date:20190807

Errored: openssl/openssl#27146 (master - 3505d70)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27146
Status: Errored

Duration: 20 mins and 11 secs
Commit: 3505d70 (master)
Author: Shane Lontis
Message: Fix document nit in EVP_MAC.pod

Reviewed-by: Richard Levitte 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/9551)

View the changeset: 
https://github.com/openssl/openssl/compare/7dddf2fcc50f...3505d70badb3

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/569167810?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-filenames

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-filenames

Commit log since last time:

a6482df03a Fix enable-ec_nistp_64_gcc_128
c50fd0f959 Fix BN error reporting
f305ecdac0 Run evp_test in FIPS mode
7f612b1f04 Don't set ctx->cipher until after a successful fetch
e9c116ebcb GCM cipher in provider now fails if passed bad keylength

Build log ended with (last 100 lines):

../../openssl/test/recipes/30-test_pbelu.t  ok
../../openssl/test/recipes/30-test_pkey_meth.t  ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t  ok
../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  ok
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  ok
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  ok
../../openssl/test/recipes/70-test_sslcertstatus.t  ok
../../openssl/test/recipes/70-test_sslextension.t . ok
../../openssl/test/recipes/70-test_sslmessages.t .. ok
../../openssl/test/recipes/70-test_sslrecords.t ... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. ok
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13alerts.t .. ok
../../openssl/test/recipes/70-test_tls13cookie.t .. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ... ok
../../openssl/test/recipes/70-test_tls13hrr.t . ok
../../openssl/test/recipes/70-test_tls13kexmodes.t  ok
../../openssl/test/recipes/70-test_tls13messages.t  ok
../../openssl/test/recipes/70-test_tls13psk.t . ok
../../openssl/test/recipes/70-test_tlsextms.t . ok
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_cmsapi.t ... ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t . ok
../../openssl/test/recipes/80-test_dtls_mtu.t . ok
../../openssl/test/recipes/80-test_dtlsv1listen.t . ok
../../openssl/test/recipes/80-test_ocsp.t . ok
../../openssl/test/recipes/80-test_pkcs12.t ... ok
../../openssl/test/recipes/80-test_ssl_new.t .. ok
../../openssl/test/recipes/80-test_ssl_old.t .. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok
../../openssl/test/recipes/80-test_sslcorrupt.t ... ok
../../openssl/test/recipes/80-test_tsa.t .. ok
../../openssl/test/recipes/80-test_x509aux.t .. ok
../../openssl/test/recipes/90-test_asn1_time.t  ok
../../openssl/test/recipes/90-test_async.t  ok
../../openssl/test/recipes/90-test_bio_enc.t .. ok
../../openssl/test/recipes/90-test_bio_memleak.t .. ok
../../openssl/test/recipes/90-test_constant_time.t  ok
../../openssl/test/recipes/90-test_fatalerr.t . ok
../../openssl/test/recipes/90-test_gmdiff.t ... ok
../../openssl/test/recipes/90-test_gost.t . ok
../../openssl/test/recipes/90-test_ige.t .. ok
../../openssl/test/recipes/90-test_includes.t

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine no-shared

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-engine no-shared

Commit log since last time:

a6482df03a Fix enable-ec_nistp_64_gcc_128
c50fd0f959 Fix BN error reporting
f305ecdac0 Run evp_test in FIPS mode
7f612b1f04 Don't set ctx->cipher until after a successful fetch
e9c116ebcb GCM cipher in provider now fails if passed bad keylength

Build log ended with (last 100 lines):

make[1]: Entering directory '/home/openssl/run-checker/no-engine_no-shared'
make[1]: Leaving directory '/home/openssl/run-checker/no-engine_no-shared'
make[1]: Entering directory '/home/openssl/run-checker/no-engine_no-shared'
( cd test; \
  mkdir -p test-runs; \
  SRCTOP=../../openssl \
  BLDTOP=../. \
  RESULT_D=test-runs \
  PERL="/usr/bin/perl" \
  EXE_EXT= \
  OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd` \
  OPENSSL_DEBUG_MEMORY=on \
/usr/bin/perl ../../openssl/test/run_tests.pl  )
../../openssl/test/recipes/01-test_abort.t  ok
../../openssl/test/recipes/01-test_sanity.t ... ok
../../openssl/test/recipes/01-test_symbol_presence.t .. skipped: Only 
useful when building shared libraries
../../openssl/test/recipes/01-test_test.t . ok
../../openssl/test/recipes/02-test_errstr.t ... ok
../../openssl/test/recipes/02-test_internal_context.t . ok
../../openssl/test/recipes/02-test_internal_ctype.t ... ok
../../openssl/test/recipes/02-test_internal_provider.t  ok
../../openssl/test/recipes/02-test_lhash.t  ok
../../openssl/test/recipes/02-test_ordinals.t . ok
../../openssl/test/recipes/02-test_sparse_array.t . ok
../../openssl/test/recipes/02-test_stack.t  ok
../../openssl/test/recipes/03-test_exdata.t ... ok
../../openssl/test/recipes/03-test_internal_asn1.t  ok
../../openssl/test/recipes/03-test_internal_asn1_dsa.t  ok
../../openssl/test/recipes/03-test_internal_bn.t .. ok
../../openssl/test/recipes/03-test_internal_chacha.t .. ok
../../openssl/test/recipes/03-test_internal_curve448.t  ok
../../openssl/test/recipes/03-test_internal_ec.t .. ok
../../openssl/test/recipes/03-test_internal_mdc2.t  ok
../../openssl/test/recipes/03-test_internal_modes.t ... ok
../../openssl/test/recipes/03-test_internal_namemap.t . ok
../../openssl/test/recipes/03-test_internal_poly1305.t  ok
../../openssl/test/recipes/03-test_internal_rsa_sp800_56b.t ... ok
../../openssl/test/recipes/03-test_internal_siphash.t . ok
../../openssl/test/recipes/03-test_internal_sm2.t . ok
../../openssl/test/recipes/03-test_internal_sm4.t . ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t  ok
../../openssl/test/recipes/03-test_params_api.t ... ok
../../openssl/test/recipes/03-test_property.t . ok
../../openssl/test/recipes/03-test_ui.t ... ok
../../openssl/test/recipes/04-test_asn1_decode.t .. ok
../../openssl/test/recipes/04-test_asn1_encode.t .. ok
../../openssl/test/recipes/04-test_asn1_string_table.t  ok
../../openssl/test/recipes/04-test_bio_callback.t . ok
../../openssl/test/recipes/04-test_bioprint.t . ok
../../openssl/test/recipes/04-test_err.t .. ok
../../openssl/test/recipes/04-test_param_build.t .. ok
../../openssl/test/recipes/04-test_params.t ... ok
../../openssl/test/recipes/04-test_params_conversion.t  ok
../../openssl/test/recipes/04-test_pem.t .. ok
../../openssl/test/recipes/04-test_provider.t . ok
../../openssl/test/recipes/05-test_bf.t ... ok
../../openssl/test/recipes/05-test_cast.t . ok
../../openssl/test/recipes/05-test_des.t .. ok
../../openssl/test/recipes/05-test_hmac.t . ok
../../openssl/test/recipes/05-test_idea.t . ok
../../openssl/test/recipes/05-test_md2.t .. skipped: md2 is 
not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t . ok
../../openssl/test/recipes/05-test_rand.t . ok
../../openssl/test/recipes/05-test_rc2.t .. ok
../../openssl/test/recipes/05-test_rc4.t .. ok
../../openssl/test/recipes/05-test_rc5.t .. skipped: rc5 is 
not supported by this OpenSSL build
../../openssl/test/recipes/06-test-rdrand.t ... ok
../../openssl/test/recipes/10-test_bn.t ... ok
../../openssl/test/recipes/10-test_exp.t ..

[openssl] master update

2019-08-07 Thread shane . lontis

The branch master has been updated
   via  3505d70badb341e018a039434636d9b12f537e1e (commit)
  from  7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb (commit)


- Log -
commit 3505d70badb341e018a039434636d9b12f537e1e
Author: Shane Lontis 
Date:   Thu Aug 8 14:23:52 2019 +1000

Fix document nit in EVP_MAC.pod

Reviewed-by: Richard Levitte 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/9551)

---

Summary of changes:
 doc/man3/EVP_MAC.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index 2c6687945c..a696c43cc5 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -160,7 +160,7 @@ B and B below.
 
 =item B
 
-This control expects two arguments: C, C
+This control expects two arguments: C, C
 
 Some MAC implementations require an IV, this control sets the IV.

Errored: openssl/openssl#27145 (OpenSSL_1_1_1-stable - 728f944)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27145
Status: Errored

Duration: 24 mins and 23 secs
Commit: 728f944 (OpenSSL_1_1_1-stable)
Author: Shane Lontis
Message: Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some 
modes

Note a flag needed to be added since some ssl tests fail if they output any 
error
(even if the error is ignored). Only ciphers that handle the GET_IV_LEN control 
set this flag.

Fixes #8330

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/9499)

View the changeset: 
https://github.com/openssl/openssl/compare/da4ea0cfe636...728f9449c3e5

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/569155220?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Errored: openssl/openssl#27144 (master - 7dddf2f)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27144
Status: Errored

Duration: 26 mins and 38 secs
Commit: 7dddf2f (master)
Author: Shane Lontis
Message: Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some 
modes

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/9542)

View the changeset: 
https://github.com/openssl/openssl/compare/a6482df03acc...7dddf2fcc50f

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/569153875?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-engine

Commit log since last time:

a6482df03a Fix enable-ec_nistp_64_gcc_128
c50fd0f959 Fix BN error reporting
f305ecdac0 Run evp_test in FIPS mode
7f612b1f04 Don't set ctx->cipher until after a successful fetch
e9c116ebcb GCM cipher in provider now fails if passed bad keylength

Build log ended with (last 100 lines):

make[1]: Leaving directory '/home/openssl/run-checker/no-engine'
make[1]: Entering directory '/home/openssl/run-checker/no-engine'
( cd test; \
  mkdir -p test-runs; \
  SRCTOP=../../openssl \
  BLDTOP=../. \
  RESULT_D=test-runs \
  PERL="/usr/bin/perl" \
  EXE_EXT= \
  OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd` \
  OPENSSL_DEBUG_MEMORY=on \
/usr/bin/perl ../../openssl/test/run_tests.pl  )
../../openssl/test/recipes/01-test_abort.t  ok
../../openssl/test/recipes/01-test_sanity.t ... ok
../../openssl/test/recipes/01-test_symbol_presence.t .. ok
../../openssl/test/recipes/01-test_test.t . ok
../../openssl/test/recipes/02-test_errstr.t ... ok
../../openssl/test/recipes/02-test_internal_context.t . ok
../../openssl/test/recipes/02-test_internal_ctype.t ... ok
../../openssl/test/recipes/02-test_internal_provider.t  ok
../../openssl/test/recipes/02-test_lhash.t  ok
../../openssl/test/recipes/02-test_ordinals.t . ok
../../openssl/test/recipes/02-test_sparse_array.t . ok
../../openssl/test/recipes/02-test_stack.t  ok
../../openssl/test/recipes/03-test_exdata.t ... ok
../../openssl/test/recipes/03-test_internal_asn1.t  ok
../../openssl/test/recipes/03-test_internal_asn1_dsa.t  ok
../../openssl/test/recipes/03-test_internal_bn.t .. ok
../../openssl/test/recipes/03-test_internal_chacha.t .. ok
../../openssl/test/recipes/03-test_internal_curve448.t  ok
../../openssl/test/recipes/03-test_internal_ec.t .. ok
../../openssl/test/recipes/03-test_internal_mdc2.t  ok
../../openssl/test/recipes/03-test_internal_modes.t ... ok
../../openssl/test/recipes/03-test_internal_namemap.t . ok
../../openssl/test/recipes/03-test_internal_poly1305.t  ok
../../openssl/test/recipes/03-test_internal_rsa_sp800_56b.t ... ok
../../openssl/test/recipes/03-test_internal_siphash.t . ok
../../openssl/test/recipes/03-test_internal_sm2.t . ok
../../openssl/test/recipes/03-test_internal_sm4.t . ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t  ok
../../openssl/test/recipes/03-test_params_api.t ... ok
../../openssl/test/recipes/03-test_property.t . ok
../../openssl/test/recipes/03-test_ui.t ... ok
../../openssl/test/recipes/04-test_asn1_decode.t .. ok
../../openssl/test/recipes/04-test_asn1_encode.t .. ok
../../openssl/test/recipes/04-test_asn1_string_table.t  ok
../../openssl/test/recipes/04-test_bio_callback.t . ok
../../openssl/test/recipes/04-test_bioprint.t . ok
../../openssl/test/recipes/04-test_err.t .. ok
../../openssl/test/recipes/04-test_param_build.t .. ok
../../openssl/test/recipes/04-test_params.t ... ok
../../openssl/test/recipes/04-test_params_conversion.t  ok
../../openssl/test/recipes/04-test_pem.t .. ok
../../openssl/test/recipes/04-test_provider.t . ok
../../openssl/test/recipes/05-test_bf.t ... ok
../../openssl/test/recipes/05-test_cast.t . ok
../../openssl/test/recipes/05-test_des.t .. ok
../../openssl/test/recipes/05-test_hmac.t . ok
../../openssl/test/recipes/05-test_idea.t . ok
../../openssl/test/recipes/05-test_md2.t .. skipped: md2 is 
not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t . ok
../../openssl/test/recipes/05-test_rand.t . ok
../../openssl/test/recipes/05-test_rc2.t .. ok
../../openssl/test/recipes/05-test_rc4.t .. ok
../../openssl/test/recipes/05-test_rc5.t .. skipped: rc5 is 
not supported by this OpenSSL build
../../openssl/test/recipes/06-test-rdrand.t ... ok
../../openssl/test/recipes/10-test_bn.t ... ok
../../openssl/test/recipes/10-test_exp.t .. ok
../../openssl/test/recipes/15-test_dh.t ... ok
../../openssl/test/recipes/15-test_dsa.t .. ok
../../open

