[openssl-commits] [openssl] master update

2017-08-28 Thread Kurt Roeckx 
The branch master has been updated
   via  58891025eff2fb42a6a5cf2fa861d46308826d07 (commit)
   via  0b14a5b7ccd1618fe47d74a51c4873144c57ac83 (commit)
  from  b23171744b01e473ebbfd6edad70c1c3825ffbcd (commit)


- Log -
commit 58891025eff2fb42a6a5cf2fa861d46308826d07
Author: Kurt Roeckx 
Date:   Sun Aug 27 23:13:05 2017 +0200

Make the global DRBGs static

Reviewed-by: Rich Salz 
Reviewed-by: Paul Dale 
GH: #4268

commit 0b14a5b7ccd1618fe47d74a51c4873144c57ac83
Author: Kurt Roeckx 
Date:   Sun Aug 27 17:46:33 2017 +0200

Don't auto-instantiate a DRBG when trying to use it and it's not

The one creating the DRBG should instantiate it, it's there that we
know which parameters we should use to instantiate it.

This splits the rand init in two parts to avoid a deadlock
because when the global drbg is created it wands to call
rand_add on the global rand method.

Reviewed-by: Rich Salz 
Reviewed-by: Paul Dale 
GH: #4268

---

Summary of changes:
 crypto/include/internal/rand_int.h |   1 +
 crypto/init.c  |   1 +
 crypto/rand/drbg_lib.c | 128 -
 crypto/rand/rand_lcl.h |   2 -
 crypto/rand/rand_lib.c |  39 ++-
 include/internal/rand.h|   1 +
 ssl/ssl_lib.c  |   3 +-
 util/libcrypto.num |   1 +
 8 files changed, 109 insertions(+), 67 deletions(-)

diff --git a/crypto/include/internal/rand_int.h 
b/crypto/include/internal/rand_int.h
index 90b0094..d0999f2 100644
--- a/crypto/include/internal/rand_int.h
+++ b/crypto/include/internal/rand_int.h
@@ -18,4 +18,5 @@
 #include 
 
 void rand_cleanup_int(void);
+void rand_cleanup_drbg_int(void);
 void rand_fork(void);
diff --git a/crypto/init.c b/crypto/init.c
index c8f0a3f..ccfd003 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -488,6 +488,7 @@ void OPENSSL_cleanup(void)
  * obj_cleanup_int() must be called last
  */
 rand_cleanup_int();
+rand_cleanup_drbg_int();
 conf_modules_free_int();
 #ifndef OPENSSL_NO_ENGINE
 engine_cleanup_int();
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index d1f419d..83ddc27 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -12,6 +12,11 @@
 #include 
 #include 
 #include "rand_lcl.h"
+#include "internal/thread_once.h"
+#include "internal/rand_int.h"
+
+static RAND_DRBG rand_drbg; /* The default global DRBG. */
+static RAND_DRBG priv_drbg; /* The global private-key DRBG. */
 
 /*
  * Support framework for NIST SP 800-90A DRBG, AES-CTR mode.
@@ -25,6 +30,8 @@
  * a much bigger deal than just re-setting an allocated resource.)
  */
 
+static CRYPTO_ONCE rand_init_drbg = CRYPTO_ONCE_STATIC_INIT;
+
 /*
  * Set/initialize |drbg| to be of type |nid|, with optional |flags|.
  * Return -2 if the type is not supported, 1 on success and -1 on
@@ -76,18 +83,9 @@ RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, 
RAND_DRBG *parent)
 goto err;
 
 if (parent != NULL) {
-if (parent->state == DRBG_UNINITIALISED
-&& RAND_DRBG_instantiate(parent, NULL, 0) == 0)
-goto err;
 if (!RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_parent,
  drbg_release_entropy,
- NULL, NULL)
-/*
- * Add in our address.  Note we are adding the pointer
- * itself, not its contents!
- */
-|| !RAND_DRBG_instantiate(drbg,
-  (unsigned char*)&drbg, sizeof(drbg)))
+ NULL, NULL))
 goto err;
 }
 
