[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-ocsp

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ocsp

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION_push() f

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-poly1305

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-poly1305

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION_push

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  f47270e10b7ec18e5719bb2260a7d6460af387ac (commit)
   via  97652f0b3a557876462ef30373ac5eeeaa88b295 (commit)
   via  77d75993651b63e872244a3256e37967bb3c3e9e (commit)
   via  5630661aecbea5fe3c4740f5fea744a1f07a6253 (commit)
  from  e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451 (commit)


- Log -
commit f47270e10b7ec18e5719bb2260a7d6460af387ac
Author: Matt Caswell 
Date:   Wed Dec 6 14:09:11 2017 +

Update CHANGES and NEWS for new release

Reviewed-by: Rich Salz 

commit 97652f0b3a557876462ef30373ac5eeeaa88b295
Author: Matt Caswell 
Date:   Wed Nov 29 13:56:15 2017 +

Add a test for CVE-2017-3737

Test reading/writing to an SSL object after a fatal error has been
detected. This CVE only affected 1.0.2, but we should add it to other
branches for completeness.

Reviewed-by: Viktor Dukhovni 

commit 77d75993651b63e872244a3256e37967bb3c3e9e
Author: Andy Polyakov 
Date:   Fri Nov 24 11:37:59 2017 +0100

test/bntest.c: add rsaz_1024_mul_avx2 regression test.

Reviewed-by: Rich Salz 

commit 5630661aecbea5fe3c4740f5fea744a1f07a6253
Author: Andy Polyakov 
Date:   Fri Nov 24 11:35:50 2017 +0100

bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Credit to OSS-Fuzz for finding this.

CVE-2017-3738

Reviewed-by: Rich Salz 

---

Summary of changes:
 CHANGES| 22 ++
 NEWS   |  4 +
 crypto/bn/asm/rsaz-avx2.pl | 15 ++--
 test/bntest.c  | 22 ++
 test/build.info|  6 +-
 test/fatalerrtest.c| 89 ++
 .../{90-test_sslapi.t => 90-test_fatalerr.t}   |  6 +-
 7 files changed, 152 insertions(+), 12 deletions(-)
 create mode 100644 test/fatalerrtest.c
 copy test/recipes/{90-test_sslapi.t => 90-test_fatalerr.t} (77%)

diff --git a/CHANGES b/CHANGES
index 3ae8b4d..cbae96d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -190,6 +190,28 @@
  issues, has been replaced to always returns NULL.
  [Rich Salz]
 
+ Changes between 1.1.0g and 1.1.0h [xx XXX ]
+
+  *) rsaz_1024_mul_avx2 overflow bug on x86_64
+
+ There is an overflow bug in the AVX2 Montgomery multiplication procedure
+ used in exponentiation with 1024-bit moduli. No EC algorithms are 
affected.
+ Analysis suggests that attacks against RSA and DSA as a result of this
+ defect would be very difficult to perform and are not believed likely.
+ Attacks against DH1024 are considered just feasible, because most of the
+ work necessary to deduce information about a private key may be performed
+ offline. The amount of resources required for such an attack would be
+ significant. However, for an attack on TLS to be meaningful, the server
+ would have to share the DH1024 private key among multiple clients, which 
is
+ no longer an option since CVE-2016-0701.
+
+ This only affects processors that support the AVX2 but not ADX extensions
+ like Intel Haswell (4th generation).
+
+ This issue was reported to OpenSSL by David Benjamin (Google). The issue
+ was originally found via the OSS-Fuzz project.
+ (CVE-2017-3738)
+ [Andy Polyakov]
 
  Changes between 1.1.0f and 1.1.0g [2 Nov 2017]
 
diff --git a/NEWS b/NEWS
index d102cb7..73a5a25 100644
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,10 @@
   o Add a STORE module (OSSL_STORE)
   o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
 
+  Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]
+
+  o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
+
   Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]
 
   o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index f263901..8c56a91 100755
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -217,7 +217,7 @@ $code.=<<___;
vmovdqu 32*8-128($ap), $ACC8
 
lea 192(%rsp), $tp0 # 64+128=192
-   vpbroadcastq.Land_mask(%rip), $AND_MASK
+   vmovdqu .Land_mask(%rip), $AND_MASK
jmp .LOOP_GRANDE_SQR_1024
 
 .align 32
@@ -1067,10 +1067,10 @@ $code.=<<___;
vpmuludq32*6-128($np),$Yi,$TEMP1
vpaddq  $TEMP1,$ACC6,$ACC6
vpmuludq32*7-128($np),$Yi,$TEMP2
-vpblendd   \$3, $ZERO, $ACC9, $ACC9# correct $ACC3
+vpblendd   \$3, $ZERO, $ACC9, $TEMP1   # correct $ACC3
vpaddq  $TEMP2,$ACC7,$ACC7
vpmuludq32*8-128($np),$Yi,$TEMP0
-vpaddq $ACC9, $ACC3, $ACC3 # 

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

[Matt Caswell]

The branch OpenSSL_1_1_0-stable has been updated
   via  4749aba5a24a646cc1e84b1e4d21e6f52399da33 (commit)
   via  b9ddcd7aa6ed7cb4d8b165895339ca66170f2da5 (commit)
   via  e502cc86df9dafded1694fceb3228ee34d11c11a (commit)
  from  6fca9feeffc18472c8153fd0bf8b0a95cc05c504 (commit)


- Log -
commit 4749aba5a24a646cc1e84b1e4d21e6f52399da33
Author: Matt Caswell 
Date:   Wed Dec 6 13:54:37 2017 +

Update CHANGES and NEWS for the new release

Reviewed-by: Rich Salz 

commit b9ddcd7aa6ed7cb4d8b165895339ca66170f2da5
Author: Matt Caswell 
Date:   Wed Nov 29 13:56:15 2017 +

Add a test for CVE-2017-3737

Test reading/writing to an SSL object after a fatal error has been
detected. This CVE only affected 1.0.2, but we should add it to other
branches for completeness.

Reviewed-by: Rich Salz 

commit e502cc86df9dafded1694fceb3228ee34d11c11a
Author: Andy Polyakov 
Date:   Fri Nov 24 11:35:50 2017 +0100

bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Credit to OSS-Fuzz for finding this.