[openssl] OpenSSL_1_1_1-stable update

2019-08-07 Thread shane . lontis

The branch OpenSSL_1_1_1-stable has been updated
   via  728f9449c3e5a974593c516cd609b60e760ed537 (commit)
  from  da4ea0cfe63619899ceb7575a7c8fbf1507fdcb6 (commit)


- Log -
commit 728f9449c3e5a974593c516cd609b60e760ed537
Author: Shane Lontis 
Date:   Thu Aug 8 13:19:23 2019 +1000

Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes

Note a flag needed to be added since some ssl tests fail if they output any 
error
(even if the error is ignored). Only ciphers that handle the GET_IV_LEN 
control set this flag.

Fixes #8330

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/9499)

---

Summary of changes:
 crypto/evp/e_aes.c   | 28 +++-
 crypto/evp/e_aria.c  | 13 +++--
 crypto/evp/e_chacha20_poly1305.c |  7 ++-
 crypto/evp/evp_lib.c |  7 +++
 include/openssl/evp.h|  4 
 5 files changed, 51 insertions(+), 8 deletions(-)

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index e77ad5c616..90a410b00d 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1608,7 +1608,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 
 switch (type) {
 case EVP_CTRL_INIT:
-ivlen = EVP_CIPHER_CTX_iv_length(c);
+ivlen = EVP_CIPHER_iv_length(c->cipher);
 iv = EVP_CIPHER_CTX_iv_noconst(c);
 gctx->key_set = 0;
 gctx->iv_set = 0;
@@ -1619,6 +1619,10 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 gctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = gctx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 if (arg <= 0)
 return 0;
@@ -2329,6 +2333,10 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 cctx->aes.ccm.tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = 15 - cctx->aes.ccm.l;
+return 1;
+
 case EVP_CTRL_AEAD_TLS1_AAD:
 if (arg != EVP_AEAD_TLS1_AAD_LEN)
 return 0;
@@ -2847,13 +2855,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, 
int arg, void *ptr)
 case EVP_CTRL_INIT:
 gctx->key_set = 0;
 gctx->iv_set = 0;
-gctx->ivlen = c->cipher->iv_len;
+gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 gctx->iv = c->iv;
 gctx->taglen = -1;
 gctx->iv_gen = 0;
 gctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = gctx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 if (arg <= 0)
 return 0;
@@ -3303,7 +3315,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned 
char *out,
 #define CUSTOM_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 \
 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
 | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-| EVP_CIPH_CUSTOM_COPY)
+| EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH)
 
 BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
 EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
@@ -3505,7 +3517,9 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int 
arg, void *ptr)
 cctx->len_set = 0;
 cctx->tls_aad_len = -1;
 return 1;
-
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = 15 - cctx->L;
+return 1;
 case EVP_CTRL_AEAD_TLS1_AAD:
 /* Save the AAD for later use */
 if (arg != EVP_AEAD_TLS1_AAD_LEN)
@@ -3954,13 +3968,17 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, 
int arg, void *ptr)
 case EVP_CTRL_INIT:
 octx->key_set = 0;
 octx->iv_set = 0;
-octx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+octx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 octx->iv = EVP_CIPHER_CTX_iv_noconst(c);
 octx->taglen = 16;
 octx->data_buf_len = 0;
 octx->aad_buf_len = 0;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = octx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 /* IV len must be 1 to 15 */
 if (arg <= 0 || arg > 15)
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index 100573f5fc..fcaceb3bca 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -252,7 +252,7 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int 
arg, void *ptr)
 case EVP_CTRL_INIT:
 gctx->key_set = 0;
 gctx->iv_set = 0;
-gctx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 gctx->iv = EVP_CIPHER_CTX_iv_noconst(c);
 gctx->taglen = -1;
 gctx->iv_gen = 0;
@@ -274,6 +274,10 @@ static in

[openssl] master update

2019-08-07 Thread shane . lontis

The branch master has been updated
   via  7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb (commit)
  from  a6482df03accc6cdcbd1298d593508825a5902e6 (commit)


