Build completed: openssl master.30770
Build openssl master.30770 completed Commit ded9409938 by Rich Salz on 1/13/2020 5:44 PM: fixup! fixup! fixup! fixup! Update man3/verify documentation, error text Configure your notification preferences
Build failed: openssl master.30769
Build openssl master.30769 failed Commit 2d0d011734 by Kurt Roeckx on 1/13/2020 10:56 PM: Create a new embeddedSCTs1 that's signed using SHA256 Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-trace
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-trace Commit log since last time: 42b3f10b5e When deprecated symbols are removed, ensure liblegacy has WHIRLPOOL 7c3aa39fe3 Deprecate the low level Whirlpool functions. c52ec197aa whirlpool: fix preprocessor indentation 33ee9ae059 Deprecate the low level MDC2 functions. 0feef76fe0 mdc2: fix preprocessor indentation 8ffb20ce05 Deprecate the low level MD4 functions. 01b0768d09 md4: fix preprocessor indentation 58e1f3d6d4 Deprecate the low level MD2 functions. b2be1ea2c3 md2: fix preprocessor indentation 601fca1778 Deprecate the low level RIPEMD160 functions. 65167dba89 ripemd: fix preprocessor indentation e683582bf3 Add dsa signature alg to fips provider e0e68f9e34 Tweak option error messages 7671420d9e testutil_init.c: fix compilation error with enable-trace 11b4435986 Add GCM support for EVP_CTRL_GCM_IV_GEN and EVP_CTRL_GCM_SET_IV_INV to providers
Build failed: openssl master.30755
Build openssl master.30755 failed Commit 55fc6fe2bc by Sam on 1/13/2020 6:38 PM: OpenSSL -> OpenTLS Configure your notification preferences
Build failed: openssl master.30754
Build openssl master.30754 failed Commit f584d85f1e by Rich Salz on 1/13/2020 5:44 PM: fixup! fixup! fixup! fixup! Update man3/verify documentation, error text Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings 386
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings 386 Commit log since last time: 42b3f10b5e When deprecated symbols are removed, ensure liblegacy has WHIRLPOOL 7c3aa39fe3 Deprecate the low level Whirlpool functions. c52ec197aa whirlpool: fix preprocessor indentation 33ee9ae059 Deprecate the low level MDC2 functions. 0feef76fe0 mdc2: fix preprocessor indentation 8ffb20ce05 Deprecate the low level MD4 functions. 01b0768d09 md4: fix preprocessor indentation 58e1f3d6d4 Deprecate the low level MD2 functions. b2be1ea2c3 md2: fix preprocessor indentation 601fca1778 Deprecate the low level RIPEMD160 functions. 65167dba89 ripemd: fix preprocessor indentation e683582bf3 Add dsa signature alg to fips provider e0e68f9e34 Tweak option error messages 7671420d9e testutil_init.c: fix compilation error with enable-trace 11b4435986 Add GCM support for EVP_CTRL_GCM_IV_GEN and EVP_CTRL_GCM_SET_IV_INV to providers Build log ended with (last 100 lines): clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualif iers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-x509_trs.d.tmp -MT crypto/x509/libcrypto-lib-x509_trs.o -c -o crypto/x509/libcrypto-lib-x509_trs.o ../openssl/crypto/x509/x509_trs.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualif iers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-x509_txt.d.tmp -MT crypto/x509/libcrypto-lib-x509_txt.o -c -o crypto/x509/libcrypto-lib-x509_txt.o ../openssl/crypto/x509/x509_txt.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualif iers
[openssl] master update
The branch master has been updated via 9ce921f2dacc9f56b8ae932ae9c299670700a297 (commit) via 0b3b2b33c7e888fc1e735ad25cc1b963b5c24ad4 (commit) via d4bff20d55b7ab7b4dd43ada28372efb90942dfd (commit) from 6d242fa585d6e52ee6e099ac4f89601231c0f1d3 (commit) - Log - commit 9ce921f2dacc9f56b8ae932ae9c299670700a297 Author: Rich Salz Date: Wed Jan 8 09:03:00 2020 -0500 Remove duplicates Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/10134) commit 0b3b2b33c7e888fc1e735ad25cc1b963b5c24ad4 Author: Rich Salz Date: Thu Dec 12 13:34:32 2019 -0500 Better documentation of -www,-WWW,-HTTP flags Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/10134) commit d4bff20d55b7ab7b4dd43ada28372efb90942dfd Author: Rich Salz Date: Sat Oct 12 17:45:56 2019 -0400 Refactor the tls/dlts version options Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/10134) --- Summary of changes: doc/man1/openssl-s_client.pod.in | 45 + doc/man1/openssl-s_server.pod.in | 73 +--- doc/man1/openssl-s_time.pod.in | 17 ++ doc/man1/openssl.pod | 31 + doc/perlvars.pm | 32 ++ util/dofile.pl | 8 + 6 files changed, 107 insertions(+), 99 deletions(-) diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in index 8bd6c9eec1..779f91700f 100644 --- a/doc/man1/openssl-s_client.pod.in +++ b/doc/man1/openssl-s_client.pod.in @@ -79,19 +79,6 @@ B B [B<-psk> I] [B<-psk_session> I] [B<-quiet>] -[B<-ssl3>] -[B<-tls1>] -[B<-tls1_1>] -[B<-tls1_2>] -[B<-tls1_3>] -[B<-no_ssl3>] -[B<-no_tls1>] -[B<-no_tls1_1>] -[B<-no_tls1_2>] -[B<-no_tls1_3>] -[B<-dtls>] -[B<-dtls1>] -[B<-dtls1_2>] [B<-sctp>] [B<-sctp_label_bug>] [B<-fallback_scsv>] @@ -127,6 +114,7 @@ B B [B<-early_data> I] [B<-enable_pha>] {- $OpenSSL::safe::opt_name_synopsis -} +{- $OpenSSL::safe::opt_version_synopsis -} {- $OpenSSL::safe::opt_x_synopsis -} {- $OpenSSL::safe::opt_trust_synopsis -} {- $OpenSSL::safe::opt_r_synopsis -} @@ -458,23 +446,6 @@ This option must be provided in order to use a PSK cipher. Use the pem encoded SSL_SESSION data stored in I as the basis of a PSK. Note that this will only work if TLSv1.3 is negotiated. -=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3> - -These options require or disable the use of the specified SSL or TLS protocols. -By default, this command will negotiate the highest mutually supported protocol -version. -When a specific TLS version is required, only that version will be offered to -and accepted from the server. -Note that not all protocols and flags may be available, depending on how -OpenSSL was built. - -=item B<-dtls>, B<-dtls1>, B<-dtls1_2> - -These options make this command use DTLS protocols instead of TLS. -With B<-dtls>, it will negotiate any supported DTLS protocol version, -whilst B<-dtls1> and B<-dtls1_2> will only support DTLS1.0 and DTLS1.2 -respectively. - =item B<-sctp> Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in @@ -685,12 +656,7 @@ data and when the server accepts the early data. For TLSv1.3 only, send the Post-Handshake Authentication extension. This will happen whether or not a certificate has been provided via B<-cert>. -=item I:I - -Rather than providing B<-connect>, the target hostname and optional port may -be provided as a single positional argument after all options. If neither this -nor B<-connect> are provided, falls back to attempting to connect to -I on port I<4433>. +{- $OpenSSL::safe::opt_version_item -} {- $OpenSSL::safe::opt_name_item -} @@ -702,6 +668,13 @@ I on port I<4433>. {- $OpenSSL::safe::opt_engine_item -} +=item I:I + +Rather than providing B<-connect>, the target hostname and optional port may +be provided as a single positional argument after all options. If neither this +nor B<-connect> are provided, falls back to attempting to connect to +I on port I<4433>. + =back =head1 CONNECTED COMMANDS diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in index 743ad616d5..47343585bd 100644 --- a/doc/man1/openssl-s_server.pod.in +++ b/doc/man1/openssl-s_server.pod.in @@ -83,11 +83,6 @@ B B [B<-split_send_frag> I<+int>] [B<-max_pipelines> I<+int>] [B<-read_buf> I<+int>] -[B<-no_ssl3>] -[B<-no_tls1>] -[B<-no_tls1_1>] -[B<-no_tls1_2>] -[B<-no_tls1_3>] [B<-bugs>] [B<-no_comp>] [B<-comp>] @@ -149,17 +144,9 @@ B B [B<-psk_session> I] [B<-srpvfile> I]
[tools] master update
The branch master has been updated via cbda6bd72e4abbe16a4a260312b1289a0e9e4764 (commit) from 73b0391902c67f9ebfcd5fa96cc10734d9631da8 (commit) - Log - commit cbda6bd72e4abbe16a4a260312b1289a0e9e4764 Author: Nicola Tuveri Date: Sun Jan 5 10:52:57 2020 +0200 Apply OTC changes to gitaddrev After the changes in https://github.com/openssl/web/pull/146 `gitaddrev` (on which `addrev` depends) required an update to count OTC approvals rather than OMC approvals. Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/tools/pull/50) --- Summary of changes: review-tools/gitaddrev | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/review-tools/gitaddrev b/review-tools/gitaddrev index 1c2071e..177a92a 100755 --- a/review-tools/gitaddrev +++ b/review-tools/gitaddrev @@ -29,7 +29,7 @@ my @reviewers; my @nocla_reviewers; my @unknown_reviewers; my $skip_reviewer; -my $omccount = 0; +my $otccount = 0; sub try_add_reviewer { my $id = shift; my $rc = undef; @@ -39,7 +39,7 @@ sub try_add_reviewer { my $cla = $query->has_cla(lc $rev); if ($cla) { unless (grep {$_ eq $rev} @reviewers) { - $omccount++ if $query->is_member_of($id2, 'omc'); + $otccount++ if $query->is_member_of($id2, 'otc'); push @reviewers, $rev; } $rc = $rev; @@ -64,9 +64,9 @@ foreach (@ARGV) { foreach ($query->list_people()) { my $email_id = (grep { ref($_) eq "" && $_ =~ m|\@| } @$_)[0]; my $rev = $query->find_person_tag($email_id, 'rev'); - my $omc = $query->is_member_of($email_id, 'omc'); + my $otc = $query->is_member_of($email_id, 'otc'); next unless $query->has_cla(lc $rev); - next unless $query->is_member_of($email_id, 'commit') || $omc; + next unless $query->is_member_of($email_id, 'commit') || $otc; my @ids = sort grep { $_ =~ /^[a-z]+$/ || $_ =~ /^\@(?:\w|\w-\w)+$/ } map { @@ -78,13 +78,13 @@ foreach (@ARGV) { } } @$_; foreach (@ids) { - $list{$_} = { tag => $rev, omc => $omc }; + $list{$_} = { tag => $rev, otc => $otc }; } } foreach (sort { my $res = $list{$a}->{tag} cmp $list{$b}->{tag}; $res != 0 ? $res : ($a cmp $b) } keys %list) { printf "%-15s %-6s (%s)\n", - $_, $list{$_}->{omc} ? "[OMC]" : "", $list{$_}->{tag}; + $_, $list{$_}->{otc} ? "[OTC]" : "", $list{$_}->{tag}; } exit 0; } elsif (/^--reviewer=(.+)$/) { @@ -158,8 +158,8 @@ print STDERR "Going with these reviewers:\n ", join("\n ", @reviewers), "\n" if (scalar @reviewers < 2) { die "Too few reviewers (total must be at least 2)\n"; } -if ($omccount < 1) { -die "At least one of the reviewers must be an OMC member\n"; +if ($otccount < 1) { +die "At least one of the reviewers must be an OTC member\n"; } if ($skip_reviewer) { @reviewers = grep { $_ ne $skip_reviewer } @reviewers;
Build completed: openssl master.30744
Build openssl master.30744 completed Commit 04308c8433 by Dr. David von Oheimb on 1/13/2020 7:47 AM: fixup! fix various formatting nits in CMP contribution chunks 1-6 found by the new util/check-format.pl correct wording in doc, comments, and parameter names: self-signed -> self-issued where appropriate Configure your notification preferences
Build failed: openssl master.30743
Build openssl master.30743 failed Commit 4d97f53ecc by H.J. Lu on 1/7/2020 6:15 PM: i386: Add endbr32 to jump table in BF_cbc_encrypt Configure your notification preferences
[openssl] master update
The branch master has been updated via 6d242fa585d6e52ee6e099ac4f89601231c0f1d3 (commit) via 557d673783f82795e8ae8ca71b0092f9dbdaaeef (commit) from 0ae5d4d6f8a0cd17fb9beb5876827f311c1b350c (commit) - Log - commit 6d242fa585d6e52ee6e099ac4f89601231c0f1d3 Author: Matt Caswell Date: Thu Jan 9 15:21:14 2020 + Add a test for HMAC via EVP_DigestSign* We test with both an implicitly fetched digest and an explicitly fetched digest. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10796) commit 557d673783f82795e8ae8ca71b0092f9dbdaaeef Author: Matt Caswell Date: Thu Jan 9 15:58:19 2020 + Always go the legacy route if EVP_MD_CTX_FLAG_NO_INIT is set If we're using an explicitly fetched digest in an EVP_DigestUpdate operation, then we should still go the legacy route if EVP_MD_CTX_FLAG_NO_INIT has been set because we are being used in the context of a legacy signature algorithm and EVP_DigestInit has not been called. This fixes a seg fault in EVP_DigestSignUpdate() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10796) --- Summary of changes: crypto/evp/digest.c | 7 +++-- test/evp_extra_test.c | 85 --- 2 files changed, 66 insertions(+), 26 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 92dca9854b..adde3e13ab 