CVE-2017-3738

Reviewed-by: Rich Salz 

---

Summary of changes:
 CHANGES|  21 +++-
 NEWS   |   2 +-
 crypto/bn/asm/rsaz-avx2.pl |  15 ++-
 test/build.info|   7 +-
 test/fatalerrtest.c| 124 +
 .../{90-test_sslapi.t => 90-test_fatalerr.t}   |   6 +-
 6 files changed, 161 insertions(+), 14 deletions(-)
 create mode 100644 test/fatalerrtest.c
 copy test/recipes/{90-test_sslapi.t => 90-test_fatalerr.t} (77%)

diff --git a/CHANGES b/CHANGES
index a8cea3a..3d4e835 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,26 @@
 
  Changes between 1.1.0g and 1.1.0h [xx XXX ]
 
-  *)
+  *) rsaz_1024_mul_avx2 overflow bug on x86_64
+
+ There is an overflow bug in the AVX2 Montgomery multiplication procedure
+ used in exponentiation with 1024-bit moduli. No EC algorithms are 
affected.
+ Analysis suggests that attacks against RSA and DSA as a result of this
+ defect would be very difficult to perform and are not believed likely.
+ Attacks against DH1024 are considered just feasible, because most of the
+ work necessary to deduce information about a private key may be performed
+ offline. The amount of resources required for such an attack would be
+ significant. However, for an attack on TLS to be meaningful, the server
+ would have to share the DH1024 private key among multiple clients, which 
is
+ no longer an option since CVE-2016-0701.
+
+ This only affects processors that support the AVX2 but not ADX extensions
+ like Intel Haswell (4th generation).
+
+ This issue was reported to OpenSSL by David Benjamin (Google). The issue
+ was originally found via the OSS-Fuzz project.
+ (CVE-2017-3738)
+ [Andy Polyakov]
 
  Changes between 1.1.0f and 1.1.0g [2 Nov 2017]
 
diff --git a/NEWS b/NEWS
index 3a58d25..8b5b971 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,7 @@
 
   Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]
 
-  o
+  o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
 
   Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]
 
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index 0c1b236..46d746b 100755
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -246,7 +246,7 @@ $code.=<<___;
vmovdqu 32*8-128($ap), $ACC8
 
lea 192(%rsp), $tp0 # 64+128=192
-   vpbroadcastq.Land_mask(%rip), $AND_MASK
+   vmovdqu .Land_mask(%rip), $AND_MASK
jmp .LOOP_GRANDE_SQR_1024
 
 .align 32
@@ -1077,10 +1077,10 @@ $code.=<<___;
vpmuludq32*6-128($np),$Yi,$TEMP1
vpaddq  $TEMP1,$ACC6,$ACC6
vpmuludq32*7-128($np),$Yi,$TEMP2
-vpblendd   \$3, $ZERO, $ACC9, $ACC9# correct $ACC3
+vpblendd   \$3, $ZERO, $ACC9, $TEMP1   # correct $ACC3
vpaddq  $TEMP2,$ACC7,$ACC7
vpmuludq32*8-128($np),$Yi,$TEMP0
-vpaddq $ACC9, $ACC3, $ACC3 # correct $ACC3
+vpaddq $TEMP1, $ACC3, $ACC3# correct $ACC3
vpaddq  $TEMP0,$ACC8,$ACC8
 
mov %rbx, %rax
@@ -1093,7 +1093,9 @@ $code.=<<___;
 vmovdqu-8+32*2-128($ap),$TEMP2
 
mov $r1, %rax
+vpblendd   \$0xfc, $ZERO, $ACC9, $ACC9 # correct $ACC3
imull   $n0, %eax
+vpaddq $ACC9,$ACC4,$ACC4   # correct $ACC3
and \$0x1fff, %eax
 
 imulq  16-128($ap),%rbx
@@ -1329,15 +1331,12 @@ ___
 #  But as we underutil

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Matt Caswell]

The branch OpenSSL_1_0_2-stable has been updated
   via  ebe183023289938a05a982f80be45c3e80ec030a (commit)
   via  e5bba24cd8bb3e5127a578b85c6edf013a38ea6d (commit)
   via  f3b6b413b05f8031c001fd252e0f3b5157261fcb (commit)
   via  df7797f0e8825fbc179d3b3294c563039f88b671 (commit)
   via  c7383fb5f21aa3451f76bb98bdd5a96b070a2c47 (commit)
   via  898fb884b706aaeb283de4812340bb0bde8476dc (commit)
   via  ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76 (commit)
  from  7ed680c21957aab5a9c3634b250dec646dc20ffe (commit)


- Log -
commit ebe183023289938a05a982f80be45c3e80ec030a
Author: Matt Caswell 
Date:   Thu Dec 7 13:20:44 2017 +

Prepare for 1.0.2o-dev

Reviewed-by: Andy Polyakov 

commit e5bba24cd8bb3e5127a578b85c6edf013a38ea6d
Author: Matt Caswell 
Date:   Thu Dec 7 13:19:36 2017 +

Prepare for 1.0.2n release

Reviewed-by: Andy Polyakov 

commit f3b6b413b05f8031c001fd252e0f3b5157261fcb
Author: Matt Caswell 
Date:   Wed Dec 6 13:54:37 2017 +

Update CHANGES and NEWS for the new release

Reviewed-by: Rich Salz 

commit df7797f0e8825fbc179d3b3294c563039f88b671
Author: Matt Caswell 
Date:   Thu Dec 7 11:17:22 2017 +

Fix linking of fatalerrtest in VisualStudio

Reviewed-by: Andy Polyakov 

commit c7383fb5f21aa3451f76bb98bdd5a96b070a2c47
Author: Matt Caswell 
Date:   Wed Nov 29 13:56:15 2017 +

Add a test for CVE-2017-3737

Test reading/writing to an SSL object after a fatal error has been
detected.

Reviewed-by: Rich Salz 

commit 898fb884b706aaeb283de4812340bb0bde8476dc
Author: Matt Caswell 
Date:   Wed Nov 29 14:04:01 2017 +

Don't allow read/write after fatal error

OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
mechanism. The intent was that if a fatal error occurred during a handshake
then OpenSSL would move into the error state and would immediately fail if
you attempted to continue the handshake. This works as designed for the
explicit handshake functions (SSL_do_handshake(), SSL_accept() and
SSL_connect()), however due to a bug it does not work correctly if
SSL_read() or SSL_write() is called directly. In that scenario, if the
handshake fails then a fatal error will be returned in the initial function
call. If SSL_read()/SSL_write() is subsequently called by the application
for the same SSL object then it will succeed and the data is passed without
being decrypted/encrypted directly from the SSL/TLS record layer.

In order to exploit this issue an attacker would have to trick an
application into behaving incorrectly by issuing an SSL_read()/SSL_write()
after having already received a fatal error.

Thanks to David Benjamin (Google) for reporting this issue and suggesting
this fix.

CVE-2017-3737

Reviewed-by: Rich Salz 

commit ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76
Author: Andy Polyakov 
Date:   Fri Nov 24 11:35:50 2017 +0100

bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Credit to OSS-Fuzz for finding this.

