Build failed: openssl master.23988

[AppVeyor]

Build openssl master.23988 failed


Commit 91d2743e21 by Richard Levitte on 4/5/2019 3:24 PM:

Eliminate unnecessary and disruptive calls to OPENSSL_init_crypto()


Configure your notification preferences

Build completed: openssl master.23983

[AppVeyor]

Build openssl master.23983 completed



Commit cd20e91789 by Richard Levitte on 4/5/2019 1:38 PM:

Configurations/10-main.conf: Don't inherit assembler in Cygwin-common


Configure your notification preferences

SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm3

Commit log since last time:

ecbfaef2aa trace: add PROVIDER_CONF trace category
69539990a8 Correct the documentation about SSL_CIPHER_description()
fd3a904636 Skip the correct number of tests if SM2 is disabled
2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro
706b6333a6 Document the 'no-module' configuration option
e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number

SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm2

Commit log since last time:

ecbfaef2aa trace: add PROVIDER_CONF trace category
69539990a8 Correct the documentation about SSL_CIPHER_description()
fd3a904636 Skip the correct number of tests if SM2 is disabled
2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro
706b6333a6 Document the 'no-module' configuration option
e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number

Still Failing: openssl/openssl#24581 (master - de3955f)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24581
Status: Still Failing

Duration: 20 mins and 8 secs
Commit: de3955f (master)
Author: Richard Levitte
Message: EVP configuration section: add 'default_properties' command

The value of the 'default_properties' command is simply passed to
EVP_set_default_properties().

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8681)

View the changeset: 
https://github.com/openssl/openssl/compare/bc362b9b7202...de3955f66225

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516204322?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Build failed: openssl master.23982

[AppVeyor]

Build openssl master.23982 failed


Commit 425ef178d1 by Richard Levitte on 4/5/2019 11:23 AM:

Load the config file by default on libcrypto initialization


Configure your notification preferences

[openssl] master update

[Richard Levitte]

The branch master has been updated
   via  de3955f66225e42bfae710c50b51c98aa4616ac1 (commit)
   via  cb92964563a053d5d9c0810912fa6d3ff35c1e16 (commit)
  from  bc362b9b72021c2a066102f4f6bee5afc981e07a (commit)


- Log -
commit de3955f66225e42bfae710c50b51c98aa4616ac1
Author: Richard Levitte 
Date:   Fri Apr 5 10:53:11 2019 +0200

EVP configuration section: add 'default_properties' command

The value of the 'default_properties' command is simply passed to
EVP_set_default_properties().

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8681)

commit cb92964563a053d5d9c0810912fa6d3ff35c1e16
Author: Richard Levitte 
Date:   Fri Apr 5 10:46:18 2019 +0200

EVP_set_default_properties(): New function to set global properties

EVP_MD_fetch() can be given a property query string.  However, there
are cases when it won't, for example in implicit fetches.  Therefore,
we also need a way to set a global property query string to be used in
all subsequent fetches.  This also applies to all future algorithm
fetching functions.

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8681)

---

Summary of changes:
 crypto/err/openssl.txt  |  1 +
 crypto/evp/evp_cnf.c| 22 +++---
 crypto/evp/evp_err.c|  2 ++
 crypto/evp/evp_fetch.c  | 13 +++--
 doc/man3/EVP_MD_fetch.pod   | 11 ---
 doc/man3/EVP_set_default_properties.pod | 52 +
 doc/man5/config.pod | 29 +++---
 include/openssl/evp.h   |  2 ++
 include/openssl/evperr.h|  1 +
 util/libcrypto.num  |  1 +
 10 files changed, 120 insertions(+), 14 deletions(-)
 create mode 100644 doc/man3/EVP_set_default_properties.pod

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 19a418f..a3d15c9 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -858,6 +858,7 @@ EVP_F_EVP_PKEY_VERIFY:142:EVP_PKEY_verify
 EVP_F_EVP_PKEY_VERIFY_INIT:143:EVP_PKEY_verify_init
 EVP_F_EVP_PKEY_VERIFY_RECOVER:144:EVP_PKEY_verify_recover
 EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT:145:EVP_PKEY_verify_recover_init
+EVP_F_EVP_SET_DEFAULT_PROPERTIES:236:EVP_set_default_properties
 EVP_F_EVP_SIGNFINAL:107:EVP_SignFinal
 EVP_F_EVP_VERIFYFINAL:108:EVP_VerifyFinal
 EVP_F_GMAC_CTRL:215:gmac_ctrl
diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
index f75ea67..7cfa0a2 100644
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -13,9 +13,11 @@
 #include 
 #include 
 #include 
+#include 
 