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -303,7 +303,9 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) return 0; } -if (ctx->digest == NULL || ctx->digest->prov == NULL) +if (ctx->digest == NULL +|| ctx->digest->prov == NULL +|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) goto legacy; if (ctx->digest->dupdate == NULL) { @@ -422,7 +424,8 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) return 0; } -if (in->digest->prov == NULL) +if (in->digest->prov == NULL +|| (in->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) goto legacy; if (in->digest->dupctx == NULL) { diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 387e29496f..e7e73cd150 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -451,6 +451,22 @@ end: } #endif +static EVP_PKEY *load_example_hmac_key(void) +{ +EVP_PKEY *pkey = NULL; +unsigned char key[] = { +0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, +0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, +0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f +}; + +pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key)); +if (!TEST_ptr(pkey)) +return NULL; + +return pkey; +} + static int test_EVP_Enveloped(void) { int ret = 0; @@ -495,10 +511,15 @@ err: } /* - * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA) - * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA) - * Test 2: Use an MD BIO to do the Update calls instead (RSA) - * Test 3: Use an MD BIO to do the Update calls instead (DSA) + * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA) + * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA) + * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC) + * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA) + * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA) + * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC) + * Test 6: Use an MD BIO to do the Update calls instead (RSA) + * Test 7: Use an MD BIO to do the Update calls instead (DSA) + * Test 8: Use an MD BIO to do the Update calls instead (HMAC) */ static int test_EVP_DigestSignInit(int tst) { @@ -510,8 +531,10 @@ static int test_EVP_DigestSignInit(int tst) EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL; BIO *mdbio = NULL, *membio = NULL; size_t written; +const EVP_MD *md; +EVP_MD *mdexp = NULL; -if (tst >= 2) { +if (tst >= 6) { membio = BIO_new(BIO_s_mem()); mdbio = BIO_new(BIO_f_md()); if (!TEST_ptr(membio) || !TEST_ptr(mdbio)) @@ -525,10 +548,10 @@ static int test_EVP_DigestSignInit(int tst) goto out; } -if (tst == 0 || tst == 2) { +if (tst == 0 || tst == 3 || tst == 6) { if (!TEST_ptr(pkey = load_example_rsa_key())) goto out; -} else { +} else if (tst == 1 || tst == 4 || tst == 7) { #ifndef OPENSSL_NO_DSA if (!TEST_ptr(pkey = load_example_dsa_key()))
[openssl] master update
The branch master has been updated via 0ae5d4d6f8a0cd17fb9beb5876827f311c1b350c (commit) from 291850b473ef5d83ac7d90bdcd7f68d186515348 (commit) - Log - commit 0ae5d4d6f8a0cd17fb9beb5876827f311c1b350c Author: Matt Caswell Date: Thu Jan 2 16:15:26 2020 + Deprecate the Low Level CAST APIs Applications should instead use the higher level EVP APIs, e.g. EVP_Encrypt*() and EVP_Decrypt*(). Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10742) --- Summary of changes: CHANGES| 9 apps/speed.c | 8 +-- crypto/cast/c_cfb64.c | 6 +++ crypto/cast/c_ecb.c| 6 +++ crypto/cast/c_enc.c| 6 +++ crypto/cast/c_ofb64.c | 6 +++ crypto/cast/c_skey.c | 6 +++ crypto/evp/e_cast.c| 6 +++ include/openssl/cast.h | 57 ++ providers/implementations/ciphers/cipher_cast5.c | 6 +++ .../implementations/ciphers/cipher_cast5_hw.c | 6 +++ test/build.info| 13 ++--- test/casttest.c| 6 +++ test/recipes/05-test_cast.t| 11 + util/libcrypto.num | 14 +++--- 15 files changed, 130 insertions(+), 36 deletions(-) diff --git a/CHANGES b/CHANGES index e47c8ab968..215fd13b60 100644 --- a/CHANGES +++ b/CHANGES @@ -18,6 +18,15 @@ equivalently named decrypt functions. [Matt Caswell] + *) All of the low level CAST functions have been deprecated including: + CAST_set_key, CAST_ecb_encrypt, CAST_encrypt, CAST_decrypt, + CAST_cbc_encrypt, CAST_cfb64_encrypt