Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared Commit log since last time: 25b25b0f80 Update internal documentation after global data move to OPENSSL_CTX 65a1e917a6 Add some TODO notes into init.c 1aedc35fd6 Instead of global data store it in an OPENSSL_CTX b8fe36fee0 Add support for openssl_ctx_run_once and openssl_ctx_onfree 61783db5b5 Use vxRandLib for VxWorks7 42151b8edb openssl cms: add error message if operation option is missing 31fc48ddc3 Test: use keywords instead of magic numbers for 'rsa_pss_saltlen' 0c4e984de2 Allow setting RCFLAGS as Configure option or environment variable a583172dac Add RCFLAGS variable in Windows build file, and use it Build log ended with (last 100 lines): /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:128: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:138: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:140: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:141: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:147: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:147: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:150: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:150: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:(.text+0x3a8): undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:130: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:172: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:164: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:164: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:130: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:179: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:184: undefined reference to `__afl_prev_loc' crypto/sha/fips-dso-sha256.o: In function `SHA256_Final': /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:191: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:191: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:200: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:194: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:222: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:222: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:222: undefined reference to `__afl_prev_loc' crypto/sha/fips-dso-sha256.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/include/internal/md32_common.h:222: more undefined references to `__afl_prev_loc' follow crypto/sha/fips-dso-sha256.o: In function `SHA256': /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/sha/sha256.c:64: undefined reference to `__afl_area_ptr' crypto/sha/fips-dso-sha256.o: In function `SHA224_Update': /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/sha/sha256.c:77: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/sha/sha256.c:77: undefined reference to `__afl_area_ptr' crypto/sha/fips-dso-sha256.o: In function `SHA224_Final': /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/sha/sha256.c:82: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/crypto/sha/sha256.c:82: undefi
Build completed: openssl master.24421
Build openssl master.24421 completed Commit 7ec2c288fb by Shane Lontis on 5/3/2019 3:04 AM: PBKDF2 changed to conform to SP800-132 Configure your notification preferences
Build failed: openssl master.24420
Build openssl master.24420 failed Commit 55117df2e6 by Dr. Matthias St. Pierre on 5/2/2019 10:27 PM: fixup! Ignore entropy from RAND_add()/RAND_seed() in FIPS mode Configure your notification preferences
Still Failing: openssl/openssl#25014 (master - 61783db)
Build Update for openssl/openssl - Build: #25014 Status: Still Failing Duration: 23 mins and 59 secs Commit: 61783db (master) Author: Klotz, Tobias Message: Use vxRandLib for VxWorks7 Reviewed-by: Paul Dale Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/8023) View the changeset: https://github.com/openssl/openssl/compare/42151b8edb11...61783db5b5c4 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527508175?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#25011 (OpenSSL_1_1_1-stable - 49142bc)
Build Update for openssl/openssl - Build: #25011 Status: Still Failing Duration: 26 mins and 38 secs Commit: 49142bc (OpenSSL_1_1_1-stable) Author: Dr. Matthias St. Pierre Message: Test: use keywords instead of magic numbers for 'rsa_pss_saltlen' Since commit 137096a7ead it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8860) (cherry picked from commit 31fc48ddc30c627416edaa62ec1448e66ef92908) View the changeset: https://github.com/openssl/openssl/compare/68b8769e4e16...49142bcb187d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527492708?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#25015 (master - 25b25b0)
