Errored: openssl/openssl#27146 (master - 3505d70)
Build Update for openssl/openssl - Build: #27146 Status: Errored Duration: 20 mins and 11 secs Commit: 3505d70 (master) Author: Shane Lontis Message: Fix document nit in EVP_MAC.pod Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/9551) View the changeset: https://github.com/openssl/openssl/compare/7dddf2fcc50f...3505d70badb3 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/569167810?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-filenames
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-filenames Commit log since last time: a6482df03a Fix enable-ec_nistp_64_gcc_128 c50fd0f959 Fix BN error reporting f305ecdac0 Run evp_test in FIPS mode 7f612b1f04 Don't set ctx->cipher until after a successful fetch e9c116ebcb GCM cipher in provider now fails if passed bad keylength Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . ok ../../openssl/test/recipes/70-test_key_share.t ok ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t ok ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ok ../../openssl/test/recipes/70-test_sslcertstatus.t ok ../../openssl/test/recipes/70-test_sslextension.t . ok ../../openssl/test/recipes/70-test_sslmessages.t .. ok ../../openssl/test/recipes/70-test_sslrecords.t ... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ... ok ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. ok ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13alerts.t .. ok ../../openssl/test/recipes/70-test_tls13cookie.t .. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ... ok ../../openssl/test/recipes/70-test_tls13hrr.t . ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ok ../../openssl/test/recipes/70-test_tls13messages.t ok ../../openssl/test/recipes/70-test_tls13psk.t . ok ../../openssl/test/recipes/70-test_tlsextms.t . ok ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok ../../openssl/test/recipes/80-test_ssl_new.t .. ok ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t .. ok ../../openssl/test/recipes/90-test_asn1_time.t ok ../../openssl/test/recipes/90-test_async.t ok ../../openssl/test/recipes/90-test_bio_enc.t .. ok ../../openssl/test/recipes/90-test_bio_memleak.t .. ok ../../openssl/test/recipes/90-test_constant_time.t ok ../../openssl/test/recipes/90-test_fatalerr.t . ok ../../openssl/test/recipes/90-test_gmdiff.t ... ok ../../openssl/test/recipes/90-test_gost.t . ok ../../openssl/test/recipes/90-test_ige.t .. ok ../../openssl/test/recipes/90-test_includes.t
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine no-shared
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine no-shared Commit log since last time: a6482df03a Fix enable-ec_nistp_64_gcc_128 c50fd0f959 Fix BN error reporting f305ecdac0 Run evp_test in FIPS mode 7f612b1f04 Don't set ctx->cipher until after a successful fetch e9c116ebcb GCM cipher in provider now fails if passed bad keylength Build log ended with (last 100 lines): make[1]: Entering directory '/home/openssl/run-checker/no-engine_no-shared' make[1]: Leaving directory '/home/openssl/run-checker/no-engine_no-shared' make[1]: Entering directory '/home/openssl/run-checker/no-engine_no-shared' ( cd test; \ mkdir -p test-runs; \ SRCTOP=../../openssl \ BLDTOP=../. \ RESULT_D=test-runs \ PERL="/usr/bin/perl" \ EXE_EXT= \ OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd` \ OPENSSL_DEBUG_MEMORY=on \ /usr/bin/perl ../../openssl/test/run_tests.pl ) ../../openssl/test/recipes/01-test_abort.t ok ../../openssl/test/recipes/01-test_sanity.t ... ok ../../openssl/test/recipes/01-test_symbol_presence.t .. skipped: Only useful when building shared libraries ../../openssl/test/recipes/01-test_test.t . ok ../../openssl/test/recipes/02-test_errstr.t ... ok ../../openssl/test/recipes/02-test_internal_context.t . ok ../../openssl/test/recipes/02-test_internal_ctype.t ... ok ../../openssl/test/recipes/02-test_internal_provider.t ok ../../openssl/test/recipes/02-test_lhash.t ok ../../openssl/test/recipes/02-test_ordinals.t . ok ../../openssl/test/recipes/02-test_sparse_array.t . ok ../../openssl/test/recipes/02-test_stack.t ok ../../openssl/test/recipes/03-test_exdata.t ... ok ../../openssl/test/recipes/03-test_internal_asn1.t ok ../../openssl/test/recipes/03-test_internal_asn1_dsa.t ok ../../openssl/test/recipes/03-test_internal_bn.t .. ok ../../openssl/test/recipes/03-test_internal_chacha.t .. ok ../../openssl/test/recipes/03-test_internal_curve448.t ok ../../openssl/test/recipes/03-test_internal_ec.t .. ok ../../openssl/test/recipes/03-test_internal_mdc2.t ok ../../openssl/test/recipes/03-test_internal_modes.t ... ok ../../openssl/test/recipes/03-test_internal_namemap.t . ok ../../openssl/test/recipes/03-test_internal_poly1305.t ok ../../openssl/test/recipes/03-test_internal_rsa_sp800_56b.t ... ok ../../openssl/test/recipes/03-test_internal_siphash.t . ok ../../openssl/test/recipes/03-test_internal_sm2.t . ok ../../openssl/test/recipes/03-test_internal_sm4.t . ok ../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok ../../openssl/test/recipes/03-test_internal_x509.t ok ../../openssl/test/recipes/03-test_params_api.t ... ok ../../openssl/test/recipes/03-test_property.t . ok ../../openssl/test/recipes/03-test_ui.t ... ok ../../openssl/test/recipes/04-test_asn1_decode.t .. ok ../../openssl/test/recipes/04-test_asn1_encode.t .. ok ../../openssl/test/recipes/04-test_asn1_string_table.t ok ../../openssl/test/recipes/04-test_bio_callback.t . ok ../../openssl/test/recipes/04-test_bioprint.t . ok ../../openssl/test/recipes/04-test_err.t .. ok ../../openssl/test/recipes/04-test_param_build.t .. ok ../../openssl/test/recipes/04-test_params.t ... ok ../../openssl/test/recipes/04-test_params_conversion.t ok ../../openssl/test/recipes/04-test_pem.t .. ok ../../openssl/test/recipes/04-test_provider.t . ok ../../openssl/test/recipes/05-test_bf.t ... ok ../../openssl/test/recipes/05-test_cast.t . ok ../../openssl/test/recipes/05-test_des.t .. ok ../../openssl/test/recipes/05-test_hmac.t . ok ../../openssl/test/recipes/05-test_idea.t . ok ../../openssl/test/recipes/05-test_md2.t .. skipped: md2 is not supported by this OpenSSL build ../../openssl/test/recipes/05-test_mdc2.t . ok ../../openssl/test/recipes/05-test_rand.t . ok ../../openssl/test/recipes/05-test_rc2.t .. ok ../../openssl/test/recipes/05-test_rc4.t .. ok ../../openssl/test/recipes/05-test_rc5.t .. skipped: rc5 is not supported by this OpenSSL build ../../openssl/test/recipes/06-test-rdrand.t ... ok ../../openssl/test/recipes/10-test_bn.t ... ok ../../openssl/test/recipes/10-test_exp.t ..
[openssl] master update
The branch master has been updated via 3505d70badb341e018a039434636d9b12f537e1e (commit) from 7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb (commit) - Log - commit 3505d70badb341e018a039434636d9b12f537e1e Author: Shane Lontis Date: Thu Aug 8 14:23:52 2019 +1000 Fix document nit in EVP_MAC.pod Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/9551) --- Summary of changes: doc/man3/EVP_MAC.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index 2c6687945c..a696c43cc5 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -160,7 +160,7 @@ B and B below. =item B -This control expects two arguments: C, C +This control expects two arguments: C, C Some MAC implementations require an IV, this control sets the IV.
Errored: openssl/openssl#27145 (OpenSSL_1_1_1-stable - 728f944)
Build Update for openssl/openssl - Build: #27145 Status: Errored Duration: 24 mins and 23 secs Commit: 728f944 (OpenSSL_1_1_1-stable) Author: Shane Lontis Message: Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes Note a flag needed to be added since some ssl tests fail if they output any error (even if the error is ignored). Only ciphers that handle the GET_IV_LEN control set this flag. Fixes #8330 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9499) View the changeset: https://github.com/openssl/openssl/compare/da4ea0cfe636...728f9449c3e5 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/569155220?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Errored: openssl/openssl#27144 (master - 7dddf2f)
Build Update for openssl/openssl - Build: #27144 Status: Errored Duration: 26 mins and 38 secs Commit: 7dddf2f (master) Author: Shane Lontis Message: Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9542) View the changeset: https://github.com/openssl/openssl/compare/a6482df03acc...7dddf2fcc50f View the full build log and details: https://travis-ci.org/openssl/openssl/builds/569153875?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: a6482df03a Fix enable-ec_nistp_64_gcc_128 c50fd0f959 Fix BN error reporting f305ecdac0 Run evp_test in FIPS mode 7f612b1f04 Don't set ctx->cipher until after a successful fetch e9c116ebcb GCM cipher in provider now fails if passed bad keylength Build log ended with (last 100 lines): make[1]: Leaving directory '/home/openssl/run-checker/no-engine' make[1]: Entering directory '/home/openssl/run-checker/no-engine' ( cd test; \ mkdir -p test-runs; \ SRCTOP=../../openssl \ BLDTOP=../. \ RESULT_D=test-runs \ PERL="/usr/bin/perl" \ EXE_EXT= \ OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd` \ OPENSSL_DEBUG_MEMORY=on \ /usr/bin/perl ../../openssl/test/run_tests.pl ) ../../openssl/test/recipes/01-test_abort.t ok ../../openssl/test/recipes/01-test_sanity.t ... ok ../../openssl/test/recipes/01-test_symbol_presence.t .. ok ../../openssl/test/recipes/01-test_test.t . ok ../../openssl/test/recipes/02-test_errstr.t ... ok ../../openssl/test/recipes/02-test_internal_context.t . ok ../../openssl/test/recipes/02-test_internal_ctype.t ... ok ../../openssl/test/recipes/02-test_internal_provider.t ok ../../openssl/test/recipes/02-test_lhash.t ok ../../openssl/test/recipes/02-test_ordinals.t . ok ../../openssl/test/recipes/02-test_sparse_array.t . ok ../../openssl/test/recipes/02-test_stack.t ok ../../openssl/test/recipes/03-test_exdata.t ... ok ../../openssl/test/recipes/03-test_internal_asn1.t ok ../../openssl/test/recipes/03-test_internal_asn1_dsa.t ok ../../openssl/test/recipes/03-test_internal_bn.t .. ok ../../openssl/test/recipes/03-test_internal_chacha.t .. ok ../../openssl/test/recipes/03-test_internal_curve448.t ok ../../openssl/test/recipes/03-test_internal_ec.t .. ok ../../openssl/test/recipes/03-test_internal_mdc2.t ok ../../openssl/test/recipes/03-test_internal_modes.t ... ok ../../openssl/test/recipes/03-test_internal_namemap.t . ok ../../openssl/test/recipes/03-test_internal_poly1305.t ok ../../openssl/test/recipes/03-test_internal_rsa_sp800_56b.t ... ok ../../openssl/test/recipes/03-test_internal_siphash.t . ok ../../openssl/test/recipes/03-test_internal_sm2.t . ok ../../openssl/test/recipes/03-test_internal_sm4.t . ok ../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok ../../openssl/test/recipes/03-test_internal_x509.t ok ../../openssl/test/recipes/03-test_params_api.t ... ok ../../openssl/test/recipes/03-test_property.t . ok ../../openssl/test/recipes/03-test_ui.t ... ok ../../openssl/test/recipes/04-test_asn1_decode.t .. ok ../../openssl/test/recipes/04-test_asn1_encode.t .. ok ../../openssl/test/recipes/04-test_asn1_string_table.t ok ../../openssl/test/recipes/04-test_bio_callback.t . ok ../../openssl/test/recipes/04-test_bioprint.t . ok ../../openssl/test/recipes/04-test_err.t .. ok ../../openssl/test/recipes/04-test_param_build.t .. ok ../../openssl/test/recipes/04-test_params.t ... ok ../../openssl/test/recipes/04-test_params_conversion.t ok ../../openssl/test/recipes/04-test_pem.t .. ok ../../openssl/test/recipes/04-test_provider.t . ok ../../openssl/test/recipes/05-test_bf.t ... ok ../../openssl/test/recipes/05-test_cast.t . ok ../../openssl/test/recipes/05-test_des.t .. ok ../../openssl/test/recipes/05-test_hmac.t . ok ../../openssl/test/recipes/05-test_idea.t . ok ../../openssl/test/recipes/05-test_md2.t .. skipped: md2 is not supported by this OpenSSL build ../../openssl/test/recipes/05-test_mdc2.t . ok ../../openssl/test/recipes/05-test_rand.t . ok ../../openssl/test/recipes/05-test_rc2.t .. ok ../../openssl/test/recipes/05-test_rc4.t .. ok ../../openssl/test/recipes/05-test_rc5.t .. skipped: rc5 is not supported by this OpenSSL build ../../openssl/test/recipes/06-test-rdrand.t ... ok ../../openssl/test/recipes/10-test_bn.t ... ok ../../openssl/test/recipes/10-test_exp.t .. ok ../../openssl/test/recipes/15-test_dh.t ... ok ../../openssl/test/recipes/15-test_dsa.t .. ok ../../open
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 728f9449c3e5a974593c516cd609b60e760ed537 (commit) from da4ea0cfe63619899ceb7575a7c8fbf1507fdcb6 (commit) - Log - commit 728f9449c3e5a974593c516cd609b60e760ed537 Author: Shane Lontis Date: Thu Aug 8 13:19:23 2019 +1000 Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes Note a flag needed to be added since some ssl tests fail if they output any error (even if the error is ignored). Only ciphers that handle the GET_IV_LEN control set this flag. Fixes #8330 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9499) --- Summary of changes: crypto/evp/e_aes.c | 28 +++- crypto/evp/e_aria.c | 13 +++-- crypto/evp/e_chacha20_poly1305.c | 7 ++- crypto/evp/evp_lib.c | 7 +++ include/openssl/evp.h| 4 5 files changed, 51 insertions(+), 8 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index e77ad5c616..90a410b00d 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -1608,7 +1608,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) switch (type) { case EVP_CTRL_INIT: -ivlen = EVP_CIPHER_CTX_iv_length(c); +ivlen = EVP_CIPHER_iv_length(c->cipher); iv = EVP_CIPHER_CTX_iv_noconst(c); gctx->key_set = 0; gctx->iv_set = 0; @@ -1619,6 +1619,10 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = gctx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; @@ -2329,6 +2333,10 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->aes.ccm.tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = 15 - cctx->aes.ccm.l; +return 1; + case EVP_CTRL_AEAD_TLS1_AAD: if (arg != EVP_AEAD_TLS1_AAD_LEN) return 0; @@ -2847,13 +2855,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; -gctx->ivlen = c->cipher->iv_len; +gctx->ivlen = EVP_CIPHER_iv_length(c->cipher); gctx->iv = c->iv; gctx->taglen = -1; gctx->iv_gen = 0; gctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = gctx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; @@ -3303,7 +3315,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define CUSTOM_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ -| EVP_CIPH_CUSTOM_COPY) +| EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH) BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) @@ -3505,7 +3517,9 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; cctx->tls_aad_len = -1; return 1; - +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = 15 - cctx->L; +return 1; case EVP_CTRL_AEAD_TLS1_AAD: /* Save the AAD for later use */ if (arg != EVP_AEAD_TLS1_AAD_LEN) @@ -3954,13 +3968,17 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: octx->key_set = 0; octx->iv_set = 0; -octx->ivlen = EVP_CIPHER_CTX_iv_length(c); +octx->ivlen = EVP_CIPHER_iv_length(c->cipher); octx->iv = EVP_CIPHER_CTX_iv_noconst(c); octx->taglen = 16; octx->data_buf_len = 0; octx->aad_buf_len = 0; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = octx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: /* IV len must be 1 to 15 */ if (arg <= 0 || arg > 15) diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index 100573f5fc..fcaceb3bca 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -252,7 +252,7 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; -gctx->ivlen = EVP_CIPHER_CTX_iv_length(c); +gctx->ivlen = EVP_CIPHER_iv_length(c->cipher); gctx->iv = EVP_CIPHER_CTX_iv_noconst(c); gctx->taglen = -1; gctx->iv_gen = 0; @@ -274,6 +274,10 @@ static in
[openssl] master update
The branch master has been updated via 7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb (commit) from a6482df03accc6cdcbd1298d593508825a5902e6 (commit) - Log - commit 7dddf2fcc50fe6f7fda0f089ed60dd8545df22bb Author: Shane Lontis Date: Thu Aug 8 13:14:05 2019 +1000 Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9542) --- Summary of changes: crypto/evp/e_aes.c | 28 crypto/evp/e_aria.c | 13 +++-- crypto/evp/e_chacha20_poly1305.c | 7 ++- crypto/evp/evp_lib.c | 17 + include/openssl/evp.h| 8 ++-- 5 files changed, 60 insertions(+), 13 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index d687a2cac3..a46ac8f92f 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -1334,7 +1334,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) switch (type) { case EVP_CTRL_INIT: -ivlen = EVP_CIPHER_CTX_iv_length(c); +ivlen = EVP_CIPHER_iv_length(c->cipher); iv = EVP_CIPHER_CTX_iv_noconst(c); gctx->key_set = 0; gctx->iv_set = 0; @@ -1345,6 +1345,10 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = gctx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; @@ -2053,6 +2057,10 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->aes.ccm.tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = 15 - cctx->aes.ccm.l; +return 1; + case EVP_CTRL_AEAD_TLS1_AAD: if (arg != EVP_AEAD_TLS1_AAD_LEN) return 0; @@ -2536,13 +2544,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; -gctx->ivlen = c->cipher->iv_len; +gctx->ivlen = EVP_CIPHER_iv_length(c->cipher); gctx->iv = c->iv; gctx->taglen = -1; gctx->iv_gen = 0; gctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = gctx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; @@ -3055,7 +3067,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define CUSTOM_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ -| EVP_CIPH_CUSTOM_COPY) +| EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH) BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) @@ -3260,6 +3272,10 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = 15 - cctx->L; +return 1; + case EVP_CTRL_AEAD_TLS1_AAD: /* Save the AAD for later use */ if (arg != EVP_AEAD_TLS1_AAD_LEN) @@ -3708,13 +3724,17 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: octx->key_set = 0; octx->iv_set = 0; -octx->ivlen = EVP_CIPHER_CTX_iv_length(c); +octx->ivlen = EVP_CIPHER_iv_length(c->cipher); octx->iv = EVP_CIPHER_CTX_iv_noconst(c); octx->taglen = 16; octx->data_buf_len = 0; octx->aad_buf_len = 0; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = octx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: /* IV len must be 1 to 15 */ if (arg <= 0 || arg > 15) diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index f2588f141a..84b14826cb 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -252,13 +252,17 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; -gctx->ivlen = EVP_CIPHER_CTX_iv_length(c); +gctx->ivlen = EVP_CIPHER_iv_length(c->cipher); gctx->iv = EVP_CIPHER_CTX_iv_noconst(c); gctx->taglen = -1; gctx->iv_gen = 0; gctx->tls_aad_len = -1; return 1; +case EVP_CTRL_GET_IVLEN: +*(int *)ptr = gctx->ivlen; +return 1; + case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; @@ -539,6 +543,10 @@ static int aria_ccm_ct
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ec_nistp_64_gcc_128
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ec_nistp_64_gcc_128 Commit log since last time: a6482df03a Fix enable-ec_nistp_64_gcc_128 c50fd0f959 Fix BN error reporting f305ecdac0 Run evp_test in FIPS mode 7f612b1f04 Don't set ctx->cipher until after a successful fetch e9c116ebcb GCM cipher in provider now fails if passed bad keylength
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: a6482df03a Fix enable-ec_nistp_64_gcc_128 c50fd0f959 Fix BN error reporting f305ecdac0 Run evp_test in FIPS mode 7f612b1f04 Don't set ctx->cipher until after a successful fetch e9c116ebcb GCM cipher in provider now fails if passed bad keylength Build log ended with (last 100 lines): clang -I. -Iinclude -Icrypto/include -Iproviders/common/include -Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include -I../openssl/crypto/include -I../openssl/providers/common/include -I../openssl/providers/common/ciphers -I../openssl/crypto -DAES_ASM -DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -M MD -MF crypto/evp/fips-dso-evp_utils.d.tmp -MT crypto/evp/fips-dso-evp_utils.o -c -o crypto/evp/fips-dso-evp_utils.o ../openssl/crypto/evp/evp_utils.c clang -I. -Iinclude -Icrypto/include -Iproviders/common/include -Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include -I../openssl/crypto/include -I../openssl/providers/common/include -I../openssl/providers/common/ciphers -I../openssl/crypto -DAES_ASM -DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -M MD -MF crypto/evp/fips-dso-keymgmt_lib.d.tmp -MT crypto/evp/fips-dso-keymgmt_lib.o -c -o crypto/evp/fips-dso-keymgmt_lib.o ../openssl/crypto/evp/keymgmt_lib.c clang -I. -Iinclude -Icrypto/include -Iproviders/common/include -Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include -I../openssl/crypto/include -I../openssl/providers/common/include -I../openssl/providers/common/ciphers -I../openssl/crypto -DAES_ASM -DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -M MD -MF crypto/evp/fips-dso-keymgmt_meth.d.tmp -MT crypto/evp/fips-dso-keymgmt_meth.o -c -o crypto/evp/fips-dso-keymgmt_meth.o ../openssl/crypto/evp/keymgmt_meth.c clang -I. -Iinclude -Icrypto/include -Iproviders/common/include -Iproviders/common/ciphers -Icrypto -I../openssl -I../openssl/include -I../openssl/crypto/include -I../openssl/providers/common/include -I../openssl/providers/common/ciphers -I../openssl/crypto -DAES_ASM -DBSAES_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unk
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method Commit log since last time: 88f19d86d9 Update man page for new API SSL_get_negotiated_group() fb8c6db45f Test SSL_get_negotiated_group() API 84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3 bbda79976b Fix ECDSA_SIG docs f585cefc04 Add documentation for new EC functions 04ca002703 Insert a dummy call to EC code in the FIPS provider a9612d6c03 Make the EC code available from inside the FIPS provider c1a3f16f73 Correct the Extended Master Secret string for EBCDIC Build log ended with (last 100 lines): ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . ok ../../openssl/test/recipes/70-test_key_share.t ok ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs TLS <= 1.2 enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs TLS enabled ../../openssl/test/recipes/70-test_sslextension.t . Dubious, test returned 255 (wstat 65280, 0xff00) All 8 subtests passed (less 5 skipped subtests: 3 okay) ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs TLS enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... ok ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13alerts.t .. ok ../../openssl/test/recipes/70-test_tls13cookie.t .. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs TLS1.3 and TLS1.2 enabled ../../openssl/test/recipes/70-test_tls13hrr.t . ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ok ../../openssl/test/recipes/70-test_tls13messages.t ok ../../openssl/test/recipes/70-test_tls13psk.t . ok ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok ../../openssl/test/recipes/80-test_ssl_new.t .. ok ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t .. ok ../../openssl/test/recipes/90-test_asn1_time.t ok ../../openssl/test/recipes/90-test_async.t ok ../../openssl/test/recipes/90-test_bio_enc.t .. ok ../../openssl/test/recipes/90-test_bio_memleak.t .. ok ../../openssl/test/recipes/90-test_constant_time.t ok ../../openssl/test/recipes/90-test_fatalerr.t . ok ../../openssl/test/recipes/90-test_
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_2 Commit log since last time: 88f19d86d9 Update man page for new API SSL_get_negotiated_group() fb8c6db45f Test SSL_get_negotiated_group() API 84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3 bbda79976b Fix ECDSA_SIG docs f585cefc04 Add documentation for new EC functions 04ca002703 Insert a dummy call to EC code in the FIPS provider a9612d6c03 Make the EC code available from inside the FIPS provider c1a3f16f73 Correct the Extended Master Secret string for EBCDIC Build log ended with (last 100 lines): ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . ok ../../openssl/test/recipes/70-test_key_share.t ok ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs TLS <= 1.2 enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs TLS enabled ../../openssl/test/recipes/70-test_sslextension.t . Dubious, test returned 255 (wstat 65280, 0xff00) All 8 subtests passed (less 5 skipped subtests: 3 okay) ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs TLS enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... ok ../../openssl/test/recipes/70-test_sslsignature.t . ok ../../openssl/test/recipes/70-test_sslskewith0p.t . ok ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ok ../../openssl/test/recipes/70-test_tls13alerts.t .. ok ../../openssl/test/recipes/70-test_tls13cookie.t .. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs TLS1.3 and TLS1.2 enabled ../../openssl/test/recipes/70-test_tls13hrr.t . ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ok ../../openssl/test/recipes/70-test_tls13messages.t ok ../../openssl/test/recipes/70-test_tls13psk.t . ok ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok ../../openssl/test/recipes/80-test_dtlsv1listen.t . ok ../../openssl/test/recipes/80-test_ocsp.t . ok ../../openssl/test/recipes/80-test_pkcs12.t ... ok ../../openssl/test/recipes/80-test_ssl_new.t .. ok ../../openssl/test/recipes/80-test_ssl_old.t .. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t . ok ../../openssl/test/recipes/80-test_sslcorrupt.t ... ok ../../openssl/test/recipes/80-test_tsa.t .. ok ../../openssl/test/recipes/80-test_x509aux.t .. ok ../../openssl/test/recipes/90-test_asn1_time.t ok ../../openssl/test/recipes/90-test_async.t ok ../../openssl/test/recipes/90-test_bio_enc.t .. ok ../../openssl/test/recipes/90-test_bio_memleak.t .. ok ../../openssl/test/recipes/90-test_constant_time.t ok ../../openssl/test/recipes/90-test_fatalerr.t . ok ../../openssl/test/recipes/90-test_gmdiff.