CVE-2017-3738

Reviewed-by: Rich Salz 

---

Summary of changes:
 CHANGES|  47 ++-
 NEWS   |   7 ++-
 README |   2 +-
 crypto/bn/asm/rsaz-avx2.pl |  15 +++
 crypto/opensslv.h  |   6 +--
 openssl.spec   |   2 +-
 ssl/Makefile   |   3 +-
 ssl/fatalerrtest.c | 109 +
 ssl/ssl.h  |   2 +-
 test/Makefile  |  35 +--
 util/mk1mf.pl  |   2 +-
 11 files changed, 208 insertions(+), 22 deletions(-)
 create mode 100644 ssl/fatalerrtest.c

diff --git a/CHANGES b/CHANGES
index 7a2e91b..83ec14e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,10 +7,55 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
- Changes between 1.0.2m and 1.0.2n [xx XXX ]
+ Changes between 1.0.2n and 1.0.2o [xx XXX ]
 
   *)
 
+ Changes between 1.0.2m and 1.0.2n [7 Dec 2017]
+
+  *) Read/write after SSL object in error state
+
+ OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
+ mechanism. The intent was that if a fatal error occurred during a 
handshake
+ then OpenSSL would move into the error state and would immediately fail if
+ you attempted to continue the handshake. This works as designed for the
+ explicit handshake functions (SSL_do_handshake(), SSL_accept() and
+ SSL_connect()), however due to a bug it does not work correctly if
+ SSL_read() or SSL_write() is called directly. In that scenario, if the
+ handshake fails then a fatal error will be returned in the initial 
function
+ call. If SSL_read

[openssl-commits] [openssl] OpenSSL_1_0_2n create

[Matt Caswell]

The annotated tag OpenSSL_1_0_2n has been created
at  0b21fac95288bf3928b0e4940392b67353d99ec0 (tag)
   tagging  e5bba24cd8bb3e5127a578b85c6edf013a38ea6d (commit)
  replaces  OpenSSL_1_0_2m
 tagged by  Matt Caswell
on  Thu Dec 7 13:19:36 2017 +

- Log -
OpenSSL 1.0.2n release tag
-BEGIN PGP SIGNATURE-

iQEuBAABCAAYBQJaKT/oERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESRp/0H
/3RhU4q8lZimFuIYSjMG1AaWMUjLZYqFQcb7B4Pk1H7VvReUnQdW3dztjsZC0x57
wR1KSJSbpA4LtTrnUqH6I9uCILwkZBPTUyiY1zmFCxBW4DuqTzq4TozMdHN/nTNj
31Fwdg/vpvrUNlaLzfaBC/58rhGXb+9Fq7HNWkCdyxLEV2VsoxpDRfDQFC8IT4YM
bCqoZwgCMry2LmQEpKtOdPjDcTskE/tzLIt5QWowBYPBFTGX+yuPnn69oKkpTJPv
4V4qVHwdQ70URbLCdnZU3dycJV3Z7U6C1q64fg+GIBiMtx5ESNkJ1Nj526Fqeh1u
Pwdua9ihTqD6f9EuHBZDtU4=
=0uG/
-END PGP SIGNATURE-

Andy Polyakov (5):
  {aes-armv4|bsaes-armv7|sha256-armv4}.pl: make it work with binutils-2.29
  util/copy.pl: work around glob quirk in some of earlier 5.1x Perl 
versions.
  Resolve warnings in VC-WIN32 build, which allows to add /WX.
  Configure: add back /WX to VC-WIN32.
  bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Bernd Edlinger (1):
  Fix error handling in heartbeat processing

FdaSilvaYY (2):
  Fix possible leaks on sk_X509_EXTENSION_push() failure ...
  Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate

Kurt Roeckx (1):
  Fix no-ssl3-method build

Long Qin (1):
  lhash.c: Replace Unicode EN DASH with the ASCII char '-'.

Matt Caswell (7):
  Prepare for 1.0.2n-dev
  Don't error with -1 for BIGNUM exp operations
  Don't allow read/write after fatal error
  Add a test for CVE-2017-3737
  Fix linking of fatalerrtest in VisualStudio
  Update CHANGES and NEWS for the new release
  Prepare for 1.0.2n release

MerQGh (1):
  Update eng_fat.c

Pavel Kopyl (2):
  Check return value of OBJ_nid2obj in dsa_pub_encode.
  Add error handling in dsa_main and ASN1_i2d_bio.

Rich Salz (1):
  Fix an endless loop in rsa_builtin_keygen.

Richard Levitte (3):
  VMS: make an alias for a long symbol (> 31 chars)
  ssltest.c: cb_ticket2 appears to not return a value when it "should"
  Don't use SSLv3_client_method internally with no-ssl3

---
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [web] master update

[Matt Caswell]

The branch master has been updated
   via  0a4c853aded41a16c9b7029406ec1e82dbb6079a (commit)
  from  63ef2bb8b25bfe47b73d85db8f9c4940fa965374 (commit)


- Log -
commit 0a4c853aded41a16c9b7029406ec1e82dbb6079a
Author: Matt Caswell 
Date:   Thu Dec 7 13:42:20 2017 +

Updates for the new release

---

Summary of changes:
 news/newsflash.txt   |  2 ++
 news/secadv/20171207.txt | 84 +++
 news/vulnerabilities.xml | 93 
 3 files changed, 179 insertions(+)
 create mode 100644 news/secadv/20171207.txt