@@ -98,17 +96,12 @@ err:
 return NULL;
 }
 
-RAND_DRBG *RAND_DRBG_get0_global(void)
-{
-return &rand_drbg;
-}
-
 /*
  * Uninstantiate |drbg| and free all memory.
  */
 void RAND_DRBG_free(RAND_DRBG *drbg)
 {
-/* The global DRBG is free'd by rand_cleanup_int() */
+/* The global DRBG is free'd by rand_cleanup_drbg_int() */
 if (drbg == NULL || drbg == &rand_drbg)
 return;
 
@@ -340,28 +333,80 @@ void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int 
idx)
  * global DRBG.  They lock.
  */
 
+/*
+ * Creates a global DRBG with default settings.
+ * Returns 1 on success, 0 on failure
+ */
+static int setup_drbg(RAND_DRBG *drbg)
+{
+int ret = 1;
+
+drbg->lock = CRYPTO_THREAD_lock_new();
+ret &= drbg->lock != NULL;
+drbg->size = RANDOMNESS_NEEDED;
+drbg->secure = CRYPTO_secure_malloc_initialized();
+/* If you change these parameters, see RANDOMNESS_NEEDED */
+ret &= RAND_DRBG_set(drbg,
+ NID_aes_128_ctr, RAND_DRBG_FLAG_CTR_USE_DF) == 1;
+ret &= RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_system,
+

[openssl-commits] [web] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  8f15d0696303956c316e276146a759541512e7ef (commit)
  from  7b17d477171ac28654376447d561f0be8f137f9e (commit)


- Log -
commit 8f15d0696303956c316e276146a759541512e7ef
Author: Rich Salz 
Date:   Mon Aug 28 14:00:08 2017 -0400

Add PR link

---

Summary of changes:
 news/secadv/20170828.txt | 8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/news/secadv/20170828.txt b/news/secadv/20170828.txt
index 02a1cba..c28bc7d 100644
--- a/news/secadv/20170828.txt
+++ b/news/secadv/20170828.txt
@@ -12,8 +12,10 @@ OpenSSL could do a one-byte buffer overread. The most likely 
result
 would be an erroneous display of the certificate in text format.
 
 As this is a low severity fix, no release is being made. The fix can be
-found in the source repository (1.0.2, 1.1.0, and master branches) in
-the X509v3_addr_get_afi function.  This bug has been present since 2006.
+found in the source repository (1.0.2, 1.1.0, and master branches); see
+https://github.com/openssl/openssl/pull/4276. This bug has been present
+since 2006.
+
 
 This issue was found by Google's OSS-Fuzz project on August 22.
 The fix was developed by Rich Salz of the OpenSSL development team.
@@ -29,7 +31,7 @@ References
 ==
 
 URL for this Security Advisory:
-https://www.openssl.org/news/secadv/20170126.txt
+https://www.openssl.org/news/secadv/20170828.txt
 
 Note: the online version of the advisory may be updated with additional details
 over time.
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [tools] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  9685c0e6552d24d1ab2ae8392d6078513524bbfc (commit)
  from  6b16ee4c68fe6ce0d524a0c7e93f996ae421370d (commit)


- Log -
commit 9685c0e6552d24d1ab2ae8392d6078513524bbfc
Author: Rich Salz 
Date:   Mon Aug 28 13:44:20 2017 -0400

Add column header/titles

---

Summary of changes:
 reports/stats2csv.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/reports/stats2csv.py b/reports/stats2csv.py
index 22bb1bf..5d3211f 100644
--- a/reports/stats2csv.py
+++ b/reports/stats2csv.py
@@ -11,6 +11,7 @@ files = glob.glob(sys.argv[1]+ "/*.js")
 files.sort()
 when = sys.argv[2]
 
+print "open, closed, duration, #, state, user"
 for f in files:
 items = json.load(open(f))
 for i in items:
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  7b17d477171ac28654376447d561f0be8f137f9e (commit)
  from  33e0bb7ff0d4776aeb917228e03849b502e17ebf (commit)


- Log -
commit 7b17d477171ac28654376447d561f0be8f137f9e
Author: Rich Salz 
Date:   Mon Aug 28 13:40:04 2017 -0400

