[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 5c8b7b4caa Cleanup vxworks support to be able to compile for VxWorks 7 0b53fe1cdc Fix s_client so that it builds on Windows bcc1f3e2ba Revert "Keep the DTLS timer running after the end of the handshake if appropriate" 80c455d5ae Make sure we trigger retransmits in DTLS testing Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t
[openssl-commits] [openssl] master update
The branch master has been updated via 5c8b7b4caa0faedb69277063a7c6b3a8e56c6308 (commit) from 0b53fe1cdc24a3dce450e77db6895a0243ddcb26 (commit) - Log - commit 5c8b7b4caa0faedb69277063a7c6b3a8e56c6308 Author: Klotz, Tobias Date: Thu Dec 20 12:59:31 2018 +0100 Cleanup vxworks support to be able to compile for VxWorks 7 Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/7569) --- Summary of changes: apps/apps.c| 2 +- apps/ocsp.c| 14 ++ apps/rehash.c | 20 apps/speed.c | 6 +++--- crypto/bio/b_addr.c| 5 + crypto/rand/rand_unix.c| 21 + crypto/ui/ui_openssl.c | 6 ++ include/internal/sockets.h | 6 +- test/ssltestlib.c | 16 +--- 9 files changed, 84 insertions(+), 12 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index ed1b618..39535e9 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2192,7 +2192,7 @@ double app_tminterval(int stop, int usertime) return ret; } -#elif defined(OPENSSL_SYSTEM_VXWORKS) +#elif defined(OPENSSL_SYS_VXWORKS) # include double app_tminterval(int stop, int usertime) diff --git a/apps/ocsp.c b/apps/ocsp.c index fb0a95b..7c2a904 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -53,6 +53,20 @@ NON_EMPTY_TRANSLATION_UNIT # define LOG_ERR 2 # endif +# if defined(OPENSSL_SYS_VXWORKS) +/* not supported */ +int setpgid(pid_t pid, pid_t pgid) +{ +errno = ENOSYS; +return 0; +} +/* not supported */ +pid_t fork(void) +{ +errno = ENOSYS; +return (pid_t) -1; +} +# endif /* Maximum leeway in validity period: default 5 minutes */ # define MAX_VALIDITY_PERIOD(5 * 60) diff --git a/apps/rehash.c b/apps/rehash.c index 6a641a8..a1fc379 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -51,6 +51,26 @@ # endif # define MAX_COLLISIONS 256 +# if defined(OPENSSL_SYS_VXWORKS) +/* + * VxWorks has no symbolic links + */ + +# define lstat(path, buf) stat(path, buf) + +int symlink(const char *target, const char *linkpath) +{ +errno = ENOSYS; +return -1; +} + +ssize_t readlink(const char *pathname, char *buf, size_t bufsiz) +{ +errno = ENOSYS; +return -1; +} +# endif + typedef struct hentry_st { struct hentry_st *next; char *filename; diff --git a/apps/speed.c b/apps/speed.c index bb8836d..1125f5a 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -100,7 +100,7 @@ #include #ifndef HAVE_FORK -# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) +# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS) # define HAVE_FORK 0 # else # define HAVE_FORK 1 @@ -1522,11 +1522,11 @@ int speed_main(int argc, char **argv) {"nistp192", NID_X9_62_prime192v1, 192}, {"nistp224", NID_secp224r1, 224}, {"nistp256", NID_X9_62_prime256v1, 256}, -{"nistp384", NID_secp384r1, 384}, +{"nistp384", NID_secp384r1, 384}, {"nistp521", NID_secp521r1, 521}, /* Binary Curves */ {"nistk163", NID_sect163k1, 163}, -{"nistk233", NID_sect233k1, 233}, +{"nistk233", NID_sect233k1, 233}, {"nistk283", NID_sect283k1, 283}, {"nistk409", NID_sect409k1, 409}, {"nistk571", NID_sect571k1, 571}, diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index 1484f6a..4be74e4 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -782,7 +782,12 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, * anyway [above getaddrinfo/gai_strerror is]. We just let * system administrator figure this out... */ +# if defined(OPENSSL_SYS_VXWORKS) +/* h_errno doesn't exist on VxWorks */ +SYSerr(SYS_F_GETHOSTBYNAME, 1000 ); +# else SYSerr(SYS_F_GETHOSTBYNAME, 1000 + h_errno); +# endif #else SYSerr(SYS_F_GETHOSTBYNAME, WSAGetLastError()); #endif diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index f5b9c0c..35777ff 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -93,6 +93,27 @@ static uint64_t get_timer_bits(void); # error "UEFI and VXWorks only support seeding NONE" #endif +#if defined(OPENSSL_SYS_VXWORKS) +/* empty implementation */ +int rand_pool_init(void) +{ +return 1; +} + +void rand_pool_cleanup(void) +{ +} + +void rand_pool_keep_random_devices_open(int keep) +{ +} + +size_t rand_pool_acquire_entropy(RAND_POOL *pool) +{ +return rand_pool_entropy_available(pool); +} +#endif + #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) \ || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VXWORKS) \ ||
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via b6d41ff73392df5af9c931c902ae4cd75c5b61ea (commit) from 8e3df4012a8177b89707ebec249be417508c8c7f (commit) - Log - commit b6d41ff73392df5af9c931c902ae4cd75c5b61ea Author: Klotz, Tobias Date: Thu Dec 20 12:59:31 2018 +0100 Cleanup vxworks support to be able to compile for VxWorks 7 Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/7569) (cherry picked from commit 5c8b7b4caa0faedb69277063a7c6b3a8e56c6308) --- Summary of changes: apps/apps.c| 2 +- apps/ocsp.c| 14 ++ apps/rehash.c | 20 apps/speed.c | 6 +++--- crypto/bio/b_addr.c| 5 + crypto/rand/rand_unix.c| 21 + crypto/ui/ui_openssl.c | 6 ++ include/internal/sockets.h | 6 +- test/ssltestlib.c | 16 +--- 9 files changed, 84 insertions(+), 12 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 79171d1..0501d2b 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2196,7 +2196,7 @@ double app_tminterval(int stop, int usertime) return ret; } -#elif defined(OPENSSL_SYSTEM_VXWORKS) +#elif defined(OPENSSL_SYS_VXWORKS) # include double app_tminterval(int stop, int usertime) diff --git a/apps/ocsp.c b/apps/ocsp.c index de95b71..d38b4a1 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -53,6 +53,20 @@ NON_EMPTY_TRANSLATION_UNIT # define LOG_ERR 2 # endif +# if defined(OPENSSL_SYS_VXWORKS) +/* not supported */ +int setpgid(pid_t pid, pid_t pgid) +{ +errno = ENOSYS; +return 0; +} +/* not supported */ +pid_t fork(void) +{ +errno = ENOSYS; +return (pid_t) -1; +} +# endif /* Maximum leeway in validity period: default 5 minutes */ # define MAX_VALIDITY_PERIOD(5 * 60) diff --git a/apps/rehash.c b/apps/rehash.c index bb41d31..8c23be7 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -51,6 +51,26 @@ # endif # define MAX_COLLISIONS 256 +# if defined(OPENSSL_SYS_VXWORKS) +/* + * VxWorks has no symbolic links + */ + +# define lstat(path, buf) stat(path, buf) + +int symlink(const char *target, const char *linkpath) +{ +errno = ENOSYS; +return -1; +} + +ssize_t readlink(const char *pathname, char *buf, size_t bufsiz) +{ +errno = ENOSYS; +return -1; +} +# endif + typedef struct hentry_st { struct hentry_st *next; char *filename; diff --git a/apps/speed.c b/apps/speed.c index 40e9904..dbf50df 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -100,7 +100,7 @@ #include #ifndef HAVE_FORK -# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) +# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS) # define HAVE_FORK 0 # else # define HAVE_FORK 1 @@ -1499,11 +1499,11 @@ int speed_main(int argc, char **argv) {"nistp192", NID_X9_62_prime192v1, 192}, {"nistp224", NID_secp224r1, 224}, {"nistp256", NID_X9_62_prime256v1, 256}, -{"nistp384", NID_secp384r1, 384}, +{"nistp384", NID_secp384r1, 384}, {"nistp521", NID_secp521r1, 521}, /* Binary Curves */ {"nistk163", NID_sect163k1, 163}, -{"nistk233", NID_sect233k1, 233}, +{"nistk233", NID_sect233k1, 233}, {"nistk283", NID_sect283k1, 283}, {"nistk409", NID_sect409k1, 409}, {"nistk571", NID_sect571k1, 571}, diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index abec7bb..a2fd4c9 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -782,7 +782,12 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, * anyway [above getaddrinfo/gai_strerror is]. We just let * system administrator figure this out... */ +# if defined(OPENSSL_SYS_VXWORKS) +/* h_errno doesn't exist on VxWorks */ +SYSerr(SYS_F_GETHOSTBYNAME, 1000 ); +# else SYSerr(SYS_F_GETHOSTBYNAME, 1000 + h_errno); +# endif #else SYSerr(SYS_F_GETHOSTBYNAME, WSAGetLastError()); #endif diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 9d8ffdd..d439c71 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -93,6 +93,27 @@ static uint64_t get_timer_bits(void); # error "UEFI and VXWorks only support seeding NONE" #endif +#if defined(OPENSSL_SYS_VXWORKS) +/* empty implementation */ +int rand_pool_init(void) +{ +return 1; +} + +void rand_pool_cleanup(void) +{ +} + +void rand_pool_keep_random_devices_open(int keep) +{ +} + +size_t rand_pool_acquire_entropy(RAND_POOL *pool) +{ +return rand_pool_entropy_available(pool); +} +#endif + #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) \
[openssl-commits] [openssl] master update
The branch master has been updated via bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57 (commit) via 80c455d5ae405e855391e298a2bf8a24629dd95d (commit) from 5cae2d349b561a84dbfc93d6b6abc5fb7263fb7c (commit) - Log - commit bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57 Author: Matt Caswell Date: Fri Jan 18 12:10:07 2019 + Revert "Keep the DTLS timer running after the end of the handshake if appropriate" This commit erroneously kept the DTLS timer running after the end of the handshake. This is not correct behaviour and shold be reverted. This reverts commit f7506416b1311e65d5c440defdbcfe176f633c50. Fixes #7998 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) commit 80c455d5ae405e855391e298a2bf8a24629dd95d Author: Matt Caswell Date: Fri Jan 18 15:24:57 2019 + Make sure we trigger retransmits in DTLS testing During a DTLS handshake we may need to periodically handle timeouts in the DTLS timer to ensure retransmits due to lost packets are performed. However, one peer will always complete a handshake before the other. The DTLS timer stops once the handshake has finished so any handshake messages lost after that point will not automatically get retransmitted simply by calling DTLSv1_handle_timeout(). However attempting an SSL_read implies a DTLSv1_handle_timeout() and additionally will process records received from the peer. If those records are themselves retransmits then we know that the peer has not completed its handshake yet and a retransmit of our final flight automatically occurs. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) --- Summary of changes: ssl/record/rec_layer_d1.c | 13 - ssl/statem/statem_lib.c | 18 -- test/dtlstest.c | 14 +- test/sslapitest.c | 2 +- test/ssltestlib.c | 31 --- test/ssltestlib.h | 3 ++- 6 files changed, 36 insertions(+), 45 deletions(-) diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index c8ef0f7..a4b03ce 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -440,19 +440,6 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, && SSL3_RECORD_get_length(rr) != 0) s->rlayer.alert_count = 0; -if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE -&& SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC -&& !SSL_in_init(s) -&& (s->d1->next_timeout.tv_sec != 0 -|| s->d1->next_timeout.tv_usec != 0)) { -/* - * The timer is still running but we've received something that isn't - * handshake data - so the peer must have finished processing our - * last handshake flight. Stop the timer. - */ -dtls1_stop_timer(s); -} - /* we now have a packet which can be read and processed */ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 1a9aa41..2f78a3f 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1076,15 +1076,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) /* N.B. s->ctx may not equal s->session_ctx */ tsan_counter(>ctx->stats.sess_accept_good); s->handshake_func = ossl_statem_accept; - -if (SSL_IS_DTLS(s) && !s->hit) { -/* - * We are finishing after the client. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ -dtls1_start_timer(s); -} } else { if (SSL_IS_TLS13(s)) { /* @@ -1106,15 +1097,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) s->handshake_func = ossl_statem_connect; tsan_counter(>session_ctx->stats.sess_connect_good); - -if (SSL_IS_DTLS(s) && s->hit) { -/* - * We are finishing after the server. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ -dtls1_start_timer(s); -} } if (SSL_IS_DTLS(s)) { diff --git a/test/dtlstest.c b/test/dtlstest.c index 0b04886..d196fb5 100644 --- a/test/dtlstest.c +++ b/test/dtlstest.c @@ -87,17 +87,21 @@ static int test_dtls_unprocessed(int testidx) /* * Inject a dummy record from the next epoch. In test 0, this should never * get used because
[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 8e3df4012a8177b89707ebec249be417508c8c7f (commit) via f9ad0abb29aca7e765b041c3a13457a58ce66314 (commit) from d0a4e858bb658c098cd267252e1e7cfffe554aff (commit) - Log - commit 8e3df4012a8177b89707ebec249be417508c8c7f Author: Matt Caswell Date: Fri Jan 18 12:10:07 2019 + Revert "Keep the DTLS timer running after the end of the handshake if appropriate" This commit erroneously kept the DTLS timer running after the end of the handshake. This is not correct behaviour and shold be reverted. This reverts commit f7506416b1311e65d5c440defdbcfe176f633c50. Fixes #7998 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) (cherry picked from commit bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57) commit f9ad0abb29aca7e765b041c3a13457a58ce66314 Author: Matt Caswell Date: Fri Jan 18 15:24:57 2019 + Make sure we trigger retransmits in DTLS testing During a DTLS handshake we may need to periodically handle timeouts in the DTLS timer to ensure retransmits due to lost packets are performed. However, one peer will always complete a handshake before the other. The DTLS timer stops once the handshake has finished so any handshake messages lost after that point will not automatically get retransmitted simply by calling DTLSv1_handle_timeout(). However attempting an SSL_read implies a DTLSv1_handle_timeout() and additionally will process records received from the peer. If those records are themselves retransmits then we know that the peer has not completed its handshake yet and a retransmit of our final flight automatically occurs. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) (cherry picked from commit 80c455d5ae405e855391e298a2bf8a24629dd95d) --- Summary of changes: ssl/record/rec_layer_d1.c | 13 - ssl/statem/statem_lib.c | 18 -- test/dtlstest.c | 14 +- test/sslapitest.c | 2 +- test/ssltestlib.c | 31 --- test/ssltestlib.h | 3 ++- 6 files changed, 36 insertions(+), 45 deletions(-) diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 1f9b319..1e129b7 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -440,19 +440,6 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, && SSL3_RECORD_get_length(rr) != 0) s->rlayer.alert_count = 0; -if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE -&& SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC -&& !SSL_in_init(s) -&& (s->d1->next_timeout.tv_sec != 0 -|| s->d1->next_timeout.tv_usec != 0)) { -/* - * The timer is still running but we've received something that isn't - * handshake data - so the peer must have finished processing our - * last handshake flight. Stop the timer. - */ -dtls1_stop_timer(s); -} - /* we now have a packet which can be read and processed */ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index be270e2..cf62c8f 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1076,15 +1076,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) /* N.B. s->ctx may not equal s->session_ctx */ tsan_counter(>ctx->stats.sess_accept_good); s->handshake_func = ossl_statem_accept; - -if (SSL_IS_DTLS(s) && !s->hit) { -/* - * We are finishing after the client. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ -dtls1_start_timer(s); -} } else { if (SSL_IS_TLS13(s)) { /* @@ -1106,15 +1097,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) s->handshake_func = ossl_statem_connect; tsan_counter(>session_ctx->stats.sess_connect_good); - -if (SSL_IS_DTLS(s) && s->hit) { -/* - * We are finishing after the server. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ -dtls1_start_timer(s); -} } if (SSL_IS_DTLS(s)) { diff --git a/test/dtlstest.c b/test/dtlstest.c index 772528f..8517eae 100644 --- a/test/dtlstest.c +++ b/test/dtlstest.c @@
[openssl-commits] [openssl] master update
The branch master has been updated via 0b53fe1cdc24a3dce450e77db6895a0243ddcb26 (commit) from bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57 (commit) - Log - commit 0b53fe1cdc24a3dce450e77db6895a0243ddcb26 Author: Matt Caswell Date: Tue Jan 22 14:27:25 2019 + Fix s_client so that it builds on Windows Fixes #8050 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8065) --- Summary of changes: apps/s_client.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index d788b89..9705c4c 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2360,9 +2360,11 @@ int s_client_main(int argc, char **argv) if (proxypass != NULL) l += strlen(proxypass); proxyauth = app_malloc(l + 2, "Proxy auth string"); -snprintf(proxyauth, l + 2, "%s:%s", proxyuser, (proxypass != NULL) ? proxypass : ""); +BIO_snprintf(proxyauth, l + 2, "%s:%s", proxyuser, + (proxypass != NULL) ? proxypass : ""); proxyauthenc = base64encode(proxyauth, strlen(proxyauth)); -BIO_printf(fbio, "Proxy-Authorization: Basic %s\r\n", proxyauthenc); +BIO_printf(fbio, "Proxy-Authorization: Basic %s\r\n", + proxyauthenc); OPENSSL_clear_free(proxyauth, strlen(proxyauth)); OPENSSL_clear_free(proxyauthenc, strlen(proxyauthenc)); } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits