Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: c3932c34cd Always wait for both threads to finish 218e9969fd DSO: Fix the VMS DSO name converter to actually do something afb254d02b TEST: Change 'catdir' to 'catfile' when dealing with files, in run_tests.pl 079f8d36ff Build file templates: Fix in2script dependencies 3c121b986c Configuration: Fix incorrect $unified_info{attributes} references a6f8e131f4 prov: tag SM2 encoders and decoders as non-FIPS 62636db634 VMS build: drop a spurious debug print ab9d67efa4 HTTP client: fix use of OSSL_HTTP_adapt_proxy(), which is needed also in cmp.c eefdb8e013 X509_digest_sig(): Improve default hash for EdDSA and allow to return the chosen default 6882652e65 CORE: Do a bit of cleanup of core fetching 9932585220 Fix DH private key check. d66ff761d2 Add a test for fetching various non-evp objects 5a5d90ffac Clean up the encoder/decoder/loader stores before providers f7d2427ac3 apps: remove AEAD/mode checks that are now redundant a89835f7e0 apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes fa8ff9e4e8 apps: limit get_cipher() to not return AEAD or XTS ciphers 6920055ec3 doc: document the various get_cipher functions in the commands lib. 43ba1573ce test: add test cases for SHAxxx helper functions 987d7da327 Include a local static buffer for the SHA helper functions f763e13514 Correct processing of AES-SHA stitched ciphers 1941684daf Add missing migration_guide API mappings. 599429e09a Add documentation for the newly added OBJ up calls 87e60f09aa Add a test for the newly added OBJ upcalls 97abae6a9d Add various OBJ functions as callbacks b88a3b1016 doc: finish the provider child up call documentation cb37af461d TEST: Skip test/recipes/01-test_symbol_presence.t on MacOS 07b8c0a186 TEST: Display the correct shared library name 42cf25fcb6 new: update NEWS.md so it is correct. 8b29badad1 new: update NEWS.md so it is correct. Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8021D8E4F67F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 8021D8E4F67F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623881238 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8021D8E4F67F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 8021D8E4F67F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623881238 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8021D8E4F67F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 8021D8E4F67F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623881238 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum =
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 4832560be3 Disabling Encrypt-then-MAC extension in s_client/s_server 835dd706d3 TEST: Make test/recipes/01-test_symbol_presence.t more platform agnostic 29b3fdad2b Refactor OSSL_STORE_LOADER_do_all_provided() to behave like OSSL_STORE_LOADER_fetch() 5d8ad7d385 test/evp_extra_test.c: Peek at the error instead of getting it. 27fb7a0a27 DECODER & ENCODER: Add better tracing cd77073879 Adapt all public EVP_XXX_do_all_provided() for the changed evp_generic_do_all() 793b05865a Refactor evp_generic_do_all() to behave like evp_generic_fetch() b3f5d5d368 Refactor OSSL_ENCODER_do_all_provided() to behave like OSSL_ENCODER_fetch() 0756282830 Refactor OSSL_DECODER_do_all_provided() to behave like OSSL_DECODER_fetch() f0191d0b13 Add the internal function ossl_method_store_do_all() 04fb4ec8fa s_server: make -rev option easier to find (mention echo) 9067cf6ccd CORE: Move away the allocation of the temporary no_cache method store 515480be79 ASN1_parse_dump(): allow NULL BIO input, to simplify applications not needing output bb19b9d456 BIO_write_ex(): Make handing of BIO b == NULL and dlen == 0 less redundant 1d8897176d BIO: Make source file names in crypto/bio/ consistent 3b66592490 BIO_dum_indent_cb(): Fix handling of cb return value f42b3b70d8 fuzz/asn1parse.c: Clean up non-portable code and catch malloc failure 9d9691f78a BIO: prevent crash on NULL BIO for prefix_ctrl() and thus for BIO_set_prefix(), BIO_set_indent(), etc. 4439a6483e ASN1: rename asn1_par.c to asn1_parse.c for clarity; simplify asn1_parse2() a5d250e57e Use getauxval on Android with API level > 18 5bbe213418 Remove "-immedate_renegotiation" option f4752e8827 Move AllowClientRenegotiation tests 60d13c8ff8 remove end of line whitespace dfb0b8d63a cms: free PKEY_CTX 8dff167dfe cms: fix coverity 1485981: unchecked return value a1fb5eb920 apps: move global libctx and property query into their own file c696f4bfc3 speed: make sure to free any allocated EVP_MAC structures 09495e4301 pkcs12: use the app's libctx and property query when searching for algorithms 4d574312db speed: use the app's libctx and property query when searching for algorithms f147fa3e7d list: use the app's libctx and property query when searching for algorithms f64851c5b3 kdf: use the app's libctx and property query when searching for algorithms c8dd887d3c fipsinstall: use the app's libctx and property query when searching for algorithms 3334e039cf add libctx and property query to fetch functions 02288cbb65 test: add SPKAC command test 81743ed9d7 spkac: document -digest option e1a77f9cff spkac: allow digests other than MD5 to be used for signing 42e97dde80 Add missing NULL check in OSSL_DECODER_from_bio(). Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80E1FCA7127F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80E1FCA7127F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623794837 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80E1FCA7127F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80E1FCA7127F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623794837 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # fa
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: f77208693e Avoid excessive OSSL_DECODER_do_all_provided calls 8c7c1c84cb Add a generic SubjectPublicKeyInfo decoder 1c49be8673 Fix DH/DHX named groups to not overwrite the private key length. 243af566e4 When linking to static libssl always link to static libcrypto eaa39eb678 Do not duplicate symbols between libcrypto and libssl in static builds cdf2986a70 Add -latomic only for architectures where needed d049485cfb Avoid duplicating prov_running.o in libdefault and libcrypto Build log ended with (last 100 lines): # false # 80C12C3A357F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80C12C3A357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623708433 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C12C3A357F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80C12C3A357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623708433 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C12C3A357F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80C12C3A357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623708433 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C12C3A357F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80C12C3A357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623708433 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C12C3A357F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:441: # 80C12C3A357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623708433 not ok 7 - iteration 7 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: e2217b44f4 APPS: Remove an unreachable statement in s_client.c 0051746e03 Add AES consttime code for no-asm configurations 3614d94d5f ci: run the on pull request CIs on push to master 49a54634ec d2i_X509: revert calling X509v3_cache_extensions() 25eeab019c Windows GitHub CI: Introduce --strict-warnings dd53c29793 Windows Github CI: test in Windows 2016 as well 773e67ab82 Building: Add necessary dependencies for linker scripts and .rc files 4a73938756 Configure: Allow spaces around '=' in all build.info statements 8ccbf00d17 Rename OSSL_HTTP_set_request() to OSSL_HTTP_set1_request() for clarity 95c0b295de HTTP client: Fix GET request handling when rctx is reused (keep-alive) 8c5bff2220 Add support for ISO 8601 datetime format 3eb4b5bfe6 Update krb5 module and re-enable pkinit tests 67eacb60a8 Do not depend on the exact exit failure value of dgst app c24b3f2eda Clean away remaining Travis related files 541d4f1995 fuzz/asn1parse: Use BIO_s_mem() as fallback output 20778ea7da BIO_write_ex: No error only on 0 bytes to write 451c2a95bd Windows CI: Enable fuzz test in plain build 814b5133e9 apps/lib/s_socket.c: Alias getpid with _getpid for _WIN32 baa47ad3b1 Fix FIPS provider value in docs 6309b799e9 STORE: Make OSSL_STORE_LOADER_fetch() consistent with all other fetch functions b19fcc66d3 Document that provider name can be a full path d475a9efcf dl_name_converter: Avoid unnecessary overallocation 6cf811e867 ossl_provider_set_module_path: Prevent potential UAF Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C106DEE97F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80C106DEE97F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623622097 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C106DEE97F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80C106DEE97F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623622097 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C106DEE97F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80C106DEE97F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623622097 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80C106DEE97F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80C106DEE97F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623622097
