Build failed: openssl master.23988
Build openssl master.23988 failed Commit 91d2743e21 by Richard Levitte on 4/5/2019 3:24 PM: Eliminate unnecessary and disruptive calls to OPENSSL_init_crypto() Configure your notification preferences
Build completed: openssl master.23983
Build openssl master.23983 completed Commit cd20e91789 by Richard Levitte on 4/5/2019 1:38 PM: Configurations/10-main.conf: Don't inherit assembler in Cygwin-common Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: ecbfaef2aa trace: add PROVIDER_CONF trace category 69539990a8 Correct the documentation about SSL_CIPHER_description() fd3a904636 Skip the correct number of tests if SM2 is disabled 2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro 706b6333a6 Document the 'no-module' configuration option e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: ecbfaef2aa trace: add PROVIDER_CONF trace category 69539990a8 Correct the documentation about SSL_CIPHER_description() fd3a904636 Skip the correct number of tests if SM2 is disabled 2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro 706b6333a6 Document the 'no-module' configuration option e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number
Still Failing: openssl/openssl#24581 (master - de3955f)
Build Update for openssl/openssl - Build: #24581 Status: Still Failing Duration: 20 mins and 8 secs Commit: de3955f (master) Author: Richard Levitte Message: EVP configuration section: add 'default_properties' command The value of the 'default_properties' command is simply passed to EVP_set_default_properties(). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8681) View the changeset: https://github.com/openssl/openssl/compare/bc362b9b7202...de3955f66225 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516204322?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Build failed: openssl master.23982
Build openssl master.23982 failed Commit 425ef178d1 by Richard Levitte on 4/5/2019 11:23 AM: Load the config file by default on libcrypto initialization Configure your notification preferences
[openssl] master update
The branch master has been updated via de3955f66225e42bfae710c50b51c98aa4616ac1 (commit) via cb92964563a053d5d9c0810912fa6d3ff35c1e16 (commit) from bc362b9b72021c2a066102f4f6bee5afc981e07a (commit) - Log - commit de3955f66225e42bfae710c50b51c98aa4616ac1 Author: Richard Levitte Date: Fri Apr 5 10:53:11 2019 +0200 EVP configuration section: add 'default_properties' command The value of the 'default_properties' command is simply passed to EVP_set_default_properties(). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8681) commit cb92964563a053d5d9c0810912fa6d3ff35c1e16 Author: Richard Levitte Date: Fri Apr 5 10:46:18 2019 +0200 EVP_set_default_properties(): New function to set global properties EVP_MD_fetch() can be given a property query string. However, there are cases when it won't, for example in implicit fetches. Therefore, we also need a way to set a global property query string to be used in all subsequent fetches. This also applies to all future algorithm fetching functions. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8681) --- Summary of changes: crypto/err/openssl.txt | 1 + crypto/evp/evp_cnf.c| 22 +++--- crypto/evp/evp_err.c| 2 ++ crypto/evp/evp_fetch.c | 13 +++-- doc/man3/EVP_MD_fetch.pod | 11 --- doc/man3/EVP_set_default_properties.pod | 52 + doc/man5/config.pod | 29 +++--- include/openssl/evp.h | 2 ++ include/openssl/evperr.h| 1 + util/libcrypto.num | 1 + 10 files changed, 120 insertions(+), 14 deletions(-) create mode 100644 doc/man3/EVP_set_default_properties.pod diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 19a418f..a3d15c9 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -858,6 +858,7 @@ EVP_F_EVP_PKEY_VERIFY:142:EVP_PKEY_verify EVP_F_EVP_PKEY_VERIFY_INIT:143:EVP_PKEY_verify_init