- Log -
commit 7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb
Author: Shane Lontis 
Date:   Thu Aug 8 13:14:05 2019 +1000

Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/9542)

---

Summary of changes:
 crypto/evp/e_aes.c   | 28 
 crypto/evp/e_aria.c  | 13 +++--
 crypto/evp/e_chacha20_poly1305.c |  7 ++-
 crypto/evp/evp_lib.c | 17 +
 include/openssl/evp.h|  8 ++--
 5 files changed, 60 insertions(+), 13 deletions(-)

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index d687a2cac3..a46ac8f92f 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1334,7 +1334,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 
 switch (type) {
 case EVP_CTRL_INIT:
-ivlen = EVP_CIPHER_CTX_iv_length(c);
+ivlen = EVP_CIPHER_iv_length(c->cipher);
 iv = EVP_CIPHER_CTX_iv_noconst(c);
 gctx->key_set = 0;
 gctx->iv_set = 0;
@@ -1345,6 +1345,10 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 gctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = gctx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 if (arg <= 0)
 return 0;
@@ -2053,6 +2057,10 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int 
type, int arg, void *ptr)
 cctx->aes.ccm.tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = 15 - cctx->aes.ccm.l;
+return 1;
+
 case EVP_CTRL_AEAD_TLS1_AAD:
 if (arg != EVP_AEAD_TLS1_AAD_LEN)
 return 0;
@@ -2536,13 +2544,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, 
int arg, void *ptr)
 case EVP_CTRL_INIT:
 gctx->key_set = 0;
 gctx->iv_set = 0;
-gctx->ivlen = c->cipher->iv_len;
+gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 gctx->iv = c->iv;
 gctx->taglen = -1;
 gctx->iv_gen = 0;
 gctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = gctx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 if (arg <= 0)
 return 0;
@@ -3055,7 +3067,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned 
char *out,
 #define CUSTOM_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 \
 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
 | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-| EVP_CIPH_CUSTOM_COPY)
+| EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH)
 
 BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
 EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
@@ -3260,6 +3272,10 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int 
arg, void *ptr)
 cctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = 15 - cctx->L;
+return 1;
+
 case EVP_CTRL_AEAD_TLS1_AAD:
 /* Save the AAD for later use */
 if (arg != EVP_AEAD_TLS1_AAD_LEN)
@@ -3708,13 +3724,17 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, 
int arg, void *ptr)
 case EVP_CTRL_INIT:
 octx->key_set = 0;
 octx->iv_set = 0;
-octx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+octx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 octx->iv = EVP_CIPHER_CTX_iv_noconst(c);
 octx->taglen = 16;
 octx->data_buf_len = 0;
 octx->aad_buf_len = 0;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = octx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 /* IV len must be 1 to 15 */
 if (arg <= 0 || arg > 15)
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index f2588f141a..84b14826cb 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -252,13 +252,17 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int 
arg, void *ptr)
 case EVP_CTRL_INIT:
 gctx->key_set = 0;
 gctx->iv_set = 0;
-gctx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
 gctx->iv = EVP_CIPHER_CTX_iv_noconst(c);
 gctx->taglen = -1;
 gctx->iv_gen = 0;
 gctx->tls_aad_len = -1;
 return 1;
 
+case EVP_CTRL_GET_IVLEN:
+*(int *)ptr = gctx->ivlen;
+return 1;
+
 case EVP_CTRL_AEAD_SET_IVLEN:
 if (arg <= 0)
 return 0;
@@ -539,6 +543,10 @@ static int aria_ccm_ct

SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ec_nistp_64_gcc_128

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ec_nistp_64_gcc_128

Commit log since last time:

a6482df03a Fix enable-ec_nistp_64_gcc_128
c50fd0f959 Fix BN error reporting
f305ecdac0 Run evp_test in FIPS mode
7f612b1f04 Don't set ctx->cipher until after a successful fetch
e9c116ebcb GCM cipher in provider now fails if passed bad keylength

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ec

Commit log since last time:

a6482df03a Fix enable-ec_nistp_64_gcc_128
c50fd0f959 Fix BN error reporting
f305ecdac0 Run evp_test in FIPS mode
7f612b1f04 Don't set ctx->cipher until after a successful fetch
e9c116ebcb GCM cipher in provider now fails if passed bad keylength

Build log ended with (last 100 lines):

clang  -I. -Iinclude -Icrypto/include -Iproviders/common/include 
-Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include 
-I../openssl/crypto/include -I../openssl/providers/common/include 
-I../openssl/providers/common/ciphers -I../openssl/crypto  -DAES_ASM 
-DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack 
-Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic 
-Wno-long-long -Wall -Wextra -Wno-unused-parameter 
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat 
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes 
-Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token 
-Wno-extended-offsetof -Wconditional-uninitialized 
-Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option 
-Wmissing-variable-declarations   -M
 MD -MF crypto/evp/fips-dso-evp_utils.d.tmp -MT crypto/evp/fips-dso-evp_utils.o 
-c -o crypto/evp/fips-dso-evp_utils.o ../openssl/crypto/evp/evp_utils.c
clang  -I. -Iinclude -Icrypto/include -Iproviders/common/include 
-Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include 
-I../openssl/crypto/include -I../openssl/providers/common/include 
-I../openssl/providers/common/ciphers -I../openssl/crypto  -DAES_ASM 
-DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack 
-Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic 
-Wno-long-long -Wall -Wextra -Wno-unused-parameter 
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat 
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes 
-Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token 
-Wno-extended-offsetof -Wconditional-uninitialized 
-Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option 
-Wmissing-variable-declarations   -M
 MD -MF crypto/evp/fips-dso-keymgmt_lib.d.tmp -MT 
crypto/evp/fips-dso-keymgmt_lib.o -c -o crypto/evp/fips-dso-keymgmt_lib.o 
../openssl/crypto/evp/keymgmt_lib.c
clang  -I. -Iinclude -Icrypto/include -Iproviders/common/include 
-Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include 
-I../openssl/crypto/include -I../openssl/providers/common/include 
-I../openssl/providers/common/ciphers -I../openssl/crypto  -DAES_ASM 
-DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack 
-Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic 
-Wno-long-long -Wall -Wextra -Wno-unused-parameter 
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat 
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes 
-Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token 
-Wno-extended-offsetof -Wconditional-uninitialized 
-Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option 
-Wmissing-variable-declarations   -M
 MD -MF crypto/evp/fips-dso-keymgmt_meth.d.tmp -MT 
crypto/evp/fips-dso-keymgmt_meth.o -c -o crypto/evp/fips-dso-keymgmt_meth.o 
../openssl/crypto/evp/keymgmt_meth.c
clang  -I. -Iinclude -Icrypto/include -Iproviders/common/include 
-Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include 
-I../openssl/crypto/include -I../openssl/providers/common/include 
-I../openssl/providers/common/ciphers -I../openssl/crypto  -DAES_ASM 
-DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM 
-DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack 
-Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic 
-Wno-long-long -Wall -Wextra -Wno-unused-parameter 
-Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat 
-Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes 
-Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token 
-Wno-extended-offsetof -Wconditional-uninitialized 
-Wincompatible-pointer-types-discards-qualifiers -Wno-unk