diff --git a/news/newsflash.txt b/news/newsflash.txt
index aa7a53d..4bb3ed9 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -4,6 +4,8 @@
 # Format is two fields, colon-separated; the first line is the column
 # headings.  URL paths must all be absolute.
 Date: Item
+07-Dec-2017: Security Advisory: one 
security fix
+07-Dec-2017: OpenSSL 1.0.2n is now available, including bug and security fixes
 02-Nov-2017: Security Advisory: 
Internal carry bug on X86_64
 02-Nov-2017: OpenSSL 1.1.0g is now available, including bug and security fixes
 02-Nov-2017: OpenSSL 1.0.2m is now available, including bug and security fixes
diff --git a/news/secadv/20171207.txt b/news/secadv/20171207.txt
new file mode 100644
index 000..c5370f4
--- /dev/null
+++ b/news/secadv/20171207.txt
@@ -0,0 +1,84 @@
+
+OpenSSL Security Advisory [07 Dec 2017]
+
+
+Read/write after SSL object in error state (CVE-2017-3737)
+==
+
+Severity: Moderate
+
+OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
+mechanism. The intent was that if a fatal error occurred during a handshake 
then
+OpenSSL would move into the error state and would immediately fail if you
+attempted to continue the handshake. This works as designed for the explicit
+handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),
+however due to a bug it does not work correctly if SSL_read() or SSL_write() is
+called directly. In that scenario, if the handshake fails then a fatal error
+will be returned in the initial function call. If SSL_read()/SSL_write() is
+subsequently called by the application for the same SSL object then it will
+succeed and the data is passed without being decrypted/encrypted directly from
+the SSL/TLS record layer.
+
+In order to exploit this issue an application bug would have to be present that
+resulted in a call to SSL_read()/SSL_write() being issued after having already
+received a fatal error.
+
+This issue does not affect OpenSSL 1.1.0.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2n
+
+This issue was reported to OpenSSL on 10th November 2017 by David Benjamin
+(Google). The fix was proposed by David Benjamin and implemented by Matt 
Caswell
+of the OpenSSL development team.
+
+rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
+=
+
+Severity: Low
+
+There is an overflow bug in the AVX2 Montgomery multiplication procedure
+used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
+Analysis suggests that attacks against RSA and DSA as a result of this defect
+would be very difficult to perform and are not believed likely. Attacks
+against DH1024 are considered just feasible, because most of the work
+necessary to deduce information about a private key may be performed offline.
+The amount of resources required for such an attack would be significant.
+However, for an attack on TLS to be meaningful, the server would have to share
+the DH1024 private key among multiple clients, which is no longer an option
+since CVE-2016-0701.
+
+This only affects processors that support the AVX2 but not ADX extensions
+like Intel Haswell (4th generation).
+
+Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732
+and CVE-2015-3193.
+
+Due to the low severity of this issue we are not issuing a new release of
+OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it
+becomes available. The fix is also available in commit e502cc86d in the OpenSSL
+git repository.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2n
+
+This issue was reported to OpenSSL on 22nd November 2017 by David Benjamin
+(Google). The issue was originally found via the OSS-Fuzz project. The fix was
+developed by Andy Polyakov of the OpenSSL development team.
+
+Note
+
+
+Support for version 1.0.1 ended on 31st December 2016. Support for versions
+0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
+receiving security updates.
+
+References
+==
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv/20171207.txt
+
+Note: the online version of the advis

[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION_push() f

[openssl-commits] Broken: openssl/openssl#15076 (OpenSSL_1_1_0-stable - 4749aba)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15076
Status: Broken

Duration: 19 minutes and 6 seconds
Commit: 4749aba (OpenSSL_1_1_0-stable)
Author: Matt Caswell
Message: Update CHANGES and NEWS for the new release

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/6fca9feeffc1...4749aba5a24a

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/312965222?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_1

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_1

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION_push()

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION_push()

[openssl-commits] Broken: openssl/openssl#15075 (master - f47270e)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15075
Status: Broken

Duration: 31 minutes and 24 seconds
Commit: f47270e (master)
Author: Matt Caswell
Message: Update CHANGES and NEWS for new release

Reviewed-by: Rich Salz 

View the changeset: 
https://github.com/openssl/openssl/compare/e1dd8fa00a1e...f47270e10b7e

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/312965069?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Broken: openssl/openssl#15077 (OpenSSL_1_0_2-stable - ebe1830)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15077
Status: Broken

Duration: 10 minutes and 46 seconds
Commit: ebe1830 (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Prepare for 1.0.2o-dev

Reviewed-by: Andy Polyakov 

View the changeset: 
https://github.com/openssl/openssl/compare/7ed680c21957...ebe183023289

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/312965470?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Failed: openssl/openssl#15078 (OpenSSL_1_0_2n - e5bba24)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15078
Status: Failed

Duration: 8 minutes and 52 seconds
Commit: e5bba24 (OpenSSL_1_0_2n)
Author: Matt Caswell
Message: Prepare for 1.0.2n release

Reviewed-by: Andy Polyakov 

View the changeset: https://github.com/openssl/openssl/compare/OpenSSL_1_0_2n

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/312965668?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_1-method

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_1-method

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION

[openssl-commits] Build failed in Jenkins: master_noec #303

[osslsanity]

See 


Changes:

[matt] bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

[matt] test/bntest.c: add rsaz_1024_mul_avx2 regression test.

[matt] Add a test for CVE-2017-3737

[matt] Update CHANGES and NEWS for new release

--
[...truncated 866.05 KB...]
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:-test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  }"; LIBPATH=`for x in 
$LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo 
$LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH 
${LDCMD} ${LDFLAGS} -o ${APPNAME:=test/crltest} test/crltest.o ${LIBDEPS}; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=test/crltest} test/crltest.o ${LIBDEPS} )
LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall 
-O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack -o test/crltest test/crltest.o 
test/libtestutil.a -L. -lcrypto -ldl
make[2]: Leaving directory 
`
gcc  -Icrypto/include -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  -MMD -MF 
test/ct_test.d.tmp -MT test/ct_test.o -c -o test/ct_test.o test/ct_test.c
rm -f test/ct_test
make -f ./Makefile.shared -e \
PERL="/usr/bin/perl" SRCDIR=. \
APPNAME=test/ct_test OBJECTS="test/ct_test.o" \
LIBDEPS=' '" test/libtestutil.a -L. -lcrypto"' -ldl ' \
CC='gcc' CFLAGS='-DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack ' \
LDFLAGS='' \
link_app.
make[2]: Entering directory 
`
( :; LIBDEPS="${LIBDEPS:-test/libtestutil.a -L. -lcrypto -ldl }"; 
LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG 
-DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
-DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" 
-Wall -O3 -pthread -m64 -DL_ENDIAN  -Wa,--noexecstack  }"; LIBPATH=`for x in 
$LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo 
$LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH 
${LDCMD} ${LDFLAGS} -o ${APPNAME:=test/ct_test} test/ct_test.o ${LIBDEPS}; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=test/ct_test} test/ct_test.o ${LIBDEPS} )
LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
-DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM 
-DGHASH_A

[openssl-commits] FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method

Commit log since last time:

e1dd8fa Fix the check_fatal macro
2894e9c Fix bug in TLSv1.3 PSK processing
723a7c5 apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
4086607 Add link for more SECLEVEL info
0759f93 Fix minor typo in comment in rsa_st
b35bb37 Update eng_fat.c
603ebe0 modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
aa7bf31 modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
9ee020f modes/asm/ghashv8-armx.pl: modulo-schedule loop.
7ff2fa4 modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
a00cceb key_A and key_B had 3 references, only 2 were freed.
546fda2 apps/speed.c: use 32 byte key material as default
64daf14 apps/speed.c: add -seconds and -bytes options
dd5a427 Fix some formatting nits
e7d961e Remove spurious whitespace
8e7677a Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
8e02e73 Fix the Boring tests following the SSLfatal() changes
29bfd5b Add some more cleanups
f9f674e Assert that SSLfatal() only gets called once
47e2ee0 Add some sanity checks for the fatal error condition
635c8f7 Fix up a few places in the state machine that got missed with SSLfatal()
d273b60 Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
d4d2f3a Convert more functions in ssl/statem/statem.c to use SSLfatal()
3ec8d11 Convert remaining functions in statem_srvr.c to use SSLfatal()
a2c2e00 Convert remaining functions in statem_clnt.c to use SSLfatal()
f63a17d Convert the state machine code to use SSLfatal()
4752c5d Replace some usage of SSLerr with SSLfatal()
1f35947 Provide an SSLfatal() macro
1e2804f Adjusted Argument Indices CLA: trivial
822b5e2 Make possible variant SONAMEs and symbol versions
a4cefc8 Add "friendly name" extractor
e670e90 Add sk_new_reserve support
e1c7871 Use ChaCha only if prioritized by clnt
92b1b9a A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG 
enabled.
3f6a831 Fix chacha-armv4.pl with clang -fno-integrated-as.
3bded9c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
0122add rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
83ccead Fix lshift tests
7bbb005 Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
881dfed Fix SSL_state_string() and SSL_state_string_long()
b7af3f1 Test support for time_t comparisons.
92738d7 use size_t tests instead of int ones
378db52 Check for malloc failure
8a8d9e1 Fix SOURCE_DATE_EPOCH bug; use UTC
47c9926 chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
a8f302e poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
10a3195 Pretty-print large INTEGERs and ENUMERATEDs in hex.
d807db2 Create a prototype for OPENSSL_rdtsc
9279364 Fix EVP_MD_meth_new.pod
51e47d5 Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
e44480c rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
88ac224 crypto/x86_64cpuid.pl: fix AVX512 capability masking.
6df3409 Add SM3/SM4 to openssl command-line tool
f106f40 Avoid unnecessary MSYS2 conversion of some arguments
281bf23 If a server is not acknowledging SNI then don't reject early_data
3b58735 Provide a more information early_data message in s_server
bfab12b Allow a client to send early_data with SNI if the session has no SNI
b510b74 Ignore the session when setting SNI in s_client
665d899 Support multi-prime RSA (RFC 8017)
b000470 Support public key and param check in EVP interface
5d99881 Iron out /WX errors in VC-WIN32.
c1ec4db bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
899e62d Fix AppVeyor/VC build failure
a78324d bn/bn_add.c: address performance regression.
8e4ec5b Modify expected output of a CRL to match the changed printout
be63fc1 Add padding spaces before printing signature algorithm for CRLs output
d1453d6 Modify expected output of a certificate to match the changed printout
e6cccb5 Add padding spaces before printing algo.
4ff71d6 Revert "Add padding spaces before printing algo."
26a374a Add padding spaces before printing algo.
4483fba Factorise duplicated code.
1a78a33 remove magic number
7533162 ARMv8 assembly pack: add Qualcomm Kryo results.
0d2394a Configurations/10-main.conf: add back /WX to VC-WIN32.
3a63c0e Resolve warnings in VC-WIN32 build, which allows to add /WX.
802127e ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add 
/WX.
b4c0e4d evp/pbe_scrypt.c: add boundary condition for implicit cast.
3724631 asn1/a_strex.c: fix flags truncation in do_esc_char.
b741fcd Fix typo that cause find-doc-nits failure
f1d3de7 make update
27da134 Add OCSP API test executable
ce5886d Add an API to get the signer of an OCSP response
47c0702 Typo fix
46f4e1b Many spelling fixes/typo's corrected.
b4d0fa4 lhash.c: Replace Unicode EN DASH with the ASCII char '-'.
1687aa7 Fix possible leaks on sk_X509_EXTENSION

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  e84282cbdafe0b4e49742106974ff8ee28087875 (commit)
  from  f47270e10b7ec18e5719bb2260a7d6460af387ac (commit)


- Log -
commit e84282cbdafe0b4e49742106974ff8ee28087875
Author: Matt Caswell 
Date:   Thu Dec 7 14:35:30 2017 +

Fix the buffer sizing in the fatalerrtest

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4867)

---

Summary of changes:
 test/fatalerrtest.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/fatalerrtest.c b/test/fatalerrtest.c
index fe2071f..2335735 100644
--- a/test/fatalerrtest.c
+++ b/test/fatalerrtest.c
@@ -59,7 +59,7 @@ static int test_fatalerr(void)
 goto err;
 
 /* SSL_read()/SSL_write should fail because of a previous fatal error */
-if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf - 1)), 0)) {
+if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf) - 1), 0)) {
 buf[len] = '\0';
 TEST_error("Unexpected success reading data: %s\n", buf);
 goto err;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

[Rich Salz]

The branch OpenSSL_1_1_0-stable has been updated
   via  64b5b5bd7cfdef1f1204fa305e9d685de8bf5b7f (commit)
  from  4749aba5a24a646cc1e84b1e4d21e6f52399da33 (commit)


- Log -
commit 64b5b5bd7cfdef1f1204fa305e9d685de8bf5b7f
Author: Matt Caswell 
Date:   Thu Dec 7 14:35:30 2017 +

Fix the buffer sizing in the fatalerrtest

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4868)

---

Summary of changes:
 test/fatalerrtest.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/fatalerrtest.c b/test/fatalerrtest.c
index 4a58839..690d7e2 100644
--- a/test/fatalerrtest.c
+++ b/test/fatalerrtest.c
@@ -69,7 +69,7 @@ static int test_fatalerr(void)
 }
 
 /* SSL_read()/SSL_write should fail because of a previous fatal error */
-if ((len = SSL_read(sssl, buf, sizeof(buf - 1))) > 0) {
+if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) {
 buf[len] = '\0';
 printf("Unexpected success reading data: %s\n", buf);
 goto err;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Rich Salz]

The branch OpenSSL_1_0_2-stable has been updated
   via  6957d91f0eed10859dff26311592b326a07a1d73 (commit)
   via  236e3731bb3392f62370fe87a6eb76aa993c712c (commit)
  from  ebe183023289938a05a982f80be45c3e80ec030a (commit)


- Log -
commit 6957d91f0eed10859dff26311592b326a07a1d73
Author: Matt Caswell 
Date:   Thu Dec 7 14:41:21 2017 +

Fix the buffer sizing in the fatalerrtest

Fixes #4865

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4866)

commit 236e3731bb3392f62370fe87a6eb76aa993c712c
Author: Matt Caswell 
Date:   Thu Dec 7 14:40:49 2017 +

Fix initialisation in fatalerrtest

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4866)

---

Summary of changes:
 ssl/fatalerrtest.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c
index 0288c33..f9d66e2 100644
--- a/ssl/fatalerrtest.c
+++ b/ssl/fatalerrtest.c
@@ -13,8 +13,8 @@
 
 int main(int argc, char *argv[])
 {
-SSL_CTX *sctx, *cctx;
-SSL *sssl, *cssl;
+SSL_CTX *sctx = NULL, *cctx = NULL;
+SSL *sssl = NULL, *cssl = NULL;
 const char *msg = "Dummy";
 BIO *err = NULL, *wbio = NULL;
 int ret = 1, len;
@@ -76,7 +76,7 @@ int main(int argc, char *argv[])
 }
 