Remove newline

---

Summary of changes:
 news/newsflash.txt | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/news/newsflash.txt b/news/newsflash.txt
index e81ae1a..611e27f 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,8 +4,7 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
-28-Aug-2017: Security Advisory: Buffer
-overread
+28-Aug-2017: Security Advisory: Buffer 
overread
 25-May-2017: OpenSSL 1.1.0f is now available, including various bug fixes (no 
security fixes)
 25-May-2017: OpenSSL 1.0.2l is now available, including various bug fixes (no 
security fixes)
 04-May-2017: New Blog post: Using 
TLS1.3 with OpenSSL
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2017-08-28 Thread Rich Salz 
The branch OpenSSL_1_0_2-stable has been updated
   via  31c8b265591a0aaa462a1f3eb5770661aaac67db (commit)
  from  917552f32260cd9b8c9018cdb15893ebdd9ab39d (commit)


- Log -
commit 31c8b265591a0aaa462a1f3eb5770661aaac67db
Author: Rich Salz 
Date:   Tue Aug 22 11:44:41 2017 -0400

Avoid out-of-bounds read

Fixes CVE 2017-3735

Reviewed-by: Kurt Roeckx 
(Merged from https://github.com/openssl/openssl/pull/4276)

(cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd)

---

Summary of changes:
 crypto/x509v3/v3_addr.c | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index 1290dec..af080a0 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi)
  */
 unsigned int v3_addr_get_afi(const IPAddressFamily *f)
 {
-return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
-? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-: 0);
+if (f == NULL
+|| f->addressFamily == NULL
+|| f->addressFamily->data == NULL
+|| f->addressFamily->length < 2)
+return 0;
+return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
 }
 
 /*
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2017-08-28 Thread Rich Salz 
The branch OpenSSL_1_1_0-stable has been updated
   via  068b963bb7afc57f5bdd723de0dd15e7795d5822 (commit)
  from  7c188d4af022700961882971b90b70ac71702470 (commit)


- Log -
commit 068b963bb7afc57f5bdd723de0dd15e7795d5822
Author: Rich Salz 
Date:   Tue Aug 22 11:44:41 2017 -0400

Avoid out-of-bounds read

Fixes CVE 2017-3735

Reviewed-by: Kurt Roeckx 
(Merged from https://github.com/openssl/openssl/pull/4276)

(cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd)

---

Summary of changes:
 crypto/x509v3/v3_addr.c | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index ef1d775..c5183a1 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -84,10 +84,12 @@ static int length_from_afi(const unsigned afi)
  */
 unsigned int X509v3_addr_get_afi(const IPAddressFamily *f)
 {
-return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
-? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-: 0);
+if (f == NULL
+|| f->addressFamily == NULL
+|| f->addressFamily->data == NULL
+|| f->addressFamily->length < 2)
+return 0;
+return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
 }
 
 /*
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  b23171744b01e473ebbfd6edad70c1c3825ffbcd (commit)
  from  302eba3f6dd588f1269aba4605a007ae86b583db (commit)


- Log -
commit b23171744b01e473ebbfd6edad70c1c3825ffbcd
Author: Rich Salz 
Date:   Tue Aug 22 11:44:41 2017 -0400

Avoid out-of-bounds read

Fixes CVE 2017-3735

Reviewed-by: Kurt Roeckx 
(Merged from https://github.com/openssl/openssl/pull/4276)

---

Summary of changes:
 crypto/x509v3/v3_addr.c | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index f4e1298..bb58e04 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -84,10 +84,12 @@ static int length_from_afi(const unsigned afi)
  */
 unsigned int X509v3_addr_get_afi(const IPAddressFamily *f)
 {
-return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
-? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-: 0);
+if (f == NULL
+|| f->addressFamily == NULL
+|| f->addressFamily->data == NULL
+|| f->addressFamily->length < 2)
+return 0;
+return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
 }
 
 /*
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  33e0bb7ff0d4776aeb917228e03849b502e17ebf (commit)
  from  c5539fee7af88f0d3bb58b9fd5c98de61f00abb8 (commit)


- Log -
commit 33e0bb7ff0d4776aeb917228e03849b502e17ebf
Author: wetinee 
Date:   Wed Aug 23 14:57:31 2017 +0800