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method

Commit log since last time:

88f19d86d9 Update man page for new API SSL_get_negotiated_group()
fb8c6db45f Test SSL_get_negotiated_group() API
84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3
bbda79976b Fix ECDSA_SIG docs
f585cefc04 Add documentation for new EC functions
04ca002703 Insert a dummy call to EC code in the FIPS provider
a9612d6c03 Make the EC code available from inside the FIPS provider
c1a3f16f73 Correct the Extended Master Secret string for EBCDIC

Build log ended with (last 100 lines):

../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  ok
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  skipped: 
test_renegotiation needs TLS <= 1.2 enabled
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  skipped: 
test_sslcbcpadding needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslcertstatus.t  skipped: 
test_sslcertstatus needs TLS enabled
../../openssl/test/recipes/70-test_sslextension.t . 
Dubious, test returned 255 (wstat 65280, 0xff00)
All 8 subtests passed 
(less 5 skipped subtests: 3 okay)
../../openssl/test/recipes/70-test_sslmessages.t .. skipped: 
test_sslmessages needs TLS enabled
../../openssl/test/recipes/70-test_sslrecords.t ... skipped: 
test_sslrecords needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: 
test_sslsessiontick needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13alerts.t .. ok
../../openssl/test/recipes/70-test_tls13cookie.t .. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t . ok
../../openssl/test/recipes/70-test_tls13kexmodes.t  ok
../../openssl/test/recipes/70-test_tls13messages.t  ok
../../openssl/test/recipes/70-test_tls13psk.t . ok
../../openssl/test/recipes/70-test_tlsextms.t . skipped: 
test_tlsextms needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_cmsapi.t ... ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t . ok
../../openssl/test/recipes/80-test_dtls_mtu.t . ok
../../openssl/test/recipes/80-test_dtlsv1listen.t . ok
../../openssl/test/recipes/80-test_ocsp.t . ok
../../openssl/test/recipes/80-test_pkcs12.t ... ok
../../openssl/test/recipes/80-test_ssl_new.t .. ok
../../openssl/test/recipes/80-test_ssl_old.t .. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok
../../openssl/test/recipes/80-test_sslcorrupt.t ... ok
../../openssl/test/recipes/80-test_tsa.t .. ok
../../openssl/test/recipes/80-test_x509aux.t .. ok
../../openssl/test/recipes/90-test_asn1_time.t  ok
../../openssl/test/recipes/90-test_async.t  ok
../../openssl/test/recipes/90-test_bio_enc.t .. ok
../../openssl/test/recipes/90-test_bio_memleak.t .. ok
../../openssl/test/recipes/90-test_constant_time.t  ok
../../openssl/test/recipes/90-test_fatalerr.t . ok
../../openssl/test/recipes/90-test_

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2

Commit log since last time:

88f19d86d9 Update man page for new API SSL_get_negotiated_group()
fb8c6db45f Test SSL_get_negotiated_group() API
84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3
bbda79976b Fix ECDSA_SIG docs
f585cefc04 Add documentation for new EC functions
04ca002703 Insert a dummy call to EC code in the FIPS provider
a9612d6c03 Make the EC code available from inside the FIPS provider
c1a3f16f73 Correct the Extended Master Secret string for EBCDIC

Build log ended with (last 100 lines):

../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . ok
../../openssl/test/recipes/70-test_key_share.t  ok
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  skipped: 
test_renegotiation needs TLS <= 1.2 enabled
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  skipped: 
test_sslcbcpadding needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslcertstatus.t  skipped: 
test_sslcertstatus needs TLS enabled
../../openssl/test/recipes/70-test_sslextension.t . 
Dubious, test returned 255 (wstat 65280, 0xff00)
All 8 subtests passed 
(less 5 skipped subtests: 3 okay)
../../openssl/test/recipes/70-test_sslmessages.t .. skipped: 
test_sslmessages needs TLS enabled
../../openssl/test/recipes/70-test_sslrecords.t ... skipped: 
test_sslrecords needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: 
test_sslsessiontick needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslsigalgs.t ... ok
../../openssl/test/recipes/70-test_sslsignature.t . ok
../../openssl/test/recipes/70-test_sslskewith0p.t . ok
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t  ok
../../openssl/test/recipes/70-test_tls13alerts.t .. ok
../../openssl/test/recipes/70-test_tls13cookie.t .. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t . ok
../../openssl/test/recipes/70-test_tls13kexmodes.t  ok
../../openssl/test/recipes/70-test_tls13messages.t  ok
../../openssl/test/recipes/70-test_tls13psk.t . ok
../../openssl/test/recipes/70-test_tlsextms.t . skipped: 
test_tlsextms needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/recipes/80-test_cms.t .. ok
../../openssl/test/recipes/80-test_cmsapi.t ... ok
../../openssl/test/recipes/80-test_ct.t ... ok
../../openssl/test/recipes/80-test_dane.t . ok
../../openssl/test/recipes/80-test_dtls.t . ok
../../openssl/test/recipes/80-test_dtls_mtu.t . ok
../../openssl/test/recipes/80-test_dtlsv1listen.t . ok
../../openssl/test/recipes/80-test_ocsp.t . ok
../../openssl/test/recipes/80-test_pkcs12.t ... ok
../../openssl/test/recipes/80-test_ssl_new.t .. ok
../../openssl/test/recipes/80-test_ssl_old.t .. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok
../../openssl/test/recipes/80-test_sslcorrupt.t ... ok
../../openssl/test/recipes/80-test_tsa.t .. ok
../../openssl/test/recipes/80-test_x509aux.t .. ok
../../openssl/test/recipes/90-test_asn1_time.t  ok
../../openssl/test/recipes/90-test_async.t  ok
../../openssl/test/recipes/90-test_bio_enc.t .. ok
../../openssl/test/recipes/90-test_bio_memleak.t .. ok
../../openssl/test/recipes/90-test_constant_time.t  ok
../../openssl/test/recipes/90-test_fatalerr.t . ok
../../openssl/test/recipes/90-test_gmdiff.