 /* SSL_read()/SSL_write should fail because of a previous fatal error */
-if ((len = SSL_read(sssl, buf, sizeof(buf - 1))) > 0) {
+if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) {
 buf[len] = '\0';
 printf("Unexpected success reading data: %s\n", buf);
 goto err;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Fixed: openssl/openssl#15089 (OpenSSL_1_1_0-stable - 64b5b5b)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15089
Status: Fixed

Duration: 17 minutes and 8 seconds
Commit: 64b5b5b (OpenSSL_1_1_0-stable)
Author: Matt Caswell
Message: Fix the buffer sizing in the fatalerrtest

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4868)

View the changeset: 
https://github.com/openssl/openssl/compare/4749aba5a24a...64b5b5bd7cfd

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/313190576?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Fixed: openssl/openssl#15090 (OpenSSL_1_0_2-stable - 6957d91)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15090
Status: Fixed

Duration: 8 minutes and 25 seconds
Commit: 6957d91 (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Fix the buffer sizing in the fatalerrtest

Fixes #4865

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4866)

View the changeset: 
https://github.com/openssl/openssl/compare/ebe183023289...6957d91f0eed

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/313191129?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Fixed: openssl/openssl#15088 (master - e84282c)

[Travis CI]

Build Update for openssl/openssl
-

Build: #15088
Status: Fixed

Duration: 34 minutes and 21 seconds
Commit: e84282c (master)
Author: Matt Caswell
Message: Fix the buffer sizing in the fatalerrtest

Reviewed-by: Rich Salz 
(Merged from https://github.com/openssl/openssl/pull/4867)

View the changeset: 
https://github.com/openssl/openssl/compare/f47270e10b7e...e84282cbdafe

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/313189710?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
   via  e7a206694451be19432d079691610994473f53b7 (commit)
   via  99aeeecb9f59ab6d6cdb13ed07a30c11e89a32e7 (commit)
   via  a064c6158e2deb706a09dd8ca95523c97ecbfb2d (commit)
   via  17f1661724480b720f718d455b997b5fa52be424 (commit)
   via  1786733e51d1aa9fc0ef70a20fef148bf78694d6 (commit)
   via  89bea0830de908c6713166ff376ab767b91a2dfd (commit)
   via  7ecdf18d80cba14ad1afa6c0d18574d2ad2929c3 (commit)
  from  e84282cbdafe0b4e49742106974ff8ee28087875 (commit)


- Log -
commit e7a206694451be19432d079691610994473f53b7
Author: Richard Levitte 
Date:   Thu Nov 30 21:48:04 2017 +0100

Document how the configuration option 'reconf' works

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit 99aeeecb9f59ab6d6cdb13ed07a30c11e89a32e7
Author: Richard Levitte 
Date:   Thu Nov 30 21:46:53 2017 +0100

Configure: die if there are other arguments with 'reconf'

It's better to inform the user about this than silently ignoring
something that the user might expect to work, somehow.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit a064c6158e2deb706a09dd8ca95523c97ecbfb2d
Author: Richard Levitte 
Date:   Thu Nov 30 08:20:02 2017 +0100

Make sure ./config passes options to ./Configure correctly

This is, even when they contain spaces or all kinds of funny quotes

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit 17f1661724480b720f718d455b997b5fa52be424
Author: Richard Levitte 
Date:   Wed Nov 29 17:41:10 2017 +0100

Have all relevant config targets use the env() function rather than $ENV

This way, any of the relevant environment variables for the platform
being configured are preserved and don't have to be recalled manually
when reconfiguring.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit 1786733e51d1aa9fc0ef70a20fef148bf78694d6
Author: Richard Levitte 
Date:   Wed Nov 29 13:23:07 2017 +0100

Document the possibility for command line argument env assignments

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit 89bea0830de908c6713166ff376ab767b91a2dfd
Author: Richard Levitte 
Date:   Wed Nov 29 13:16:53 2017 +0100

Make it possible to add env var assignments as Configure options

In other words, make the following possible:

./config CC=clang

or

./Configure CC=clang linux-x86_64

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

commit 7ecdf18d80cba14ad1afa6c0d18574d2ad2929c3
Author: Richard Levitte 
Date:   Wed Nov 29 13:09:01 2017 +0100

Save away the environment variables we rely on

There are cases when we overwrite %ENV values, and while this is
perfectly fine on some platforms, it isn't on others, because the
Configure script isn't necessarely run in a separate process, and
thus, changing %ENV may very well change the environment of the
calling shell.  VMS is such a platform.

Furthermore, saving away values that we use also allow us to save them
in configdata.pm in an effective way, and recall those values just as
effectively when reconfiguring.  Also, this makes sure that we do use
the saved away values when reconfiguring, when the actual environment
variables might otherwise affect us.

Reviewed-by: Andy Polyakov 
(Merged from https://github.com/openssl/openssl/pull/4818)

---

Summary of changes:
 CHANGES |  4 +++
 Configurations/10-main.conf | 38 ++--
 Configure   | 86 +
 INSTALL | 24 +
 config  |  7 ++--
 5 files changed, 108 insertions(+), 51 deletions(-)

diff --git a/CHANGES b/CHANGES
index cbae96d..691cbcd 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX ]
 
+  *) Make it possible to have environment variable assignments as
+ arguments to config / Configure.
+ [Richard Levitte]
+
   *) Add multi-prime RSA (RFC 8017) support.
  [Paul Yang]
 
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index f8f4bd1..28cfd30 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -53,14 +53,14 @@ my $vc_wince_info = {};
 sub vc_wince_info {
 unless (%$vc_wince_info) {
 # sanity check
-$die->('%OSVERSION% is not defined') if (!defined($ENV{'OSVERSION'}));
-$die->('%PLATFORM% is not defined')  if (!defined($ENV{'PLATFORM'}));
-$die->('%TARGETCPU% is no

[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-chacha

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-chacha

Commit log since last time:

e84282c Fix the buffer sizing in the fatalerrtest
f47270e Update CHANGES and NEWS for new release
97652f0 Add a test for CVE-2017-3737
77d7599 test/bntest.c: add rsaz_1024_mul_avx2 regression test.
5630661 bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Build log ended with (last 100 lines):