Errored: openssl/openssl#27140 (master - a6482df)
Build Update for openssl/openssl - Build: #27140 Status: Errored Duration: 28 mins and 0 secs Commit: a6482df (master) Author: Matt Caswell Message: Fix enable-ec_nistp_64_gcc_128 When creating a BN_CTX, make sure we store it in the right variable! Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/9546) View the changeset: https://github.com/openssl/openssl/compare/c50fd0f959de...a6482df03acc View the full build log and details: https://travis-ci.org/openssl/openssl/builds/568910793?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via a6482df03accc6cdcbd1298d593508825a5902e6 (commit) from c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit) - Log - commit a6482df03accc6cdcbd1298d593508825a5902e6 Author: Matt Caswell Date: Wed Aug 7 10:03:12 2019 +0100 Fix enable-ec_nistp_64_gcc_128 When creating a BN_CTX, make sure we store it in the right variable! Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/9546) --- Summary of changes: crypto/ec/ecp_nistp224.c | 4 ++-- crypto/ec/ecp_nistp256.c | 4 ++-- crypto/ec/ecp_nistp521.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index a9f40d09c7..2ad9903c90 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1286,7 +1286,7 @@ int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, BN_CTX *new_ctx = NULL; if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0; @@ -1606,7 +1606,7 @@ int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx) #ifndef FIPS_MODE if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0; diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 4fc589b913..624ee1621f 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1906,7 +1906,7 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, BN_CTX *new_ctx = NULL; if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0; @@ -2234,7 +2234,7 @@ int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx) #ifndef FIPS_MODE if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0; diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index ff5c2cfa64..6de37f663b 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1748,7 +1748,7 @@ int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, BN_CTX *new_ctx = NULL; if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0; @@ -2072,7 +2072,7 @@ int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx) #ifndef FIPS_MODE if (ctx == NULL) -new_ctx = BN_CTX_new(); +ctx = new_ctx = BN_CTX_new(); #endif if (ctx == NULL) return 0;
Errored: openssl/openssl#27139 (master - c50fd0f)
Build Update for openssl/openssl - Build: #27139 Status: Errored Duration: 33 mins and 27 secs Commit: c50fd0f (master) Author: Matt Caswell Message: Fix BN error reporting Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use it. A typo in err.h means that errors in the BN library are mistakenly attributed to the RSA library. This was found due to the following error appearing in a travis log: 00:07:CB:13:05:7F:00:00:error:046C:rsa routines::data greater than mod len:crypto/bn/bn_gcd.c:613: 00:07:CB:13:05:7F:00:00:error:0403:rsa routines::BN lib:crypto/rsa/rsa_gen.c:393: /home/travis/build/openssl/openssl/util/shlib_wrap.sh /home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem -primes 5 8192 => 1 not ok 12 - genrsa 8192p5 The line in question (crypto/bn/bn_gcd.c:613) actually looks like this: BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE); The test was checking for that error being raised, but was instead seeing a different error and thus failing. Reviewed-by: Richard Levitte Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/9539) View the changeset: https://github.com/openssl/openssl/compare/f305ecdac0b7...c50fd0f959de View the full build log and details: https://travis-ci.org/openssl/openssl/builds/568798202?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Errored: openssl/openssl#27138 (master - f305ecd)
