/recipes/25-test_x509.t . ok ../../openssl/test/recipes/30-test_afalg.t ok ../../openssl/test/recipes/30-test_engine.t ... ok ../../openssl/test/recipes/30-test_evp.t .. ok ../../openssl/test/recipes/30-test_evp_extra.t ok ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ok ../../openssl/test/recipes/70-test_sslcertstatus.t ok ../../openssl/test/recipes/70-test_sslextension.t . ok ../../openssl/test/recipes/70-test_sslmessages.t .. ok ../../openssl/test/recipes/70-test_sslrecords.t ... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ... ok # Looks like you planned 16 tests but ran 15. ../../openssl/test/recipes/70-test_sslsigalgs.t ... Dubious, test returned 255 (wstat 65280, 0xff00) Failed 1/16 subtests (less 14 skipped subtests: 1 okay) ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t . ok ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_ct.t ... skipped: ct and ec are not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dane.t . skipped: test_dane uses ec which is not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok ../../openssl/test/recipes/80-test_ssl_new.t .. ok ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t ..
[openssl-commits] [openssl] master update
The branch master has been updated via ee7002266cbdcfcfe002c94396795c9fb3d5a337 (commit) via cfef5027bf27a74098588e48829f0d058b4b0aea (commit) from 6356716ac09d94a0c85fd6e5ad12f088c54d75c0 (commit) - Log - commit ee7002266cbdcfcfe002c94396795c9fb3d5a337 Author: Matt CaswellDate: Fri Mar 3 10:28:02 2017 + Add a test for TLSv1.3 cookies We just check that if we insert a cookie into an HRR it gets echoed back in the subsequent ClientHello. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2839) commit cfef5027bf27a74098588e48829f0d058b4b0aea Author: Matt Caswell Date: Thu Mar 2 17:37:03 2017 + Add basic TLSv1.3 cookie support We do not allow the generation of TLSv1.3 cookies. But if we receive one in an HRR we will echo it back in the ClientHello. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2839) --- Summary of changes: include/openssl/ssl.h | 2 + include/openssl/tls1.h | 1 + ssl/ssl_err.c | 2 + ssl/ssl_lib.c | 1 + ssl/ssl_locl.h | 5 +++ ssl/statem/extensions.c| 7 ssl/statem/extensions_clnt.c | 43 ssl/statem/statem_locl.h | 4 ++ test/recipes/70-test_tls13cookie.t | 81 ++ util/TLSProxy/Message.pm | 1 + 10 files changed, 147 insertions(+) create mode 100644 test/recipes/70-test_tls13cookie.t diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 64a312c..c569407 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2348,6 +2348,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY489 # define SSL_F_TLS_CONSTRUCT_CTOS_ALPN466 # define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE 355 +# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE 535 # define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA 530 # define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS 467 # define SSL_F_TLS_CONSTRUCT_CTOS_EMS 468 @@ -2408,6 +2409,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_TLS_PARSE_CTOS_PSK 505 # define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 464 # define SSL_F_TLS_PARSE_CTOS_USE_SRTP465 +# define SSL_F_TLS_PARSE_STOC_COOKIE 534 # define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO 528 # define SSL_F_TLS_PARSE_STOC_KEY_SHARE 445 # define SSL_F_TLS_PARSE_STOC_PSK 502 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 1054487..280d131 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -181,6 +181,7 @@ extern "C" { # define TLSEXT_TYPE_psk 41 # define TLSEXT_TYPE_early_data 42 # define TLSEXT_TYPE_supported_versions 43 +# define TLSEXT_TYPE_cookie 44 # define TLSEXT_TYPE_psk_kex_modes 45 # define TLSEXT_TYPE_early_data_info 46 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 0ace985..ee1ca62 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -304,6 +304,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ALPN), "tls_construct_ctos_alpn"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE), "TLS_CONSTRUCT_CTOS_CERTIFICATE"}, +{ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_COOKIE), "tls_construct_ctos_cookie"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA), "tls_construct_ctos_early_data"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS), @@ -401,6 +402,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE), "tls_parse_ctos_renegotiate"}, {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_USE_SRTP), "tls_parse_ctos_use_srtp"}, +{ERR_FUNC(SSL_F_TLS_PARSE_STOC_COOKIE), "tls_parse_stoc_cookie"}, {ERR_FUNC(SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO), "tls_parse_stoc_early_data_info"}, {ERR_FUNC(SSL_F_TLS_PARSE_STOC_KEY_SHARE), "tls_parse_stoc_key_share"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index fcf4f4d..f0e8639 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1017,6 +1017,7 @@ void SSL_free(SSL *s) #endif OPENSSL_free(s->ext.ocsp.resp); OPENSSL_free(s->ext.alpn); +OPENSSL_free(s->ext.tls13_cookie); OPENSSL_free(s->clienthello); sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 6811b4f..f4860ea 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1211,6 +1211,10 @@ struct ssl_st {
[openssl-commits] Passed: openssl/openssl#9225 (master - 6356716)
Build Update for openssl/openssl - Build: #9225 Status: Passed Duration: 14 minutes and 24 seconds Commit: 6356716 (master) Author: Andy Polyakov Message: appveyor.yml: call upon cmd to redirect stderr. If stderr is not redirected an uncatchable exception is thrown. Reviewed-by: Rich SalzView the changeset: https://github.com/openssl/openssl/compare/8b0d4242404f...6356716ac09d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/207776533 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#9224 (master - 8b0d424)
Build Update for openssl/openssl - Build: #9224 Status: Errored Duration: 14 minutes and 22 seconds Commit: 8b0d424 (master) Author: Andy Polyakov Message: apps/s_client.c: harden ldap_ExtendedResponse_parse. Reviewed-by: Rich SalzReviewed-by: Richard Levitte View the changeset: https://github.com/openssl/openssl/compare/312e9387fdda...8b0d4242404f View the full build log and details: https://travis-ci.org/openssl/openssl/builds/207775758 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 6356716ac09d94a0c85fd6e5ad12f088c54d75c0 (commit) from 8b0d4242404f9e5da26e7594fa0864b2df4601af (commit) - Log - commit 6356716ac09d94a0c85fd6e5ad12f088c54d75c0 Author: Andy PolyakovDate: Thu Mar 2 14:07:45 2017 +0100 appveyor.yml: call upon cmd to redirect stderr. If stderr is not redirected an uncatchable exception is thrown. Reviewed-by: Rich Salz --- Summary of changes: appveyor.yml | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/appveyor.yml b/appveyor.yml index 9c896fc..a5d05c6 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -33,7 +33,8 @@ before_build: - perl ..\Configure %TARGET% %SHARED% - cd .. - ps: >- -if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER -or ( log -2 | Select-String "\[extended tests\]") ) { +if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER` +-or ( log -2 | Select-String "\[extended tests\]") ) { $env:EXTENDED_TESTS="yes" } @@ -41,7 +42,7 @@ build_script: - ps: >- If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) { cd _build - +cmd /c "nmake 2>&1" cd .. } @@ -50,11 +51,11 @@ test_script: If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) { cd _build if ($env:EXTENDED_TESTS) { - test V=1 +cmd /c "nmake test V=1 2>&1" mkdir ..\_install - install install_docs DESTDIR=..\_install +cmd /c "nmake install install_docs DESTDIR=..\_install 2>&1" } Else { - test V=1 TESTS=-test_fuzz +cmd /c "nmake test V=1 TESTS=-test_fuzz 2>&1" } cd .. } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 8b0d4242404f9e5da26e7594fa0864b2df4601af (commit) from 312e9387fddacbcef4148bd3ace25c7db89e374e (commit) - Log - commit 8b0d4242404f9e5da26e7594fa0864b2df4601af Author: Andy PolyakovDate: Thu Mar 2 16:56:44 2017 +0100 apps/s_client.c: harden ldap_ExtendedResponse_parse. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte --- Summary of changes: apps/s_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index b48c306..e180772 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -3091,6 +3091,8 @@ static int ldap_ExtendedResponse_parse(const char *buf, long rem) goto end; } +rem = len; /* ensure that we don't overstep the SEQUENCE */ + /* pull MessageID */ inf = ASN1_get_object(, , , , rem); if (inf != V_ASN1_UNIVERSAL || tag != V_ASN1_INTEGER || _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#9222 (master - 312e938)