../../openssl/test/recipes/25-test_x509.t . ok
../../openssl/test/recipes/30-test_afalg.t  ok
../../openssl/test/recipes/30-test_engine.t ... ok
../../openssl/test/recipes/30-test_evp.t .. ok
../../openssl/test/recipes/30-test_evp_extra.t  ok
../../openssl/test/recipes/30-test_pbelu.t  ok
../../openssl/test/recipes/30-test_pkey_meth.t  ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t  ok
../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  skipped: 
test_key_share needs TLS1.3 enabled
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  ok
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  ok
../../openssl/test/recipes/70-test_sslcertstatus.t  ok
../../openssl/test/recipes/70-test_sslextension.t . ok
../../openssl/test/recipes/70-test_sslmessages.t .. ok
../../openssl/test/recipes/70-test_sslrecords.t ... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: 
test_tls13cookie needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t . skipped: 
test_tls13hrr needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t  skipped: 
test_tls13kexmodes needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13messages.t  skipped: 
test_tls13messages needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13psk.t . skipped: 
test_tls13psk needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tlsextms.t . ok
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t . ok
../../openssl/test/recipes/80-test_dtls_mtu.t . ok
../../openssl/test/recipes/80-test_dtlsv1listen.t . ok
../../openssl/test/recipes/80-test_ocsp.t . ok
../../openssl/test/recipes/80-test_pkcs12.t ... ok
../../openssl/test/recipes/80-test_ssl_new.t .. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/25 subtests 
../../openssl/test/recipes/80-test_ssl_old.t .. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok
../../openssl/test/recipes/80-test_sslcorrupt.t ... ok
../../openssl/test/recipes/80-test_tsa.t .. ok
../../openssl/test/recipes/80-te

[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
   via  cbe2964821bb063f61ed2544cfce196ec1c0d62b (commit)
  from  e7a206694451be19432d079691610994473f53b7 (commit)


- Log -
commit cbe2964821bb063f61ed2544cfce196ec1c0d62b
Author: Rich Salz 
Date:   Thu Dec 7 13:39:34 2017 -0500

Consistent formatting for sizeof(foo)

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/4872)

---

Summary of changes:
 apps/apps.c   |  48 
 apps/ciphers.c|   2 +-
 apps/dhparam.c|   4 +-
 apps/dsaparam.c   |   6 +-
 apps/ecparam.c|  12 ++--
 apps/enc.c|  18 +++---
 apps/errstr.c |   2 +-
 apps/ocsp.c   |   4 +-
 apps/openssl.c|   2 +-
 apps/opt.c|  18 +++---
 apps/passwd.c |  42 +++---
 apps/pkcs12.c |  12 ++--
 apps/pkcs8.c  |   4 +-
 apps/rand.c   |   2 +-
 apps/req.c|   4 +-
 apps/s_server.c   |   6 +-
 apps/speed.c  |   4 +-
 apps/vms_term_sock.c  |  12 ++--
 crypto/asn1/a_object.c|   4 +-
 crypto/asn1/a_strex.c |   8 +--
 crypto/asn1/tasn_prn.c|   2 +-
 crypto/async/async.c  |   6 +-
 crypto/async/async_wait.c |   2 +-
 crypto/bio/b_addr.c   |   2 +-
 crypto/bio/b_print.c  |   4 +-
 crypto/des/fcrypt.c   |   2 +-
 crypto/des/set_key.c  |   2 +-
 crypto/ec/ec_mult.c   |  12 ++--
 crypto/ec/ecp_nistp224.c  |   6 +-
 crypto/ec/ecp_nistp256.c  |   6 +-
 crypto/ec/ecp_nistp521.c  |   6 +-
 crypto/ec/ecp_smpl.c  |   2 +-
 crypto/err/err_prn.c  |   2 +-
 crypto/evp/evp_enc.c  |   6 +-
 crypto/evp/p5_crpt2.c |   2 +-
 crypto/init.c |   2 +-
 crypto/mem_sec.c  |   6 +-
 crypto/rsa/rsa_pss.c  |   4 +-
 crypto/x509/t_x509.c  |   4 +-
 crypto/x509v3/v3_admis.c  |   2 +-
 crypto/x509v3/v3_info.c   |   2 +-
 ssl/record/rec_layer_d1.c |   2 +-
 ssl/record/rec_layer_s3.c |   6 +-
 ssl/s3_lib.c  |   4 +-
 ssl/ssl_cert.c|   6 +-
 ssl/ssl_lib.c |   6 +-
 ssl/ssl_sess.c|   6 +-
 ssl/statem/statem_clnt.c  |   2 +-
 test/bftest.c |   2 +-
 test/d2i_test.c   |   2 +-
 test/ectest.c |  12 ++--
 test/igetest.c| 138 +++---
 test/sanitytest.c |   2 +-
 test/ssltest_old.c|  22 
 54 files changed, 253 insertions(+), 253 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index fd81567..3040566 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1425,9 +1425,9 @@ int save_serial(const char *serialfile, const char 
*suffix, const BIGNUM *serial
 OPENSSL_strlcpy(buf[0], serialfile, BSIZE);
 else {
 #ifndef OPENSSL_SYS_VMS
-j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
+j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix);
 #else
-j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
+j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix);
 #endif
 }
 out = BIO_new_file(buf[0], "w");
@@ -1468,11 +1468,11 @@ int rotate_serial(const char *serialfile, const char 
*new_suffix,
 goto err;
 }
 #ifndef OPENSSL_SYS_VMS
-j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
-j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
+j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
+j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
 #else
-j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
-j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
+j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix);
+j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", serialfile, old_suffix);
 #endif
 if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
 #ifdef ENOTDIR
@@ -1537,9 +1537,9 @@ CA_DB *load_index(const char *dbfile, DB_ATTR *db_attr)
 goto err;
 
 #ifndef OPENSSL_SYS_VMS
-BIO_snprintf(buf, sizeof buf, "%s.attr", dbfile);
+BIO_snprintf(buf, sizeof(buf), "%s.attr", dbfile);
 #else
-BIO_snprintf(buf, sizeof buf, "%s-attr", dbfile);
+BIO_snprintf(buf, sizeof(buf), "%s-attr", dbfile);
 #endif
 dbattr_conf = app_load_config(buf);
 
@@ -1600,13 +1600,13 @@ int save_index(const char *dbfile, const char *suffix, 
CA_DB *db)
 goto err;
 }
 #ifndef OPENSSL_SYS_VMS
-j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
-j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
-j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
+j = BIO_snprintf(bu

[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ec

Commit log since last time:

e84282c Fix the buffer sizing in the fatalerrtest
f47270e Update CHANGES and NEWS for new release
97652f0 Add a test for CVE-2017-3737
77d7599 test/bntest.c: add rsaz_1024_mul_avx2 regression test.
5630661 bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

Build log ended with (last 100 lines):