and CAST_ofb64_encrypt + Use of these low level functions has been informally discouraged for a long + time. Instead applications should use the high level EVP APIs, e.g. + EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the + equivalently named decrypt functions. + [Matt Caswell] + *) All of the low level Camelllia functions have been deprecated including: Camellia_set_key, Camellia_encrypt, Camellia_decrypt, Camellia_ecb_encrypt, Camellia_cbc_encrypt, Camellia_cfb128_encrypt, Camellia_cfb1_encrypt, diff --git a/apps/speed.c b/apps/speed.c index bb57da9c85..67bf650ec2 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -389,7 +389,7 @@ static const OPT_PAIR doit_choices[] = { {"blowfish", D_CBC_BF}, {"bf", D_CBC_BF}, #endif -#ifndef OPENSSL_NO_CAST +#if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0) {"cast-cbc", D_CBC_CAST}, {"cast", D_CBC_CAST}, {"cast5", D_CBC_CAST}, @@ -1464,7 +1464,7 @@ int speed_main(int argc, char **argv) #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0) BF_KEY bf_ks; #endif -#ifndef OPENSSL_NO_CAST +#if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0) CAST_KEY cast_ks; #endif static const unsigned char key16[16] = { @@ -1992,7 +1992,7 @@ int speed_main(int argc, char **argv) if (doit[D_CBC_BF]) BF_set_key(_ks, 16, key16); #endif -#ifndef OPENSSL_NO_CAST +#if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0) if (doit[D_CBC_CAST]) CAST_set_key(_ks, 16, key16); #endif @@ -2672,7 +2672,7 @@ int speed_main(int argc, char **argv) } } #endif -#ifndef OPENSSL_NO_CAST +#if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0) if (doit[D_CBC_CAST]) { if (async_jobs > 0) { BIO_printf(bio_err, "Async mode is not supported with %s\n", diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c index 1ae13bc3d8..805a51d450 100644 --- a/crypto/cast/c_cfb64.c +++ b/crypto/cast/c_cfb64.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * CAST low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include #include "cast_local.h" diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c index 2b841ac919..cbd044366d 100644 --- a/crypto/cast/c_ecb.c +++ b/crypto/cast/c_ecb.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * CAST low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include #include "cast_local.h" #include diff --git a/crypto/cast/c_enc.c b/crypto/cast/c_enc.c index 7e2461dfca..ede9f2e815 100644 --- a/crypto/cast/c_enc.c +++ b/crypto/cast/c_enc.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * CAST low level
Build completed: openssl master.30737
Build openssl master.30737 completed Commit be0363ff5c by Richard Levitte on 1/13/2020 11:28 AM: DSA: Move DSA_security_bits() and DSA_bits() Configure your notification preferences
[openssl] master update
The branch master has been updated via 291850b473ef5d83ac7d90bdcd7f68d186515348 (commit) from 652fba9ef74c1fe92b80d178ada419057d873682 (commit) - Log - commit 291850b473ef5d83ac7d90bdcd7f68d186515348 Author: Matt Caswell Date: Thu Jan 2 15:22:19 2020 + Deprecate Low Level Camellia APIs Applications should instead use the higher level EVP APIs, e.g. EVP_Encrypt*() and EVP_Decrypt*(). Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10741) --- Summary of changes: CHANGES| 10 +++ apps/speed.c | 10 ++- crypto/camellia/camellia.c | 6 ++ crypto/camellia/cmll_cbc.c | 6 ++ crypto/camellia/cmll_cfb.c | 6 ++ crypto/camellia/cmll_ctr.c | 6 ++ crypto/camellia/cmll_ecb.c | 6 ++ crypto/camellia/cmll_misc.c| 6 ++ crypto/camellia/cmll_ofb.c | 6 ++ crypto/evp/e_camellia.c| 6 ++ include/openssl/camellia.h | 99 ++ .../implementations/ciphers/cipher_camellia.c | 6 ++ .../implementations/ciphers/cipher_camellia_hw.c | 6 ++ util/libcrypto.num | 20 ++--- 14 files changed, 150 insertions(+), 49 deletions(-) diff --git a/CHANGES b/CHANGES index 08687f7972..e47c8ab968 100644 --- a/CHANGES +++ b/CHANGES @@ -18,6 +18,16 @@ equivalently named decrypt functions. [Matt Caswell] + *) All of the low level Camelllia functions have been deprecated