CVE 2017-3735

Reviewed-by: Rich Salz 

---

Summary of changes:
 news/newsflash.txt   |  2 ++
 news/secadv/20170828.txt | 38 ++
 news/vulnerabilities.xml | 34 ++
 3 files changed, 74 insertions(+)
 create mode 100644 news/secadv/20170828.txt

diff --git a/news/newsflash.txt b/news/newsflash.txt
index 6ff850d..e81ae1a 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,6 +4,8 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
+28-Aug-2017: Security Advisory: Buffer
+overread
 25-May-2017: OpenSSL 1.1.0f is now available, including various bug fixes (no 
security fixes)
 25-May-2017: OpenSSL 1.0.2l is now available, including various bug fixes (no 
security fixes)
 04-May-2017: New Blog post: Using 
TLS1.3 with OpenSSL
diff --git a/news/secadv/20170828.txt b/news/secadv/20170828.txt
new file mode 100644
index 000..02a1cba
--- /dev/null
+++ b/news/secadv/20170828.txt
@@ -0,0 +1,38 @@
+
+OpenSSL Security Advisory [28 Aug 2017]
+
+
+Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)
+===
+
+Severity: Low
+
+If an X.509 certificate has a malformed IPAddressFamily extension,
+OpenSSL could do a one-byte buffer overread. The most likely result
+would be an erroneous display of the certificate in text format.
+
+As this is a low severity fix, no release is being made. The fix can be
+found in the source repository (1.0.2, 1.1.0, and master branches) in
+the X509v3_addr_get_afi function.  This bug has been present since 2006.
+
+This issue was found by Google's OSS-Fuzz project on August 22.
+The fix was developed by Rich Salz of the OpenSSL development team.
+
+Note
+
+
+Support for version 1.0.1 ended on 31st December 2016. Support for versions
+0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
+receiving security updates.
+
+References
+==
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv/20170126.txt
+
+Note: the online version of the advisory may be updated with additional details
+over time.
+
+For details of OpenSSL severity classifications please see:
+https://www.openssl.org/policies/secpolicy.html
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 668e987..5130be3 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -6,6 +6,40 @@
 -->
 
 
+  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+out-of-bounds read
+Possible Overread in parsing X.509 IPAdressFamily
+
+  While parsing an IPAdressFamily extension in an X.509 certificate,
+  it is possible to do a one-byte overread. This would result in
+  an incorrect text display of the certificate.
+
+
+
+  
   
 
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1_2

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed in Jenkins: master_basic #202

2017-08-28 Thread osslsanity 
See 


Changes:

[rsalz] DRBG: clarify difference between entropy counts and buffer lengths

[rsalz] RAND: Rename the RAND_poll_ex() callback and its typedef

[rsalz] DRBG: Remove 'randomness' buffer from 'RAND_DRBG'

[levitte] If 'tests' is disabled, then so should 'external-tests'

--
[...truncated 1.01 MB...]
APPNAME=test/ssl_test OBJECTS="test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o" \
LIBDEPS=' '" -L. -lssl test/libtestutil.a -L. -lcrypto"' -ldl ' 
\
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:--L. -lssl test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  }"; LIBPATH=`for x in 
$LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo 
$LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH 
${LDCMD} ${LDFLAGS} -o ${APPNAME:=test/ssl_test} test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS}; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=test/ssl_test} test/handshake_helper
 .o test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS} )
LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall 
-O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack -o test/ssl_test 
test/handshake_helper.o test/ssl_test.o test/ssl_test_ctx.o -L. -lssl 
test/libtestutil.a -L. -lcrypto -ldl
make[2]: Leaving directory 
`
gcc  -I. -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  -MMD -MF 
test/ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test.o -c -o 
test/ssl_test_ctx_test.o test/ssl_test_ctx_test.c
rm -f test/ssl_test_ctx_test
make -f ./Makefile.shared -e \
PERL="/usr/bin/perl" SRCDIR=. \
APPNAME=test/ssl_test_ctx_test OBJECTS="test/ssl_test_ctx.o 
test/ssl_test_ctx_test.o" \
LIBDEPS=' '" -L. -lssl test/libtestutil.a -L. -lcrypto"' -ldl ' 
\
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:--L. -lssl test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSS

[openssl-commits] [openssl] master update

2017-08-28 Thread Richard Levitte 
The branch master has been updated
   via  302eba3f6dd588f1269aba4605a007ae86b583db (commit)
  from  6969a3f49ae63c8a4fd543a121511a1f0eb64a5e (commit)


