[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment Commit log since last time: 45615c5 Implement certificate_authorities extension 32f6610 Support draft-19 TLS certificate request format 51c7d3e Allow signature algorithms in TLS 1.3 certificate request extensions. 5d6cca0 Move parsing and construction of CA names to separate functions fa013b6 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. 9998b32 Fix no-dtls builds 3fb2c3e Fix some undefined behaviour in stack test 508ee8f Add unit tests for the lhash functionality. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-poly1305
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-poly1305 Commit log since last time: 45615c5 Implement certificate_authorities extension 32f6610 Support draft-19 TLS certificate request format 51c7d3e Allow signature algorithms in TLS 1.3 certificate request extensions. 5d6cca0 Move parsing and construction of CA names to separate functions fa013b6 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. 9998b32 Fix no-dtls builds 3fb2c3e Fix some undefined behaviour in stack test 508ee8f Add unit tests for the lhash functionality. Build log ended with (last 100 lines): ../../openssl/test/recipes/15-test_ecdh.t ok ../../openssl/test/recipes/15-test_ecdsa.t ... ok ../../openssl/test/recipes/15-test_genrsa.t .. ok ../../openssl/test/recipes/15-test_rsa.t . ok ../../openssl/test/recipes/15-test_rsapss.t .. ok ../../openssl/test/recipes/20-test_enc.t . ok ../../openssl/test/recipes/20-test_enc_more.t ok ../../openssl/test/recipes/20-test_passwd.t .. ok ../../openssl/test/recipes/25-test_crl.t . ok ../../openssl/test/recipes/25-test_d2i.t . ok ../../openssl/test/recipes/25-test_pkcs7.t ... ok ../../openssl/test/recipes/25-test_req.t . ok ../../openssl/test/recipes/25-test_sid.t . ok ../../openssl/test/recipes/25-test_verify.t .. ok ../../openssl/test/recipes/25-test_x509.t ok ../../openssl/test/recipes/30-test_afalg.t ... ok ../../openssl/test/recipes/30-test_engine.t .. ok ../../openssl/test/recipes/30-test_evp.t . ok ../../openssl/test/recipes/30-test_evp_extra.t ... ok ../../openssl/test/recipes/30-test_pbelu.t ... ok ../../openssl/test/recipes/30-test_pkey_meth.t ... ok ../../openssl/test/recipes/40-test_rehash.t .. ok ../../openssl/test/recipes/60-test_x509_store.t .. ok ../../openssl/test/recipes/60-test_x509_time.t ... ok ../../openssl/test/recipes/70-test_asyncio.t . ok ../../openssl/test/recipes/70-test_bad_dtls.t ok ../../openssl/test/recipes/70-test_clienthello.t . ok ../../openssl/test/recipes/70-test_key_share.t ... skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t .. ok ../../openssl/test/recipes/70-test_recordlen.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ... ok ../../openssl/test/recipes/70-test_sslcertstatus.t ... ok ../../openssl/test/recipes/70-test_sslextension.t ok ../../openssl/test/recipes/70-test_sslmessages.t . ok ../../openssl/test/recipes/70-test_sslrecords.t .. ok ../../openssl/test/recipes/70-test_sslsessiontick.t .. ok ../../openssl/test/recipes/70-test_sslsigalgs.t .. ok ../../openssl/test/recipes/70-test_sslsignature.t ok ../../openssl/test/recipes/70-test_sslskewith0p.t ok ../../openssl/test/recipes/70-test_sslversions.t . skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ... ok ../../openssl/test/recipes/70-test_tls13cookie.t . skipped: test_tls13cookie needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13hrr.t skipped: test_tls13hrr needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ... skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t ... skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13psk.t skipped: test_tls13psk needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t ok ../../openssl/test/recipes/70-test_verify_extra.t ok ../../openssl/test/recipes/70-test_wpacket.t . ok ../../openssl/test/recipes/80-test_ca.t .. ok ../../openssl/test/recipes/80-test_cipherbytes.t . ok ../../openssl/test/recipes/80-test_cipherlist.t .. ok ../../openssl/test/recipes/80-test_cms.t . ok ../../openssl/test/recipes/80-test_ct.t .. ok ../../openssl/test/recipes/80-test_dane.t ok ../../openssl/test/recipes/80-test_dtls.t ok ../../openssl/test/recipes/80-test_dtls_mtu.t ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ok ../../openssl/test/recipes/80-test_ocsp.t ok ../../openssl/test/recipes/80-test_pkcs12.t .. ok ../../openssl/test/recipes/80-test_ssl_new.t . ok ../../openssl/test/recipes/80-test_ssl_old.t . ok
[openssl-commits] Still Failing: openssl/openssl#9581 (master - 39176d4)