Build Update for openssl/openssl - Build: #9222 Status: Errored Duration: 4 minutes and 57 seconds Commit: 312e938 (master) Author: Matt Caswell Message: Fix a memory leak on an error path A leak of an SSL_SESSION object can occur when decoding a psk extension on an error path when using TLSv1.3 Reviewed-by: Richard Levitte(Merged from https://github.com/openssl/openssl/pull/2843) View the changeset: https://github.com/openssl/openssl/compare/d08086645f72...312e9387fdda View the full build log and details: https://travis-ci.org/openssl/openssl/builds/207706211 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch OpenSSL_1_1_0-stable with options -d --strict-warnings no-asm -ansi
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm -ansi Commit log since last time: 0b6b011 Reset executable bits on files where not needed. bf9ee8a Don't use deprecated EVP_CIPHER_CTX_cleanup() internally Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF crypto/asn1/asn1_lib.d.tmp -MT crypto/asn1/asn1_lib.o -c -o crypto/asn1/asn1_lib.o ../openssl/crypto/asn1/asn1_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF crypto/asn1/asn1_par.d.tmp -MT crypto/asn1/asn1_par.o -c -o crypto/asn1/asn1_par.o ../openssl/crypto/asn1/asn1_par.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF crypto/asn1/asn_mime.d.tmp -MT crypto/asn1/asn_mime.o -c -o crypto/asn1/asn_mime.o ../openssl/crypto/asn1/asn_mime.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF crypto/asn1/asn_moid.d.tmp -MT crypto/asn1/asn_moid.o -c -o crypto/asn1/asn_moid.o ../openssl/crypto/asn1/asn_moid.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -ansi -fPIC -DOPENSSL_USE_NODELETE -MMD -MF crypto/asn1/asn_mstbl.d.tmp -MT crypto/asn1/asn_mstbl.o -c -o crypto/asn1/asn_mstbl.o ../openssl/crypto/asn1/asn_mstbl.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H
[openssl-commits] [openssl] master update
The branch master has been updated via 312e9387fddacbcef4148bd3ace25c7db89e374e (commit) from d08086645f72ab890c6ef996bb513076752431f0 (commit) - Log - commit 312e9387fddacbcef4148bd3ace25c7db89e374e Author: Matt CaswellDate: Sat Mar 4 15:45:40 2017 + Fix a memory leak on an error path A leak of an SSL_SESSION object can occur when decoding a psk extension on an error path when using TLSv1.3 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2843) --- Summary of changes: ssl/statem/extensions_srvr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 83fb713..ab3ad46 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -796,6 +796,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->session = sess; return 1; err: +SSL_SESSION_free(sess); return 0; } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm -ansi
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm -ansi Commit log since last time: dbaa069 use OSSLzu instead of lu format for size_t display d734582 Reset executable bits on files where not needed. f2bcff4 Update the cipher(1) documentation to explicitly state that the RSA cipher string means the same a kRSA. 332dc4f sh_malloc & sh_free prototype change to match POSIX 42f50fd Silence some more clang warnings 30d1bab Silence some clang warnings 83750d9 More early data documentation updates following feedback cd9f7f6 Update the API documentation for the latest early data changes 09f2887 Update early data API for writing to unauthenticated clients 0665b4e Rename SSL_write_early() to SSL_write_early_data() f533fbd Rename SSL_read_early() to SSL_read_early_data() ef466ac Updates to the early data documentation ade1e88 Updates to s_server and s_client for the latest early_data API changes 3eaa417 Make SSL_write_early_finish() an internal only function 5f98203 Add early_data tests