Build Update for openssl/openssl - Build: #27138 Status: Errored Duration: 25 mins and 28 secs Commit: f305ecd (master) Author: Matt Caswell Message: Run evp_test in FIPS mode We run the cipher and digest evp_test test files in FIPS mode. Some ciphers/digests aren't available in FIPS mode so we mark those as only being available in the default provider. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/9531) View the changeset: https://github.com/openssl/openssl/compare/e9c116ebcbaf...f305ecdac0b7 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/568796684?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit) from f305ecdac0b7048e7ef38a7196f4393fa7ceff38 (commit) - Log - commit c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 Author: Matt Caswell Date: Tue Aug 6 13:39:00 2019 +0100 Fix BN error reporting Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use it. A typo in err.h means that errors in the BN library are mistakenly attributed to the RSA library. This was found due to the following error appearing in a travis log: 00:07:CB:13:05:7F:00:00:error:046C:rsa routines::data greater than mod len:crypto/bn/bn_gcd.c:613: 00:07:CB:13:05:7F:00:00:error:0403:rsa routines::BN lib:crypto/rsa/rsa_gen.c:393: /home/travis/build/openssl/openssl/util/shlib_wrap.sh /home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem -primes 5 8192 => 1 not ok 12 - genrsa 8192p5 The line in question (crypto/bn/bn_gcd.c:613) actually looks like this: BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE); The test was checking for that error being raised, but was instead seeing a different error and thus failing. Reviewed-by: Richard Levitte Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/9539) --- Summary of changes: include/openssl/err.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/openssl/err.h b/include/openssl/err.h index ad5ed5a292..e5a1a0dc1e 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -110,7 +110,7 @@ typedef struct err_state_st { # if ! OPENSSL_API_3 # define SYSerr(f,r) ERR_raise(ERR_LIB_SYS,(r)) # endif -# define BNerr(f,r) ERR_raise(ERR_LIB_RSA,(r)) +# define BNerr(f,r) ERR_raise(ERR_LIB_BN,(r)) # define RSAerr(f,r) ERR_raise(ERR_LIB_RSA,(r)) # define DHerr(f,r) ERR_raise(ERR_LIB_DH,(r)) # define EVPerr(f,r) ERR_raise(ERR_LIB_EVP,(r))
[openssl] master update
The branch master has been updated via f305ecdac0b7048e7ef38a7196f4393fa7ceff38 (commit) via 7f612b1f04ee0cf72d6af292a76f43dd74e88af9 (commit) from e9c116ebcbaf6a0d089a2f8d615eee5be69ab66a (commit) - Log - commit f305ecdac0b7048e7ef38a7196f4393fa7ceff38 Author: Matt Caswell Date: Mon Aug 5 13:38:25 2019 +0100 Run evp_test in FIPS mode We run the cipher and digest evp_test test files in FIPS mode. Some ciphers/digests aren't available in FIPS mode so we mark those as only being available in the default provider. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/9531) commit 7f612b1f04ee0cf72d6af292a76f43dd74e88af9 Author: Matt Caswell Date: Mon Aug 5 13:37:05 2019 +0100 Don't set ctx->cipher until after a successful fetch If an implict EVP_CIPHER_fetch fails then ctx->cipher should not be set otherwise strange things will happen when trying to free the ctx. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/9531) --- Summary of changes: crypto/evp/evp_enc.c| 4 +-- test/recipes/30-test_evp.t | 24 - test/recipes/30-test_evp_data/evpciph.txt | 53 + test/recipes/30-test_evp_data/evpdigest.txt | 48 ++ 4 files changed, 118 insertions(+), 11 deletions(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 87c7bb0995..31e15a63c2 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -197,9 +197,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->flags = flags; } -if (cipher != NULL) -ctx->cipher = cipher; -else +if (cipher == NULL) cipher = ctx->cipher; if (cipher->prov == NULL) { diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index 01bf99df6f..2159d96df4 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -14,15 +14,13 @@ use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file); setup("test_evp"); -#TODO(3.0) We temporarily disable testing with the FIPS module while that -# testing is broken -#my @configs = qw( default-and-legacy.cnf fips.cnf ); -my @configs = qw( default-and-legacy.cnf ); -my @files = qw( evpciph.txt evpdigest.txt evpencod.txt evpkdf.txt -evppkey_kdf.txt evpmac.txt evppbe.txt evppkey.txt -evppkey_ecc.txt evpcase.txt evpaessiv.txt evpccmcavs.txt ); +my @configs = qw( default-and-legacy.cnf fips.cnf ); +my @files = qw( evpciph.txt evpdigest.txt ); +my @defltfiles = qw( evpencod.txt evpkdf.txt evppkey_kdf.txt evpmac.txt +evppbe.txt evppkey.txt evppkey_ecc.txt evpcase.txt evpaessiv.txt +evpccmcavs.txt ); -plan tests => scalar(@configs) * scalar(@files); +plan tests => (scalar(@configs) * scalar(@files)) + scalar(@defltfiles); $ENV{OPENSSL_MODULES} = bldtop_dir("providers"); @@ -34,3 +32,13 @@ foreach (@configs) { "running evp_test $f"); } } + +#TODO(3.0): As more operations are converted to providers we can move more of +# these tests to the loop above + +$ENV{OPENSSL_CONF} = srctop_file("test", "default-and-legacy.cnf"); + +foreach my $f ( @defltfiles ) { +ok(run(test(["evp_test", data_file("$f")])), + "running evp_test $f"); +} diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt index 3dd5a87ba7..182c456896 100644 --- a/test/recipes/30-test_evp_data/evpciph.txt +++ b/test/recipes/30-test_evp_data/evpciph.txt @@ -293,6 +293,7 @@ Ciphertext = B2EB05E2C39BE9FCDA6C19078C6A9D1B # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec # CFB128-AES128.Encrypt Cipher = AES-128-CFB +Availablein = default Key = 2B7E151628AED2A6ABF7158809CF4F3C IV = 000102030405060708090A0B0C0D0E0F Operation = ENCRYPT @@ -300,6 +301,7 @@ Plaintext = 6BC1BEE22E409F96E93D7E117393172A Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A Cipher = AES-128-CFB +Availablein = default Key = 2B7E151628AED2A6ABF7158809CF4F3C IV = 3B3FD92EB72DAD20333449F8E83CFB4A Operation = ENCRYPT @@ -307,6 +309,7 @@ Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 Ciphertext = C8A64537A0B3A93FCDE3CDAD9F1CE58B Cipher = AES-128-CFB +Availablein = default Key = 2B7E151628AED2A6ABF7158809CF4F3C IV = C8A64537A0B3A93FCDE3CDAD9F1CE58B Operation = ENCRYPT @@ -314,6 +317,7 @@ Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF Ciphertext = 26751F67A3CBB140B1808CF187A4F4DF Cipher = AES-128-CFB +Availablein = default Key = 2B7E151628AED2A6ABF7158809CF4F3C IV = 26751F67A3CBB140B1808CF187A4F4DF Operation = ENCRYPT @@ -322,6 +326,7 @@ Ciphertext = C04B05357C5D1C0EEAC4C66F9FF7F2E6 # CFB128-AES128.Decrypt Cipher = AES-128-CFB +Availablein = default Key = 2B7E151628AED2A6ABF715
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-pic
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-pic Commit log since last time: 88f19d86d9 Update man page for new API SSL_get_negotiated_group() fb8c6db45f Test SSL_get_negotiated_group() API 84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3 bbda79976b Fix ECDSA_SIG docs f585cefc04 Add documentation for new EC functions 04ca002703 Insert a dummy call to EC code in the FIPS provider a9612d6c03 Make the EC code available from inside the FIPS provider c1a3f16f73 Correct the Extended Master Secret string for EBCDIC Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t ok ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/re
Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared Commit log since last time: 88f19d86d9 Update man page for new API SSL_get_negotiated_group() fb8c6db45f Test SSL_get_negotiated_group() API 84d4b9e31d API to get negotiated key exchange algorithm in TLS1.3 bbda79976b Fix ECDSA_SIG docs f585cefc04 Add documentation for new EC functions 04ca002703 Insert a dummy call to EC code in the FIPS provider a9612d6c03 Make the EC code available from inside the FIPS provider c1a3f16f73 Correct the Extended Master Secret string for EBCDIC Build log ended with (last 100 lines): /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:184: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:219: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:201: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:195: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:227: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:234: undefined reference to `__afl_prev_loc' providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:225: more undefined references to `__afl_prev_loc' follow providers/fips/fips-dso-fipsprov.o: In function `OSSL_provider_init': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:309: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:313: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:306: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:317: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:323: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:326: undefined reference to `__afl_prev_loc' providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:329: more undefined references to `__afl_prev_loc' follow providers/fips/fips-dso-fipsprov.o: In function `fips_intern_provider_init': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:405: undefined reference to `__afl_area_ptr' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:410: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:410: undefined reference to `__afl_prev_loc' providers/fips/fips-dso-fipsprov.o: In function `OSSL_get_core_get_library_context': /home/openssl/run-checker/enable-fuzz-afl/../openssl/include/openssl/core_numbers.h:70: undefined reference to `__afl_prev_loc' providers/fips/fips-dso-fipsprov.o: In function `fips_intern_provider_init': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:422: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:425: undefined reference to `__afl_prev_loc' providers/fips/fips-dso-fipsprov.o:/home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:434: more undefined references to `__afl_prev_loc' follow providers/fips/fips-dso-fipsprov.o: In function `ERR_new': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:440: undefined reference to `__afl_area_ptr' providers/fips/fips-dso-fipsprov.o: In function `ERR_set_debug': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:443: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:443: undefined reference to `__afl_area_ptr' providers/fips/fips-dso-fipsprov.o: In function `ERR_set_error': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:449: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:449: undefined reference to `__afl_area_ptr' providers/fips/fips-dso-fipsprov.o: In function `ERR_vset_error': /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:457: undefined reference to `__afl_prev_loc' /home/openssl/run-checker/enable-fuzz-afl/../openssl/providers/fips/fipsprov.c:457: undefined reference to `__afl_area_ptr' providers/fips/fips-dso-fipsprov.o: In fun