Build Update for openssl/openssl - Build: #9581 Status: Still Failing Duration: 20 minutes and 41 seconds Commit: 39176d4 (master) Author: Peter Wu Message: doc: fix -keylogfile option Add it in the options section, not the "Connected commands" section. Reviewed-by: Richard LevitteReviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2977) View the changeset: https://github.com/openssl/openssl/compare/45615c5fac0a...39176d44248e View the full build log and details: https://travis-ci.org/openssl/openssl/builds/212342426 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 39176d44248ed5581ecd1e05bb9385e28a3d803b (commit) from 45615c5fac0aba7bd41be270c4bcf194bf1049f4 (commit) - Log - commit 39176d44248ed5581ecd1e05bb9385e28a3d803b Author: Peter WuDate: Fri Mar 17 19:17:57 2017 +0100 doc: fix -keylogfile option Add it in the options section, not the "Connected commands" section. Reviewed-by: Richard Levitte Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2977) --- Summary of changes: doc/man1/s_server.pod | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod index c16b562..b34dadd 100644 --- a/doc/man1/s_server.pod +++ b/doc/man1/s_server.pod @@ -529,6 +529,11 @@ The list should contain most wanted protocols first. Protocol names are printable ASCII strings, for example "http/1.1" or "spdy/3". +=item B<-keylogfile path> + +Appends TLS secrets to the specified keylog file such that external programs +(like Wireshark) can decrypt TLS connections. + =item B<-max_early_data arg> Change the default maximum early data bytes that are specified for new sessions @@ -578,11 +583,6 @@ cause the client to disconnect due to a protocol violation. print out some session cache status information. -=item B<-keylogfile path> - -Appends TLS secrets to the specified keylog file such that external programs -(like Wireshark) can decrypt TLS connections. - =back =head1 NOTES _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dgram
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 45615c5 Implement certificate_authorities extension 32f6610 Support draft-19 TLS certificate request format 51c7d3e Allow signature algorithms in TLS 1.3 certificate request extensions. 5d6cca0 Move parsing and construction of CA names to separate functions fa013b6 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. 9998b32 Fix no-dtls builds 3fb2c3e Fix some undefined behaviour in stack test 508ee8f Add unit tests for the lhash functionality. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-chacha
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-chacha Commit log since last time: 45615c5 Implement certificate_authorities extension 32f6610 Support draft-19 TLS certificate request format 51c7d3e Allow signature algorithms in TLS 1.3 certificate request extensions. 5d6cca0 Move parsing and construction of CA names to separate functions fa013b6 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. 9998b32 Fix no-dtls builds 3fb2c3e Fix some undefined behaviour in stack test 508ee8f Add unit tests for the lhash functionality. Build log ended with (last 100 lines): ../../openssl/test/recipes/15-test_ecdh.t ok ../../openssl/test/recipes/15-test_ecdsa.t ... ok ../../openssl/test/recipes/15-test_genrsa.t .. ok ../../openssl/test/recipes/15-test_rsa.t . ok ../../openssl/test/recipes/15-test_rsapss.t .. ok ../../openssl/test/recipes/20-test_enc.t . ok ../../openssl/test/recipes/20-test_enc_more.t ok ../../openssl/test/recipes/20-test_passwd.t .. ok ../../openssl/test/recipes/25-test_crl.t . ok ../../openssl/test/recipes/25-test_d2i.t . ok ../../openssl/test/recipes/25-test_pkcs7.t ... ok ../../openssl/test/recipes/25-test_req.t . ok ../../openssl/test/recipes/25-test_sid.t . ok ../../openssl/test/recipes/25-test_verify.t .. ok ../../openssl/test/recipes/25-test_x509.t ok ../../openssl/test/recipes/30-test_afalg.t ... ok ../../openssl/test/recipes/30-test_engine.t .. ok ../../openssl/test/recipes/30-test_evp.t . ok ../../openssl/test/recipes/30-test_evp_extra.t ... ok ../../openssl/test/recipes/30-test_pbelu.t ... ok ../../openssl/test/recipes/30-test_pkey_meth.t ... ok ../../openssl/test/recipes/40-test_rehash.t .. ok ../../openssl/test/recipes/60-test_x509_store.t .. ok ../../openssl/test/recipes/60-test_x509_time.t ... ok ../../openssl/test/recipes/70-test_asyncio.t . ok ../../openssl/test/recipes/70-test_bad_dtls.t ok ../../openssl/test/recipes/70-test_clienthello.t . ok ../../openssl/test/recipes/70-test_key_share.t ... skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t .. ok ../../openssl/test/recipes/70-test_recordlen.