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 7afef721ff OpenSSL::Test: If __cwd() is to create the directory, do it early ef0449135c Fix s_server app to not report an error when using a non DH certificate. bedda72ff7 OpenSSL::Test: Treat SRCDATA directory specially, as it might not exist 586820831a doc: fix OSSL_PARAM_BLD pointers in the example 20e80ad1bc store: Avoid spurious error from decoding at EOF 726f92e016 Enable ssl-trace by default 25959e04c3 Optimize session cache flushing de5a0198b2 Fix use after free in OSSL_HTTP_REQ_CTX_set1_req() 5a9dbfc58a err: clear flags better when clearing errors. 5ac6d7d21b APPS: Restore the possibility to combine -pubout with -text b6298a7f8d util: convert SHA* one shots back to being functions 1dc8eb5be0 changes: fix woring that mentions SHA* one shot functions are deprecated 807bb42554 sha: convert SHA one shot macros back to being functions Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80A194082A7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80A194082A7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623362885 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80A194082A7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80A194082A7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623362885 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80A194082A7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80A194082A7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623362885 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80A194082A7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80A194082A7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623362885 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80A194082A7F:error:0372:digital envelop
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: ef2194c4ad DECODER & ENCODER: Add better tracing 8ea5a6b523 DECODER: Adapt addition of extra decoder implementations 6a2b8ff392 Decoding PKCS#8: separate decoding of encrypted and unencrypted PKCS#8 320fc032b9 25-test_verify.t: Add test case: accept trusted self-signed EE cert with key usage keyCertSign also when strict 80070e478a test/certs/mkcert.sh: Correct description of geneealt parameters 65a97b2c38 25-test_verify.t: Prevent expiration of test case 'Name constraints bad othername name constraint' d63053bbdf 80-test_cmp_http.t: Improve the way the test server is launched and killed ee1d1db824 80-test_cmp_http.t: Simplify and prevent hangs on server not launching/behaving correctly f8ab78f6c2 Remove I_CAN_LIVE_WITH_LNK4049 1af9b646e8 keymgmt: better detect when a key manager can be reused Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8041FD9A2C7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 8041FD9A2C7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623276479 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8041FD9A2C7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 8041FD9A2C7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623276479 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8041FD9A2C7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 8041FD9A2C7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623276479 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8041FD9A2C7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 8041FD9A2C7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623276479 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8041FD9A2C7F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 1355659bb8 OpenSSL::Test.pm: Replace all uses of rel2abs() with abs_path() 4bf696c1d0 Correctly detect decode errors when checking if a key is supported 1df8322ce0 Simplify error reporting in X509_PUBKEY_get0() 33fb6ed3ec Use the fips-and-base.cnf config file in CMP tests 15fd6c235c Mark some priv/public key paris as only available in the default provider b2f1b36592 Actually use a legacy route in pem_read_bio_key_legacy() 237cb05d34 Just look for "Unable to load Public Key" if no SM2 29bf83c889 Only use the legacy route to decode a public key if we have to f8da1d8005 Ensure that we consume all the data when decoding an SPKI 2b049e933a Use the right class/tag when decoding an embedded key 7834d50fa9 Fix CTLOG_new_from_base64_ex() eaf867011e Fix the expected output of printing certificates 92b835376a EVP_PKEY_new_raw_private_key: Allow zero length keys 907720f064 Fix compilation on systems with empty _POSIX_TIMERS 69807ab8ed evp: avoid some calls to EVP_CIPHER_CTX_get_iv_length() because it's been called already cec8854cc9 evp: fix Coverity 1485670 argument cannot be negative 3f617061ec evp: fix Coverity 1485669 improper use of negative value dacb0d8f79 evp: fix Coverity 1485668 argument cannot be negative 9428977994 pkcs12: fix Coverity 1485667 logically dead code 0341ff9774 evp: fix coverity 1485666 argument cannot be negative 042f8f70cb evp: fix improper use of negative value issues b0a0ab07b4 afalg: fix coverity 1485661 improper use of negative value 6c1d17c802 fix coverity 1485660 improper use of negative value 37bbe44929 bio: improve error checking fixing coverity 1485659 & 1485665 95c8a51252 doc: add PKEY life cycle documentation 75653c100f doc: build changes for PKEY life cycle documentation dbf021c20e doc: add build info for cipher life cycle documentation b1307e9421 doc: add references to cipher life cycle documentation c0fc3fe349 doc: add cipher life cycle documentation e748b4fbae doc: improve the cipher life cycle diagram f7a19d6402 doc-nits: support out of source execution 7f0dc8da7d doc: remove empty section 8809fdff93 doc: add references to digest life cycle documentation 7b9e236177 doc: add digest life cycle documentation 618523e728 doc: add digest lifecycle diagram e4d69413c2 life-cycles: update digest state table 178fa72ed5 Add aix64-gcc-as architecture and p2align callback fccf3dcef4 X509_digest_sig: Handle RSA-PSS and EDDSA certificates 09345c8cab Move trust-related decls from x509.h.in to x509_vfy.h.in 3cd4e5e73f x509.h.in: extended 'documenting' comment on X509_TRUST_OK_ANY_EKU f9ac6f6956 Improve the documentation of cert path building and validation 2576b9c31c X509_STORE_CTX_new.pod and x509_vfy.h.in: rename some params for clarity, improve their doc f1343f45d6 x509_vfy.c: Improve a couple of internally documenting comments 62d2386bf8 x509_trs.c: rename to x509_trust.c and correct comment in trust_compat() 69e0f8cca6 Fix AIX FIPS DEP. 5d43bfa7d5 BIO_write-ex(): Improve behavior in corner cases and documentation f41fd10d90 Add a gettable for provider ciphers to return the EVP_CIPH_RAND_KEY flag 5135a9bd92 Document missing EC/SM2 params 063e019738 Test EVP_CipherInit sequences and resets ff555f8136 Fix CipherInit on s390x. Build log ended with (last 100 lines): # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80B19ACB517F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80B19ACB517F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623190037 not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80B19ACB517F:error:0372:digital envelope routines:X509_PUBKEY_get0:decode error:../openssl/crypto/x509/x_pubkey.c:424: # 80B19ACB517F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623190037 not ok 4 - iteration 4 # ---
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 6d2e0076e6 Use rd instead rmdir 8984b552e7 Fix generate_ssl_tests.pl dce7272d08 Elimination of some sources not needed in the FIPS_MODULE Build log ended with (last 100 lines): not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 805120C66F7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 805120C66F7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 805120C66F7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623103631 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 805120C66F7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 805120C66F7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 805120C66F7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623103631 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 805120C66F7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 805120C66F7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 805120C66F7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623103631 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 805120C66F7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 805120C66F7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 805120C66F7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623103631 not ok 7 - iteration 7 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ?
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 97cf9b05fa test/recipes/80-test_cmp_http.t: Don't trust $server_port in start_mock_server() d00be9f387 test/recipes/80-test_cmp_http.t: Simplify test_cmp_http() 0ebef5b509 doc: update generated image files ee96d128d0 doc: update Graphviz images to have a transparent background 76157664c1 property: move additional query functions to property_query.c fce102304a property: improve ossl_property_find_property() function fa95fc1eb5 Rename `n` field to `num_properties` in property definition structure. 6a5f97a671 PROV: drop get_params() and gettable_params() from all encoder implementatio e982e04f5d ENCODER: use property definitions instead of getting implementation parameters 73c02a6201 ENCODER: Drop OSSL_ENCODER_PARAM_INPUT_TYPE 6462a4f050 PROV: drop get_params() and gettable_params() from all decoder implementations 9379bf943a DECODER: use property definitions instead of getting implementation parameters 6ec3b2cf49 property: Add functionality to query data from a property definition 0b3fe363e6 make update-fips-checksums 50360c1a4b FIPS: don't include crypto/passphrase.c in libfips.a 3d9d1ce529 Add documentation for newly added ASN1 functions d2b6c06274 Ensure libctx/propq is propagated when handling X509_REQ 7be04a3ac4 Give ASN.1 objects the ability to report their libctx/propq 6282d6c284 Make sure X509_dup() also dup's any associated EVP_PKEY c631378058 Use the new ASN.1 libctx aware capabilities in CMP 5dca2afca3 Use the new ASN.1 libctx aware functions in CMS dea2878fac Teach more of the ASN.1 code about libctx/propq c8a9af97c9 Teach the ASN.1 code how to create embedded objects with libctx/propq 6265348346 Fix evp_extra_test to use libctx in an X509_PUBKEY d6ded941c9 Provide the ability to create an X509_PUBKEY with a libctx/propq f43f9d6313 Test a bad SmtpUTF8Mailbox name constraint 39145c4111 Check that we got the expected name type when verifying name constraints 0e0a47377f Update fips checksums to drop the ssl headers 085e3cecbd Move libssl related defines used by fips provider to prov_ssl.h 51cda01c61 req: detect a bad choice of digest early 6a2f82b439 req: fix default bits handling for -newkey 5d8ea84efa 80-test_http.t: Rename to 79-test_http.t, add basic HTTP server ACCEPT test c796cc9768 80-test_cmp_http.t: Improve comparison on server_port variable 43c2456f0f Add md-nits task f570d33b02 Only call dtls1_start_timer() once d0196ddcba CI windows.yml: Silence 'nmake' builds except 'minimal'; ci.yml: make 'minimal' build verbose Build log ended with (last 100 lines): not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80F1ED58A17F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80F1ED58A17F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 80F1ED58A17F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623017245 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80F1ED58A17F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80F1ED58A17F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:338: # 80F1ED58A17F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1623017245 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serve
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 376a8c3f46 Teach ASN1_item_verify_ctx() how to handle provided keys 18d9c9bf96 openssl spkac: Fix reading SPKAC data from stdin 7d69c07ddf OPENSSL_init_crypto must return 0 when cleanup was done effb0dcf86 Check the return value of ASN1_STRING_length f6b6574cd7 80-test_cmp_http.t: Re-enable CMP tests for AIX, removing some inessential test cases b7d2bd1219 Deprecate EVP_CIPHER_impl_ctx_size and EVP_CIPHER_CTX_buf_noconst 17213b2ad0 Restore all the ? in util/libcrypto.num cbba082fc0 util/mknum.pl: Really allow unset ordinals in development ba3ea453b0 Fix errors found by parfait static analyser. 6436030486 rsa: make the maximum key strength check FIPS only. 691c9cd16b Add an EVP demo for signatures using EC 74613e8c97 update checksums c912e0c616 util: update FIPS checksumming script to be more aggressive with whitespace Build log ended with (last 100 lines): not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80514F9EF47F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80514F9EF47F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:319: # 80514F9EF47F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622758017 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80514F9EF47F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80514F9EF47F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:319: # 80514F9EF47F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622758017 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80514F9EF47F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80514F9EF47F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:319: # 80514F9EF47F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622758017 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 80514F9EF47F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 80514F9EF47F:error:0580006F:x509 certificate routines:x50
Still FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 8a5bd05da8 Add enable-fips to CI configuration c29b71c367 Disable tracing within the FIPS module ea82158103 ed25519 and ed448: fix incorrect OSSL_PKEY_PARAM_MAX_SIZE 4388417157 80-test_cms.t: Replace use of ee-self-signed.pem by more suitable smrsa1.pem 07e84e67a6 ee-self-signed.pem: Restore original version, adding -attime to 25-test_verify.t 5bcbdee621 list: update to not use XXX_get_number() calls 45e6e5073a store: include internal header d11e555082 doc: fix OSSL_(EN|DE)CODER_get0_name function names bcd5d3a22d libcrypto: make XXX_get_number() internal 6ea964cd4a doc: make XXX_get_number() internal 2e006ae77b Add internal get_number functions to internal headers f2e3584d10 add internal get_number functons to crypto/evp.h c768893e7d doc: move XXX_get_number() documentation to internal 4cedf30e99 utils: remove TODO 71653965b3 crypto: remove TODOs 60e91cc409 http: remove TODOs 4c3c2633b2 evp: remove TODOs 3b90a847ec err: remove TODOs 4656d9ecd1 ec: remove TODOs 3dc12810fa dso: remove TODOs 26b3e44a66 bn: remove TODOs 79cabd7e27 rsa: remove TODOs c6472fec64 store: remove TODOs e73a08b400 pem: remove TODOs 126e37716f ocsp: remove TODOs 29cfba8599 ct: remove TODOs e0a7ef0b51 crmf: remove TODOs 1486b1fbd3 comp: remove TODOs 6f6c8b0e3c cms: remove TODOs 75e1191f4d cmp: remove TODOs 69e21cb648 x509: remove TODOs 1c8c5d4755 bio: remove TODOs 10dbfcc91e asn.1: remove TODOs 0848b943a8 providers: remove TODOs 407820c0e3 tls: remove TODOs fd009d763a test: remove TODOs fb6ad22e36 fuzz: remove TODOs db70dc2cda apps: remove TODOs 0d7d5e2490 providers/common/der/build.info: make a variable for ../include/prov 7058b4db82 Configure: variable expand GENERATE values too 0608afe096 Fix up bad libcrypto.num b3c2ed7043 Add NCONF_get_section_names() 6b750b89ee Add NCONF_get0_libctx() ff234c6804 Make conf_method_st and conf_st deprecated Build log ended with (last 100 lines): not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8051E2CB357F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 8051E2CB357F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:319: # 8051E2CB357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622671623 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8051E2CB357F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 8051E2CB357F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:319: # 8051E2CB357F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622671623 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 8051E2CB357F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 8051E2CB357F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsup
FAILED build of OpenSSL branch master with options --strict-warnings
Platform and configuration command: $ uname -a Linux run 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config --strict-warnings Commit log since last time: 147ed5f9de Modify ssl_handshake_hash to call SSLfatal 7e8d6bafd0 Make the 00-prep_*.t recipe truly mandatory 86825c9917 Windows CI: enable fips on shared 64 bit build e47ed5fe1f Fix enable-fips builds on Windows 31b7f23d2f Add documentation of the old names kept as alias macros c4e9167437 Rename also the OSSL_PROVIDER_name() function ed576acdf5 Rename all getters to use get/get0 in name 5e2d22d53e Pass library context and property query into private key decoders e3c7595521 Fix up encoder/decoder issues caused by not passing a library context to the PKCS8 encrypt/decrypt 169eca602c Enhance the encoder/decoder tests to allow testing with a non-default library context and configurable providers 8ee66a092c req: fix Coverity 1485137 Explicit null dereference 28cab20916 crypto: updates to pass size_t to RAND_bytes_ex() dfefa4c164 ssl: ass size_t to RAND_bytes_ex() 528685fe77 rand: use size_t for size argument to RAND_bytes_ex() f7c1b472bf Move provider der_XXX.h.in files to the include directory. 3c15d67705 Fix error stack for some fetch calls. 9ff4b7b0c7 Migration guide updates for flags and controls. 7f9537d57a Document Settable EVP_CIPHER_CTX parameter "use-bits" 17b209da49 Fix param indentation in ciphercommon_hw.c e2311445bb Fix aes cfb1 so that it can operate in bit mode. d11dd381c5 add some cross compilation builds 64fac96de8 sparc: fix cross compile build a7981653ea ppc: fix ambiguous if if else statement Build log ended with (last 100 lines): not ok 3 - iteration 3 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 800154433D7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 800154433D7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:320: # 800154433D7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622585224 not ok 4 - iteration 4 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 800154433D7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 800154433D7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:320: # 800154433D7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622585224 not ok 5 - iteration 5 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM) == 1' failed @ ../openssl/test/helpers/ssltestlib.c:741 # [0] compared to [1] # ERROR: (bool) 'create_ssl_ctx_pair(NULL, TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, ciphers[idx].certnum == 0 ? cert1 : cert2, ciphers[idx].certnum == 0 ? privkey1 : privkey2) == true' failed @ ../openssl/test/gosttest.c:57 # false # 800154433D7F:error:039C:digital envelope routines:pkey_set_type:unsupported algorithm:../openssl/crypto/evp/p_lib.c:1531: # 800154433D7F:error:0580006F:x509 certificate routines:x509_pubkey_decode:unsupported algorithm:../openssl/crypto/x509/x_pubkey.c:320: # 800154433D7F:error:0A00018F:SSL routines:SSL_CTX_use_certificate:ee key too small:../openssl/ssl/ssl_rsa.c:221: # OPENSSL_TEST_RAND_ORDER=1622585224 not ok 6 - iteration 6 # -- # ERROR: (int) 'SSL_CTX_use_certificate_file(serverctx, certfile,