/usr/bin/perl ../openssl/test/generate_buildtest.pl opensslv > 
test/buildtest_opensslv.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ossl_typ > 
test/buildtest_ossl_typ.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pem > test/buildtest_pem.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pem2 > test/buildtest_pem2.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pemerr > 
test/buildtest_pemerr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pkcs12 > 
test/buildtest_pkcs12.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pkcs12err > 
test/buildtest_pkcs12err.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pkcs7 > 
test/buildtest_pkcs7.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl pkcs7err > 
test/buildtest_pkcs7err.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl rand > test/buildtest_rand.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl randerr > 
test/buildtest_randerr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl rc2 > test/buildtest_rc2.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl rc4 > test/buildtest_rc4.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ripemd > 
test/buildtest_ripemd.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl rsa > test/buildtest_rsa.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl rsaerr > 
test/buildtest_rsaerr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl safestack > 
test/buildtest_safestack.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl seed > test/buildtest_seed.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl sha > test/buildtest_sha.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl srp > test/buildtest_srp.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl srtp > test/buildtest_srtp.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ssl > test/buildtest_ssl.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ssl2 > test/buildtest_ssl2.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl sslerr > 
test/buildtest_sslerr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl stack > 
test/buildtest_stack.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl store > 
test/buildtest_store.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl storeerr > 
test/buildtest_storeerr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl symhacks > 
test/buildtest_symhacks.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl tls1 > test/buildtest_tls1.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ts > test/buildtest_ts.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl tserr > 
test/buildtest_tserr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl txt_db > 
test/buildtest_txt_db.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl ui > test/buildtest_ui.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl uierr > 
test/buildtest_uierr.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl whrlpool > 
test/buildtest_whrlpool.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl x509 > test/buildtest_x509.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl x509_vfy > 
test/buildtest_x509_vfy.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl x509err > 
test/buildtest_x509err.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl x509v3 > 
test/buildtest_x509v3.c
/usr/bin/perl ../openssl/test/generate_buildtest.pl x509v3err > 
test/buildtest_x509v3err.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -DDSO_DLFCN 
-DHAVE_DLFCN_H -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC 
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM 
-DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM 
-DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" 
-DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wall -O0 -g -pthread -m64 
-DL_ENDIAN -Wextra  -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic 
-Wno-long-long -Wall -Wextra -Wno-unused-parameter 
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wmissing-prototypes 
-Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wswitch-default 
-Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof 
-Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers 
-Wmissing-variable-declarations -Wno-unknown-warning-option  -MMD -MF 
test/casttest.d.tm
 p -MT test/casttest.o -c -o test/casttest.o ../openss

[openssl-commits] Build failed in Jenkins: master_aarch64 #233

[osslsanity]

See 


Changes:

[matt] bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.

[matt] test/bntest.c: add rsaz_1024_mul_avx2 regression test.

[matt] Add a test for CVE-2017-3737

[matt] Update CHANGES and NEWS for new release

[matt] Fix the buffer sizing in the fatalerrtest

[levitte] Save away the environment variables we rely on

[levitte] Make it possible to add env var assignments as Configure options

[levitte] Document the possibility for command line argument env assignments

[levitte] Have all relevant config targets use the env() function rather than 
$ENV

[levitte] Make sure ./config passes options to ./Configure correctly

[levitte] Configure: die if there are other arguments with 'reconf'

[levitte] Document how the configuration option 'reconf' works

[rsalz] Consistent formatting for sizeof(foo)

--
Started by upstream project "1_0_2_basic" build number 238
originally caused by:
 Started by timer
Building in workspace 

 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/openssl/openssl.git # 
 > timeout=10
Fetching upstream changes from https://github.com/openssl/openssl.git
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/openssl/openssl.git 
 > +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision cbe2964821bb063f61ed2544cfce196ec1c0d62b 
(refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f cbe2964821bb063f61ed2544cfce196ec1c0d62b
 > git rev-list e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451 # timeout=10
[master_aarch64] $ /bin/sh -xe /tmp/jenkins4048542029906649164.sh
+ export 
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/usr/local/buildroot-2017.02/output/host/usr/bin/
+ export CROSS_COMPILE=aarch64-linux-
+ ./Configure linux-aarch64
Using implicit seed configuration
Configuring OpenSSL version 1.1.1-dev (0x10101000L)
for linux-aarch64
no-aria [default]  OPENSSL_NO_ARIA (skip dir)
no-asan [default]  OPENSSL_NO_ASAN
no-crypto-mdebug [default]  OPENSSL_NO_CRYPTO_MDEBUG
no-crypto-mdebug-backtrace [default]  OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
no-devcryptoeng [default]  OPENSSL_NO_DEVCRYPTOENG
no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128
no-egd  [default]  OPENSSL_NO_EGD
no-external-tests [default]  OPENSSL_NO_EXTERNAL_TESTS
no-fuzz-afl [default]  OPENSSL_NO_FUZZ_AFL
no-fuzz-libfuzzer [default]  OPENSSL_NO_FUZZ_LIBFUZZER
no-heartbeats   [default]  OPENSSL_NO_HEARTBEATS
no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
no-msan [default]  OPENSSL_NO_MSAN
no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
no-sctp [default]  OPENSSL_NO_SCTP
no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE
no-ssl3 [default]  OPENSSL_NO_SSL3
no-ssl3-method  [default]  OPENSSL_NO_SSL3_METHOD
no-tls13downgrade [default]  OPENSSL_NO_TLS13DOWNGRADE
no-tls1_3   [default]  OPENSSL_NO_TLS1_3
no-ubsan[default]  OPENSSL_NO_UBSAN
no-unit-test[default]  OPENSSL_NO_UNIT_TEST
no-weak-ssl-ciphers [default]  OPENSSL_NO_WEAK_SSL_CIPHERS
no-zlib [default] 
no-zlib-dynamic [default] 

PERL  =/usr/bin/perl
PERLVERSION   =5.18.2 for x86_64-linux-gnu-thread-multi
HASHBANGPERL  =/usr/bin/env perl
CC=aarch64-linux-gcc
CFLAG =-Wall -O3 -pthread 
CXX   =aarch64-linux-g++
CXXFLAG   =-Wall -O3 -pthread 
DEFINES   =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS 
OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_BN_ASM_MONT SHA1_ASM SHA256_ASM 
SHA512_ASM VPAES_ASM ECP_NISTZ256_ASM POLY1305_ASM
EX_LIBS   =-ldl 
+ make depend
+ make clean
rm -f libcrypto.so.1.1
rm -f libcrypto.so
rm -f libssl.so.1.1
rm -f libssl.so
rm -f
rm -f libcrypto.a libssl.a test/libtestutil.a
rm -f *.map
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test 
fuzz/bndiv-test fuzz/client-test fuzz/cms-test fuzz/conf-test fuzz/crl-test 
fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/afalgtest 
test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test 
test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test 
test/bftest test/bio_enc_test test/bioprinttest test/bntest test/buildtest_aes 
test/buildtest_asn1 test/buildtest_asn1err test/buildtest_asn1t 
test/buildtest_async test/buildtest_asyncerr test/buildtest_bio 
test/buildtest_bioerr test/buildtest_blowfish test/buildtest_bn 
test/buildtest_bnerr