Errored: openssl/openssl#27140 (master - a6482df)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27140
Status: Errored

Duration: 28 mins and 0 secs
Commit: a6482df (master)
Author: Matt Caswell
Message: Fix enable-ec_nistp_64_gcc_128

When creating a BN_CTX, make sure we store it in the right variable!

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/9546)

View the changeset: 
https://github.com/openssl/openssl/compare/c50fd0f959de...a6482df03acc

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/568910793?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

2019-08-07 Thread Matt Caswell

The branch master has been updated
   via  a6482df03accc6cdcbd1298d593508825a5902e6 (commit)
  from  c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit)


- Log -
commit a6482df03accc6cdcbd1298d593508825a5902e6
Author: Matt Caswell 
Date:   Wed Aug 7 10:03:12 2019 +0100

Fix enable-ec_nistp_64_gcc_128

When creating a BN_CTX, make sure we store it in the right variable!

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/9546)

---

Summary of changes:
 crypto/ec/ecp_nistp224.c | 4 ++--
 crypto/ec/ecp_nistp256.c | 4 ++--
 crypto/ec/ecp_nistp521.c | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index a9f40d09c7..2ad9903c90 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -1286,7 +1286,7 @@ int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, 
const BIGNUM *p,
 BN_CTX *new_ctx = NULL;
 
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;
@@ -1606,7 +1606,7 @@ int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, 
BN_CTX *ctx)
 
 #ifndef FIPS_MODE
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 4fc589b913..624ee1621f 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -1906,7 +1906,7 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, 
const BIGNUM *p,
 BN_CTX *new_ctx = NULL;
 
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;
@@ -2234,7 +2234,7 @@ int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, 
BN_CTX *ctx)
 
 #ifndef FIPS_MODE
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index ff5c2cfa64..6de37f663b 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -1748,7 +1748,7 @@ int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, 
const BIGNUM *p,
 BN_CTX *new_ctx = NULL;
 
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;
@@ -2072,7 +2072,7 @@ int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, 
BN_CTX *ctx)
 
 #ifndef FIPS_MODE
 if (ctx == NULL)
-new_ctx = BN_CTX_new();
+ctx = new_ctx = BN_CTX_new();
 #endif
 if (ctx == NULL)
 return 0;

Errored: openssl/openssl#27139 (master - c50fd0f)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27139
Status: Errored

Duration: 33 mins and 27 secs
Commit: c50fd0f (master)
Author: Matt Caswell
Message: Fix BN error reporting

Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use
it. A typo in err.h means that errors in the BN library are mistakenly
attributed to the RSA library.

This was found due to the following error appearing in a travis log:

00:07:CB:13:05:7F:00:00:error:046C:rsa routines::data greater than mod
len:crypto/bn/bn_gcd.c:613:
00:07:CB:13:05:7F:00:00:error:0403:rsa routines::BN
lib:crypto/rsa/rsa_gen.c:393:
/home/travis/build/openssl/openssl/util/shlib_wrap.sh
/home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem
-primes 5 8192 => 1
not ok 12 - genrsa 8192p5

The line in question (crypto/bn/bn_gcd.c:613) actually looks like this:

BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);

The test was checking for that error being raised, but was instead seeing
a different error and thus failing.

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Yang 
(Merged from https://github.com/openssl/openssl/pull/9539)

View the changeset: 
https://github.com/openssl/openssl/compare/f305ecdac0b7...c50fd0f959de

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/568798202?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Errored: openssl/openssl#27138 (master - f305ecd)

2019-08-07 Thread Travis CI

Build Update for openssl/openssl
-

Build: #27138
Status: Errored

Duration: 25 mins and 28 secs
Commit: f305ecd (master)
Author: Matt Caswell
Message: Run evp_test in FIPS mode

We run the cipher and digest evp_test test files in FIPS mode. Some
ciphers/digests aren't available in FIPS mode so we mark those as
only being available in the default provider.

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/9531)

View the changeset: 
https://github.com/openssl/openssl/compare/e9c116ebcbaf...f305ecdac0b7

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/568796684?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

2019-08-07 Thread Matt Caswell

The branch master has been updated
   via  c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit)
  from  f305ecdac0b7048e7ef38a7196f4393fa7ceff38 (commit)


- Log -
commit c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3
Author: Matt Caswell 
Date:   Tue Aug 6 13:39:00 2019 +0100

Fix BN error reporting

Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use
it. A typo in err.h means that errors in the BN library are mistakenly
attributed to the RSA library.

This was found due to the following error appearing in a travis log:

00:07:CB:13:05:7F:00:00:error:046C:rsa routines::data greater than mod
len:crypto/bn/bn_gcd.c:613:
00:07:CB:13:05:7F:00:00:error:0403:rsa routines::BN
lib:crypto/rsa/rsa_gen.c:393:
/home/travis/build/openssl/openssl/util/shlib_wrap.sh
/home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem
-primes 5 8192 => 1
not ok 12 - genrsa 8192p5

The line in question (crypto/bn/bn_gcd.c:613) actually looks like this:

BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);

The test was checking for that error being raised, but was instead seeing
a different error and thus failing.