f7e393b Various fixes required to allow SSL_write/SSL_read during early data d7f8783 Enable the server to call SSL_write() without stopping the ability to call SSL_read_early() 564547e Enable the client to call SSL_read() without stopping the ability to call SSL_write_early() 4004ce5 Introduce a new early_data state in the state machine bc908c6 Improve the early data sanity check in SSL_do_handshake() 6437b80 Add documentation for the new s_client and s_server early_data options 0a5ece5 Tighten sanity checks when calling early data functions fd6c102 Add documentation for the early data functions f5b519c Make SSL_get_early_data_status() take a const 46dcb94 Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a const fcc4757 Add a SSL_SESSION_get_max_early_data() function 7daf715 Don't attempt to write more early_data than we know the server will accept f637004 Only accept early_data if the negotiated ALPN is the same a832b5e Skip early_data if appropriate after a HelloRetryRequest 38df5a4 Don't accept early_data if we are going to issue a HelloRetryRequest 538bea6 Add extra validation parsing the server-to-client early_data extension 329114f Remove some TLSv1.3 TODOs that are no longer relevant 2c604cb Validate the ticket age for resumed sessions 6746648 Ensure the max_early_data option to s_server can be 0 bfa9a9a Provide a default value for max_early_data 70ef40a Check max_early_data against the amount of early data we actually receive 67f78ea Make sure we reset the read sequence when skipping records 1010936 Disallow handshake messages in the middle of early_data c117af6 Fix seg fault when sending early_data using CCM ciphersuites 576eb39 Get s_client to report on whether early data was accepted or not b2cc7f3 Implement client side parsing of the early_data extension e065518 Add a "-early_data" option to s_server fe5e20f Fix changing of the cipher state when dealing with early data 1ea4d09 Construct the server side early_data extension d781d24 Provide an SSL_read_early() function for reading early data 6cb4226 Change the cipher state when sending early data d49e23e Implement the early data changes required in tls13_change_cipher_state() 923ac82 Add an option to s_client to send early_data 0a87d0a Parse the early_data extension a4f376a Construct the early_data extension 49e7fe1 Provide functions to write early data 5d5b3fb Parse the ticket_early_data_info extension 29fac54 Teach SSL_trace() about the early_data_info extension 048b189 Add a -max_early_data option to s_server 3fc8d85 Construct the ticket_early_data_info extension 73fb82b Remove ref to err(7), update copyright. 51f5930 -precert doesn't work when configured no-ct, don't try to test it then a4c5f85 Fix the skip numbers in 80-test_ca.t b661175 Use the built in boolean type for CompressionExpected 439db0c Add compression tests f33f9dd Fix a compression bug c19602b Ensure that we never select compression in TLSv1.3 398b0bb Add LDAP support (RFC 4511) to s_client ("-starttls ldap") 8cfc21f Configurations/10-main.conf: omit redundant -lresolv from Solaris configs. 3e49ee2 bio/b_addr.c: omit private hstrerror. ea750b5 aes/aes_x86core.c: clarify reference implementation status. 5908555 evp/e_aes_cbc_hmac_{sha1|sha256}.c: tag reference code. 36907ea CHANGES: mention CFI annotations. eac5414 bn/asm: clean up unused PA-RISC modules. 604c853 des/des_locl.h: clean up unused/irrelevant macros. a3004c8 Check for zero records and return immediately fd74aba appveyor.yml: streamline pull requests. 2844308 Configurations/50-masm.conf: add /nologo to ml64 command line. 45632ee Add NOTES.UNIX, with a description on how to deal with runpaths Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H
[openssl-commits] SUCCESSFUL build of OpenSSL branch OpenSSL_1_1_0-stable with options -d --strict-warnings no-deprecated
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-deprecated Commit log since last time: 0b6b011 Reset executable bits on files where not needed. bf9ee8a Don't use deprecated EVP_CIPHER_CTX_cleanup() internally _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits