[openssl] master update
The branch master has been updated via d5e66eab0bc08d701ba8386d3a36d417d19966aa (commit) from 450d12c825cc9016e5e8990423fa7ffdb843a1f0 (commit) - Log - commit d5e66eab0bc08d701ba8386d3a36d417d19966aa Author: Shane Lontis Date: Tue Feb 4 13:50:51 2020 +1000 Fix coverity issues CID 1457745...1457752, 1457853, 1457854 CID 1457854 - keymgmt_lib.c : OVERRUN CID 1457853 - self_test_kats.c : UNINT CID 1457752 - fipsprov.c RESOURCE_LEAK (code change in another PR removed this) CID 1457751 - apps/pkcs12.c CHECKED_RETURN CID 1457750 - dsa_ossl.c RESOURCE_LEAK (marked as false positive since tmp can not be NULL) CID 1457749 - apps/nseq.c : CHECKED_RETURN CID 1457748 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH CID 1457747 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH CID 1457746 - same as 1457752 CID 1457745 - apps/ocsp : CHECKED_RETURN Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10934) --- Summary of changes: apps/nseq.c | 6 -- apps/ocsp.c | 3 ++- apps/pkcs12.c | 7 --- crypto/evp/keymgmt_lib.c| 3 ++- providers/fips/self_test_kats.c | 13 ++--- providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c | 4 ++-- 6 files changed, 24 insertions(+), 12 deletions(-) diff --git a/apps/nseq.c b/apps/nseq.c index 5b7ab67dd1..9d1e0950e8 100644 --- a/apps/nseq.c +++ b/apps/nseq.c @@ -82,8 +82,10 @@ int nseq_main(int argc, char **argv) seq->certs = sk_X509_new_null(); if (seq->certs == NULL) goto end; -while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) -sk_X509_push(seq->certs, x509); +while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) { +if (!sk_X509_push(seq->certs, x509)) +goto end; +} if (!sk_X509_num(seq->certs)) { BIO_printf(bio_err, "%s: Error reading certs file %s\n", diff --git a/apps/ocsp.c b/apps/ocsp.c index dc1b7601bb..4c66e966ef 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -451,7 +451,8 @@ int ocsp_main(int argc, char **argv) if ((issuers = sk_X509_new_null()) == NULL) goto end; } -sk_X509_push(issuers, issuer); +if (!sk_X509_push(issuers, issuer)) +goto end; break; case OPT_CERT: X509_free(cert); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 5eff88b644..091318b67d 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -893,12 +893,13 @@ static int alg_print(const X509_ALGOR *alg) int cert_load(BIO *in, STACK_OF(X509) *sk) { -int ret; +int ret = 0; X509 *cert; -ret = 0; + while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { ret = 1; -sk_X509_push(sk, cert); +if (!sk_X509_push(sk, cert)) +return 0; } if (ret) ERR_clear_error(); diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 5e208b21b8..6990c0cdaa 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -135,7 +135,8 @@ void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, * have to think about a cache aging scheme, though, if |i| indexes * outside the array. */ -j = ossl_assert(i < OSSL_NELEM(pk->pkeys)); +if (!ossl_assert(i < OSSL_NELEM(pk->pkeys))) +return NULL; evp_keymgmt_cache_pkey(pk, i, keymgmt, provdata, want_domainparams); diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index 3ccd3f66ed..f67f4f69c8 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,6 +10,7 @@ #include #include #include +#include "internal/cryptlib.h" #include "internal/nelem.h" #include "self_test.h" #include "self_test_data.inc" @@ -140,15 +141,20 @@ static int self_test_kdf(const ST_KAT_KDF *t, OSSL_ST_EVENT *event, OPENSSL_CTX *libctx) { int ret = 0; -int i; +int i, numparams; unsigned char out[64]; EVP_KDF *kdf = NULL; EVP_KDF_CTX *ctx = NULL; OSSL_PARAM params[16]; const OSSL_PARAM *settables = NULL; +numparams = OSSL_NELEM(params); SELF_TEST_EVENT_onbegin(event, OSSL_SELF_TEST_TYPE_KAT_KDF, t->desc);
FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm3
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): 61-test_bio_prefix.t ... ok 65-test_cmp_asn.t .. ok 65-test_cmp_ctx.t .. ok 65-test_cmp_hdr.t .. ok 65-test_cmp_msg.t .. ok 65-test_cmp_protect.t .. ok 65-test_cmp_status.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz.t . ok Test Summary Report --- 15-test_ecdsa.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=188, Tests=1762, 354 wallclock secs ( 6.61 usr 1.12 sys + 333.14 cusr 26.33
FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm2
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): 61-test_bio_prefix.t ... ok 65-test_cmp_asn.t .. ok 65-test_cmp_ctx.t .. ok 65-test_cmp_hdr.t .. ok 65-test_cmp_msg.t .. ok 65-test_cmp_protect.t .. ok 65-test_cmp_status.t ... ok 70-test_asyncio.t .. ok 70-test_bad_dtls.t . ok 70-test_clienthello.t .. ok 70-test_comp.t . ok 70-test_key_share.t ok 70-test_packet.t ... ok 70-test_recordlen.t ok 70-test_renegotiation.t ok 70-test_servername.t ... ok 70-test_sslcbcpadding.t ok 70-test_sslcertstatus.t ok 70-test_sslextension.t . ok 70-test_sslmessages.t .. ok 70-test_sslrecords.t ... ok 70-test_sslsessiontick.t ... ok 70-test_sslsigalgs.t ... ok 70-test_sslsignature.t . ok 70-test_sslskewith0p.t . ok 70-test_sslversions.t .. ok 70-test_sslvertol.t ok 70-test_tls13alerts.t .. ok 70-test_tls13cookie.t .. ok 70-test_tls13downgrade.t ... ok 70-test_tls13hrr.t . ok 70-test_tls13kexmodes.t ok 70-test_tls13messages.t ok 70-test_tls13psk.t . ok 70-test_tlsextms.t . ok 70-test_verify_extra.t . ok 70-test_wpacket.t .. ok 71-test_ssl_ctx.t .. ok 80-test_ca.t ... ok 80-test_cipherbytes.t .. ok 80-test_cipherlist.t ... ok 80-test_ciphername.t ... ok 80-test_cms.t .. ok 80-test_cmsapi.t ... ok 80-test_ct.t ... ok 80-test_dane.t . ok 80-test_dtls.t . ok 80-test_dtls_mtu.t . ok 80-test_dtlsv1listen.t . ok 80-test_ocsp.t . ok 80-test_pkcs12.t ... ok 80-test_ssl_new.t .. ok 80-test_ssl_old.t .. ok 80-test_ssl_test_ctx.t . ok 80-test_sslcorrupt.t ... ok 80-test_tsa.t .. ok 80-test_x509aux.t .. ok 90-test_asn1_time.t ok 90-test_async.t ok 90-test_bio_enc.t .. ok 90-test_bio_memleak.t .. ok 90-test_constant_time.t ok 90-test_fatalerr.t . ok 90-test_gmdiff.t ... ok 90-test_gost.t . ok 90-test_ige.t .. ok 90-test_includes.t . ok 90-test_memleak.t .. ok 90-test_overhead.t . ok 90-test_secmem.t ... ok 90-test_shlibload.t ok 90-test_srp.t .. ok 90-test_sslapi.t ... ok 90-test_sslbuffers.t ... ok 90-test_store.t ok 90-test_sysdefault.t ... ok 90-test_threads.t .. ok 90-test_time_offset.t .. ok 90-test_tls13ccs.t . ok 90-test_tls13encryption.t .. ok 90-test_tls13secrets.t . ok 90-test_v3name.t ... ok 95-test_external_boringssl.t ... skipped: No external tests in this configuration 95-test_external_krb5.t skipped: No external tests in this configuration 95-test_external_pyca.t skipped: No external tests in this configuration 99-test_ecstress.t . ok 99-test_fuzz.t . ok Test Summary Report --- 15-test_ecdsa.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=188, Tests=1762, 350 wallclock secs ( 6.49 usr 1.09 sys + 332.22 cusr 25.61
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/dhtest-bin-dhtest.d.tmp -MT test/dhtest-bin-dhtest.o -c -o test/dhtest-bin-dhtest.o ../openssl/test/dhtest.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/drbg_cavs_test-bin-drbg_cavs_data_ctr.d.tmp -MT test/drbg_cavs_test-bin-drbg_cavs_data_ctr.o -c -o test/drbg_cavs_test-bin-drbg_cavs_data_ctr.o ../openssl/test/drbg_cavs_data_ctr.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/drbg_cavs_test-bin-drbg_cavs_data_hash.d.tmp -MT test/drbg_cavs_test-bin-drbg_cavs_data_hash.o -c -o test/drbg_cavs_test-bin-drbg_cavs_data_hash.o ../openssl/test/drbg_cavs_data_hash.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/drbg_cavs_test-bin-drbg_cavs_data_hmac.d.tmp -MT test/drbg_cavs_test-bin-drbg_cavs_data_hmac.o -c -o test/drbg_cavs_test-bin-drbg_cavs_data_hmac.o ../openssl/test/drbg_cavs_data_hmac.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare
Build completed: openssl master.31343
Build openssl master.31343 completed Commit 2681f4a58d by Rich Salz on 2/3/2020 9:06 PM: More accurate doc of -ssl_config option Configure your notification preferences
Build failed: openssl master.31342
Build openssl master.31342 failed Commit 69fa447209 by Dr. Matthias St. Pierre on 2/3/2020 7:11 PM: fixup! doc: add missing CHANGES entries for all versions >= 1.0.0 Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/destest-bin-destest.d.tmp -MT test/destest-bin-destest.o -c -o test/destest-bin-destest.o ../openssl/test/destest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/dhtest-bin-dhtest.d.tmp -MT test/dhtest-bin-dhtest.o -c -o test/dhtest-bin-dhtest.o ../openssl/test/dhtest.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/drbg_cavs_test-bin-drbg_cavs_data_ctr.d.tmp -MT test/drbg_cavs_test-bin-drbg_cavs_data_ctr.o -c -o test/drbg_cavs_test-bin-drbg_cavs_data_ctr.o ../openssl/test/drbg_cavs_data_ctr.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -MMD -MF test/drbg_cavs_test-bin-drbg_cavs_data_hash.d.tmp -MT test/drbg_cavs_test-bin-drbg_cavs_data_hash.o -c -o test/drbg_cavs_test-bin-drbg_cavs_data_hash.o ../openssl/test/drbg_cavs_data_hash.c clang -Iinclude -Iapps/include -Itest -I. -Icrypto/include -I../openssl/include -I../openssl/apps/include -I../openssl/test -I../openssl -I../openssl/crypto/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality
Still FAILED build of OpenSSL branch master with options -d --strict-warnings 386
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings 386 Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualif iers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-x509_trs.d.tmp -MT crypto/x509/libcrypto-lib-x509_trs.o -c -o crypto/x509/libcrypto-lib-x509_trs.o ../openssl/crypto/x509/x509_trs.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualif iers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-x509_txt.d.tmp -MT crypto/x509/libcrypto-lib-x509_txt.o -c -o crypto/x509/libcrypto-lib-x509_txt.o ../openssl/crypto/x509/x509_txt.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized
Fixed: openssl/openssl#31903 (master - 450d12c)
Build Update for openssl/openssl - Build: #31903 Status: Fixed Duration: 42 mins and 54 secs Commit: 450d12c (master) Author: Richard Levitte Message: Fix krb5 external test failure The krb5 test requires the legacy module to be loaded in order to work. It also seems to be senstive to using relative paths, so we use absolute ones instead. [extended tests] Reviewed-by: Matthias St. Pierre Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10992) View the changeset: https://github.com/openssl/openssl/compare/5a778ce5740b...450d12c825cc View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645563965?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#31900 (master - 5a778ce)
Build Update for openssl/openssl - Build: #31900 Status: Still Failing Duration: 50 mins and 16 secs Commit: 5a778ce (master) Author: Davide Galassi Message: Missing "obj_mac" header file in "dh_lib" Usage of `NID_undef` symbol without including its definition was causing a build fail Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10996) View the changeset: https://github.com/openssl/openssl/compare/04bc70d73733...5a778ce5740b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645523970?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 450d12c825cc9016e5e8990423fa7ffdb843a1f0 (commit) from 5a778ce5740b9bad7c19e2d160071773314ad099 (commit) - Log - commit 450d12c825cc9016e5e8990423fa7ffdb843a1f0 Author: Richard Levitte Date: Mon Feb 3 15:34:58 2020 + Fix krb5 external test failure The krb5 test requires the legacy module to be loaded in order to work. It also seems to be senstive to using relative paths, so we use absolute ones instead. [extended tests] Reviewed-by: Matthias St. Pierre Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10992) --- Summary of changes: test/recipes/95-test_external_krb5.t | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/recipes/95-test_external_krb5.t b/test/recipes/95-test_external_krb5.t index 0f2be87902..889626a1be 100644 --- a/test/recipes/95-test_external_krb5.t +++ b/test/recipes/95-test_external_krb5.t @@ -10,6 +10,7 @@ use OpenSSL::Test; use OpenSSL::Test::Utils; use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/; +use Cwd qw(abs_path); setup("test_external_krb5"); @@ -20,6 +21,7 @@ plan skip_all => "krb5 not available" plan tests => 1; -$ENV{OPENSSL_CONF} = srctop_file("test", "default-and-legacy.cnf"); +$ENV{OPENSSL_MODULES} = abs_path($ENV{OPENSSL_MODULES}); +$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf")); ok(run(cmd([data_file("krb5.sh")])), "running krb5 tests");
[openssl] master update
The branch master has been updated via 5a778ce5740b9bad7c19e2d160071773314ad099 (commit) from 04bc70d7373300d378aa9c075289d1ee404ec528 (commit) - Log - commit 5a778ce5740b9bad7c19e2d160071773314ad099 Author: Davide Galassi Date: Sun Feb 2 10:11:29 2020 +0100 Missing "obj_mac" header file in "dh_lib" Usage of `NID_undef` symbol without including its definition was causing a build fail Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10996) --- Summary of changes: crypto/dh/dh_lib.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index f9fb1d9b71..0c1cccb5db 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -8,13 +8,13 @@ */ #include -#include "internal/cryptlib.h" -#include "internal/refcount.h" #include -#include "dh_local.h" -#include "crypto/dh.h" #include +#include +#include "internal/cryptlib.h" +#include "internal/refcount.h" #include "crypto/dh.h" +#include "dh_local.h" #ifndef FIPS_MODE int DH_set_method(DH *dh, const DH_METHOD *meth)
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-multiblock
Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-multiblock Commit log since last time: 7f293d9f3b CHANGES: Add note about the refactoring of SM2 EVP_PKEYs bac1030ae4 Adapt some 'openssl' commands for SM2 changes. 3995de2c03 Adapt tests for SM2 changes. ef077ba0d2 Make SM3 a mandatory hash function for SM2. bbaddbc068 X509: Refactor X509_verify() and X509_REQ_verify() for better streamlining 0943d5dd61 Add SM2 specific parameter and key generation f4e4382cae EVP_PKEY_assign_EC_KEY(): detect SM2 curve and set EVP_PKEY type accordingly 658608c471 EVP: Small refactor of keymgmt library code 4bf3e989fe config: ensure the perl Configure run is the last statement 03e16083ff Fix "ts" no-XXX options, document two TLS options 8b3efb5302 Update the SSL/TLS connection options c98eab85b8 evp_pmeth: free the MD reference correctly. 4a0a9e5767 scrypt: free the MD reference correctly. ca2bf555cd Add support for DH 'modp' group parameters (RFC 3526) Build log ended with (last 100 lines): clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Win compatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/whrlpool/libcrypto-lib-wp_dgst.d.tmp -MT crypto/whrlpool/libcrypto-lib-wp_dgst.o -c -o crypto/whrlpool/libcrypto-lib-wp_dgst.o ../openssl/crypto/whrlpool/wp_dgst.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Win compatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/x509/libcrypto-lib-by_dir.d.tmp -MT crypto/x509/libcrypto-lib-by_dir.o -c -o crypto/x509/libcrypto-lib-by_dir.o ../openssl/crypto/x509/by_dir.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default
Still Failing: openssl/openssl#31894 (master - 04bc70d)
Build Update for openssl/openssl - Build: #31894 Status: Still Failing Duration: 38 mins and 42 secs Commit: 04bc70d (master) Author: Matt Caswell Message: Don't complain about documented symbols with find-doc-nits -d -o find-doc-nits can give a list of symbols that were added since 1.1.1 and are undocumented (using -o). To do this it uses the missingcrypto111.txt and missingssl111.txt files which give a snapshot of the undocumented symbols at the time of the 1.1.1 release. Currently it complains about symbols that are in those files that have subsequently been documented. This isn't particularly helpful so we suppress that feature when "-o" is being used. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10981) View the changeset: https://github.com/openssl/openssl/compare/8d242823ed22...04bc70d73733 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645415081?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#31893 (master - 8d24282)
Build Update for openssl/openssl - Build: #31893 Status: Still Failing Duration: 26 mins and 38 secs Commit: 8d24282 (master) Author: Matt Caswell Message: Fix common test framework options PR#6975 added the ability to our test framework to have common options to all tests. For example providing the option "-test 5" to one of our test programs will just run test number 5. This can be useful when debugging tests. Unforuntately this does not work well for a number of tests. In particular those tests that call test_get_argument() without first skipping over these common test options will not get the expected value. Some tests did this correctly but a large number did not. A helper function is introduced, test_skip_common_options(), to make this easier for those tests which do not have their own specialised test option handling, but yet still need to call test_get_argument(). This function call is then added to all those tests that need it. Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10975) View the changeset: https://github.com/openssl/openssl/compare/ef071222020b...8d242823ed22 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645414828?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 04bc70d7373300d378aa9c075289d1ee404ec528 (commit) from 8d242823ed2270e2907914fb09004ae30263fb00 (commit) - Log - commit 04bc70d7373300d378aa9c075289d1ee404ec528 Author: Matt Caswell Date: Fri Jan 31 10:08:33 2020 + Don't complain about documented symbols with find-doc-nits -d -o find-doc-nits can give a list of symbols that were added since 1.1.1 and are undocumented (using -o). To do this it uses the missingcrypto111.txt and missingssl111.txt files which give a snapshot of the undocumented symbols at the time of the 1.1.1 release. Currently it complains about symbols that are in those files that have subsequently been documented. This isn't particularly helpful so we suppress that feature when "-o" is being used. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10981) --- Summary of changes: util/find-doc-nits | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/find-doc-nits b/util/find-doc-nits index 293f603b79..901e34f384 100755 --- a/util/find-doc-nits +++ b/util/find-doc-nits @@ -607,7 +607,7 @@ sub loadmissing($) for (@missing) { err("$missingfile:", "$_ is documented in $name_map{$_}") -if exists $name_map{$_} && defined $name_map{$_}; +if !$opt_o && exists $name_map{$_} && defined $name_map{$_}; } return @missing;
[openssl] master update