EVP_F_EVP_PKEY_VERIFY_RECOVER:144:EVP_PKEY_verify_recover EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT:145:EVP_PKEY_verify_recover_init +EVP_F_EVP_SET_DEFAULT_PROPERTIES:236:EVP_set_default_properties EVP_F_EVP_SIGNFINAL:107:EVP_SignFinal EVP_F_EVP_VERIFYFINAL:108:EVP_VerifyFinal EVP_F_GMAC_CTRL:215:gmac_ctrl diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c index f75ea67..7cfa0a2 100644 --- a/crypto/evp/evp_cnf.c +++ b/crypto/evp/evp_cnf.c @@ -13,9 +13,11 @@ #include #include #include +#include /* Algorithm configuration module. */ +/* TODO(3.0): the config module functions should be passed a library context */ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; @@ -23,6 +25,9 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *oval; +OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n", +CONF_imodule_get_name(md), CONF_imodule_get_value(md)); + oid_section = CONF_imodule_get_value(md); if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); @@ -32,18 +37,26 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) oval = sk_CONF_VALUE_value(sktmp, i); if (strcmp(oval->name, "fips_mode") == 0) { int m; + if (!X509V3_get_value_bool(oval, )) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); return 0; } -if (m > 0) { -EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); -return 0; -} +/* + * fips_mode is deprecated and should not be used in new + * configurations. Old configurations are likely to ONLY + * have this, so we assume that no default properties have + * been set before this. + */ +if (m > 0) +EVP_set_default_properties(NULL, "fips=yes"); +} else if (strcmp(oval->name, "default_properties") == 0) { +EVP_set_default_properties(NULL, oval->value); } else { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); ERR_add_error_data(4, "name=", oval->name, ", value=", oval->value); +return 0; } } @@ -52,5 +65,6 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) void EVP_add_alg_module(void) { +OSSL_TRACE(CONF, "Adding config module 'alg_section'\n"); CONF_module_add("alg_section", alg_module_init, 0); } diff --git
Still Failing: openssl/openssl#24574 (OpenSSL_1_1_1-stable - b753435)
Build Update for openssl/openssl - Build: #24574 Status: Still Failing Duration: 22 mins and 52 secs Commit: b753435 (OpenSSL_1_1_1-stable) Author: Richard Levitte Message: OPENSSL_init_crypto(): check config return code correctly It was assumed that the config functionality returned a boolean. However, it may return a negative number on error, so we need to take that into account. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8679) (cherry picked from commit e3af453baceee7401ba0c5044a4c3aeaf246406f) View the changeset: https://github.com/openssl/openssl/compare/c15ef410e189...b75343593067 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516129396?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#24576 (master - bc362b9)
Build Update for openssl/openssl - Build: #24576 Status: Still Failing Duration: 22 mins and 13 secs Commit: bc362b9 (master) Author: Richard Levitte Message: Convert the ENGINE_CONF trace calls to use CONF instead Additionally, merge ENGINE_CONF into CONF. Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8680) View the changeset: https://github.com/openssl/openssl/compare/e3af453bacee...bc362b9b7202 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516132695?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#24573 (master - e3af453)
Build Update for openssl/openssl - Build: #24573 Status: Still Failing Duration: 23 mins and 35 secs Commit: e3af453 (master) Author: Richard Levitte Message: OPENSSL_init_crypto(): check config return code correctly It was assumed that the config functionality returned a boolean. However, it may return a negative number on error, so we need to take that into account. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8679) View the changeset: https://github.com/openssl/openssl/compare/0f5163bd1c9d...e3af453bacee View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516129183?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via bc362b9b72021c2a066102f4f6bee5afc981e07a (commit) via 0196ad63d385bcf4382266268d5be074461d3739 (commit) via 71849dff56d62802bef11b0643446588ae25122e (commit) from e3af453baceee7401ba0c5044a4c3aeaf246406f (commit) - Log - commit bc362b9b72021c2a066102f4f6bee5afc981e07a Author: Richard Levitte Date: Fri Apr 5 11:20:28 2019 +0200 Convert the ENGINE_CONF trace calls to use CONF instead Additionally, merge ENGINE_CONF into CONF. Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8680) commit 0196ad63d385bcf4382266268d5be074461d3739 Author: Richard Levitte Date: Fri Apr 5 11:02:17 2019 +0200 Add a bit of tracing in the core conf module runner Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8680) commit 71849dff56d62802bef11b0643446588ae25122e Author: Richard Levitte Date: Fri Apr 5 10:58:16 2019 +0200 Rename the PROVIDER_CONF trace to CONF Other configuration modules may have use for tracing, and having one tracing category for each of them is a bit much. Instead, we make one category for them all. Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8680) --- Summary of changes: crypto/conf/conf_mod.c | 4 crypto/engine/eng_cnf.c | 6 +++--- crypto/provider_conf.c | 19 --- crypto/trace.c | 3 +-- include/openssl/trace.h | 5 ++--- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 3ad09a7..56b1946 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -14,6 +14,7 @@ #include "internal/conf.h" #include "internal/dso.h" #include +#include #define DSO_mod_init_name "OPENSSL_init" #define DSO_mod_finish_name "OPENSSL_finish" @@ -92,6 +93,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname, return 1; } +OSSL_TRACE1(CONF, "Configuration in section %s\n", vsection); values = NCONF_get_section(cnf, vsection); if (!values) @@ -100,6 +102,8 @@ int CONF_modules_load(const CONF *cnf, const char *appname, for (i = 0; i < sk_CONF_VALUE_num(values); i++) { vl = sk_CONF_VALUE_value(values, i); ret = module_run(cnf, vl->name, vl->value, flags); +OSSL_TRACE3(CONF, "Running module %s (%s) returned %d\n", +vl->name, vl->value, ret); if (ret <= 0) if (!(flags & CONF_MFLAGS_IGNORE_ERRORS)) return ret; diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index c87a8a1..9f647c4 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -49,7 +49,7 @@ static int int_engine_configure(const char *name, const char *value, const CONF int soft = 0; name = skip_dot(name); -OSSL_TRACE1(ENGINE_CONF, "Configuring engine %s\n", name); +OSSL_TRACE1(CONF, "Configuring engine %s\n", name); /* Value is a section containing ENGINE commands */ ecmds = NCONF_get_section(cnf, value); @@ -63,7 +63,7 @@ static int int_engine_configure(const char *name, const char *value, const CONF ecmd = sk_CONF_VALUE_value(ecmds, i); ctrlname = skip_dot(ecmd->name); ctrlvalue = ecmd->value; -OSSL_TRACE2(ENGINE_CONF, "ENGINE conf: doing ctrl(%s,%s)\n", +OSSL_TRACE2(CONF, "ENGINE: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue); /* First handle some special pseudo ctrls */ @@ -148,7 +148,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) STACK_OF(CONF_VALUE) *elist; CONF_VALUE *cval; int i; -OSSL_TRACE2(ENGINE_CONF, "Called engine module: name %s, value %s\n", +OSSL_TRACE2(CONF, "Called engine module: name %s, value %s\n", CONF_imodule_get_name(md), CONF_imodule_get_value(md)); /* Value is a section containing ENGINEs to configure */ elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c index 9d9b7a1..74162a8 100644 --- a/crypto/provider_conf.c +++ b/crypto/provider_conf.c @@ -35,14 +35,14 @@ static int provider_conf_params(OSSL_PROVIDER *prov, STACK_OF(CONF_VALUE) *sect; int ok = 1; -OSSL_TRACE2(PROVIDER_CONF, "PROVIDER conf: %s = %s\n", name, value); - sect = NCONF_get_section(cnf, value); if (sect != NULL) { int i; char buffer[512]; size_t buffer_len = 0; +OSSL_TRACE1(CONF, "Provider params: start section %s\n", value); + if (name != NULL) { OPENSSL_strlcpy(buffer, name,
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via b7534359306754b90a4f18aa5231477510488713 (commit) from c15ef410e1898224736813b8b8e50caf7e5eadba (commit) - Log - commit b7534359306754b90a4f18aa5231477510488713 Author: Richard Levitte Date: Fri Apr 5 10:28:32 2019 +0200 OPENSSL_init_crypto(): check config return code correctly It was assumed that the config functionality returned a boolean. However, it may return a negative number on error, so we need to take that into account. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8679) (cherry picked from commit e3af453baceee7401ba0c5044a4c3aeaf246406f) --- Summary of changes: crypto/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/init.c b/crypto/init.c index dc6ec39..afb2133 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -702,7 +702,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) ret = RUN_ONCE(, ossl_init_config); conf_settings = NULL; CRYPTO_THREAD_unlock(init_lock); -if (!ret) +if (ret <= 0) return 0; }
[openssl] master update
The branch master has been updated via e3af453baceee7401ba0c5044a4c3aeaf246406f (commit) from 0f5163bd1c9d993ec54b690b9da8d13efe089be0 (commit) - Log - commit e3af453baceee7401ba0c5044a4c3aeaf246406f Author: Richard Levitte Date: Fri Apr 5 10:28:32 2019 +0200 OPENSSL_init_crypto(): check config return code correctly It was assumed that the config functionality returned a boolean. However, it may return a negative number on error, so we need to take that into account. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8679) --- Summary of changes: crypto/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/init.c b/crypto/init.c index 463da98..43fe1a6 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -670,7 +670,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) ret = RUN_ONCE(, ossl_init_config); conf_settings = NULL; CRYPTO_THREAD_unlock(init_lock); -if (!ret) +if (ret <= 0) return 0; }
Still Failing: openssl/openssl#24564 (master - 0f5163b)
Build Update for openssl/openssl - Build: #24564 Status: Still Failing Duration: 22 mins and 8 secs Commit: 0f5163b (master) Author: Richard Levitte Message: Fix number clash: EVP_F_AESNI_XTS_INIT_KEY vs EVP_F_EVP_MD_BLOCK_SIZE The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY and EVP_F_AES_XTS_INIT_KEY are affected. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8682) View the changeset: https://github.com/openssl/openssl/compare/3538b0f7ad7c...0f5163bd1c9d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516105405?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 0f5163bd1c9d993ec54b690b9da8d13efe089be0 (commit) from 3538b0f7ad7c4b67788f444827718a89ffb5b08d (commit) - Log - commit 0f5163bd1c9d993ec54b690b9da8d13efe089be0 Author: Richard Levitte Date: Fri Apr 5 11:15:23 2019 +0200 Fix number clash: EVP_F_AESNI_XTS_INIT_KEY vs EVP_F_EVP_MD_BLOCK_SIZE The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY and EVP_F_AES_XTS_INIT_KEY are affected. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8682) --- Summary of changes: crypto/err/openssl.txt | 6 +++--- include/openssl/evperr.h | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 472413a..19a418f 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -754,16 +754,16 @@ ESS_F_ESS_SIGNING_CERT_NEW_INIT:102:ESS_SIGNING_CERT_new_init ESS_F_ESS_SIGNING_CERT_V2_ADD:105:ESS_SIGNING_CERT_V2_add ESS_F_ESS_SIGNING_CERT_V2_NEW_INIT:103:ESS_SIGNING_CERT_V2_new_init EVP_F_AESNI_INIT_KEY:165:aesni_init_key -EVP_F_AESNI_XTS_INIT_KEY:232:aesni_xts_init_key +EVP_F_AESNI_XTS_INIT_KEY:233:aesni_xts_init_key EVP_F_AES_GCM_CTRL:196:aes_gcm_ctrl