- Log -
commit 302eba3f6dd588f1269aba4605a007ae86b583db
Author: Richard Levitte 
Date:   Mon Aug 28 15:41:49 2017 +0200

If 'tests' is disabled, then so should 'external-tests'

Reviewed-by: Ben Kaduk 
(Merged from https://github.com/openssl/openssl/pull/4274)

---

Summary of changes:
 Configure | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Configure b/Configure
index 60dc1f4..57cdeb3 100755
--- a/Configure
+++ b/Configure
@@ -516,6 +516,7 @@ my @disable_cascades = (
 
 "stdio" => [ "apps", "capieng" ],
 "apps"  => [ "tests" ],
+"tests" => [ "external-tests" ],
 "comp"  => [ "zlib" ],
 "ec"=> [ "tls1_3" ],
 sub { !$disabled{"unit-test"} } => [ "heartbeats" ],
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  6969a3f49ae63c8a4fd543a121511a1f0eb64a5e (commit)
   via  4871fa49cdd0d4473b6a815fc01fbde3e6ced339 (commit)
   via  aa048aef0b9146f90c06333dedfc105d1f9e2c22 (commit)
  from  b2db9c18b23f59c3a08ef10f0ee85f24d43da2a4 (commit)


- Log -
commit 6969a3f49ae63c8a4fd543a121511a1f0eb64a5e
Author: Dr. Matthias St. Pierre 
Date:   Fri Aug 25 23:26:53 2017 +0200

DRBG: Remove 'randomness' buffer from 'RAND_DRBG'

The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed
in such a way that the randomness buffer does not have to be allocated
by the calling function. It receives the address of a dynamically
allocated buffer from get_entropy() and returns this address to
cleanup_entropy(), where it is freed. If these two calls are properly
paired, the address can be stored in a stack local variable of the
calling function, so there is no need for having a 'randomness' member
(and a 'filled' member) in 'RAND_DRBG'.

Reviewed-by: Paul Dale 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4266)

commit 4871fa49cdd0d4473b6a815fc01fbde3e6ced339
Author: Dr. Matthias St. Pierre 
Date:   Fri Aug 25 22:39:33 2017 +0200

RAND: Rename the RAND_poll_ex() callback and its typedef

With the introduction of RAND_poll_ex(), the `RAND_add()` calls were
replaced by meaningless cb(...). This commit changes the 'cb(...)'
calls back to 'rand_add(...)' calls by changing the signature as follows:

-int RAND_poll_ex(RAND_poll_fn cb, void *arg);
+int RAND_poll_ex(RAND_poll_cb rand_add, void *arg);

Changed the function typedef name to 'RAND_poll_cb' to emphasize the fact
that the function type represents a callback function.

Reviewed-by: Paul Dale 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4266)

commit aa048aef0b9146f90c06333dedfc105d1f9e2c22
Author: Dr. Matthias St. Pierre 
Date:   Sun Aug 20 23:02:46 2017 +0200

DRBG: clarify difference between entropy counts and buffer lengths

Unlike the NIST DRBG standard, entropy counts are in bits and
buffer lengths are in bytes. This has lead to some confusion and
errors in the past, see my comment on PR 3789.

To clarify the destinction between entropy counts and buffer lengths,
a 'len' suffix has been added to all member names of RAND_DRBG which
represent buffer lengths:

-   {min,max}_{entropy,adin,nonce,pers}
+   {min,max}_{entropy,adin,nonce,pers}len

This change makes naming also more consistent, as can be seen in the
diffs, for example:

-else if (adinlen > drbg->max_adin) {
+else if (adinlen > drbg->max_adinlen) {

Also replaced all 'ent's by 'entropy's, following a suggestion of Paul Dale.

Reviewed-by: Paul Dale 
Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4266)

---

Summary of changes:
 crypto/rand/drbg_lib.c  | 38 +--
 crypto/rand/drbg_rand.c | 36 +-
 crypto/rand/rand_lcl.h  | 36 --
 crypto/rand/rand_lib.c  | 48 ++--
 crypto/rand/rand_unix.c | 22 +--
 crypto/rand/rand_vms.c  |  4 +-
 crypto/rand/rand_win.c  |  8 ++--
 doc/man3/RAND_add.pod   |  6 +--
 include/internal/rand.h |  5 ++-
 include/openssl/rand.h  |  4 +-
 test/drbgtest.c | 98 -
 util/private.num|  2 +-
 12 files changed, 157 insertions(+), 150 deletions(-)

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index 6aced40..d1f419d 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -125,9 +125,9 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
   const unsigned char *pers, size_t perslen)
 {
 unsigned char *nonce = NULL, *entropy = NULL;
-size_t noncelen = 0, entlen = 0;
+size_t noncelen = 0, entropylen = 0;
 
-if (perslen > drbg->max_pers) {
+if (perslen > drbg->max_perslen) {
 RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
 RAND_R_PERSONALISATION_STRING_TOO_LONG);
 goto end;
@@ -141,23 +141,23 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
 
 drbg->state = DRBG_ERROR;
 if (drbg->get_entropy != NULL)
-entlen = drbg->get_entropy(drbg, &entropy, drbg->strength,
-   drbg->min_entropy, drbg->max_entropy);
-if (entlen < drbg->min_entropy || entlen > drbg->max_entropy) {
+entropylen = drbg->get_entropy(drbg, &entropy, drbg->strength,
+   drbg->min_entropylen, drbg->max_entropylen);
+if (entropylen < drbg->min_entropylen || entropylen > 
drbg->max_entropylen) {
 RANDerr(RAND_F_RAND_DRBG_INSTANTIA

[openssl-commits] Build failed in Jenkins: master_basic #201

2017-08-28 Thread osslsanity 
See 


Changes:

[rsalz] MSC_VER <= 1200 isn't supported; remove dead code

--
[...truncated 1.01 MB...]
APPNAME=test/ssl_test OBJECTS="test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o" \
LIBDEPS=' '" -L. -lssl test/libtestutil.a -L. -lcrypto"' -ldl ' 
\
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:--L. -lssl test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  }"; LIBPATH=`for x in 
$LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo 
$LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH 
${LDCMD} ${LDFLAGS} -o ${APPNAME:=test/ssl_test} test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS}; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=test/ssl_test} test/handshake_helper
 .o test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS} )
LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall 
-O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack -o test/ssl_test 
test/handshake_helper.o test/ssl_test.o test/ssl_test_ctx.o -L. -lssl 
test/libtestutil.a -L. -lcrypto -ldl
make[2]: Leaving directory 
`
gcc  -I. -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  -MMD -MF 
test/ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test.o -c -o 
test/ssl_test_ctx_test.o test/ssl_test_ctx_test.c
rm -f test/ssl_test_ctx_test
make -f ./Makefile.shared -e \
PERL="/usr/bin/perl" SRCDIR=. \
APPNAME=test/ssl_test_ctx_test OBJECTS="test/ssl_test_ctx.o 
test/ssl_test_ctx_test.o" \
LIBDEPS=' '" -L. -lssl test/libtestutil.a -L. -lcrypto"' -ldl ' 
\
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:--L. -lssl test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/u

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-whirlpool

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-whirlpool

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target

Build log ended with (last 100 lines):

../../openssl/test/recipes/30-test_pbelu.t  ok
../../openssl/test/recipes/30-test_pkey_meth.t  ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t  ok
../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  skipped: 
test_key_share needs TLS1.3 enabled
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  ok
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  ok
../../openssl/test/recipes/70-test_sslcertstatus.t  ok
../../openssl/test/recipes/70-test_sslextension.t . ok
../../openssl/test/recipes/70-test_sslmessages.t .. 
Dubious, test returned 14 (wstat 3584, 0xe00)
Failed 14/21 subtests 
../../openssl/test/recipes/70-test_sslrecords.t ... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/18 subtests 
(less 6 skipped subtests: 11 okay)
../../openssl/test/recipes/70-test_sslsessiontick.t ... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: 
test_tls13cookie needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t . skipped: 
test_tls13hrr needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t  skipped: 
test_tls13kexmodes needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13messages.t  skipped: 
test_tls13messages needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13psk.t . skipped: 
test_tls13psk needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tlsextms.t . ok
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t . ok
../../openssl/test/recipes/80-test_dtls_mtu.t . ok
../../openssl/test/recipes/80-test_dtlsv1listen.t . ok
../../openssl/test/recip