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Yang 
(Merged from https://github.com/openssl/openssl/pull/9539)

---

Summary of changes:
 include/openssl/err.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/openssl/err.h b/include/openssl/err.h
index ad5ed5a292..e5a1a0dc1e 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -110,7 +110,7 @@ typedef struct err_state_st {
 # if ! OPENSSL_API_3
 #  define SYSerr(f,r)  ERR_raise(ERR_LIB_SYS,(r))
 # endif
-# define BNerr(f,r)   ERR_raise(ERR_LIB_RSA,(r))
+# define BNerr(f,r)   ERR_raise(ERR_LIB_BN,(r))
 # define RSAerr(f,r)  ERR_raise(ERR_LIB_RSA,(r))
 # define DHerr(f,r)   ERR_raise(ERR_LIB_DH,(r))
 # define EVPerr(f,r)  ERR_raise(ERR_LIB_EVP,(r))

[openssl] master update

2019-08-07 Thread Matt Caswell

The branch master has been updated
   via  f305ecdac0b7048e7ef38a7196f4393fa7ceff38 (commit)
   via  7f612b1f04ee0cf72d6af292a76f43dd74e88af9 (commit)
  from  e9c116ebcbaf6a0d089a2f8d615eee5be69ab66a (commit)


- Log -
commit f305ecdac0b7048e7ef38a7196f4393fa7ceff38
Author: Matt Caswell 
Date:   Mon Aug 5 13:38:25 2019 +0100

Run evp_test in FIPS mode

We run the cipher and digest evp_test test files in FIPS mode. Some
ciphers/digests aren't available in FIPS mode so we mark those as
only being available in the default provider.

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/9531)

commit 7f612b1f04ee0cf72d6af292a76f43dd74e88af9
Author: Matt Caswell 
Date:   Mon Aug 5 13:37:05 2019 +0100

Don't set ctx->cipher until after a successful fetch

If an implict EVP_CIPHER_fetch fails then ctx->cipher should not be set
otherwise strange things will happen when trying to free the ctx.

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/9531)

---

Summary of changes:
 crypto/evp/evp_enc.c|  4 +--
 test/recipes/30-test_evp.t  | 24 -
 test/recipes/30-test_evp_data/evpciph.txt   | 53 +
 test/recipes/30-test_evp_data/evpdigest.txt | 48 ++
 4 files changed, 118 insertions(+), 11 deletions(-)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 87c7bb0995..31e15a63c2 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -197,9 +197,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER 
*cipher,
 ctx->flags = flags;
 }
 
-if (cipher != NULL)
-ctx->cipher = cipher;
-else
+if (cipher == NULL)
 cipher = ctx->cipher;
 
 if (cipher->prov == NULL) {
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 01bf99df6f..2159d96df4 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -14,15 +14,13 @@ use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir 
srctop_file);
 
 setup("test_evp");
 
-#TODO(3.0) We temporarily disable testing with the FIPS module while that
-#  testing is broken
-#my @configs = qw( default-and-legacy.cnf fips.cnf );
-my @configs = qw( default-and-legacy.cnf );
-my @files = qw( evpciph.txt evpdigest.txt evpencod.txt evpkdf.txt
-evppkey_kdf.txt evpmac.txt evppbe.txt evppkey.txt
-evppkey_ecc.txt evpcase.txt evpaessiv.txt evpccmcavs.txt );
+my @configs = qw( default-and-legacy.cnf fips.cnf );
+my @files = qw( evpciph.txt evpdigest.txt );
+my @defltfiles = qw( evpencod.txt evpkdf.txt evppkey_kdf.txt evpmac.txt
+evppbe.txt evppkey.txt evppkey_ecc.txt evpcase.txt evpaessiv.txt
+evpccmcavs.txt );
 
-plan tests => scalar(@configs) * scalar(@files);
+plan tests => (scalar(@configs) * scalar(@files)) + scalar(@defltfiles);
 
 $ENV{OPENSSL_MODULES} = bldtop_dir("providers");
 
@@ -34,3 +32,13 @@ foreach (@configs) {
"running evp_test $f");
 }
 }
+
+#TODO(3.0): As more operations are converted to providers we can move more of
+#   these tests to the loop above
+
+$ENV{OPENSSL_CONF} = srctop_file("test", "default-and-legacy.cnf");
+
+foreach my $f ( @defltfiles ) {
+ok(run(test(["evp_test", data_file("$f")])),
+   "running evp_test $f");
+}
diff --git a/test/recipes/30-test_evp_data/evpciph.txt 
b/test/recipes/30-test_evp_data/evpciph.txt
index 3dd5a87ba7..182c456896 100644
--- a/test/recipes/30-test_evp_data/evpciph.txt
+++ b/test/recipes/30-test_evp_data/evpciph.txt
@@ -293,6 +293,7 @@ Ciphertext = B2EB05E2C39BE9FCDA6C19078C6A9D1B
 #   AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
 # CFB128-AES128.Encrypt
 Cipher = AES-128-CFB
+Availablein = default
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
 IV = 000102030405060708090A0B0C0D0E0F
 Operation = ENCRYPT
@@ -300,6 +301,7 @@ Plaintext = 6BC1BEE22E409F96E93D7E117393172A
 Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A
 
 Cipher = AES-128-CFB
+Availablein = default
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
 IV = 3B3FD92EB72DAD20333449F8E83CFB4A
 Operation = ENCRYPT
@@ -307,6 +309,7 @@ Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
 Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B
 
 Cipher = AES-128-CFB
+Availablein = default
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
 IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B
 Operation = ENCRYPT
@@ -314,6 +317,7 @@ Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
 Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF
 
 Cipher = AES-128-CFB
+Availablein = default
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
 IV = 26751F67A3CBB140B1808CF187A4F4DF
 Operation = ENCRYPT
@@ -322,6 +326,7 @@ Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6
 
 # CFB128-AES128.Decrypt
 Cipher = AES-128-CFB
+Availablein = default
 Key = 2B7E151628AED2A6ABF715

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-pic

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-pic

Commit log since last time:

