SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers
Commit log since last time:
8bc5b0a570 chacha20: Properly reinitialize the cipher context with NULL key
2ed63033e4 x509v3.h.in: Deprecate CTX_TEST and replace it by X509V3_CTX_TEST
04a1b3fa7b apps/req.c: Make sure -verify option takes effect also with -x509
0ae8d4ca9e apps/req.c: Cosmetic improvements of code and documentation
73b1d24c1a crypto/x509: Rename v3_{skey,skid}.c, v3_{akey,akid}.c,
v3_{alt,san}.c
b65c5ec8f5 apps/req.c: Add -copy_extensions option for use with -x509; default:
none
41e597a01d Add X509V3_set_issuer_pkey, needed for AKID of self-issued not
self-signed cert
ea9fd333d1 apps/req.c: make -subj work with -x509; clean up related code
7836f949c2 X509_PUBKEY_set(): Fix error reporting
855c68163b apps/lib/opt.c: Fix error message on unknown option/digest
f0a057dd53 Add tests for (non-)default SKID and AKID inclusion by
apps/{req,x509,ca}.c
6ad957f127 apps/req.c: add -CA and -CAkey options; improve code and doc
1579594383 APPS: Allow OPENSSL_CONF to be empty, not loading a config file
ec2bfb7d23 apps/{req,x509,ca}.c Make sure certs have SKID and AKID X.509
extensions by default
f2a0458731 X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed
to due to invalid cert
3339606a38 d2i_X509(): Make deallocation behavior consistent with d2i_X509_AUX()
48116c2d0f Fix incorrect use of BN_CTX API
1df333 Fix enable-weak-ssl-ciphers
4dd009180a x509_vfy.c: Fix a regression in find_issuer()
0cbb3602f5 Make PEM_X509_INFO_read_bio_ex() conservative on the error queue
0b7368dda0 TEST: move cert, key, and CSR loading aux functions to new
testutil/load.c
bf973d0697 Add X509_NAME_hash_ex() to be able to check if it failed due to
unsupported SHA1
5a2d0ef36f Clean away extraneous library specific FETCH_FAILED reason codes
d6d42cda5f Use centralized fetching errors
0d11846e4b Remove duplicate GENERATE declarations for .pod files
2497e2e7db Configure: warn about duplicate GENERATE declarations in build.info
files
5e16ac142e Configure: clean away perl syntax faults
507f83800f Configure: Check all SOURCE declarations, to ensure consistency
b209835364 v3_ocsp.c: fix indentation of include directives
3ddf44ea5a Close /dev/crypto file descriptor after CRIOGET ioctl().
678cae0295 APPS: Print help also on -h and --h; print high-level help when no
cmd given
3372039252 APPS: Fix confusion between program and app/command name used in
diagnostic/help output
046a7aaa5e apps/pkey.c: Forther improve user guidance, also on non-sensical
option combinations
1f7643e86e apps/pkey.c: Re-order help output and option documentation
475d10028e apps/pkey.c: Make clear that -passout is not supported for DER output
400e2acfe0 apps.c: Fix crash in case uri arg of IS_HTTP or IS_HTTPS is NULL
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command:
$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers
Commit log since last time:
c34063d7a1 Add a test for setting, popping and clearing error marks
4e08ea6f11 Allow multiple nested marks
5b1d94c11c Fix some warnings from clang 10 in params.c
908c9fc7ed apps/pkcs12: Clean up the order in which many options are presented
09afbec94b e_loader_attic.c: Improve result handling of file_load_try_decode()
61dd4168f5 Allow for PKCS#12 input without MAC in p12_kiss.c and
e_loader_attic.c
3a6df6bd5c e_loader_attic.c: Remove redundant 'pass phrase' sub-string from
try_decode_PKCS12()
0c2c560cb9 apps/storeutl: Add error output in case of parse/decryption/mac
errors in input files
852feb3bd8 apps/pkcs12: Really do not perform MAC in case -nomac
b84965aff0 apps/pkcs12: Do not prompt for password in case -nomac and
-noenc/-nodes
bb57c90e6c Minor improvements of doc for ca and x509 app
279b61d0ca apps/pkcs12: Retain test output files
9c73e48a08 Minor cleanup of error output for various apps
c1097eecdf apps/ca: Minor code and doc cleanup
d7e498ac55 Deprecate RSA harder
b24d6c335d Rename internal drbg_ functions so they have an ossl_ prefix.
b68a947fd2 Rename SHA3 internal functions so they have an ossl_ prefix
5687afdf03 rename sha1_ctrl to ossl_sha1_ctrl.
1dc188ba0e Provide side RNG functions renamed to have an ossl_ prefix.