 /* Algorithm configuration module. */
 
+/* TODO(3.0): the config module functions should be passed a library context */
 static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
 {
 int i;
@@ -23,6 +25,9 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
 STACK_OF(CONF_VALUE) *sktmp;
 CONF_VALUE *oval;
 
+OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n",
+CONF_imodule_get_name(md), CONF_imodule_get_value(md));
+
 oid_section = CONF_imodule_get_value(md);
 if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
@@ -32,18 +37,26 @@ static int alg_module_init(CONF_IMODULE *md, const CONF 
*cnf)
 oval = sk_CONF_VALUE_value(sktmp, i);
 if (strcmp(oval->name, "fips_mode") == 0) {
 int m;
+
 if (!X509V3_get_value_bool(oval, )) {
 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
 return 0;
 }
-if (m > 0) {
-EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
-return 0;
-}
+/*
+ * fips_mode is deprecated and should not be used in new
+ * configurations.  Old configurations are likely to ONLY
+ * have this, so we assume that no default properties have
+ * been set before this.
+ */
+if (m > 0)
+EVP_set_default_properties(NULL, "fips=yes");
+} else if (strcmp(oval->name, "default_properties") == 0) {
+EVP_set_default_properties(NULL, oval->value);
 } else {
 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
 ERR_add_error_data(4, "name=", oval->name,
", value=", oval->value);
+return 0;
 }
 
 }
@@ -52,5 +65,6 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
 
 void EVP_add_alg_module(void)
 {
+OSSL_TRACE(CONF, "Adding config module 'alg_section'\n");
 CONF_module_add("alg_section", alg_module_init, 0);
 }
diff --git 

Still Failing: openssl/openssl#24574 (OpenSSL_1_1_1-stable - b753435)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24574
Status: Still Failing

Duration: 22 mins and 52 secs
Commit: b753435 (OpenSSL_1_1_1-stable)
Author: Richard Levitte
Message: OPENSSL_init_crypto(): check config return code correctly

It was assumed that the config functionality returned a boolean.
However, it may return a negative number on error, so we need to take
that into account.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8679)

(cherry picked from commit e3af453baceee7401ba0c5044a4c3aeaf246406f)

View the changeset: 
https://github.com/openssl/openssl/compare/c15ef410e189...b75343593067

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516129396?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still Failing: openssl/openssl#24576 (master - bc362b9)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24576
Status: Still Failing

Duration: 22 mins and 13 secs
Commit: bc362b9 (master)
Author: Richard Levitte
Message: Convert the ENGINE_CONF trace calls to use CONF instead

Additionally, merge ENGINE_CONF into CONF.

Reviewed-by: Paul Dale 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8680)

View the changeset: 
https://github.com/openssl/openssl/compare/e3af453bacee...bc362b9b7202

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516132695?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still Failing: openssl/openssl#24573 (master - e3af453)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24573
Status: Still Failing

Duration: 23 mins and 35 secs
Commit: e3af453 (master)
Author: Richard Levitte
Message: OPENSSL_init_crypto(): check config return code correctly

It was assumed that the config functionality returned a boolean.
However, it may return a negative number on error, so we need to take
that into account.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8679)

View the changeset: 
https://github.com/openssl/openssl/compare/0f5163bd1c9d...e3af453bacee

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516129183?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

[Richard Levitte]

The branch master has been updated
   via  bc362b9b72021c2a066102f4f6bee5afc981e07a (commit)
   via  0196ad63d385bcf4382266268d5be074461d3739 (commit)
   via  71849dff56d62802bef11b0643446588ae25122e (commit)
  from  e3af453baceee7401ba0c5044a4c3aeaf246406f (commit)


- Log -
commit bc362b9b72021c2a066102f4f6bee5afc981e07a
Author: Richard Levitte 
Date:   Fri Apr 5 11:20:28 2019 +0200

Convert the ENGINE_CONF trace calls to use CONF instead

Additionally, merge ENGINE_CONF into CONF.

Reviewed-by: Paul Dale 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8680)

commit 0196ad63d385bcf4382266268d5be074461d3739
Author: Richard Levitte 
Date:   Fri Apr 5 11:02:17 2019 +0200

Add a bit of tracing in the core conf module runner

Reviewed-by: Paul Dale 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8680)

commit 71849dff56d62802bef11b0643446588ae25122e
Author: Richard Levitte 
Date:   Fri Apr 5 10:58:16 2019 +0200

Rename the PROVIDER_CONF trace to CONF

Other configuration modules may have use for tracing, and having one
tracing category for each of them is a bit much.  Instead, we make one
category for them all.

Reviewed-by: Paul Dale 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8680)

---

Summary of changes:
 crypto/conf/conf_mod.c  |  4 
 crypto/engine/eng_cnf.c |  6 +++---
 crypto/provider_conf.c  | 19 ---
 crypto/trace.c  |  3 +--
 include/openssl/trace.h |  5 ++---
 5 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 3ad09a7..56b1946 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -14,6 +14,7 @@
 #include "internal/conf.h"
 #include "internal/dso.h"
 #include 
+#include 
 
 #define DSO_mod_init_name "OPENSSL_init"
 #define DSO_mod_finish_name "OPENSSL_finish"
@@ -92,6 +93,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
 return 1;
 }
 
+OSSL_TRACE1(CONF, "Configuration in section %s\n", vsection);
 values = NCONF_get_section(cnf, vsection);
 
 if (!values)
@@ -100,6 +102,8 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
 vl = sk_CONF_VALUE_value(values, i);
 ret = module_run(cnf, vl->name, vl->value, flags);
+OSSL_TRACE3(CONF, "Running module %s (%s) returned %d\n",
+vl->name, vl->value, ret);
 if (ret <= 0)
 if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
 return ret;
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index c87a8a1..9f647c4 100644
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -49,7 +49,7 @@ static int int_engine_configure(const char *name, const char 
*value, const CONF
 int soft = 0;
 
 name = skip_dot(name);
-OSSL_TRACE1(ENGINE_CONF, "Configuring engine %s\n", name);
+OSSL_TRACE1(CONF, "Configuring engine %s\n", name);
 /* Value is a section containing ENGINE commands */
 ecmds = NCONF_get_section(cnf, value);
 
@@ -63,7 +63,7 @@ static int int_engine_configure(const char *name, const char 
*value, const CONF
 ecmd = sk_CONF_VALUE_value(ecmds, i);
 ctrlname = skip_dot(ecmd->name);
 ctrlvalue = ecmd->value;
-OSSL_TRACE2(ENGINE_CONF, "ENGINE conf: doing ctrl(%s,%s)\n",
+OSSL_TRACE2(CONF, "ENGINE: doing ctrl(%s,%s)\n",
 ctrlname, ctrlvalue);
 
 /* First handle some special pseudo ctrls */
@@ -148,7 +148,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const 
CONF *cnf)
 STACK_OF(CONF_VALUE) *elist;
 CONF_VALUE *cval;
 int i;
-OSSL_TRACE2(ENGINE_CONF, "Called engine module: name %s, value %s\n",
+OSSL_TRACE2(CONF, "Called engine module: name %s, value %s\n",
 CONF_imodule_get_name(md), CONF_imodule_get_value(md));
 /* Value is a section containing ENGINEs to configure */
 elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
index 9d9b7a1..74162a8 100644
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@@ -35,14 +35,14 @@ static int provider_conf_params(OSSL_PROVIDER *prov,
 STACK_OF(CONF_VALUE) *sect;
 int ok = 1;
 
-OSSL_TRACE2(PROVIDER_CONF, "PROVIDER conf: %s = %s\n", name, value);
-
 sect = NCONF_get_section(cnf, value);
 if (sect != NULL) {
 int i;
 char buffer[512];
 size_t buffer_len = 0;
 
+OSSL_TRACE1(CONF, "Provider params: start section %s\n", value);
+
 if (name != NULL) {
 OPENSSL_strlcpy(buffer, name, 

[openssl] OpenSSL_1_1_1-stable update

[Richard Levitte]

The branch OpenSSL_1_1_1-stable has been updated
   via  b7534359306754b90a4f18aa5231477510488713 (commit)
  from  c15ef410e1898224736813b8b8e50caf7e5eadba (commit)


- Log -
commit b7534359306754b90a4f18aa5231477510488713
Author: Richard Levitte 
Date:   Fri Apr 5 10:28:32 2019 +0200

OPENSSL_init_crypto(): check config return code correctly

It was assumed that the config functionality returned a boolean.
However, it may return a negative number on error, so we need to take
that into account.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8679)

(cherry picked from commit e3af453baceee7401ba0c5044a4c3aeaf246406f)

---

Summary of changes:
 crypto/init.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/init.c b/crypto/init.c
index dc6ec39..afb2133 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -702,7 +702,7 @@ int OPENSSL_init_crypto(uint64_t opts, const 
OPENSSL_INIT_SETTINGS *settings)
 ret = RUN_ONCE(, ossl_init_config);
 conf_settings = NULL;
 CRYPTO_THREAD_unlock(init_lock);
-if (!ret)
+if (ret <= 0)
 return 0;
 }
 