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ... ok ../../openssl/test/recipes/70-test_sslcertstatus.t ... ok ../../openssl/test/recipes/70-test_sslextension.t ok ../../openssl/test/recipes/70-test_sslmessages.t . ok ../../openssl/test/recipes/70-test_sslrecords.t .. ok ../../openssl/test/recipes/70-test_sslsessiontick.t .. ok ../../openssl/test/recipes/70-test_sslsigalgs.t .. ok ../../openssl/test/recipes/70-test_sslsignature.t ok ../../openssl/test/recipes/70-test_sslskewith0p.t ok ../../openssl/test/recipes/70-test_sslversions.t . skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ... ok ../../openssl/test/recipes/70-test_tls13cookie.t . skipped: test_tls13cookie needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13hrr.t skipped: test_tls13hrr needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ... skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t ... skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13psk.t skipped: test_tls13psk needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t ok ../../openssl/test/recipes/70-test_verify_extra.t ok ../../openssl/test/recipes/70-test_wpacket.t . ok ../../openssl/test/recipes/80-test_ca.t .. ok ../../openssl/test/recipes/80-test_cipherbytes.t . ok ../../openssl/test/recipes/80-test_cipherlist.t .. ok ../../openssl/test/recipes/80-test_cms.t . ok ../../openssl/test/recipes/80-test_ct.t .. ok ../../openssl/test/recipes/80-test_dane.t ok ../../openssl/test/recipes/80-test_dtls.t ok ../../openssl/test/recipes/80-test_dtls_mtu.t ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ok ../../openssl/test/recipes/80-test_ocsp.t ok ../../openssl/test/recipes/80-test_pkcs12.t .. ok ../../openssl/test/recipes/80-test_ssl_new.t . ok ../../openssl/test/recipes/80-test_ssl_old.t . ok
[openssl-commits] Still Failing: openssl/openssl#9579 (master - 45615c5)
Build Update for openssl/openssl - Build: #9579 Status: Still Failing Duration: 21 minutes and 32 seconds Commit: 45615c5 (master) Author: Dr. Stephen Henson Message: Implement certificate_authorities extension Reviewed-by: Rich Salz(Merged from https://github.com/openssl/openssl/pull/2918) View the changeset: https://github.com/openssl/openssl/compare/fa013b65241d...45615c5fac0a View the full build log and details: https://travis-ci.org/openssl/openssl/builds/212230991 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 45615c5fac0aba7bd41be270c4bcf194bf1049f4 (commit) via 32f661079d6a4bd5aa22921ed9cdbc3369ec40e8 (commit) via 51c7d3e824612a9c71bd987862a00140eb4b0711 (commit) via 5d6cca05b0c17bbed1e24e17dfddb9a309c0516b (commit) from fa013b65241dfed9b7d9e10e0adfedc9869c797e (commit) - Log - commit 45615c5fac0aba7bd41be270c4bcf194bf1049f4 Author: Dr. Stephen HensonDate: Fri Mar 10 16:31:20 2017 + Implement certificate_authorities extension Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2918) commit 32f661079d6a4bd5aa22921ed9cdbc3369ec40e8 Author: Dr. Stephen Henson Date: Mon Mar 13 13:29:34 2017 + Support draft-19 TLS certificate request format Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2918) commit 51c7d3e824612a9c71bd987862a00140eb4b0711 Author: Dr. Stephen Henson Date: Mon Mar 13 13:27:18 2017 + Allow signature algorithms in TLS 1.3 certificate request extensions. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2918) commit 5d6cca05b0c17bbed1e24e17dfddb9a309c0516b Author: Dr. Stephen Henson Date: Wed Mar 8 18:17:17 2017 + Move parsing and construction of CA names to separate functions Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2918) --- Summary of changes: include/openssl/ssl.h| 2 + include/openssl/tls1.h | 1 + ssl/ssl_err.c| 3 + ssl/ssl_locl.h | 1 + ssl/statem/extensions.c | 61 +++- ssl/statem/statem_clnt.c | 143 +-- ssl/statem/statem_lib.c | 95 +++ ssl/statem/statem_locl.h | 4 ++ ssl/statem/statem_srvr.c | 57 +-- 9 files changed, 230 insertions(+), 137 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 8003959..1041e3c 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2174,6 +2174,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 437 # define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 431 # define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 418 +# define SSL_F_PARSE_CA_NAMES 541 # define SSL_F_PROCESS_KEY_SHARE_EXT 439 # define SSL_F_READ_STATE_MACHINE 352 # define SSL_F_SET_CLIENT_CIPHERSUITE 540 @@ -2335,6 +2336,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_TLS_CHOOSE_SIGALG 513 # define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 354 # define SSL_F_TLS_COLLECT_EXTENSIONS 435 +# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES 542 # define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST 372 # define SSL_F_TLS_CONSTRUCT_CERT_STATUS 429 # define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY 494 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index f2af3ab..38ad74c 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -184,6 +184,7 @@ extern "C" { # define TLSEXT_TYPE_supported_versions 43 # define TLSEXT_TYPE_cookie 44 # define TLSEXT_TYPE_psk_kex_modes 45 +# define TLSEXT_TYPE_certificate_authorities 47 /* Temporary extension type */ # define TLSEXT_TYPE_renegotiate 0xff01 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index f7ee171..c7e407f 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -74,6 +74,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { "ossl_statem_server_construct_message"}, {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION), "ossl_statem_server_read_transition"}, +{ERR_FUNC(SSL_F_PARSE_CA_NAMES), "parse_ca_names"}, {ERR_FUNC(SSL_F_PROCESS_KEY_SHARE_EXT), "process_key_share_ext"}, {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"}, {ERR_FUNC(SSL_F_SET_CLIENT_CIPHERSUITE), "set_client_ciphersuite"}, @@ -281,6 +282,8 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK), "tls_client_key_exchange_post_work"}, {ERR_FUNC(SSL_F_TLS_COLLECT_EXTENSIONS), "tls_collect_extensions"}, +{ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES), + "tls_construct_certificate_authorities"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST), "tls_construct_certificate_request"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERT_STATUS), "tls_construct_cert_status"}, diff --git a/ssl/ssl_locl.h
[openssl-commits] FAILED build of OpenSSL branch OpenSSL_1_1_0-stable with options -d --strict-warnings no-dtls
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 1534426 Fix typo in ASYNC_WAIT_CTX_new.pod doc 078fdfc Rather use -out parameter than redirect stdout 14d4d7e Simplify code around next_proto.len by changing 'len' data type. Build log ended with (last 100 lines): LIBDEPS=' '" -L. -lcrypto"' -ldl ' \ LIBNAME=ossltest LDFLAGS='' \ CC='clang' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE' \ SHARED_LDFLAGS='-Wl,-znodelete -m64 ' \ SHLIB_EXT=.so \ LIBEXTRAS="engines/e_ossltest.o" \ link_dso.linux-shared make[2]: Entering directory '/home/openssl/run-checker-1.1.0/no-dtls' LD_LIBRARY_PATH=.: clang -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -Wl,-znodelete -m64 -shared -Wl,-Bsymbolic -Wl,-soname=ossltest.so -o engines/ossltest.so engines/e _ossltest.o -L. -lcrypto -ldl make[2]: Leaving directory '/home/openssl/run-checker-1.1.0/no-dtls' CC="clang" /usr/bin/perl ../openssl/engines/asm/e_padlock-x86_64.pl elf engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -MMD -MF engines/e_padlock-x86_64.d.tmp -MT engines/e_padlock-x86_64.o -c -o engines/e_padlock-x86_64.o engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -MMD -MF engines/e_padlock.d.tmp -MT engines/e_padlock.o -c -o engines/e_padl ock.o
[openssl-commits] Still Failing: openssl/openssl#9573 (master - fa013b6)
Build Update for openssl/openssl - Build: #9573 Status: Still Failing Duration: 21 minutes and 53 seconds Commit: fa013b6 (master) Author: Péter Budai Message: Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. The documentation of this function states that the password parameter can be NULL. However, the implementation returns an error in this case due to the inner workings of the HMAC_Init_ex() function. With this change, NULL password will be treated as an empty string and PKCS5_PBKDF2_HMAC() no longer fails on this input. I have also added two new test cases that tests the handling of the special values NULL and -1 of the password and passlen parameters, respectively. Reviewed-by: Matt CaswellReviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1692) View the changeset: https://github.com/openssl/openssl/compare/9998b32cb63b...fa013b65241d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/212108882 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#9571 (master - 9998b32)
Build Update for openssl/openssl - Build: #9571 Status: Still Failing Duration: 20 minutes and 43 seconds Commit: 9998b32 (master) Author: Matt Caswell Message: Fix no-dtls builds Commits f2ff1432f in master and 14d4d7eda in 1.1.0 broke the no-dtls build by moving the position of a "#endif" for OPENSSL_NO_DTLS in a change which is otherwise unrelated to DTLS. This puts it back to where it was. Reviewed-by: Richard Levitte(Merged from https://github.com/openssl/openssl/pull/2974) View the changeset: https://github.com/openssl/openssl/compare/3fb2c3e452c9...9998b32cb63b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/212104057 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 8d049ed24b06ada5bb8c50143c23c061647ca5d9 (commit) from 79037e85140887276476e03ce941b1ff0382543d (commit) - Log - commit 8d049ed24b06ada5bb8c50143c23c061647ca5d9 Author: Péter BudaiDate: Tue Oct 11 19:26:23 2016 +0200 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. The documentation of this function states that the password parameter can be NULL. However, the implementation returns an error in this case due to the inner workings of the HMAC_Init_ex() function. With this change, NULL password will be treated as an empty string and PKCS5_PBKDF2_HMAC() no longer fails on this input. I have also added two new test cases that tests the handling of the special values NULL and -1 of the password and passlen parameters, respectively. Reviewed-by: Matt Caswell Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1692) (cherry picked from