[openssl-commits] [openssl] master update

2017-08-28 Thread Rich Salz 
The branch master has been updated
   via  b2db9c18b23f59c3a08ef10f0ee85f24d43da2a4 (commit)
  from  32c1356302e74dfa5e8bd2d7002c18d91a323b70 (commit)


- Log -
commit b2db9c18b23f59c3a08ef10f0ee85f24d43da2a4
Author: Rich Salz 
Date:   Fri Aug 25 16:05:18 2017 -0400

MSC_VER <= 1200 isn't supported; remove dead code

VisualStudio 6 and earlier aren't supported.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4263)

---

Summary of changes:
 CHANGES | 4 
 crypto/sha/sha512.c | 3 ---
 e_os.h  | 8 
 test/ectest.c   | 5 -
 4 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/CHANGES b/CHANGES
index f9b58f9..2cf6993 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX ]
 
+  *) Some macro definitions to support VS6 have been removed.  Visual
+ Studio 6 has not worked since 1.1.0
+ [Rich Salz]
+
   *) Add ERR_clear_last_mark(), to allow callers to clear the last mark
  without clearing the errors.
  [Richard Levitte]
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index e94de43..263bae2 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -399,9 +399,6 @@ static SHA_LONG64 __fastcall __pull64be(const void *x)
 }
 #endif
 #define PULL64(x) __pull64be(&(x))
-#if _MSC_VER<=1200
-# pragma inline_depth(0)
-#endif
 #   endif
 #  endif
 # endif
diff --git a/e_os.h b/e_os.h
index 5f4ba3e..2310e32 100644
--- a/e_os.h
+++ b/e_os.h
@@ -196,14 +196,6 @@ static __inline unsigned int _strlen31(const char *str)
 }
 #   endif
 #   include 
-#   if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace)
-   /* compensate for bug in VC6 ctype.h */
-#undef isspace
-#undef isdigit
-#undef isalnum
-#undef isupper
-#undef isxdigit
-#   endif
 #   if defined(_MSC_VER) && !defined(_WIN32_WCE) && !defined(_DLL) && 
defined(stdin)
 #if _MSC_VER>=1300 && _MSC_VER<1600
 # undef stdin
diff --git a/test/ectest.c b/test/ectest.c
index 3267a3d..03d7943 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -23,11 +23,6 @@
 # include 
 # include 
 
-# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
-/* suppress "too big too optimize" warning */
-#  pragma warning(disable:4959)
-# endif
-
 static size_t crv_len = 0;
 static EC_builtin_curve *curves = NULL;
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-stdio

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-stdio

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build completed: openssl master.12817

2017-08-28 Thread AppVeyor 


Build openssl master.12817 completed



Commit c23e850bdf by Dr. Matthias St. Pierre on 8/25/2017 9:26 PM:

DRBG: Remove 'randomness' buffer from 'RAND_DRBG'


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed: openssl master.12816

2017-08-28 Thread AppVeyor 



Build openssl master.12816 failed


Commit 5990f67055 by Dr. Matthias St. Pierre on 8/25/2017 9:26 PM:

DRBG: Remove 'randomness' buffer from 'RAND_DRBG'


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-sctp

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-sctp

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target

Build log ended with (last 100 lines):

../../openssl/test/recipes/25-test_verify.t ... ok
../../openssl/test/recipes/25-test_x509.t . ok
../../openssl/test/recipes/30-test_afalg.t  ok
../../openssl/test/recipes/30-test_engine.t ... ok
../../openssl/test/recipes/30-test_evp.t .. ok
../../openssl/test/recipes/30-test_evp_extra.t  ok
../../openssl/test/recipes/30-test_pbelu.t  ok
../../openssl/test/recipes/30-test_pkey_meth.t  ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t  ok
../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  skipped: 
test_key_share needs TLS1.3 enabled
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  ok
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  ok
../../openssl/test/recipes/70-test_sslcertstatus.t  ok
../../openssl/test/recipes/70-test_sslextension.t . ok
../../openssl/test/recipes/70-test_sslmessages.t .. ok
../../openssl/test/recipes/70-test_sslrecords.t ... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: 
test_tls13cookie needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t . skipped: 
test_tls13hrr needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t  skipped: 
test_tls13kexmodes needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13messages.t  skipped: 
test_tls13messages needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13psk.t . skipped: 
test_tls13psk needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tlsextms.t . ok
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . o

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-scrypt

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-scrypt

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Build failed in Jenkins: master_basic #200

2017-08-28 Thread osslsanity 
See 


Changes:

[paul.dale] Check for EOF in ASCII conversions.

[levitte] apps/passwd.c: Don't disable MD5 and SHA when CHARSET_EBCDIC is 
defined

[levitte] apps/passwd.c: Fix code layout

[levitte] apps/passwd.c: Make MD5 and SHA password making EBCDIC aware

[paul.dale] Check range of test values using isascii before diving into the full

[levitte] passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target

[levitte] Allow --strict-warnings with the icc compiler as well

[matt] Don't run a CT specifc test if CT is disabled

[matt] Ensure we exchange cookies in s_server even if SCTP is disabled

[matt] Fix no-chacha and no-poly1305

[bernd.edlinger] Do not lookup zero-length session ID

[matt] Clarify the meaning of no-stdio in INSTALL

[matt] Fix description of how to report a bug in INSTALL

[levitte] NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard

[matt] Fix no-scrypt

[matt] Fix no-tls and no-tls1_2

[bernd.edlinger] Clear secret stack values after use in curve25519.c

[bernd.edlinger] Clear secret stack values after use in the ED25519-functions

[rsalz] Use strcpy instead of sprintf %s

[matt] Fix coding style in crypto/rsa directory

[matt] This part fixes braces around if-else.

[levitte] Move more socket stuff

[levitte] Fix guarding macro in include/internal/sockets.h

[rsalz] Remove NO_DIRENT; it isn't used anywhere

--
[...truncated 1.01 MB...]
APPNAME=test/ssl_test OBJECTS="test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o" \
LIBDEPS=' '" -L. -lssl test/libtestutil.a -L. -lcrypto"' -ldl ' 
\
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:--L. -lssl test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  }"; LIBPATH=`for x in 
$LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo 
$LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH 
${LDCMD} ${LDFLAGS} -o ${APPNAME:=test/ssl_test} test/handshake_helper.o 
test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS}; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=test/ssl_test} test/handshake_helper
 .o test/ssl_test.o test/ssl_test_ctx.o ${LIBDEPS} )
LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall 
-O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack -o test/ssl_test 
test/handshake_helper.o test/ssl_test.o test/ssl_test_ctx.o -L. -lssl 
test/libtestutil.a -L. -lcrypto -ldl
make[2]: Leaving directory 
`
gcc  -I. -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  -MMD -MF 
test/ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test.o -c -o 
test/ssl_test_ctx_test.o test/ssl_test_ctx_test.c
rm -f test/ssl_test_ctx_test
make -f ./Makefile.shared -e \
PERL="/usr/bin/perl" SRCDIR=. \
APPNAME=test/ssl_test_ctx_test OBJECTS

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-poly1305

2017-08-28 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-poly1305

Commit log since last time:

32c1356 Remove NO_DIRENT; it isn't used anywhere
384cdd4 Fix guarding macro in include/internal/sockets.h
9a5d80c Move more socket stuff
90862ab This part fixes braces around if-else.
8686c47 Fix coding style in crypto/rsa directory
b5fe5df Use strcpy instead of sprintf %s
3790a2f Clear secret stack values after use in the ED25519-functions
78f1e4d Clear secret stack values after use in curve25519.c
bf208d9 Fix no-tls and no-tls1_2
ab78f89 Fix no-scrypt
b379fe6 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
0a8ddc1 Fix description of how to report a bug in INSTALL
219b464 Clarify the meaning of no-stdio in INSTALL
0afca81 Do not lookup zero-length session ID
0139ce7 Fix no-chacha and no-poly1305
1b3011a Ensure we exchange cookies in s_server even if SCTP is disabled
a5e65f7 Don't run a CT specifc test if CT is disabled
a610934 Allow --strict-warnings with the icc compiler as well
bffa1ff passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits