Build failed: openssl master.38204
Build openssl master.38204 failed Commit 5811387bac by Ankita Shetty on 11/22/2020 5:45 AM: x509_vfy.c: Remove superfluous assignment to 'ret' in check_chain() Configure your notification preferences
[openssl] master update
The branch master has been updated
via 5811387bac39cdb6d009dc0139b56e6896259cbd (commit)
from 5053394aa6bc989e1ce8f0e47578c691aee6aa47 (commit)
- Log -
commit 5811387bac39cdb6d009dc0139b56e6896259cbd
Author: Ankita Shetty
Date: Fri Nov 20 10:15:35 2020 +0100
x509_vfy.c: Remove superfluous assignment to 'ret' in check_chain()
Reviewed-by: Matt Caswell
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/13458)
---
Summary of changes:
crypto/x509/x509_vfy.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 1ee688f3b8..d73e078cfe 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -484,11 +484,9 @@ static int check_chain(X509_STORE_CTX *ctx)
CHECK_CB((ctx->param->flags & X509_V_FLAG_X509_STRICT) != 0
&& ret != 1 && ret != 0,
ctx, x, i, X509_V_ERR_INVALID_CA);
-ret = 1;
break;
case 0:
-CHECK_CB(ret != 0, ctx, x, i, X509_V_ERR_INVALID_NON_CA);
-ret = 1;
+CHECK_CB(ret != 0, ctx, x, i, X509_V_ERR_INVALID_NON_CA);
break;
default:
/* X509_V_FLAG_X509_STRICT is implicit for intermediate CAs */
@@ -496,7 +494,6 @@ static int check_chain(X509_STORE_CTX *ctx)
|| ((i + 1 < num
|| ctx->param->flags & X509_V_FLAG_X509_STRICT)
&& ret != 1), ctx, x, i, X509_V_ERR_INVALID_CA);
-ret = 1;
break;
}
if (num > 1) {
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-trace
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-trace
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm4
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm4
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm3
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm2
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-siphash
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-siphash
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dtls1-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1_1-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_1-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ssl3-method
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ssl3-method
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dtls1
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build failed: openssl master.38202
Build openssl master.38202 failed Commit a45075c38b by Tomas Mraz on 11/13/2020 12:42 PM: EVP_DigestFinalXOF must not reset the EVP_MD_CTX Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_2
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1_1
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_1
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-tls1
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ssl3
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ssl3
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings 386
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings 386
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-zlib-dynamic
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-zlib-dynamic
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-zlib
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-zlib
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER
Build completed: openssl master.38201
Build openssl master.38201 completed Commit ff1806cf0c by David Carlier on 11/13/2020 10:16 AM: Add MAP_CONCEAL from OpenBSD which has similar purpose but on mmap Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-whirlpool
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-whirlpool
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-unit-test
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-unit-test
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC
-DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ts
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ts
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build failed: openssl master.38200
Build openssl master.38200 failed Commit 23c271c7fa by Nicola Tuveri on 11/21/2020 12:10 PM: drop! Trigger extended tests Configure your notification preferences
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-threads
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-threads
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-stdio
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-stdio
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-static-engine no-shared
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-static-engine no-shared
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-ssl-trace
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ssl-trace
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sse2
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sse2
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-srtp
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-srtp
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-srp
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-srp
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-shared
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-shared
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-seed
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-seed
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-sctp
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-sctp
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-scrypt
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-scrypt
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-rmd160
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rmd160
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ripemd
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ripemd
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build completed: openssl master.38198
Build openssl master.38198 completed Commit 641bc08c92 by Nicola Tuveri on 11/21/2020 12:57 AM: fixup! fixup! Add SM2 private key range validation Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-rfc3779
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rfc3779
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-rdrand
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rdrand
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-rc5
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-rc5
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of
Build failed: openssl master.38197
Build openssl master.38197 failed Commit 80c4e6ea9f by Richard Levitte on 11/20/2020 10:07 PM: Clean away extraneous library specific FETCH_FAILED reason codes Configure your notification preferences