commit fa013b65241dfed9b7d9e10e0adfedc9869c797e) --- Summary of changes: crypto/evp/p5_crpt2.c | 7 +-- test/evp_test.c | 13 - test/evptests.txt | 43 +++ 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 2e45aa3..365e240 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -33,6 +33,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) { +const char *empty = ""; unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; int cplen, j, k, tkeylen, mdlen; unsigned long i = 1; @@ -47,10 +48,12 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, return 0; p = out; tkeylen = keylen; -if (!pass) +if (pass == NULL) { +pass = empty; passlen = 0; -else if (passlen == -1) +} else if (passlen == -1) { passlen = strlen(pass); +} if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { HMAC_CTX_free(hctx_tpl); return 0; diff --git a/test/evp_test.c b/test/evp_test.c index f6cec05..41cbe11 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -127,6 +127,8 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) long len; *buflen = 0; + +/* Check for empty value */ if (!*value) { /* * Don't return NULL for zero length buffer. @@ -141,6 +143,14 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) *buflen = 0; return 1; } + +/* Check for NULL literal */ +if (strcmp(value, "NULL") == 0) { +*buf = NULL; +*buflen = 0; +return 1; +} + /* Check for string literal */ if (value[0] == '"') { size_t vlen; @@ -155,6 +165,7 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) return 1; } +/* Otherwise assume as hex literal and convert it to binary buffer */ *buf = OPENSSL_hexstr2buf(value, ); if (!*buf) { fprintf(stderr, "Value=%s\n", value); @@ -640,7 +651,7 @@ int main(int argc, char **argv) memset(, 0, sizeof(t)); t.start_line = -1; -in = BIO_new_file(argv[1], "r"); +in = BIO_new_file(argv[1], "rb"); if (in == NULL) { fprintf(stderr, "Can't open %s for reading\n", argv[1]); return 1; diff --git a/test/evptests.txt b/test/evptests.txt index dacff27..5577c53 100644 --- a/test/evptests.txt +++ b/test/evptests.txt @@ -3163,6 +3163,49 @@ iter = 4096 MD = sha512 Key = 9d9e9c4cd21fe4be24d5b8244c759665 +# PBKDF2 tests for empty and NULL inputs +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha1 +Key = a33dddc30478185515311f8752895d36ea4363a2 + +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha256 +Key = f135c27993baf98773c5cdb40a5706ce6a345cde + +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha512 +Key = 00ef42cdbfc98d29db20976608e455567fdddf14 + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha1 +Key = a33dddc30478185515311f8752895d36ea4363a2 + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha256 +Key = f135c27993baf98773c5cdb40a5706ce6a345cde + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha512 +Key = 00ef42cdbfc98d29db20976608e455567fdddf14 + # Base64 tests Encoding = canonical _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via fa013b65241dfed9b7d9e10e0adfedc9869c797e (commit) from 9998b32cb63b0bdd3d014abfa1d70e9a2c20a283 (commit) - Log - commit fa013b65241dfed9b7d9e10e0adfedc9869c797e Author: Péter BudaiDate: Tue Oct 11 19:26:23 2016 +0200 Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. The documentation of this function states that the password parameter can be NULL. However, the implementation returns an error in this case due to the inner workings of the HMAC_Init_ex() function. With this change, NULL password will be treated as an empty string and PKCS5_PBKDF2_HMAC() no longer fails on this input. I have also added two new test cases that tests the handling of the special values NULL and -1 of the password and passlen parameters, respectively. Reviewed-by: Matt Caswell Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1692) --- Summary of changes: crypto/evp/p5_crpt2.c | 7 +-- test/evp_test.c | 13 - test/evptests.txt | 43 +++ 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 024996f..c7b08e1 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -33,6 +33,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) { +const char *empty = ""; unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; int cplen, j, k, tkeylen, mdlen; unsigned long i = 1; @@ -47,10 +48,12 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, return 0; p = out; tkeylen = keylen; -if (!pass) +if (pass == NULL) { +pass = empty; passlen = 0; -else if (passlen == -1) +} else if (passlen == -1) { passlen = strlen(pass); +} if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { HMAC_CTX_free(hctx_tpl); return 0; diff --git a/test/evp_test.c b/test/evp_test.c index d924e3f..f9dafec 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -127,6 +127,8 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) long len; *buflen = 0; + +/* Check for empty value */ if (!*value) { /* * Don't return NULL for zero length buffer. @@ -141,6 +143,14 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) *buflen = 0; return 1; } + +/* Check for NULL literal */ +if (strcmp(value, "NULL") == 0) { +*buf = NULL; +*buflen = 0; +return 1; +} + /* Check for string literal */ if (value[0] == '"') { size_t vlen; @@ -155,6 +165,7 @@ static int test_bin(const char *value, unsigned char **buf, size_t *buflen) return 1; } +/* Otherwise assume as hex literal and convert it to binary buffer */ *buf = OPENSSL_hexstr2buf(value, ); if (!*buf) { fprintf(stderr, "Value=%s\n", value); @@ -640,7 +651,7 @@ int main(int argc, char **argv) memset(, 0, sizeof(t)); t.start_line = -1; -in = BIO_new_file(argv[1], "r"); +in = BIO_new_file(argv[1], "rb"); if (in == NULL) { fprintf(stderr, "Can't open %s for reading\n", argv[1]); return 1; diff --git a/test/evptests.txt b/test/evptests.txt index e9e7964..a305b02 100644 --- a/test/evptests.txt +++ b/test/evptests.txt @@ -3482,6 +3482,49 @@ iter = 4096 MD = sha512 Key = 9d9e9c4cd21fe4be24d5b8244c759665 +# PBKDF2 tests for empty and NULL inputs +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha1 +Key = a33dddc30478185515311f8752895d36ea4363a2 + +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha256 +Key = f135c27993baf98773c5cdb40a5706ce6a345cde + +PBE = pbkdf2 +Password = "" +Salt = "salt" +iter = 1 +MD = sha512 +Key = 00ef42cdbfc98d29db20976608e455567fdddf14 + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha1 +Key = a33dddc30478185515311f8752895d36ea4363a2 + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha256 +Key = f135c27993baf98773c5cdb40a5706ce6a345cde + +PBE = pbkdf2 +Password = NULL +Salt = "salt" +iter = 1 +MD = sha512 +Key = 00ef42cdbfc98d29db20976608e455567fdddf14 + # Base64 tests Encoding = canonical _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 79037e85140887276476e03ce941b1ff0382543d (commit) from 153442640dc616a402363120b530e5d32785f918 (commit) - Log - commit 79037e85140887276476e03ce941b1ff0382543d Author: Matt CaswellDate: Fri Mar 17 10:21:25 2017 + Fix no-dtls builds Commits f2ff1432f in master and 14d4d7eda in 1.1.0 broke the no-dtls build by moving the position of a "#endif" for OPENSSL_NO_DTLS in a change which is otherwise unrelated to DTLS. This puts it back to where it was. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2974) (cherry picked from commit 9998b32cb63b0bdd3d014abfa1d70e9a2c20a283) --- Summary of changes: apps/s_server.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/apps/s_server.c b/apps/s_server.c index a3ee4d6..7e18aaf 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -137,9 +137,14 @@ static const char *session_id_prefix = NULL; #ifndef OPENSSL_NO_DTLS static int enable_timeouts = 0; static long socket_mtu; -static int dtlslisten = 0; #endif +/* + * We define this but make it always be 0 in no-dtls builds to simplify the + * code. + */ +static int dtlslisten = 0; + #ifndef OPENSSL_NO_PSK static const char psk_identity[] = "Client_identity"; char *psk_key = NULL; /* by default PSK is not used */ _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 9998b32cb63b0bdd3d014abfa1d70e9a2c20a283 (commit) from 3fb2c3e452c9adea24edf8b0b96f6325c0473ee9 (commit) - Log - commit 9998b32cb63b0bdd3d014abfa1d70e9a2c20a283 Author: Matt CaswellDate: Fri Mar 17 10:21:25 2017 + Fix no-dtls builds Commits f2ff1432f in master and 14d4d7eda in 1.1.0 broke the no-dtls build by moving the position of a "#endif" for OPENSSL_NO_DTLS in a change which is otherwise unrelated to DTLS. This puts it back to where it was. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2974) --- Summary of changes: apps/s_server.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/apps/s_server.c b/apps/s_server.c index 12792e9..5858278 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -138,9 +138,14 @@ static const char *session_id_prefix = NULL; #ifndef OPENSSL_NO_DTLS static int enable_timeouts = 0; static long socket_mtu; -static int dtlslisten = 0; #endif +/* + * We define this but make it always be 0 in no-dtls builds to simplify the + * code. + */ +static int dtlslisten = 0; + static int early_data = 0; #ifndef OPENSSL_NO_PSK _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#9568 (master - 3fb2c3e)
Build Update for openssl/openssl - Build: #9568 Status: Still Failing Duration: 24 minutes and 6 seconds Commit: 3fb2c3e (master) Author: Matt Caswell Message: Fix some undefined behaviour in stack test At one point the stack was passing a pointer of the element *before* an array which is undefined. Reviewed-by: Rich SalzReviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2971) View the changeset: https://github.com/openssl/openssl/compare/508ee8f5ffc5...3fb2c3e452c9 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/212065218 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 3fb2c3e452c9adea24edf8b0b96f6325c0473ee9 (commit) from 508ee8f5ffc5a3ab1bb10b14c0331393d938326f (commit) - Log - commit 3fb2c3e452c9adea24edf8b0b96f6325c0473ee9 Author: Matt CaswellDate: Thu Mar 16 17:32:32 2017 + Fix some undefined behaviour in stack test At one point the stack was passing a pointer of the element *before* an array which is undefined. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2971) --- Summary of changes: test/stack_test.c | 17 + 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/test/stack_test.c b/test/stack_test.c index f04f6af..4325766 100644 --- a/test/stack_test.c +++ b/test/stack_test.c @@ -57,6 +57,7 @@ static int int_compare(const int *const *a, const int *const *b) static int test_int_stack(void) { static int v[] = { 1, 2, -4, 16, 999, 1, -173, 1, 9 }; +static int notpresent = -1; const int n = OSSL_NELEM(v); static struct { int value; @@ -108,18 +109,26 @@ static int test_int_stack(void) } /* find unsorted -- the pointers are compared */ -for (i = 0; i < n_finds; i++) -if (sk_sint_find(s, v + finds[i].unsorted) != finds[i].unsorted) { +for (i = 0; i < n_finds; i++) { +int *val = (finds[i].unsorted == -1) ? + : v + finds[i].unsorted; + +if (sk_sint_find(s, val) != finds[i].unsorted) { fprintf(stderr, "test int unsorted find %d\n", i); goto end; } +} /* find_ex unsorted */ -for (i = 0; i < n_finds; i++) -if (sk_sint_find_ex(s, v + finds[i].unsorted) != finds[i].unsorted) { +for (i = 0; i < n_finds; i++) { +int *val = (finds[i].unsorted == -1) ? + : v + finds[i].unsorted; + +if (sk_sint_find_ex(s, val) != finds[i].unsorted) { fprintf(stderr, "test int unsorted find_ex %d\n", i); goto end; } +} /* sorting */ if (sk_sint_is_sorted(s)) { _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] FAILED build of OpenSSL branch OpenSSL_1_1_0-stable with options -d --strict-warnings no-dgram
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 1534426 Fix typo in ASYNC_WAIT_CTX_new.pod doc 078fdfc Rather use -out parameter than redirect stdout 14d4d7e Simplify code around next_proto.len by changing 'len' data type. Build log ended with (last 100 lines): LIBDEPS=' '" -L. -lcrypto"' -ldl ' \ LIBNAME=ossltest LDFLAGS='' \ CC='clang' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE' \ SHARED_LDFLAGS='-Wl,-znodelete -m64 ' \ SHLIB_EXT=.so \ LIBEXTRAS="engines/e_ossltest.o" \ link_dso.linux-shared make[2]: Entering directory '/home/openssl/run-checker-1.1.0/no-dgram' LD_LIBRARY_PATH=.: clang -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -Wl,-znodelete -m64 -shared -Wl,-Bsymbolic -Wl,-soname=ossltest.so -o engines/ossltest.so engines/e _ossltest.o -L. -lcrypto -ldl make[2]: Leaving directory '/home/openssl/run-checker-1.1.0/no-dgram' CC="clang" /usr/bin/perl ../openssl/engines/asm/e_padlock-x86_64.pl elf engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -MMD -MF engines/e_padlock-x86_64.d.tmp -MT engines/e_padlock-x86_64.o -c -o engines/e_padlock-x86_64.o engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -MMD -MF engines/e_padlock.d.tmp -MT engines/e_padlock.o -c -o engines/e_padl ock.o
[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 2c1b0f1 Add Client CA names tests 2e21539 Add ExpectedClientCANames f8f16d8 Remove obsolete version test when returning CA names. 07518cf Add TLSv1.3 draft-19 messages to trace 6828358 Handle TLSv1.3 being disabled in clienthello test 6bc6ca6 Add tests for the padding extension d702ad1 Fix the Padding extension 635b7d3 Updates following review feedback c35cb28 Add some HRR tests 807551a Add some more PSK tests 69b2d39 Fix ciphersuite handling during an HRR cf3e221 Ensure after an HRR any PSKs have the right hash 11c67ee HelloRetryRequest updates for draft-19 9e0ac6a Check ClientHello boundary as per draft-19 6594189 Merge early_data_info extension into early_data ef6c191 Update end of early data processing for draft-19 bc993d3 Update the TLSv1.3 secrets test vectors for draft-19 3e0458f Update secret generation for draft-19 e984b53 Update the TLSv1.3 version indicator for draft-19 7baabf4 Fix typo in ASYNC_WAIT_CTX_new.pod doc f2ff143 Simplify code around next_proto.len by changing 'len' data type. 0ae407e Remove documentation of deleted function b00d540 Remove unused typedefs from indent config f775245 Remove some unused PEM structures 5a81a05 Rename the test_stack recipe file name to be consistent with the rest of the tests. 29d1fad Fixed a crash in print_notice. Build log ended with (last 100 lines): LIBDEPS=' '" -L. -lcrypto"' -ldl ' \ LIBNAME=ossltest LDFLAGS='' \ CC='clang' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE' \ SHARED_LDFLAGS='-Wl,-znodelete -m64 ' \ SHLIB_EXT=.so \ LIBEXTRAS="engines/e_ossltest.o" \ link_dso.linux-shared make[2]: Entering directory '/home/openssl/run-checker/no-dtls' LD_LIBRARY_PATH=.: clang -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -fPIC -DOPENSSL_USE_NODELETE -Wl,-znodelete -m64 -shared -Wl,-Bsymbolic -Wl, -soname=ossltest.so -o engines/ossltest.so engines/e_ossltest.o -L. -lcrypto -ldl make[2]: Leaving directory '/home/openssl/run-checker/no-dtls' CC="clang" /usr/bin/perl ../openssl/engines/asm/e_padlock-x86_64.pl elf engines/e_padlock-x86_64.s clang -Iinclude -I../openssl/include -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 -DL_ENDIAN -Wextra -Qunused-arguments -DDEBUG_UNUSED -Wswitch -DPEDANTIC -pedantic -Wno-long-long -Wall -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Qunused-arguments -Wextra -Wswitch-default -Wno-unused-parameter -Wno-parentheses-equality -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment
Platform and configuration command: $ uname -a Linux test 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -fno-sanitize=alignment Commit log since last time: 2c1b0f1 Add Client CA names tests 2e21539 Add ExpectedClientCANames f8f16d8 Remove obsolete version test when returning CA names. 07518cf Add TLSv1.3 draft-19 messages to trace 6828358 Handle TLSv1.3 being disabled in clienthello test 6bc6ca6 Add tests for the padding extension d702ad1 Fix the Padding extension 635b7d3 Updates following review feedback c35cb28 Add some HRR tests 807551a Add some more PSK tests 69b2d39 Fix ciphersuite handling during an HRR cf3e221 Ensure after an HRR any PSKs have the right hash 11c67ee HelloRetryRequest updates for draft-19 9e0ac6a Check ClientHello boundary as per draft-19 6594189 Merge early_data_info extension into early_data ef6c191 Update end of early data processing for draft-19 bc993d3 Update the TLSv1.3 secrets test vectors for draft-19 3e0458f Update secret generation for draft-19 e984b53 Update the TLSv1.3 version indicator for draft-19 7baabf4 Fix typo in ASYNC_WAIT_CTX_new.pod doc f2ff143 Simplify code around next_proto.len by changing 'len' data type. 0ae407e Remove documentation of deleted function b00d540 Remove unused typedefs from indent config f775245 Remove some unused PEM structures 5a81a05 Rename the test_stack recipe file name to be consistent with the rest of the tests. 29d1fad Fixed a crash in print_notice. Build log ended with (last 100 lines): ../../openssl/test/recipes/15-test_ecdh.t ok ../../openssl/test/recipes/15-test_ecdsa.t ... ok ../../openssl/test/recipes/15-test_genrsa.t .. ok ../../openssl/test/recipes/15-test_rsa.t . ok ../../openssl/test/recipes/15-test_rsapss.t .. ok ../../openssl/test/recipes/20-test_enc.t . ok ../../openssl/test/recipes/20-test_enc_more.t ok ../../openssl/test/recipes/20-test_passwd.t .. ok ../../openssl/test/recipes/25-test_crl.t . ok ../../openssl/test/recipes/25-test_d2i.t . ok ../../openssl/test/recipes/25-test_pkcs7.t ... ok ../../openssl/test/recipes/25-test_req.t . ok ../../openssl/test/recipes/25-test_sid.t . ok ../../openssl/test/recipes/25-test_verify.t .. ok ../../openssl/test/recipes/25-test_x509.t ok ../../openssl/test/recipes/30-test_afalg.t ... ok ../../openssl/test/recipes/30-test_engine.t .. ok ../../openssl/test/recipes/30-test_evp.t . ok ../../openssl/test/recipes/30-test_evp_extra.t ... ok ../../openssl/test/recipes/30-test_pbelu.t ... ok ../../openssl/test/recipes/30-test_pkey_meth.t ... ok ../../openssl/test/recipes/40-test_rehash.t .. ok ../../openssl/test/recipes/60-test_x509_store.t .. ok ../../openssl/test/recipes/60-test_x509_time.t ... ok ../../openssl/test/recipes/70-test_asyncio.t . ok ../../openssl/test/recipes/70-test_bad_dtls.t ok ../../openssl/test/recipes/70-test_clienthello.t . ok ../../openssl/test/recipes/70-test_key_share.t ... skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t .. ok ../../openssl/test/recipes/70-test_recordlen.t ... ok ../../openssl/test/recipes/70-test_renegotiation.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ... ok ../../openssl/test/recipes/70-test_sslcertstatus.t ... ok ../../openssl/test/recipes/70-test_sslextension.t ok ../../openssl/test/recipes/70-test_sslmessages.t . ok ../../openssl/test/recipes/70-test_sslrecords.t .. ok ../../openssl/test/recipes/70-test_sslsessiontick.t .. ok ../../openssl/test/recipes/70-test_sslsigalgs.t .. ok ../../openssl/test/recipes/70-test_sslsignature.t ok ../../openssl/test/recipes/70-test_sslskewith0p.t ok ../../openssl/test/recipes/70-test_sslversions.t . skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ... ok ../../openssl/test/recipes/70-test_tls13cookie.t . skipped: test_tls13cookie needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13hrr.t skipped: test_tls13hrr needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ... skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t ... skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13psk.t skipped: test_tls13psk needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t ok ../../openssl/test/recipes/70-test_verify_extra.t ok