88f19d86d9 Update man page for new API SSL_get_negotiated_group()
fb8c6db45f Test SSL_get_negotiated_group() API
84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3
bbda79976b Fix ECDSA_SIG docs
f585cefc04 Add documentation for new EC functions
04ca002703 Insert a dummy call to EC code in the FIPS provider
a9612d6c03 Make the EC code available from inside the FIPS provider
c1a3f16f73 Correct the Extended Master Secret string for EBCDIC

Build log ended with (last 100 lines):

../../openssl/test/recipes/30-test_pbelu.t  ok
../../openssl/test/recipes/30-test_pkey_meth.t  ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t  ok
../../openssl/test/recipes/40-test_rehash.t ... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok
../../openssl/test/recipes/60-test_x509_dup_cert.t  ok
../../openssl/test/recipes/60-test_x509_store.t ... ok
../../openssl/test/recipes/60-test_x509_time.t  ok
../../openssl/test/recipes/70-test_asyncio.t .. ok
../../openssl/test/recipes/70-test_bad_dtls.t . ok
../../openssl/test/recipes/70-test_clienthello.t .. ok
../../openssl/test/recipes/70-test_comp.t . skipped: 
test_comp needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_key_share.t  skipped: 
test_key_share needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_packet.t ... ok
../../openssl/test/recipes/70-test_recordlen.t  ok
../../openssl/test/recipes/70-test_renegotiation.t  skipped: 
test_renegotiation needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_servername.t ... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t  skipped: 
test_sslcbcpadding needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslcertstatus.t  skipped: 
test_sslcertstatus needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslextension.t . skipped: 
test_sslextension needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslmessages.t .. skipped: 
test_sslmessages needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslrecords.t ... skipped: 
test_sslrecords needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: 
test_sslsessiontick needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: 
test_sslsigalgs needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslsignature.t . skipped: 
test_sslsignature needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: 
test_sslskewith0p needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslversions.t .. skipped: 
test_sslversions needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_sslvertol.t  skipped: 
test_sslextension needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: 
test_tls13alerts needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: 
test_tls13cookie needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: 
test_tls13downgrade needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13hrr.t . skipped: 
test_tls13hrr needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t  skipped: 
test_tls13kexmodes needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13messages.t  skipped: 
test_tls13messages needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tls13psk.t . skipped: 
test_tls13psk needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_tlsextms.t . skipped: 
test_tlsextms needs the dynamic engine feature enabled
../../openssl/test/recipes/70-test_verify_extra.t . ok
../../openssl/test/recipes/70-test_wpacket.t .. ok
../../openssl/test/recipes/80-test_ca.t ... ok
../../openssl/test/recipes/80-test_cipherbytes.t .. ok
../../openssl/test/recipes/80-test_cipherlist.t ... ok
../../openssl/test/recipes/80-test_ciphername.t ... ok
../../openssl/test/re

Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared

2019-08-07 Thread OpenSSL run-checker

Platform and configuration command:

$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared

Commit log since last time:

88f19d86d9 Update man page for new API SSL_get_negotiated_group()
fb8c6db45f Test SSL_get_negotiated_group() API
84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3
bbda79976b Fix ECDSA_SIG docs
f585cefc04 Add documentation for new EC functions
04ca002703 Insert a dummy call to EC code in the FIPS provider
a9612d6c03 Make the EC code available from inside the FIPS provider
c1a3f16f73 Correct the Extended Master Secret string for EBCDIC

Build log ended with (last 100 lines):

/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:184:
 undefined reference to `__afl_area_ptr'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:219:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:201:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:195:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:227:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:234:
 undefined reference to `__afl_prev_loc'
providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:225:
 more undefined references to `__afl_prev_loc' follow
providers/fips/fips-dso-fipsprov.o: In function `OSSL_provider_init':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:309:
 undefined reference to `__afl_area_ptr'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:313:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:306:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:317:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:323:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:326:
 undefined reference to `__afl_prev_loc'
providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:329:
 more undefined references to `__afl_prev_loc' follow
providers/fips/fips-dso-fipsprov.o: In function `fips_intern_provider_init':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:405:
 undefined reference to `__afl_area_ptr'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:410:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:410:
 undefined reference to `__afl_prev_loc'
providers/fips/fips-dso-fipsprov.o: In function 
`OSSL_get_core_get_library_context':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/include/openssl/core_numbers.h:70:
 undefined reference to `__afl_prev_loc'
providers/fips/fips-dso-fipsprov.o: In function `fips_intern_provider_init':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:422:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:425:
 undefined reference to `__afl_prev_loc'
providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:434:
 more undefined references to `__afl_prev_loc' follow
providers/fips/fips-dso-fipsprov.o: In function `ERR_new':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:440:
 undefined reference to `__afl_area_ptr'
providers/fips/fips-dso-fipsprov.o: In function `ERR_set_debug':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:443:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:443:
 undefined reference to `__afl_area_ptr'
providers/fips/fips-dso-fipsprov.o: In function `ERR_set_error':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:449:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:449:
 undefined reference to `__afl_area_ptr'
providers/fips/fips-dso-fipsprov.o: In function `ERR_vset_error':
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:457:
 undefined reference to `__afl_prev_loc'
/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:457:
 undefined reference to `__afl_area_ptr'
providers/fips/fips-dso-fipsprov.o: In fun

Errored: openssl/openssl#27146 (master - 3505d70)

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-filenames

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine no-shared

[openssl] master update

Errored: openssl/openssl#27145 (OpenSSL_1_1_1-stable - 728f944)

Errored: openssl/openssl#27144 (master - 7dddf2f)

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine

[openssl] OpenSSL_1_1_1-stable update

[openssl] master update

SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ec_nistp_64_gcc_128

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2

Errored: openssl/openssl#27140 (master - a6482df)

[openssl] master update

Errored: openssl/openssl#27139 (master - c50fd0f)

Errored: openssl/openssl#27138 (master - f305ecd)

[openssl] master update

[openssl] master update

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-pic

Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared

21 matches

Site Navigation

Mail list logo

Footer information