including: + Camellia_set_key, Camellia_encrypt, Camellia_decrypt, Camellia_ecb_encrypt, + Camellia_cbc_encrypt, Camellia_cfb128_encrypt, Camellia_cfb1_encrypt, + Camellia_cfb8_encrypt, Camellia_ofb128_encrypt and Camellia_ctr128_encrypt. + Use of these low level functions has been informally discouraged for a long + time. Instead applications should use the high level EVP APIs, e.g. + EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the + equivalently named decrypt functions. + [Matt Caswell] + *) Removed include/openssl/opensslconf.h.in and replaced it with include/openssl/configuration.h.in, which differs in not including . A short header include/openssl/opensslconf.h diff --git a/apps/speed.c b/apps/speed.c index 5b87293123..bb57da9c85 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1471,6 +1471,7 @@ int speed_main(int argc, char **argv) 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }; +#ifndef OPENSSL_NO_DEPRECATED_3_0 static const unsigned char key24[24] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, @@ -1482,7 +1483,8 @@ int speed_main(int argc, char **argv) 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56 }; -#ifndef OPENSSL_NO_CAMELLIA +#endif +#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) CAMELLIA_KEY camellia_ks[3]; #endif #ifndef OPENSSL_NO_RSA @@ -1758,7 +1760,7 @@ int speed_main(int argc, char **argv) continue; } #endif -#ifndef OPENSSL_NO_CAMELLIA +#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) if (strcmp(algo, "camellia") == 0) { doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1; continue; @@ -1956,7 +1958,7 @@ int speed_main(int argc, char **argv) AES_set_encrypt_key(key24, 192, _ks2); AES_set_encrypt_key(key32, 256, _ks3); #endif -#ifndef OPENSSL_NO_CAMELLIA +#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) { Camellia_set_key(key16, 128, _ks[0]); Camellia_set_key(key24, 192, _ks[1]); @@ -2503,7 +2505,7 @@ int speed_main(int argc, char **argv) CRYPTO_gcm128_release(loopargs[i].gcm_ctx); } #endif /* OPENSSL_NO_DEPRECATED_3_0 */ -#ifndef OPENSSL_NO_CAMELLIA +#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) if (doit[D_CBC_128_CML]) { if (async_jobs > 0) { BIO_printf(bio_err, "Async mode is not supported with %s\n", diff --git a/crypto/camellia/camellia.c b/crypto/camellia/camellia.c index cb285d05ed..fd493a8a83 100644 --- a/crypto/camellia/camellia.c +++ b/crypto/camellia/camellia.c @@ -39,6 +39,12 @@ * words reasonable performance even with not so modern compilers. */ +/* + * Camellia low level APIs are deprecated for public use, but still ok for + * internal
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-multiblock
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-multiblock Commit log since last time: 42b3f10b5e When deprecated symbols are removed, ensure liblegacy has WHIRLPOOL 7c3aa39fe3 Deprecate the low level Whirlpool functions. c52ec197aa whirlpool: fix preprocessor indentation 33ee9ae059 Deprecate the low level MDC2 functions. 0feef76fe0 mdc2: fix preprocessor indentation 8ffb20ce05 Deprecate the low level MD4 functions. 01b0768d09 md4: fix preprocessor indentation 58e1f3d6d4 Deprecate the low level MD2 functions. b2be1ea2c3 md2: fix preprocessor indentation 601fca1778 Deprecate the low level RIPEMD160 functions. 65167dba89 ripemd: fix preprocessor indentation e683582bf3 Add dsa signature alg to fips provider e0e68f9e34 Tweak option error messages 7671420d9e testutil_init.c: fix compilation error with enable-trace 11b4435986 Add GCM support for EVP_CTRL_GCM_IV_GEN and EVP_CTRL_GCM_SET_IV_INV to providers Build log ended with (last 100 lines): clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Win compatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-by_dir.d.tmp -MT crypto/x509/libcrypto-lib-by_dir.o -c -o crypto/x509/libcrypto-lib-by_dir.o ../openssl/crypto/x509/by_dir.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Win compatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-by_file.d.tmp -MT crypto/x509/libcrypto-lib-by_file.o -c -o crypto/x509/libcrypto-lib-by_file.o ../openssl/crypto/x509/by_file.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token