Build Update for openssl/openssl - Build: #25015 Status: Still Failing Duration: 31 mins and 46 secs Commit: 25b25b0 (master) Author: Matt Caswell Message: Update internal documentation after global data move to OPENSSL_CTX Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8857) View the changeset: https://github.com/openssl/openssl/compare/61783db5b5c4...25b25b0f80f2 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527514690?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#25010 (master - 31fc48d)
Build Update for openssl/openssl - Build: #25010 Status: Still Failing Duration: 18 mins and 21 secs Commit: 31fc48d (master) Author: Dr. Matthias St. Pierre Message: Test: use keywords instead of magic numbers for 'rsa_pss_saltlen' Since commit 137096a7ead it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8860) View the changeset: https://github.com/openssl/openssl/compare/0c4e984de28b...31fc48ddc30c View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527492422?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#25013 (OpenSSL_1_1_1-stable - 66790d7)
Build Update for openssl/openssl - Build: #25013 Status: Still Failing Duration: 25 mins and 24 secs Commit: 66790d7 (OpenSSL_1_1_1-stable) Author: Dr. Matthias St. Pierre Message: openssl cms: add error message if operation option is missing If the `openssl cms` command is called without specifying an operation option, it replies with the following laconic error message: cms: Use -help for summary. This commit adds a helpful error message: No operation option (-encrypt|-decrypt|-sign|-verify|...) specified. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8861) (cherry picked from commit 42151b8edb112d23d81f6e0d6606d98797771b4b) View the changeset: https://github.com/openssl/openssl/compare/49142bcb187d...66790d762562 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527494379?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#25012 (master - 42151b8)
Build Update for openssl/openssl - Build: #25012 Status: Still Failing Duration: 24 mins and 44 secs Commit: 42151b8 (master) Author: Dr. Matthias St. Pierre Message: openssl cms: add error message if operation option is missing If the `openssl cms` command is called without specifying an operation option, it replies with the following laconic error message: cms: Use -help for summary. This commit adds a helpful error message: No operation option (-encrypt|-decrypt|-sign|-verify|...) specified. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8861) View the changeset: https://github.com/openssl/openssl/compare/31fc48ddc30c...42151b8edb11 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527494077?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 25b25b0f80f2b3f0c5449a6d5a8e7639187f9bf3 (commit) via 65a1e917a6be8c5a776a593b7bed9a52c950c71b (commit) via 1aedc35fd6c2f40f269c88b2f7d5a617172b47c5 (commit) via b8fe36fee000970dcb7cd363f31445969cfbf677 (commit) from 61783db5b5c4c5edbdb47d6a7d0393782e72685d (commit) - Log - commit 25b25b0f80f2b3f0c5449a6d5a8e7639187f9bf3 Author: Matt Caswell Date: Thu May 2 14:32:44 2019 +0100 Update internal documentation after global data move to OPENSSL_CTX Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8857) commit 65a1e917a6be8c5a776a593b7bed9a52c950c71b Author: Matt Caswell Date: Thu May 2 13:42:31 2019 +0100 Add some TODO notes into init.c We should be seeking to move the OPENSSL_init_crypto and OPENSSL_cleanup processing into OPENSSL_CTX instead. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8857) commit 1aedc35fd6c2f40f269c88b2f7d5a617172b47c5 Author: Matt Caswell Date: Wed May 1 11:02:43 2019 +0100 Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8857) commit b8fe36fee000970dcb7cd363f31445969cfbf677 Author: Matt Caswell Date: Tue Apr 30 15:15:48 2019 +0100 Add support for openssl_ctx_run_once and openssl_ctx_onfree Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8857) --- Summary of changes: crypto/context.c| 212 +--- crypto/core_fetch.c | 2 +- crypto/cpt_err.c| 8 +- crypto/err/openssl.txt | 2 + crypto/evp/evp_fetch.c | 32 + crypto/ex_data.c| 164 - crypto/init.c | 17 ++- crypto/property/defn_cache.c| 41 -- crypto/property/property.c | 50 +++ crypto/property/property_lcl.h | 25 ++-- crypto/property/property_parse.c| 46 +++--- crypto/property/property_string.c | 97 + crypto/provider_core.c | 18 +-- doc/internal/man3/OSSL_METHOD_STORE.pod | 14 +- doc/internal/man3/openssl_ctx_get_data.pod | 90 