The branch master has been updated via 8d242823ed2270e2907914fb09004ae30263fb00 (commit) from ef071222020be2096fb9f3aaef8bfe18ae9a40c9 (commit) - Log - commit 8d242823ed2270e2907914fb09004ae30263fb00 Author: Matt Caswell Date: Thu Jan 30 15:30:17 2020 + Fix common test framework options PR#6975 added the ability to our test framework to have common options to all tests. For example providing the option "-test 5" to one of our test programs will just run test number 5. This can be useful when debugging tests. Unforuntately this does not work well for a number of tests. In particular those tests that call test_get_argument() without first skipping over these common test options will not get the expected value. Some tests did this correctly but a large number did not. A helper function is introduced, test_skip_common_options(), to make this easier for those tests which do not have their own specialised test option handling, but yet still need to call test_get_argument(). This function call is then added to all those tests that need it. Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10975) --- Summary of changes: test/asynciotest.c | 5 + test/clienthellotest.c | 5 + test/cmp_msg_test.c | 5 + test/cmp_protect_test.c | 5 + test/cmsapitest.c| 5 + test/d2i_test.c | 5 + test/danetest.c | 5 + test/dtlstest.c | 5 + test/evp_test.c | 8 +++- test/fatalerrtest.c | 5 + test/gosttest.c | 5 + test/ocspapitest.c | 5 + test/params_conversion_test.c| 8 +++- test/recordlentest.c | 5 + test/servername_test.c | 5 + test/ssl_test.c | 5 + test/ssl_test_ctx_test.c | 5 + test/sslapitest.c| 5 + test/sslbuffertest.c | 5 + test/sslcorrupttest.c| 5 + test/testutil.h | 6 ++ test/testutil/options.c | 15 +++ test/tls13ccstest.c | 5 + test/v3ext.c | 5 + test/verify_extra_test.c | 5 + test/x509_check_cert_pkey_test.c | 5 + test/x509_dup_cert_test.c| 8 +++- test/x509aux.c | 9 - 28 files changed, 160 insertions(+), 4 deletions(-) diff --git a/test/asynciotest.c b/test/asynciotest.c index bf0a20561e..dcdee1068d 100644 --- a/test/asynciotest.c +++ b/test/asynciotest.c @@ -397,6 +397,11 @@ OPT_TEST_DECLARE_USAGE("certname privkey\n") int setup_tests(void) { +if (!test_skip_common_options()) { +TEST_error("Error parsing test options\n"); +return 0; +} + if (!TEST_ptr(cert = test_get_argument(0)) || !TEST_ptr(privkey = test_get_argument(1))) return 0; diff --git a/test/clienthellotest.c b/test/clienthellotest.c index b4563b5beb..9a7537444c 100644 --- a/test/clienthellotest.c +++ b/test/clienthellotest.c @@ -250,6 +250,11 @@ OPT_TEST_DECLARE_USAGE("sessionfile\n") int setup_tests(void) { +if (!test_skip_common_options()) { +TEST_error("Error parsing test options\n"); +return 0; +} + if (!TEST_ptr(sessionfile = test_get_argument(0))) return 0; diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c index 463c60789b..7fa0619284 100644 --- a/test/cmp_msg_test.c +++ b/test/cmp_msg_test.c @@ -538,6 +538,11 @@ void cleanup_tests(void) int setup_tests(void) { +if (!test_skip_common_options()) { +TEST_error("Error parsing test options\n"); +return 0; +} + if (!TEST_ptr(server_cert_f = test_get_argument(0)) || !TEST_ptr(pkcs10_f = test_get_argument(1))) { TEST_error("usage: cmp_msg_test server.crt pkcs10.der\n"); diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c index b349cac2d7..8425849835 100644 --- a/test/cmp_protect_test.c +++ b/test/cmp_protect_test.c @@ -458,6 +458,11 @@ int setup_tests(void) char *root_f; char *intermediate_f; +if (!test_skip_common_options()) { +TEST_error("Error parsing test options\n"); +return 0; +} + RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH); if (!TEST_ptr(server_f = test_get_argument(0)) || !TEST_ptr(ir_protected_f = test_get_argument(1)) diff --git a/test/cmsapitest.c b/test/cmsapitest.c index 2ea8af58b3..3ab1b82f96 100644 --- a/test/cmsapitest.c +++ b/test/cmsapitest.c @@ -65,6 +65,11 @@ int setup_tests(void) char *certin = NULL, *privkeyin = NULL; BIO *certbio
Still Failing: openssl/openssl#31888 (master - ef07122)