Build failed: openssl master.30736
Build openssl master.30736 failed Commit 7655cb1f56 by H.J. Lu on 1/7/2020 6:15 PM: i386: Add endbr32 to jump table in BF_cbc_encrypt Configure your notification preferences
[openssl] master update
The branch master has been updated via 652fba9ef74c1fe92b80d178ada419057d873682 (commit) via 28104cdda3f1272e3e41f6eec2b5bff9f4fc162e (commit) via 1f9bfd899308960c1621ba07366f3c911fd27058 (commit) via 86a15d8366f4773d3f40510a4dc21bd5cc5c9974 (commit) from bbe486cf6154df3d3aaedbae6c5b82d4ed31a5f8 (commit) - Log - commit 652fba9ef74c1fe92b80d178ada419057d873682 Author: Dr. David von Oheimb Date: Sat Dec 21 20:46:07 2019 +0100 handle new findings of find-doc-nits on fn typedefs w/ extra space Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10673) commit 28104cdda3f1272e3e41f6eec2b5bff9f4fc162e Author: Dr. David von Oheimb Date: Sat Dec 21 20:42:10 2019 +0100 make find-doc-nits report function typedef w/ space before arg list Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10673) commit 1f9bfd899308960c1621ba07366f3c911fd27058 Author: Dr. David von Oheimb Date: Sat Dec 21 19:48:19 2019 +0100 handle new findings of find-doc-nits for certain typedefs Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10673) commit 86a15d8366f4773d3f40510a4dc21bd5cc5c9974 Author: Dr. David von Oheimb Date: Sat Dec 21 19:35:45 2019 +0100 improve 'typedef' patterns of find-doc-nits Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10673) --- Summary of changes: doc/man3/OSSL_CMP_CTX_new.pod| 15 -- doc/man3/OSSL_CMP_log_open.pod | 7 --- doc/man3/SSL_extension_supported.pod | 39 +++- util/find-doc-nits | 9 +++-- util/other.syms | 7 +++ 5 files changed, 48 insertions(+), 29 deletions(-) diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod index 96d6841fb2..aa42d55352 100644 --- a/doc/man3/OSSL_CMP_CTX_new.pod +++ b/doc/man3/OSSL_CMP_CTX_new.pod @@ -16,9 +16,11 @@ OSSL_CMP_CTX_set_serverPort, OSSL_CMP_CTX_set1_proxyName, OSSL_CMP_CTX_set_proxyPort, OSSL_CMP_DEFAULT_PORT, +OSSL_cmp_http_cb_t, OSSL_CMP_CTX_set_http_cb, OSSL_CMP_CTX_set_http_cb_arg, OSSL_CMP_CTX_get_http_cb_arg, +OSSL_cmp_transfer_cb_t, OSSL_CMP_CTX_set_transfer_cb, OSSL_CMP_CTX_set_transfer_cb_arg, OSSL_CMP_CTX_get_transfer_cb_arg, @@ -46,6 +48,7 @@ OSSL_CMP_CTX_push0_policy, OSSL_CMP_CTX_set1_oldCert, OSSL_CMP_CTX_set1_p10CSR, OSSL_CMP_CTX_push0_genm_ITAV, +OSSL_cmp_certConf_cb_t, OSSL_CMP_CTX_set_certConf_cb, OSSL_CMP_CTX_set_certConf_cb_arg, OSSL_CMP_CTX_get_certConf_cb_arg, @@ -81,14 +84,14 @@ OSSL_CMP_CTX_set1_senderNonce int OSSL_CMP_CTX_set1_proxyName(OSSL_CMP_CTX *ctx, const char *name); int OSSL_CMP_CTX_set_proxyPort(OSSL_CMP_CTX *ctx, int port); #define OSSL_CMP_DEFAULT_PORT 80 - typedef BIO (*OSSL_cmp_http_cb_t) (OSSL_CMP_CTX *ctx, BIO *hbio, + typedef BIO *(*OSSL_cmp_http_cb_t)(OSSL_CMP_CTX *ctx, BIO *hbio, unsigned long detail); int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_cmp_http_cb_t cb); int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg); void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx); - typedef int (*OSSL_cmp_transfer_cb_t) (OSSL_CMP_CTX *ctx, -const OSSL_CMP_MSG *req, -OSSL_CMP_MSG **res); + typedef int (*OSSL_cmp_transfer_cb_t)(OSSL_CMP_CTX *ctx, + const OSSL_CMP_MSG *req, + OSSL_CMP_MSG **res); int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_cmp_transfer_cb_t cb); int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg); @@ -135,8 +138,8 @@ OSSL_CMP_CTX_set1_senderNonce int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav); /* certificate confirmation: */ - typedef int (*OSSL_cmp_certConf_cb_t) (OSSL_CMP_CTX *ctx, X509 *cert, -int fail_info, const char **txt); + typedef int (*OSSL_cmp_certConf_cb_t)(OSSL_CMP_CTX *ctx, X509 *cert, + int fail_info, const char **txt); int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_cmp_certConf_cb_t cb); int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg); void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx); diff --git a/doc/man3/OSSL_CMP_log_open.pod b/doc/man3/OSSL_CMP_log_open.pod index 2b803ad08e..64399e2b72 100644 --- a/doc/man3/OSSL_CMP_log_open.pod +++ b/doc/man3/OSSL_CMP_log_open.pod @@ -23,6 +23,7 @@