doc/internal/man3/ossl_method_construct.pod | 5 +- include/internal/core.h | 2 +- include/internal/cryptlib.h | 72 +- include/internal/property.h | 5 +- include/openssl/crypto.h| 1 + include/openssl/cryptoerr.h | 4 +- test/build.info | 2 +- test/context_internal_test.c| 20 +-- test/property_test.c| 72 +- 24 files changed, 658 insertions(+), 343 deletions(-) diff --git a/crypto/context.c b/crypto/context.c index 752711b..be2d348 100644 --- a/crypto/context.c +++ b/crypto/context.c @@ -10,38 +10,106 @@ #include "internal/cryptlib.h" #include "internal/thread_once.h" +struct openssl_ctx_onfree_list_st { +openssl_ctx_onfree_fn *fn; +struct openssl_ctx_onfree_list_st *next; +}; + struct openssl_ctx_st { CRYPTO_RWLOCK *lock; CRYPTO_EX_DATA data; + +/* + * For most data in the OPENSSL_CTX we just use ex_data to store it. But + * that doesn't work for ex_data itself - so we store that directly. + */ +OSSL_EX_DATA_GLOBAL global; + +/* Map internal static indexes to dynamically created indexes */ +int dyn_indexes[OPENSSL_CTX_MAX_INDEXES]; + +CRYPTO_RWLOCK *oncelock; +int run_once_done[OPENSSL_CTX_MAX_RUN_ONCE]; +int run_once_ret[OPENSSL_CTX_MAX_RUN_ONCE]; +struct openssl_ctx_onfree_list_st *onfreelist; }; -static OPENSSL_CTX default_context; +#ifndef FIPS_MODE +static OPENSSL_CTX default_context_int; +#endif + +/* Always points at default_context_int if it has been initialised */ +static OPENSSL_CTX *default_context = NULL; static int context_init(OPENSSL_CTX *ctx) { -return (ctx->lock = CRYPTO_THREAD_lock_new()) != NULL -&& CRYPTO_new_ex_data(CRYPTO_EX_INDEX_OPENSSL_CTX, NULL, - &ctx->data); +size_t i; + +ctx->lock = CRYPTO_THREAD_lock_new(); +if (ctx->lock == NULL) +return 0; + +ctx->oncelock = CRYPTO_THREAD_lock_new(); +if (ctx->oncelock == NULL) +goto err; + +for (i = 0; i < OPENSSL_CTX_MAX_INDEXES; i++) +ctx->dyn_indexes[i] = -1; + +if (!do_ex_data_init(ctx)) +go
[openssl] master update
The branch master has been updated via 61783db5b5c4c5edbdb47d6a7d0393782e72685d (commit) from 42151b8edb112d23d81f6e0d6606d98797771b4b (commit) - Log - commit 61783db5b5c4c5edbdb47d6a7d0393782e72685d Author: Klotz, Tobias Date: Tue Feb 19 13:34:32 2019 +0100 Use vxRandLib for VxWorks7 Reviewed-by: Paul Dale Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/8023) --- Summary of changes: apps/rsautl.c | 6 +- crypto/mem_sec.c | 2 +- crypto/rand/build.info | 3 +- crypto/rand/rand_unix.c| 32 ++--- crypto/rand/rand_vxworks.c | 171 + e_os.h | 2 +- 6 files changed, 183 insertions(+), 33 deletions(-) create mode 100644 crypto/rand/rand_vxworks.c diff --git a/apps/rsautl.c b/apps/rsautl.c index df90c01..6939e42 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -31,7 +31,7 @@ NON_EMPTY_TRANSLATION_UNIT typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_IN, OPT_OUT, OPT_ASN1PARSE, OPT_HEXDUMP, -OPT_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931, +OPT_RSA_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931, OPT_SIGN, OPT_VERIFY, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM, OPT_R_ENUM @@ -46,7 +46,7 @@ const OPTIONS rsautl_options[] = { {"pubin", OPT_PUBIN, '-', "Input is an RSA public"}, {"certin", OPT_CERTIN, '-', "Input is a cert carrying an RSA public key"}, {"ssl", OPT_SSL, '-', "Use SSL v2 padding"}, -{"raw", OPT_RAW, '-', "Use no padding"}, +{"raw", OPT_RSA_RAW, '-', "Use no padding"}, {"pkcs", OPT_PKCS, '-', "Use PKCS#1 v1.5 padding (default)"}, {"oaep", OPT_OAEP, '-', "Use PKCS#1 OAEP"}, {"sign", OPT_SIGN, '-', "Sign with private key"}, @@ -112,7 +112,7 @@ int rsautl_main(int argc, char **argv) case OPT_HEXDUMP: hexdump = 1; break; -case OPT_RAW: +case OPT_RSA_RAW: pad = RSA_NO_PADDING; break; case OPT_OAEP: diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index cd332c4..65d32f3 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -33,8 +33,8 @@ # include # include # endif +# include # endif -# include # include # include #endif diff --git a/crypto/rand/build.info b/crypto/rand/build.info index d9c1fb7..70d2580 100644 --- a/crypto/rand/build.info +++ b/crypto/rand/build.info @@ -1,6 +1,5 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ -rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c \ +rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c rand_vxworks.c \ drbg_hash.c drbg_hmac.c - diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 5d1e0d8..2b3e32d 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -30,7 +30,8 @@ # include #endif -#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) +#if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ + || defined(__DJGPP__) # include # include # include @@ -88,30 +89,8 @@ static uint64_t get_timer_bits(void); # undef OPENSSL_RAND_SEED_EGD #endif -#if (defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)) && \ -!defined(OPENSSL_RAND_SEED_NONE) -# error "UEFI and VXWorks only support seeding NONE" -#endif - -#if defined(OPENSSL_SYS_VXWORKS) -/* empty implementation */ -int rand_pool_init(void) -{ -return 1; -} - -void rand_pool_cleanup(void) -{ -} - -void rand_pool_keep_random_devices_open(int keep) -{ -} - -size_t rand_pool_acquire_entropy(RAND_POOL *pool) -{ -return rand_pool_entropy_available(pool); -} +#if defined(OPENSSL_SYS_UEFI) && !defined(OPENSSL_RAND_SEED_NONE) +# error "UEFI only supports seeding NONE" #endif #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) \ @@ -608,7 +587,8 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) # endif #endif -#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) +#if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ + || defined(__DJGPP__) int rand_pool_add_nonce_data(RAND_POOL *pool) { struct { diff --git a/crypto/rand/rand_vxworks.c b/crypto/rand/rand_vxworks.c new file mode 100644 index 000..81774e0 --- /dev/null +++ b/crypto/rand/rand_vxworks.c @@ -0,0 +1,171 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#ifndef OPENS
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 66790d762562aec139daa5ed321e380c687608e4 (commit) from 49142bcb187d4d9fe8b41a813ff63ddf322600a3 (commit) - Log - commit 66790d762562aec139daa5ed321e380c687608e4 Author: Dr. Matthias St. Pierre Date: Thu May 2 14:49:34 2019 +0200 openssl cms: add error message if operation option is missing If the `openssl cms` command is called without specifying an operation option, it replies with the following laconic error message: cms: Use -help for summary. This commit adds a helpful error message: No operation option (-encrypt|-decrypt|-sign|-verify|...) specified. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8861) (cherry picked from commit 42151b8edb112d23d81f6e0d6606d98797771b4b) --- Summary of changes: apps/cms.c | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/cms.c b/apps/cms.c index e9d760c..83cc3e5 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -636,6 +636,7 @@ int cms_main(int argc, char **argv) goto opthelp; } } else if (!operation) { +BIO_printf(bio_err, "No operation option (-encrypt|-decrypt|-sign|-verify|...) specified.\n"); goto opthelp; }
[openssl] master update
The branch master has been updated via 42151b8edb112d23d81f6e0d6606d98797771b4b (commit) from 31fc48ddc30c627416edaa62ec1448e66ef92908 (commit) - Log - commit 42151b8edb112d23d81f6e0d6606d98797771b4b Author: Dr. Matthias St. Pierre Date: Thu May 2 14:49:34 2019 +0200 openssl cms: add error message if operation option is missing If the `openssl cms` command is called without specifying an operation option, it replies with the following laconic error message: cms: Use -help for summary. This commit adds a helpful error message: No operation option (-encrypt|-decrypt|-sign|-verify|...) specified. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8861) --- Summary of changes: apps/cms.c | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/cms.c b/apps/cms.c index b2037b4..2863a92 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -640,6 +640,7 @@ int cms_main(int argc, char **argv) goto opthelp; } } else if (!operation) { +BIO_printf(bio_err, "No operation option (-encrypt|-decrypt|-sign|-verify|...) specified.\n"); goto opthelp; }
[openssl] master update
The branch master has been updated via 31fc48ddc30c627416edaa62ec1448e66ef92908 (commit) from 0c4e984de28b1477e002766b2751576f5c6c47d6 (commit) - Log - commit 31fc48ddc30c627416edaa62ec1448e66ef92908 Author: Dr. Matthias St. Pierre Date: Thu May 2 13:57:35 2019 +0200 Test: use keywords instead of magic numbers for 'rsa_pss_saltlen' Since commit 137096a7ead it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8860) --- Summary of changes: test/recipes/15-test_rsapss.t | 8 test/recipes/80-test_cms.t| 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/test/recipes/15-test_rsapss.t b/test/recipes/15-test_rsapss.t index f8fc9cc..0288976 100644 --- a/test/recipes/15-test_rsapss.t +++ b/test/recipes/15-test_rsapss.t @@ -20,14 +20,14 @@ plan tests => 5; #using test/testrsa.pem which happens to be a 512 bit RSA ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', -'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', +'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign"); with({ exit_checker => sub { return shift == 1; } }, sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', @@ -35,14 +35,14 @@ with({ exit_checker => sub { return shift == 1; } }, '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify, expect to fail gracefully"); }); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1', -'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', +'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify"); diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 7beebcc..1e28058 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -324,10 +324,10 @@ my @smime_cms_param_tests = ( "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] ], -[ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=-3", +[ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max", [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", - "-keyopt", "rsa_pss_saltlen:-3", "-out", "test.cms" ], + "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ], [ "-verify", "-in", "test.cms", "-inform", "PEM", "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] ],
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 49142bcb187d4d9fe8b41a813ff63ddf322600a3 (commit) from 68b8769e4e16e69954729d27a0d40b93f1098a8a (commit) - Log - commit 49142bcb187d4d9fe8b41a813ff63ddf322600a3 Author: Dr. Matthias St. Pierre Date: Thu May 2 13:57:35 2019 +0200 Test: use keywords instead of magic numbers for 'rsa_pss_saltlen' Since commit 137096a7ead it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8860) (cherry picked from commit 31fc48ddc30c627416edaa62ec1448e66ef92908) --- Summary of changes: test/recipes/15-test_rsapss.t | 8 test/recipes/80-test_cms.t| 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/test/recipes/15-test_rsapss.t b/test/recipes/15-test_rsapss.t index f10625d..f0fd1b7 100644 --- a/test/recipes/15-test_rsapss.t +++ b/test/recipes/15-test_rsapss.t @@ -20,14 +20,14 @@ plan tests => 5; #using test/testrsa.pem which happens to be a 512 bit RSA ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', -'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', +'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign"); with({ exit_checker => sub { return shift == 1; } }, sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', @@ -35,14 +35,14 @@ with({ exit_checker => sub { return shift == 1; } }, '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify, expect to fail gracefully"); }); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1', -'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', +'-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify"); diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 52b822e..567ef9e 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -308,10 +308,10 @@ my @smime_cms_param_tests = ( "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] ], -[ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=-3", +[ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max", [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", - "-keyopt", "rsa_pss_saltlen:-3", "-out", "test.cms" ], + "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ], [ "-verify", "-in", "test.cms", "-inform", "PEM", "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] ],
Build failed: openssl master.24405
Build openssl master.24405 failed Commit 5a768a7724 by Matt Caswell on 5/2/2019 3:00 PM: fixup! Update internal documentation after global data move to OPENSSL_CTX Configure your notification preferences
Build failed: openssl master.24395
Build openssl master.24395 failed Commit a861613fe4 by Matt Caswell on 5/1/2019 10:02 AM: Instead of global data store it in an OPENSSL_CTX Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-srp
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-srp Commit log since last time: e8fb288cc5 Fix no-srp 1ccf49737c p_get_params() [test/p_test.c]: clear the OSSL_PARAM buffers for every test b6a07f6760 gendsa: dsaparam: introduce -verbose option to enable output c43fa566ea genrsa: introduce -verbose option to enable output 39147079fc Structure alignment macro.
Still Failing: openssl/openssl#24989 (master - 0c4e984)
Build Update for openssl/openssl - Build: #24989 Status: Still Failing Duration: 18 mins and 46 secs Commit: 0c4e984 (master) Author: Wojciech Kaluza Message: Allow setting RCFLAGS as Configure option or environment variable Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) View the changeset: https://github.com/openssl/openssl/compare/e8fb288cc505...0c4e984de28b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527215493?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#24990 (OpenSSL_1_1_1-stable - 68b8769)