Build Update for openssl/openssl - Build: #31888 Status: Still Failing Duration: 41 mins and 48 secs Commit: ef07122 (master) Author: Matt Caswell Message: Fix no-ec The cmp_protect_test cert chain tests use some EC certs which breaks in a no-ec build. The fix is to just skip those tests if no-ec has been configured. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10991) View the changeset: https://github.com/openssl/openssl/compare/5a8848fa7fec...ef071222020b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645387490?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#31886 (master - 5a8848f)
Build Update for openssl/openssl - Build: #31886 Status: Still Failing Duration: 42 mins and 35 secs Commit: 5a8848f (master) Author: Matt Caswell Message: Revert "Legacy digests can have custom control values" This reverts commit 1f457256ce6a1b2fd7e3f62eee8faa74cd5c835e. This is causing Travis failures. [extended tests] Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10989) View the changeset: https://github.com/openssl/openssl/compare/7f293d9f3b5c...5a8848fa7fec View the full build log and details: https://travis-ci.org/openssl/openssl/builds/645371665?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via ef071222020be2096fb9f3aaef8bfe18ae9a40c9 (commit) from 5a8848fa7fec532fee30fd6131a3ebd59a5c5902 (commit) - Log - commit ef071222020be2096fb9f3aaef8bfe18ae9a40c9 Author: Matt Caswell Date: Fri Jan 31 23:58:53 2020 + Fix no-ec The cmp_protect_test cert chain tests use some EC certs which breaks in a no-ec build. The fix is to just skip those tests if no-ec has been configured. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10991) --- Summary of changes: test/cmp_protect_test.c | 5 + 1 file changed, 5 insertions(+) diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c index 89be39f7fc..b349cac2d7 100644 --- a/test/cmp_protect_test.c +++ b/test/cmp_protect_test.c @@ -294,6 +294,8 @@ static int test_MSG_add_extraCerts(void) return result; } +#ifndef OPENSSL_NO_EC +/* The cert chain tests use EC certs so we skip them in no-ec builds */ static int execute_cmp_build_cert_chain_test(CMP_PROTECT_TEST_FIXTURE *fixture) { STACK_OF(X509) *result = NULL; @@ -372,6 +374,7 @@ static int test_cmp_build_cert_chain_no_certs(void) EXECUTE_TEST(execute_cmp_build_cert_chain_test, tear_down); return result; } +#endif /* OPENSSL_NO_EC */ static int execute_X509_STORE_test(CMP_PROTECT_TEST_FIXTURE *fixture) { @@ -505,10 +508,12 @@ int setup_tests(void) ADD_TEST(test_MSG_add_extraCerts); +#ifndef OPENSSL_NO_EC ADD_TEST(test_cmp_build_cert_chain); ADD_TEST(test_cmp_build_cert_chain_missing_root); ADD_TEST(test_cmp_build_cert_chain_missing_intermediate); ADD_TEST(test_cmp_build_cert_chain_no_certs); +#endif ADD_TEST(test_X509_STORE); ADD_TEST(test_X509_STORE_only_self_signed);
[openssl] master update
The branch master has been updated via 5a8848fa7fec532fee30fd6131a3ebd59a5c5902 (commit) from 7f293d9f3b5cee4f4b15624fff15a45e0517334f (commit) - Log - commit 5a8848fa7fec532fee30fd6131a3ebd59a5c5902 Author: Matt Caswell Date: Fri Jan 31 22:44:56 2020 + Revert "Legacy digests can have custom control values" This reverts commit 1f457256ce6a1b2fd7e3f62eee8faa74cd5c835e. This is causing Travis failures. [extended tests] Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10989) --- Summary of changes: crypto/evp/digest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 9808b66bbd..adde3e13ab 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -663,7 +663,7 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) } if (ctx->digest->prov == NULL -|| (ctx->pctx == NULL +&& (ctx->pctx == NULL || (ctx->pctx->operation != EVP_PKEY_OP_VERIFYCTX && ctx->pctx->operation != EVP_PKEY_OP_SIGNCTX))) goto legacy;