[openssl] master update

[Richard Levitte]

The branch master has been updated
   via  e3af453baceee7401ba0c5044a4c3aeaf246406f (commit)
  from  0f5163bd1c9d993ec54b690b9da8d13efe089be0 (commit)


- Log -
commit e3af453baceee7401ba0c5044a4c3aeaf246406f
Author: Richard Levitte 
Date:   Fri Apr 5 10:28:32 2019 +0200

OPENSSL_init_crypto(): check config return code correctly

It was assumed that the config functionality returned a boolean.
However, it may return a negative number on error, so we need to take
that into account.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8679)

---

Summary of changes:
 crypto/init.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/init.c b/crypto/init.c
index 463da98..43fe1a6 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -670,7 +670,7 @@ int OPENSSL_init_crypto(uint64_t opts, const 
OPENSSL_INIT_SETTINGS *settings)
 ret = RUN_ONCE(, ossl_init_config);
 conf_settings = NULL;
 CRYPTO_THREAD_unlock(init_lock);
-if (!ret)
+if (ret <= 0)
 return 0;
 }
 

Still Failing: openssl/openssl#24564 (master - 0f5163b)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24564
Status: Still Failing

Duration: 22 mins and 8 secs
Commit: 0f5163b (master)
Author: Richard Levitte
Message: Fix number clash: EVP_F_AESNI_XTS_INIT_KEY vs EVP_F_EVP_MD_BLOCK_SIZE

The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY
and EVP_F_AES_XTS_INIT_KEY are affected.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8682)

View the changeset: 
https://github.com/openssl/openssl/compare/3538b0f7ad7c...0f5163bd1c9d

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516105405?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

[Richard Levitte]

The branch master has been updated
   via  0f5163bd1c9d993ec54b690b9da8d13efe089be0 (commit)
  from  3538b0f7ad7c4b67788f444827718a89ffb5b08d (commit)


- Log -
commit 0f5163bd1c9d993ec54b690b9da8d13efe089be0
Author: Richard Levitte 
Date:   Fri Apr 5 11:15:23 2019 +0200

Fix number clash: EVP_F_AESNI_XTS_INIT_KEY vs EVP_F_EVP_MD_BLOCK_SIZE

The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY
and EVP_F_AES_XTS_INIT_KEY are affected.

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/8682)

---

Summary of changes:
 crypto/err/openssl.txt   | 6 +++---
 include/openssl/evperr.h | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 472413a..19a418f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -754,16 +754,16 @@ 
ESS_F_ESS_SIGNING_CERT_NEW_INIT:102:ESS_SIGNING_CERT_new_init
 ESS_F_ESS_SIGNING_CERT_V2_ADD:105:ESS_SIGNING_CERT_V2_add
 ESS_F_ESS_SIGNING_CERT_V2_NEW_INIT:103:ESS_SIGNING_CERT_V2_new_init
 EVP_F_AESNI_INIT_KEY:165:aesni_init_key
-EVP_F_AESNI_XTS_INIT_KEY:232:aesni_xts_init_key
+EVP_F_AESNI_XTS_INIT_KEY:233:aesni_xts_init_key
 EVP_F_AES_GCM_CTRL:196:aes_gcm_ctrl
 EVP_F_AES_GCM_TLS_CIPHER:207:aes_gcm_tls_cipher
 EVP_F_AES_INIT_KEY:133:aes_init_key
 EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher
 EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key
-EVP_F_AES_T4_XTS_INIT_KEY:233:aes_t4_xts_init_key
+EVP_F_AES_T4_XTS_INIT_KEY:234:aes_t4_xts_init_key
 EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher
 EVP_F_AES_XTS_CIPHER:229:aes_xts_cipher
-EVP_F_AES_XTS_INIT_KEY:234:aes_xts_init_key
+EVP_F_AES_XTS_INIT_KEY:235:aes_xts_init_key
 EVP_F_ALG_MODULE_INIT:177:alg_module_init
 EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key
 EVP_F_ARIA_GCM_CTRL:197:aria_gcm_ctrl
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index da16a10..5d3c576 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -24,16 +24,16 @@ int ERR_load_EVP_strings(void);
  * EVP function codes.
  */
 # define EVP_F_AESNI_INIT_KEY 165
-# define EVP_F_AESNI_XTS_INIT_KEY 232
+# define EVP_F_AESNI_XTS_INIT_KEY 233
 # define EVP_F_AES_GCM_CTRL   196
 # define EVP_F_AES_GCM_TLS_CIPHER 207
 # define EVP_F_AES_INIT_KEY   133
 # define EVP_F_AES_OCB_CIPHER 169
 # define EVP_F_AES_T4_INIT_KEY178
-# define EVP_F_AES_T4_XTS_INIT_KEY233
+# define EVP_F_AES_T4_XTS_INIT_KEY234
 # define EVP_F_AES_WRAP_CIPHER170
 # define EVP_F_AES_XTS_CIPHER 229
-# define EVP_F_AES_XTS_INIT_KEY   234
+# define EVP_F_AES_XTS_INIT_KEY   235
 # define EVP_F_ALG_MODULE_INIT177
 # define EVP_F_ARIA_CCM_INIT_KEY  175
 # define EVP_F_ARIA_GCM_CTRL  197