EVP_F_AES_GCM_TLS_CIPHER:207:aes_gcm_tls_cipher EVP_F_AES_INIT_KEY:133:aes_init_key EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key -EVP_F_AES_T4_XTS_INIT_KEY:233:aes_t4_xts_init_key +EVP_F_AES_T4_XTS_INIT_KEY:234:aes_t4_xts_init_key EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher EVP_F_AES_XTS_CIPHER:229:aes_xts_cipher -EVP_F_AES_XTS_INIT_KEY:234:aes_xts_init_key +EVP_F_AES_XTS_INIT_KEY:235:aes_xts_init_key EVP_F_ALG_MODULE_INIT:177:alg_module_init EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key EVP_F_ARIA_GCM_CTRL:197:aria_gcm_ctrl diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h index da16a10..5d3c576 100644 --- a/include/openssl/evperr.h +++ b/include/openssl/evperr.h @@ -24,16 +24,16 @@ int ERR_load_EVP_strings(void); * EVP function codes. */ # define EVP_F_AESNI_INIT_KEY 165 -# define EVP_F_AESNI_XTS_INIT_KEY 232 +# define EVP_F_AESNI_XTS_INIT_KEY 233 # define EVP_F_AES_GCM_CTRL 196 # define EVP_F_AES_GCM_TLS_CIPHER 207 # define EVP_F_AES_INIT_KEY 133 # define EVP_F_AES_OCB_CIPHER 169 # define EVP_F_AES_T4_INIT_KEY178 -# define EVP_F_AES_T4_XTS_INIT_KEY233 +# define EVP_F_AES_T4_XTS_INIT_KEY234 # define EVP_F_AES_WRAP_CIPHER170 # define EVP_F_AES_XTS_CIPHER 229 -# define EVP_F_AES_XTS_INIT_KEY 234 +# define EVP_F_AES_XTS_INIT_KEY 235 # define EVP_F_ALG_MODULE_INIT177 # define EVP_F_ARIA_CCM_INIT_KEY 175 # define EVP_F_ARIA_GCM_CTRL 197
Still Failing: openssl/openssl#24554 (OpenSSL_1_1_1-stable - c15ef41)
Build Update for openssl/openssl - Build: #24554 Status: Still Failing Duration: 18 mins and 15 secs Commit: c15ef41 (OpenSSL_1_1_1-stable) Author: Pauli Message: Add the prediction_resistance flag to the documentation. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8678) View the changeset: https://github.com/openssl/openssl/compare/0cbfcc39042b...c15ef410e189 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/516086687?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via c15ef410e1898224736813b8b8e50caf7e5eadba (commit) from 0cbfcc39042bb1ff16d4500979d34fcdae3ec602 (commit) - Log - commit c15ef410e1898224736813b8b8e50caf7e5eadba Author: Pauli Date: Fri Apr 5 14:43:18 2019 +1000 Add the prediction_resistance flag to the documentation. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8678) --- Summary of changes: doc/man3/RAND_DRBG_reseed.pod | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/man3/RAND_DRBG_reseed.pod b/doc/man3/RAND_DRBG_reseed.pod index da3a40b..a0a4e56 100644 --- a/doc/man3/RAND_DRBG_reseed.pod +++ b/doc/man3/RAND_DRBG_reseed.pod @@ -13,7 +13,8 @@ RAND_DRBG_set_reseed_defaults #include int RAND_DRBG_reseed(RAND_DRBG *drbg, - const unsigned char *adin, size_t adinlen); + const unsigned char *adin, size_t adinlen, + int prediction_resistance); int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval); @@ -37,6 +38,10 @@ and mixing in the specified additional data provided in the buffer B of length B. The additional data can be omitted by setting B to NULL and B to 0. +An immediate reseeding from a live entropy source can be requested by setting +the B flag to 1. +This feature is not implemented yet, so reseeding with prediction resistance +requested will always fail. RAND_DRBG_set_reseed_interval() sets the reseed interval of the B, which is the maximum allowed number
Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared Commit log since last time: ecbfaef2aa trace: add PROVIDER_CONF trace category 69539990a8 Correct the documentation about SSL_CIPHER_description() fd3a904636 Skip the correct number of tests if SM2 is disabled 2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro 706b6333a6 Document the 'no-module' configuration option e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number Build log ended with (last 100 lines): ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t