893d3df972 rename mac_key_* to ossl_mac_key_*
572e6df7db rename md5_block_asm_data_order to ossl_md5_block_asm_data_order
627b73cc72 Rename md5_sha1_* ossl_md5_sha1_*
3800cc6f4d DOC: Fix example in OSSL_PARAM_int.pod
f1d6670840 Swap to FIPS186-2 DSA generation outside of the FIPS module
c2bd8d2783 Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the
FIPS module
d3d2c0dc68 Adapt ssltest_old to not use deprecated DH APIs
3105d84693 Extend the auto DH testing to check DH sizes
b6ae56fd27 Add some additional test certificates/keys
1b2a55ffa2 Add a CHANGES.md entry for the "tmp_dh" functions/macros
33c39a0659 Add a test for the various ways of setting temporary DH params
0437309fdf Document some SSL DH related functions/macros
1072041b17 Return sensible values for some SSL ctrls
13c453728c Only disabled what we need to in a no-dh build
163f6dc1f7 Implement a replacement for SSL_set_tmp_dh()
9912be1b33 Remove deprecated functionality from s_server
8b7df247b7 Disable the DHParameters config option in a no-deprecated build
936d565768 Remove DH usage from tls_process_cke_dhe
184280971c Remove DH usage in tls_construct_server_key_exchange()
cb5a427acf Avoid the use of a DH object in tls_construct_cke_dhe()
1b2b475517 Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls
1ee22dc268 Convert TLS ServerKeyExchange processing to use an EVP_PKEY
091f6074c5 Convert TLS auto DH parameters to use EVP_PKEY
2b93900e28 DOC: Rewrite the section on reporting errors in
doc/man3/ERR_put_error.pod
e19c5a1064 CONF: Convert one last CONFerr() to ERR_raise()
01fe51578e Simplify util/err-to-raise
b06e70b868 Really deprecate the old NAMEerr() macros
bf57cab74b util/find-doc-nits: check podchecker() return value
c7d32b6ba5 util/mkrc.pl: Make sure FILEVERSION and PRODUCTVERSION have four
numbers
ef2a44eb31 NetBSD build fix.
ccbf3f90c4 DOC: Fixup the description of the -x509_strict option
4605c5ab47 Fix dsa securitycheck for fips.
e557d46333 Add documentation for EVP_PKEY2PKCS8/EVP_PKCS82PKEY
317b7c57e4 Fixup EVP-MAC-KMAC documentation
fce56f5b69 REF_PRINT: cast pointer to void to avoid warnings
3084b9d316 Document the provider KDF API.
e76a696273 test/endecoder_legacy_test.c: new test for legacy comparison
efb4667f72 Fix SUPPORT.md for better readability
322d56cd64 Fix a few github file references
a18cf8fc63 Remove -C option from x509 command
1696b8909b Remove -C from dhparam,dsaparam,ecparam
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of
gai_strerror()
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding
ERR_raise() call
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
0bb450fe2f DragonFlyBSD build fix and update.
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
c87a7f31a3 apps/passwd: remove the -crypt option.
93c87f745d rsa_test: add return value check
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
69d16b70cf Avoid duplicate ends_with_dirsep functions
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers Commit log since last time: cfae32c69a [test][ectest] Minor touches to custom_generator_test f5384f064e [test] Vertically test explicit EC params API patterns 79410c5f8b namemap: fix threading issue 5cd9962272 Fix a test_verify failure ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app 846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c a4e559 PROV: Add a DER to RSA-PSS deserializer implementation 456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS 51d9ac870a Fix no-ec2m
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command:
$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers
Commit log since last time:
552be00d42 EVP_{CIPHER,MD}_CTX_ctrl(): make sure to return 0 or 1
7cfc0a555c Deprecate NCONF_WIN32() function
833f7c8c55 Also mention -- flag and ignore if undocumented
89e5aaa1d7 Fix typo in comment
38546024bb Add missing help text for some options
74997e7eed RC4 is not a block cipher
86913ef711 Fix L to L
f50958b8c8 Move MD5-SHA1 digest completely to the default provider
29be6c8361 Remove unused fields in method store structure.
6d49ec1ada Move all SHA digests completely to the default provider
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers Commit log since last time: 9c5ef4ea48 Eliminate unused buffers from ssl3_change_cipher_state d072eea2e3 Remove unused variables from tls1_change_cipher_state 51adf14a94 make update _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-weak-ssl-ciphers
Platform and configuration command: $ uname -a Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-weak-ssl-ciphers Commit log since last time: 61f805c Update all affected files' copyright year to 2018 a085f43 Enforce return values section check 1f13ad3 Add missing 'RETURN VALUES' sections in doc 82992a4 Extend timeout for TLSProxy 7d46173 Revert BN_copy() flag copy semantics change 39571fc Fix memory leak in do_rand_drbg_init() _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