Build completed: openssl master.30730
Build openssl master.30730 completed Commit e66d284f18 by Richard Levitte on 1/13/2020 8:52 AM: fixup! EVP: Adapt EVP_PKEY Seal and Open for provider keys Configure your notification preferences
Build failed: openssl master.30729
Build openssl master.30729 failed Commit 6008f279d4 by Richard Levitte on 1/12/2020 12:23 AM: Add CHANGES entry regarding the documentation of EVP_PKEY_size() et al Configure your notification preferences
Build failed: openssl master.30728
Build openssl master.30728 failed Commit 7ea07e8e7b by Richard Levitte on 1/13/2020 8:31 AM: fixup! EVP: Adapt EVP_PKEY checking, comparing and copying for provider keys Configure your notification preferences
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 5f6343dea1233deb6d762e24e0e0d3d795b9513d (commit) from 6d5e2a41793da9891e08f61a77f636e297db (commit) - Log - commit 5f6343dea1233deb6d762e24e0e0d3d795b9513d Author: Richard Levitte Date: Thu Jan 9 14:49:53 2020 +0100 Configure: use $list_separator_re only for defines and includes This regexp was used a bit too uncontrolled, which had it split flag values where it should not have. Fixes #10792 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10793) (cherry picked from commit bbe486cf6154df3d3aaedbae6c5b82d4ed31a5f8) --- Summary of changes: Configure | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index 317940de11..35436d990d 100755 --- a/Configure +++ b/Configure @@ -533,7 +533,7 @@ while ((my $first, my $second) = (shift @list, shift @list)) { if ($#ARGV < 0); -# For the "make variables" CINCLUDES and CDEFINES, we support lists with +# For the "make variables" CPPINCLUDES and CPPDEFINES, we support lists with # platform specific list separators. Users from those platforms should # recognise those separators from how you set up the PATH to find executables. # The default is the Unix like separator, :, but as an exception, we also @@ -974,7 +974,11 @@ foreach (keys %user) { if (defined $value) { if (ref $user{$_} eq 'ARRAY') { -$user{$_} = [ split /$list_separator_re/, $value ]; +if ($_ eq 'CPPDEFINES' || $_ eq 'CPPINCLUDES') { +$user{$_} = [ split /$list_separator_re/, $value ]; +} else { +$user{$_} = [ $value ]; +} } elsif (!defined $user{$_}) { $user{$_} = $value; }
[openssl] master update
The branch master has been updated via bbe486cf6154df3d3aaedbae6c5b82d4ed31a5f8 (commit) from 42b3f10b5e461496aab1f74d24103d6902ebfcd5 (commit) - Log - commit bbe486cf6154df3d3aaedbae6c5b82d4ed31a5f8 Author: Richard Levitte Date: Thu Jan 9 14:49:53 2020 +0100 Configure: use $list_separator_re only for defines and includes This regexp was used a bit too uncontrolled, which had it split flag values where it should not have. Fixes #10792 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10793) --- Summary of changes: Configure | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index 8ee0fbdb25..1e86bfa198 100755 --- a/Configure +++ b/Configure @@ -590,7 +590,7 @@ while ((my $first, my $second) = (shift @list, shift @list)) { if ($#ARGV < 0); -# For the "make variables" CINCLUDES and CDEFINES, we support lists with +# For the "make variables" CPPINCLUDES and CPPDEFINES, we support lists with # platform specific list separators. Users from those platforms should # recognise those separators from how you set up the PATH to find executables. # The default is the Unix like separator, :, but as an exception, we also @@ -1030,7 +1030,11 @@ foreach (keys %user) { if (defined $value) { if (ref $user{$_} eq 'ARRAY') { -$user{$_} = [ split /$list_separator_re/, $value ]; +if ($_ eq 'CPPDEFINES' || $_ eq 'CPPINCLUDES') { +$user{$_} = [ split /$list_separator_re/, $value ]; +} else { +$user{$_} = [ $value ]; +} } elsif (!defined $user{$_}) { $user{$_} = $value; }