Build Update for openssl/openssl - Build: #24990 Status: Still Failing Duration: 28 mins and 15 secs Commit: 68b8769 (OpenSSL_1_1_1-stable) Author: Wojciech Kaluza Message: Allow setting RCFLAGS as Configure option or environment variable Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) (cherry picked from commit 0c4e984de28b1477e002766b2751576f5c6c47d6) View the changeset: https://github.com/openssl/openssl/compare/7216e9a20aee...68b8769e4e16 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/527216597?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 68b8769e4e16e69954729d27a0d40b93f1098a8a (commit) via 1e8ae82e2cc25e9a4d877d387e06796c829e4694 (commit) from 7216e9a20aee620d85185a6ddb8caa30f11f2192 (commit) - Log - commit 68b8769e4e16e69954729d27a0d40b93f1098a8a Author: Wojciech Kaluza Date: Sun Apr 21 12:39:20 2019 +0100 Allow setting RCFLAGS as Configure option or environment variable Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) (cherry picked from commit 0c4e984de28b1477e002766b2751576f5c6c47d6) commit 1e8ae82e2cc25e9a4d877d387e06796c829e4694 Author: Wojciech Kaluza Date: Sun Apr 21 12:14:34 2019 +0100 Add RCFLAGS variable in Windows build file, and use it - Allow user-defined RCFLAGS - Pass RCFLAGS to RC Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) (cherry picked from commit a583172dac8bce37e268943e570968f193e8b64b) --- Summary of changes: Configurations/windows-makefile.tmpl | 3 ++- Configure| 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index d420bff..8ef70b8 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -187,6 +187,7 @@ AS={- $config{AS} -} ASFLAGS={- join(' ', @{$config{ASFLAGS}}) -} RC={- $config{RC} -} +RCFLAGS={- join(' ', @{$config{RCFLAGS}}) -} ECHO="$(PERL)" "$(SRCDIR)\util\echo.pl" @@ -586,7 +587,7 @@ EOF if ($srcs[0] =~ /\.rc$/) { return <<"EOF"; $args{obj}: $deps - \$(RC) \$(RCOUTFLAG)\$\@ $srcs + \$(RC) \$(RCFLAGS) \$(RCOUTFLAG)\$\@ $srcs EOF } (my $obj = $args{obj}) =~ s|\.o$||; diff --git a/Configure b/Configure index 9796084..85418b3 100755 --- a/Configure +++ b/Configure @@ -562,7 +562,7 @@ my %user = ( PERL=> env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), -RCFLAGS => [], +RCFLAGS => [ env('RCFLAGS') || () ], RM => undef, ); # Info about what "make variables" may be prefixed with the cross compiler @@ -579,6 +579,7 @@ my %useradd = ( CXXFLAGS=> [], LDFLAGS => [], LDLIBS => [], +RCFLAGS => [], ); my %user_synonyms = (
[openssl] master update
The branch master has been updated via 0c4e984de28b1477e002766b2751576f5c6c47d6 (commit) via a583172dac8bce37e268943e570968f193e8b64b (commit) from e8fb288cc5057bb198a7f1c6e46f3b64b5d7a476 (commit) - Log - commit 0c4e984de28b1477e002766b2751576f5c6c47d6 Author: Wojciech Kaluza Date: Sun Apr 21 12:39:20 2019 +0100 Allow setting RCFLAGS as Configure option or environment variable Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) commit a583172dac8bce37e268943e570968f193e8b64b Author: Wojciech Kaluza Date: Sun Apr 21 12:14:34 2019 +0100 Add RCFLAGS variable in Windows build file, and use it - Allow user-defined RCFLAGS - Pass RCFLAGS to RC Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8803) --- Summary of changes: Configurations/windows-makefile.tmpl | 3 ++- Configure| 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index a1daf7d..de59794 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -206,6 +206,7 @@ AS={- $config{AS} -} ASFLAGS={- join(' ', @{$config{ASFLAGS}}) -} RC={- $config{RC} -} +RCFLAGS={- join(' ', @{$config{RCFLAGS}}) -} ECHO="$(PERL)" "$(SRCDIR)\util\echo.pl" @@ -630,7 +631,7 @@ EOF my $res = platform->res($args{obj}); return <<"EOF"; $res: $deps - \$(RC) \$(RCOUTFLAG)\$\@ $srcs + \$(RC) \$(RCFLAGS) \$(RCOUTFLAG)\$\@ $srcs EOF } my $obj = platform->obj($args{obj}); diff --git a/Configure b/Configure index 480837c..701368d 100755 --- a/Configure +++ b/Configure @@ -594,7 +594,7 @@ my %user = ( PERL=> env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), -RCFLAGS => [], +RCFLAGS => [ env('RCFLAGS') || () ], RM => undef, ); # Info about what "make variables" may be prefixed with the cross compiler @@ -611,6 +611,7 @@ my %useradd = ( CXXFLAGS=> [], LDFLAGS => [], LDLIBS => [], +RCFLAGS => [], ); my %user_synonyms = (
Build completed: openssl master.24390
Build openssl master.24390 completed Commit 7789acab29 by Antonio Iacono on 5/2/2019 7:09 AM: Add get console pin to pkcs11_load_ssl_client_cert function Configure your notification preferences