Still Failing: openssl/openssl#24554 (OpenSSL_1_1_1-stable - c15ef41)

[Travis CI]

Build Update for openssl/openssl
-

Build: #24554
Status: Still Failing

Duration: 18 mins and 15 secs
Commit: c15ef41 (OpenSSL_1_1_1-stable)
Author: Pauli
Message: Add the prediction_resistance flag to the documentation.

Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8678)

View the changeset: 
https://github.com/openssl/openssl/compare/0cbfcc39042b...c15ef410e189

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/516086687?utm_medium=notification_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] OpenSSL_1_1_1-stable update

[Dr . Paul Dale]

The branch OpenSSL_1_1_1-stable has been updated
   via  c15ef410e1898224736813b8b8e50caf7e5eadba (commit)
  from  0cbfcc39042bb1ff16d4500979d34fcdae3ec602 (commit)


- Log -
commit c15ef410e1898224736813b8b8e50caf7e5eadba
Author: Pauli 
Date:   Fri Apr 5 14:43:18 2019 +1000

Add the prediction_resistance flag to the documentation.

Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/8678)

---

Summary of changes:
 doc/man3/RAND_DRBG_reseed.pod | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/doc/man3/RAND_DRBG_reseed.pod b/doc/man3/RAND_DRBG_reseed.pod
index da3a40b..a0a4e56 100644
--- a/doc/man3/RAND_DRBG_reseed.pod
+++ b/doc/man3/RAND_DRBG_reseed.pod
@@ -13,7 +13,8 @@ RAND_DRBG_set_reseed_defaults
  #include 
 
  int RAND_DRBG_reseed(RAND_DRBG *drbg,
-  const unsigned char *adin, size_t adinlen);
+  const unsigned char *adin, size_t adinlen,
+  int prediction_resistance);
 
  int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
unsigned int interval);
@@ -37,6 +38,10 @@ and mixing in the specified additional data provided in the 
buffer B
 of length B.
 The additional data can be omitted by setting B to NULL and B
 to 0.
+An immediate reseeding from a live entropy source can be requested by setting
+the B flag to 1.
+This feature is not implemented yet, so reseeding with prediction resistance
+requested will always fail.
 
 RAND_DRBG_set_reseed_interval()
 sets the reseed interval of the B, which is the maximum allowed number

Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared

Commit log since last time:

ecbfaef2aa trace: add PROVIDER_CONF trace category
69539990a8 Correct the documentation about SSL_CIPHER_description()
fd3a904636 Skip the correct number of tests if SM2 is disabled
2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro
706b6333a6 Document the 'no-module' configuration option
e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number

Build log ended with (last 100 lines):

../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . skipped: 
test_comp needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_key_share.t  skipped: 
test_key_share needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  skipped: 
test_renegotiation needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  skipped: 
test_sslcbcpadding needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslcertstatus.t  skipped: 
test_sslcertstatus needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslextension.t . skipped: 
test_sslextension needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslmessages.t .. skipped: 
test_sslmessages needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslrecords.t ... skipped: 
test_sslrecords needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: 
test_sslsessiontick needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: 
test_sslsigalgs needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsignature.t . skipped: 
test_sslsignature needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: 
test_sslskewith0p needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslvertol.t  skipped: 
test_sslextension needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: 
test_tls13alerts needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: 
test_tls13cookie needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13hrr.t . skipped: 
test_tls13hrr needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t  skipped: 
test_tls13kexmodes needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13messages.t  skipped: 
test_tls13messages needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13psk.t . skipped: 
test_tls13psk needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tlsextms.t . skipped: 
test_tlsextms needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_cmsapi.t ... ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t